diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-proxy | |
download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'net-proxy')
304 files changed, 12862 insertions, 0 deletions
diff --git a/net-proxy/3proxy/3proxy-0.5.3k.ebuild b/net-proxy/3proxy/3proxy-0.5.3k.ebuild new file mode 100644 index 000000000000..8ff6826b4e2e --- /dev/null +++ b/net-proxy/3proxy/3proxy-0.5.3k.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit toolchain-funcs eutils + +DESCRIPTION="really tiny cross-platform proxy servers set" +HOMEPAGE="http://www.security.nnov.ru/soft/3proxy/" +SRC_URI="http://www.security.nnov.ru/soft/3proxy/${PV}/${P}.tgz" + +LICENSE="3proxy" +SLOT="0" +KEYWORDS="amd64 ppc x86" +IUSE="" + +DEPEND="" + +S="${WORKDIR}" + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}"/${P}-gentoo.patch +} + +src_compile() { + emake \ + CC="$(tc-getCC)" \ + LN="$(tc-getCC)" \ + -f Makefile.unix \ + || die "emake failed" +} + +src_install() { + local x + + pushd src + dobin 3proxy || die "dobin 3proxy failed" + for x in proxy socks ftppr pop3p tcppm udppm mycrypt dighosts ; do + newbin ${x} ${PN}-${x} || die "newbin ${x} failed" + [[ -f ${S}/man/${x}.8 ]] \ + && newman "${S}"/man/${x}.8 ${PN}-${x}.8 + done + popd + + doman "${S}"/man/3proxy*.[38] + + cd "${S}" + dodoc Changelog Readme Release.notes + dohtml -r doc/html/* + docinto cfg + dodoc cfg/*.{txt,sample} + docinto cfg/sql + dodoc cfg/sql/*.{cfg,sql} +} diff --git a/net-proxy/3proxy/3proxy-0.6.1.ebuild b/net-proxy/3proxy/3proxy-0.6.1.ebuild new file mode 100644 index 000000000000..586a0bc73b84 --- /dev/null +++ b/net-proxy/3proxy/3proxy-0.6.1.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="2" + +inherit toolchain-funcs eutils + +DESCRIPTION="really tiny cross-platform proxy servers set" +HOMEPAGE="http://3proxy.ru/" +SRC_URI="http://3proxy.ru/${PV}/${P}.tgz" + +LICENSE="3proxy" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-0.6-gentoo.patch +} + +src_compile() { + emake \ + CC="$(tc-getCC)" \ + LN="$(tc-getCC)" \ + LIBS="-ldl" \ + -f Makefile.unix \ + || die "emake failed" +} + +src_install() { + local x + + pushd src + dobin 3proxy || die "dobin 3proxy failed" + for x in proxy socks ftppr pop3p tcppm udppm mycrypt dighosts countersutil ; do + newbin ${x} ${PN}-${x} || die "newbin ${x} failed" + [[ -f ${S}/man/${x}.8 ]] \ + && newman "${S}"/man/${x}.8 ${PN}-${x}.8 + done + popd + + doman "${S}"/man/3proxy*.[38] + + cd "${S}" + dodoc Changelog Readme + dohtml -r doc/html/* + docinto cfg + dodoc cfg/*.{txt,sample} + docinto cfg/sql + dodoc cfg/sql/*.{cfg,sql} +} diff --git a/net-proxy/3proxy/Manifest b/net-proxy/3proxy/Manifest new file mode 100644 index 000000000000..956dc07add6e --- /dev/null +++ b/net-proxy/3proxy/Manifest @@ -0,0 +1,2 @@ +DIST 3proxy-0.5.3k.tgz 190797 SHA256 7bbe159a0157480c653ef3976495a9b1993435a44ea0e7c03784320e3ac28ea3 +DIST 3proxy-0.6.1.tgz 480160 SHA256 10f8804258791e80353a334dc9b80473a02c6dda939de76451e655f643aadd7f diff --git a/net-proxy/3proxy/files/3proxy-0.5.3k-gentoo.patch b/net-proxy/3proxy/files/3proxy-0.5.3k-gentoo.patch new file mode 100644 index 000000000000..a88a28780432 --- /dev/null +++ b/net-proxy/3proxy/files/3proxy-0.5.3k-gentoo.patch @@ -0,0 +1,26 @@ +--- Makefile.unix.orig 2005-04-30 18:29:00.000000000 +0000 ++++ Makefile.unix 2008-10-12 17:18:21.000000000 +0000 +@@ -9,10 +9,10 @@ + CC = gcc + + # you may need -L/usr/pkg/lib for older NetBSD versions +-CFLAGS = -Wall -g -O2 -c -pthread -D_THREAD_SAFE -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL ++CFLAGS += -Wall -g -c -pthread -D_THREAD_SAFE -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL + COUT = -o + LN = gcc +-LDFLAGS = -Wall -O2 -pthread ++LDFLAGS += -Wall -pthread + # -lpthreads may be reuqired on some platforms instead of -pthreads + LIBS = + LNOUT = -o +--- src/stringtable.c.orig 2008-01-09 21:14:46.000000000 +0000 ++++ src/stringtable.c 2008-10-12 17:19:19.000000000 +0000 +@@ -23,7 +23,7 @@ + /* 19 */ NULL, + #ifndef TPROXY_CONF + #ifndef _WIN32 +-/* 20 */ (unsigned char *)"/usr/local/etc/3proxy.cfg", ++/* 20 */ (unsigned char *)"/etc/3proxy.cfg", + #else + /* 20 */ (unsigned char *)"3proxy.cfg", + #endif diff --git a/net-proxy/3proxy/files/3proxy-0.6-gentoo.patch b/net-proxy/3proxy/files/3proxy-0.6-gentoo.patch new file mode 100644 index 000000000000..c3c4df4edbcb --- /dev/null +++ b/net-proxy/3proxy/files/3proxy-0.6-gentoo.patch @@ -0,0 +1,34 @@ +diff -Nru 3proxy-0.6.orig/Makefile.unix 3proxy-0.6/Makefile.unix +--- 3proxy-0.6.orig/Makefile.unix 2007-04-10 16:29:25.000000000 +0000 ++++ 3proxy-0.6/Makefile.unix 2009-03-24 19:13:09.000000000 +0000 +@@ -12,10 +12,10 @@ + CC = gcc + + # you may need -L/usr/pkg/lib for older NetBSD versions +-CFLAGS = -Wall -g -O2 -c -pthread -D_THREAD_SAFE -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL ++CFLAGS += -Wall -g -c -pthread -D_THREAD_SAFE -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL + COUT = -o + LN = gcc +-LDFLAGS = -Wall -O2 -pthread ++LDFLAGS += -Wall -pthread + # -lpthreads may be reuqired on some platforms instead of -pthreads + # -ldl or -lld may be required for some platforms + DCFLAGS = -fpic +@@ -55,4 +55,4 @@ + fi + + allplugins: +- @list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ; cd ../.. ; done ++ @list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; $(MAKE) ; cd ../.. ; done +diff -Nru 3proxy-0.6.orig/src/stringtable.c 3proxy-0.6/src/stringtable.c +--- 3proxy-0.6.orig/src/stringtable.c 2008-02-03 11:28:24.000000000 +0000 ++++ 3proxy-0.6/src/stringtable.c 2009-03-24 19:12:44.000000000 +0000 +@@ -38,7 +38,7 @@ + /* 24 */ NULL, + #ifndef TPROXY_CONF + #ifndef _WIN32 +-/* 25 */ (unsigned char *)"/usr/local/etc/3proxy/3proxy.cfg", ++/* 25 */ (unsigned char *)"/etc/3proxy.cfg", + #else + /* 25 */ (unsigned char *)"3proxy.cfg", + #endif diff --git a/net-proxy/3proxy/metadata.xml b/net-proxy/3proxy/metadata.xml new file mode 100644 index 000000000000..da729ce2ae4a --- /dev/null +++ b/net-proxy/3proxy/metadata.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>3Proxy is really tiny cross-platform proxy servers set. It includes HTTP proxy with HTTPS and FTP support, +SOCKSv4/SOCKSv4.5/SOCKSv5 proxy, POP3 proxy, FTP proxy, TCP and UDP portmappers. You can use every proxy as a standalone program +(socks, proxy, tcppm, udppm, pop3p) or use combined program (3proxy). Combined proxy additionally supports features like +access control, bandwidth limiting, limiting daily/weekly/monthly traffic amount, proxy chaining, log rotation, sylog and ODBC logging, etc. +It's created to be small, simple (I'd like to say secure - but it's just a beta) and yet functional.</longdescription> +</pkgmetadata> diff --git a/net-proxy/adzapper/Manifest b/net-proxy/adzapper/Manifest new file mode 100644 index 000000000000..d6d2587d5450 --- /dev/null +++ b/net-proxy/adzapper/Manifest @@ -0,0 +1 @@ +DIST adzap-20110915.tar.gz 128132 SHA256 30a66419b4e77631d303ca5ba76ad3a64fabbed1cdab01bee02f0d790431ce7a SHA512 8b3566fc708b3db3b8eaa0306f90c75a82ac001cfdc3bc925fc649481420532ddc017f1b5139fce36733d3a38b2a7a31b39872b522ba4f49c098177496d64416 WHIRLPOOL 02d4360bec08fffcf3e0719d0fdd76c6cd02c52094193ed31e5d98c25a34da2e732fd87c7c0811beaad25979074b831210454370cabbdbdb7c5868fb41966d9e diff --git a/net-proxy/adzapper/adzapper-20110915-r2.ebuild b/net-proxy/adzapper/adzapper-20110915-r2.ebuild new file mode 100644 index 000000000000..483969430800 --- /dev/null +++ b/net-proxy/adzapper/adzapper-20110915-r2.ebuild @@ -0,0 +1,57 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +MY_P=${P/zapper/zap} + +inherit eutils + +DESCRIPTION="Redirector for squid that intercepts advertising, page counters and some web bugs" +HOMEPAGE="http://adzapper.sourceforge.net/" +SRC_URI="http://adzapper.sourceforge.net/${MY_P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="alpha amd64 hppa ppc sparc x86" +IUSE="" + +RDEPEND="dev-lang/perl" + +S="${WORKDIR}"/${P/per/} + +src_prepare() { + epatch "${FILESDIR}"/20110915-flush.patch + # update the zapper path in various scripts + local SCRPATH="/etc/adzapper/squid_redirect" + sed -i \ + -e "s|^zapper=.*|zapper=${SCRPATH}|" \ + -e "s|^ZAPPER=.*|ZAPPER=\"${SCRPATH}\"|" \ + -e "s|^pidfile=.*|pidfile=/var/run/squid.pid|" \ + -e "s|^PIDFILE=.*|PIDFILE=\"/var/run/squid.pid\"|" \ + -e "s|^RESTARTCMD=.*|RESTARTCMD=\"/etc/init.d/squid restart\"|" \ + scripts/wrapzap scripts/update-zapper* \ + || die "sed updating failed." +} + +src_install() { + exeinto /etc/adzapper + doexe \ + scripts/wrapzap \ + scripts/zapchain \ + adblock-plus/adblockplus2adzapper.py + newexe scripts/squid_redirect-nodata squid_redirect + + insinto /etc/adzapper + doins scripts/update-zapper* + + insinto /var/www/localhost/htdocs/zap + doins zaps/* +} + +pkg_postinst() { + einfo "To enable adzapper, add the following lines to /etc/squid/squid.conf:" + einfo " url_rewrite_program /etc/adzapper/wrapzap" + einfo " url_rewrite_children 10" +} diff --git a/net-proxy/adzapper/files/20110915-flush.patch b/net-proxy/adzapper/files/20110915-flush.patch new file mode 100644 index 000000000000..3fb4ce913db0 --- /dev/null +++ b/net-proxy/adzapper/files/20110915-flush.patch @@ -0,0 +1,107 @@ +--- a/scripts/squid_redirect-nodata ++++ b/scripts/squid_redirect-nodata +@@ -31,7 +31,7 @@ + + use POSIX ":sys_wait_h"; + use Socket; +-require 'flush.pl'; ++use IO::Handle; + + $::IOSIZE=1024; + +@@ -232,7 +232,7 @@ + { + if (defined $::LogFile) + { print LOGFILE $_; +- flush(LOGFILE); ++ LOGFILE->flush();; + } + chomp; + +@@ -259,7 +259,7 @@ + } + } + +- flush(STDOUT); ++ STDOUT->flush(); + } + + exit 0; +@@ -789,14 +789,16 @@ + } + + # dispatch request and headers +- printflush(GCHILD_WRITE,"$method $uri $v1 $v2\n") ++ print GCHILD_WRITE "$method $uri $v1 $v2\n" + || die "tell grandchild the request: $!"; ++ GCHILD_WRITE->flush(); + + print PROXY "$method $uri HTTP/$v1.$v2\r\n"; + for my $H (@hdrs) + { print PROXY $H->[0], ":", $H->[1], "\r\n"; + } +- printflush(PROXY,"\r\n"); ++ print PROXY "\r\n"; ++ PROXY->flush(); + ##warn "[$$]: sent rq to proxy\n"; + + proxy_copybody(CONN,PROXY,$method,$persist,\@hdrs) +@@ -965,8 +967,9 @@ + } + + warn "[$child:$$]: pass response to parent\n"; +- printflush(TOCHILD,($persist ? PERSIST : CLOSE)." $code $info") ++ print TOCHILD ($persist ? PERSIST : CLOSE)." $code $info" + || die "[$child:$$]: print(TOCHILD) fails: $!"; ++ TOCHILD->flush(); + warn "[$child:$$]: told parent, passing response to client\n"; + + # copy to child +@@ -974,7 +977,8 @@ + for my $H (@hdrs) + { print CONN $H->[0], ":", $H->[1], "\r\n"; + } +- printflush(CONN,"\r\n"); ++ print CONN "\r\n"; ++ CONN->flush(); + + # see RFC2616 section 10 + if ( +@@ -1050,11 +1054,13 @@ + ) + { + ##warn "[$$]: read ".length($_)." bytes of request body\n"; +- if (! printflush($to,$_)) +- { warn "$::cmd: [$$]: printflush($to,..): $!"; ++ $to->autoflush(1); ++ if (! print $to $_) ++ { warn "$::cmd: [$$]: print $to ..): $!"; + $ok=0; + last COPY; + } ++ $to->autoflush(0); + $cl-=length if defined $cl; + } + warn "[$$]: finished unchunked body, ok=$ok"; +@@ -1083,10 +1089,10 @@ + { print $to $_; + $chunksize-=length; + } +- flush($to); ++ $to->flush(); + } + +- flush($to); ++ $to->flush(); + + # pass trailer headers + while (defined($_=<$from>) && !/^\r?\n/) +@@ -1096,7 +1102,7 @@ + { ##warn "[$$]: final trailer: $_"; + print $to $_; + } +- flush($to); ++ $to->flush(); + + return (1,""); + } diff --git a/net-proxy/adzapper/metadata.xml b/net-proxy/adzapper/metadata.xml new file mode 100644 index 000000000000..b0b62517f3e0 --- /dev/null +++ b/net-proxy/adzapper/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>Redirector for squid that intercepts advertising, page counters and some web bugs</longdescription> +</pkgmetadata> diff --git a/net-proxy/bfilter/Manifest b/net-proxy/bfilter/Manifest new file mode 100644 index 000000000000..4d9255517f30 --- /dev/null +++ b/net-proxy/bfilter/Manifest @@ -0,0 +1 @@ +DIST bfilter-1.1.4.tar.gz 3055651 SHA256 04fda3f2d0c19199cb47c3e0743ba1160f4dee10099ab63f5b174fdd81b49b6a SHA512 d501e09e449a29f175ec5484ba5aa77ce6bd1a51cb146222fca3af4215c162aff885565086cb64be9dc7cdac63611be1a0970b3d2d81e3f2038009ea3f527e5e WHIRLPOOL 0c5dc79b25c88e51d3327a346074f064a685b051f28e640a8a2fe64fd849831df22182045c866da3c0f59575d1ccb273247d4379e0eb7b1206e6ce9ae436353f diff --git a/net-proxy/bfilter/bfilter-1.1.4-r1.ebuild b/net-proxy/bfilter/bfilter-1.1.4-r1.ebuild new file mode 100644 index 000000000000..832e92fdaa2a --- /dev/null +++ b/net-proxy/bfilter/bfilter-1.1.4-r1.ebuild @@ -0,0 +1,68 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit eutils autotools user + +DESCRIPTION="An ad-filtering web proxy featuring an effective heuristic ad-detection algorithm" +HOMEPAGE="http://bfilter.sourceforge.net/" +SRC_URI="mirror://sourceforge/bfilter/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="X debug" + +RDEPEND="sys-libs/zlib + dev-libs/ace + dev-libs/libsigc++:2 + X? ( dev-cpp/gtkmm:2.4 x11-libs/libX11 ) + dev-libs/boost" + +DEPEND="${RDEPEND} + dev-util/scons + virtual/pkgconfig" + +RESTRICT="test" # boost's test API has changed + +src_prepare() { + epatch "${FILESDIR}"/${P}-glib-2.32.patch + epatch "${FILESDIR}"/${P}-external-boost.patch + epatch "${FILESDIR}"/${P}-gtkmm-X11-underlinking.patch + + rm -rf "${S}"/boost + eautoreconf +} + +src_configure() { + econf \ + $(use_enable debug) \ + $(use_with X gui) \ + --without-builtin-boost +} + +src_install() { + emake DESTDIR="${D}" install + insinto /etc/bfilter + doins "${FILESDIR}"/forwarding.xml + + dodoc AUTHORS ChangeLog "${FILESDIR}"/forwarding-proxy.xml + dohtml doc/* + + newinitd "${FILESDIR}/bfilter.init" bfilter + newconfd "${FILESDIR}/bfilter.conf" bfilter +} + +pkg_preinst() { + enewgroup bfilter + enewuser bfilter -1 -1 -1 bfilter +} + +pkg_postinst() { + elog "The documentation is available at" + elog " http://bfilter.sourceforge.net/documentation.php" + elog "For forwarding bfilter service traffic through a proxy," + elog "see forwarding-proxy.xml example installed in the doc directory." +} diff --git a/net-proxy/bfilter/files/bfilter-1.1.4-external-boost.patch b/net-proxy/bfilter/files/bfilter-1.1.4-external-boost.patch new file mode 100644 index 000000000000..6f185ca9f41b --- /dev/null +++ b/net-proxy/bfilter/files/bfilter-1.1.4-external-boost.patch @@ -0,0 +1,63 @@ +diff -Nru bfilter-1.1.4.orig/configure.in bfilter-1.1.4/configure.in +--- bfilter-1.1.4.orig/configure.in 2007-11-11 23:14:49.000000000 +0100 ++++ bfilter-1.1.4/configure.in 2009-10-18 18:26:32.000000000 +0200 +@@ -260,11 +260,6 @@ + Makefile + binreloc/Makefile + foundation/Makefile +-boost/Makefile +-boost/libs/Makefile +-boost/libs/regex/Makefile +-boost/libs/program_options/Makefile +-boost/libs/test/Makefile + reactor/Makefile + mkskel/Makefile + lexgen/Makefile +diff -Nru bfilter-1.1.4.orig/main/daemon/Makefile.am bfilter-1.1.4/main/daemon/Makefile.am +--- bfilter-1.1.4.orig/main/daemon/Makefile.am 2007-01-19 20:21:02.000000000 +0100 ++++ bfilter-1.1.4/main/daemon/Makefile.am 2009-10-18 18:25:52.000000000 +0200 +@@ -6,7 +6,7 @@ + $(top_builddir)/boost/libs/program_options/libprogram_options.la + else + BOOST_CPPFLAGS = +-BOOST_LIBS = ++BOOST_LIBS = -lboost_regex-mt -lboost_program_options-mt + endif + + AM_CPPFLAGS = -DSYSCONFDIR=\"$(sysconfdir)\" \ +diff -Nru bfilter-1.1.4.orig/main/gui/gtk/Makefile.am bfilter-1.1.4/main/gui/gtk/Makefile.am +--- bfilter-1.1.4.orig/main/gui/gtk/Makefile.am 2008-06-02 17:25:27.000000000 +0200 ++++ bfilter-1.1.4/main/gui/gtk/Makefile.am 2009-10-18 18:25:52.000000000 +0200 +@@ -50,7 +50,7 @@ + BOOST_LIBS = $(top_builddir)/boost/libs/regex/libregex.la + else + BOOST_CPPFLAGS = +-BOOST_LIBS = ++BOOST_LIBS = -lboost_regex-mt + endif + + if WITH_GUI +diff -Nru bfilter-1.1.4.orig/Makefile.am bfilter-1.1.4/Makefile.am +--- bfilter-1.1.4.orig/Makefile.am 2007-11-11 23:16:04.000000000 +0100 ++++ bfilter-1.1.4/Makefile.am 2009-10-18 18:26:46.000000000 +0200 +@@ -1,7 +1,7 @@ + EXTRA_DIST = doc cmake bootstrap m4 VERSION CMakeLists.txt types.h pstdint.h \ + config.h.cm bfilter.desktop bfilter.png Doxyfile + DISTCLEANFILES = itypes.h +-SUBDIRS = binreloc foundation boost reactor mkskel lexgen libjs main conf \ ++SUBDIRS = binreloc foundation reactor mkskel lexgen libjs main conf \ + packaging tests + + dist_man_MANS = bfilter.8 +diff -Nru bfilter-1.1.4.orig/tests/Makefile.am bfilter-1.1.4/tests/Makefile.am +--- bfilter-1.1.4.orig/tests/Makefile.am 2007-05-07 16:19:40.000000000 +0200 ++++ bfilter-1.1.4/tests/Makefile.am 2009-10-18 18:25:52.000000000 +0200 +@@ -6,7 +6,7 @@ + $(top_builddir)/boost/libs/regex/libregex.la + else + BOOST_CPPFLAGS = +-BOOST_LIBS = ++BOOST_LIBS = -lboost_regex-mt -lboost_unit_test_framework-mt + endif + + AM_CPPFLAGS = -I$(top_srcdir) -I$(top_builddir) \ diff --git a/net-proxy/bfilter/files/bfilter-1.1.4-glib-2.32.patch b/net-proxy/bfilter/files/bfilter-1.1.4-glib-2.32.patch new file mode 100644 index 000000000000..7b4068b758e3 --- /dev/null +++ b/net-proxy/bfilter/files/bfilter-1.1.4-glib-2.32.patch @@ -0,0 +1,39 @@ +Index: bfilter-1.1.4/main/gui/gtk/CompiledImage.h +=================================================================== +--- bfilter-1.1.4.orig/main/gui/gtk/CompiledImage.h ++++ bfilter-1.1.4/main/gui/gtk/CompiledImage.h +@@ -24,7 +24,7 @@ + #include <config.h> + #endif + +-#include <glib/gtypes.h> ++#include <glib.h> + #include <glibmm/refptr.h> + #include <gdkmm/pixbuf.h> + #include <stddef.h> +Index: bfilter-1.1.4/main/gui/gtk/TrayMenu.h +=================================================================== +--- bfilter-1.1.4.orig/main/gui/gtk/TrayMenu.h ++++ bfilter-1.1.4/main/gui/gtk/TrayMenu.h +@@ -25,7 +25,7 @@ + #endif + + #include "NonCopyable.h" +-#include <glib/gtypes.h> ++#include <glib.h> + #include <memory> + + namespace GtkGUI +Index: bfilter-1.1.4/main/gui/gtk/img2src.sh +=================================================================== +--- bfilter-1.1.4.orig/main/gui/gtk/img2src.sh ++++ bfilter-1.1.4/main/gui/gtk/img2src.sh +@@ -4,7 +4,7 @@ cat <<END + /* This file was generated by img2src.sh */ + + #include "CompiledImage.h" +-#include <glib/gtypes.h> ++#include <glib.h> + + END + diff --git a/net-proxy/bfilter/files/bfilter-1.1.4-gtkmm-X11-underlinking.patch b/net-proxy/bfilter/files/bfilter-1.1.4-gtkmm-X11-underlinking.patch new file mode 100644 index 000000000000..2a474e5d3867 --- /dev/null +++ b/net-proxy/bfilter/files/bfilter-1.1.4-gtkmm-X11-underlinking.patch @@ -0,0 +1,12 @@ +diff -Naur -u a/configure.in b/configure.in +--- a/configure.in 2013-11-30 17:03:04.733971428 +0100 ++++ b/configure.in 2013-11-30 17:03:21.231971410 +0100 +@@ -205,7 +205,7 @@ + [ with_gui="no" ]) + AM_CONDITIONAL(WITH_GUI, [test "$with_gui" = "yes"]) + if test "$with_gui" = "yes"; then +- PKG_CHECK_MODULES(GTKMM, gtkmm-2.4 >= 2.4) ++ PKG_CHECK_MODULES(GTKMM, gtkmm-2.4 >= 2.4 x11) + dnl PKG_CHECK_MODULES(GTHREAD, gthread-2.0 >= 2.0) + dnl GTKMM_LIBS="$GTKMM_LIBS $GTHREAD_LIBS" + AC_SUBST(GTKMM_CFLAGS) diff --git a/net-proxy/bfilter/files/bfilter.conf b/net-proxy/bfilter/files/bfilter.conf new file mode 100644 index 000000000000..3c533b418eae --- /dev/null +++ b/net-proxy/bfilter/files/bfilter.conf @@ -0,0 +1,4 @@ +# Config file for /etc/init.d/bfilter + +# See the bfilter(8) man page for possible options to put here. +BFILTER_OPTS="-u bfilter -g bfilter -r /etc/bfilter" diff --git a/net-proxy/bfilter/files/bfilter.init b/net-proxy/bfilter/files/bfilter.init new file mode 100644 index 000000000000..76437f6b41eb --- /dev/null +++ b/net-proxy/bfilter/files/bfilter.init @@ -0,0 +1,36 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +checkresolvconf() { + #make /etc/bfilter/etc/resolv.conf if chroot is set + if [ "${BFILTER_OPTS#* -r *}" != "${BFILTER_OPTS}" ] ; then + local CHROOTDIR="${BFILTER_OPTS#* -r }" + CHROOTDIR="${CHROOTDIR%% *}" + mkdir -p "${CHROOTDIR}/etc" || return 1 + if ! cmp -s /etc/resolv.conf "${CHROOTDIR}/etc/resolv.conf" ; then + cp -p /etc/resolv.conf "${CHROOTDIR}/etc/resolv.conf" || return 1 + fi + fi + + return 0 +} + +start() { + checkresolvconf || return 1 + + ebegin "Starting bfilter" + start-stop-daemon --start --quiet --exec /usr/bin/bfilter -- ${BFILTER_OPTS} + eend $? +} + +stop() { + ebegin "Stopping bfilter" + start-stop-daemon --stop --quiet --exec /usr/bin/bfilter + eend $? +} diff --git a/net-proxy/bfilter/files/forwarding-proxy.xml b/net-proxy/bfilter/files/forwarding-proxy.xml new file mode 100644 index 000000000000..dafcbb1ed664 --- /dev/null +++ b/net-proxy/bfilter/files/forwarding-proxy.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<forwarding> + <option name="Direct"> + </option> + <option name="ISP Proxy" selected="selected"> + <bypass> + <simple-hostnames/> + <host-mask>*.isp.com</host-mask> + <host-mask>192.168.*</host-mask> + </bypass> + <proxy-chain> + <proxy> + <type>socks4</type><!-- available types: http, socks4, socks4a and socks5 --> + <host>localhost</host> + <port>9050</port> + </proxy> + </proxy-chain> + </option> +</forwarding> diff --git a/net-proxy/bfilter/files/forwarding.xml b/net-proxy/bfilter/files/forwarding.xml new file mode 100644 index 000000000000..9b62c6bfc4a9 --- /dev/null +++ b/net-proxy/bfilter/files/forwarding.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?> +<forwarding> + <option name="Direct" selected="selected"> + </option> +</forwarding> diff --git a/net-proxy/bfilter/metadata.xml b/net-proxy/bfilter/metadata.xml new file mode 100644 index 000000000000..b1cc85f513b0 --- /dev/null +++ b/net-proxy/bfilter/metadata.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription>BFilter is a filtering web proxy. It was originally intended for removing banner ads only, but at some point +it has been extended to remove popups and webbugs. It can't be used as a general purpose filtering proxy +because it was never intended this way. + +For example you can't just block an arbitrary object, you can only hint the ad detector in its decision making. +The main advantage BFilter has over the similar tools is its heuristic ad detection algorithm. The traditional +blocklist-based approach is also implemented, but it's mostly used for dealing with false positives. Unlike +other tools that require constant updates of their blocklists, BFilter manages to remove over 90% of ads +even with an empty blocklist! + +The javascript generated ads are not a problem for BFilter, as it has a javascript engine to combat them. +BFilter is expected work with any browser that supports proxies (nearly any browser does), and can forward +requests to another HTTP proxy.</longdescription> + <upstream> + <remote-id type="sourceforge">bfilter</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/c-icap-modules/Manifest b/net-proxy/c-icap-modules/Manifest new file mode 100644 index 000000000000..1e43f653a80b --- /dev/null +++ b/net-proxy/c-icap-modules/Manifest @@ -0,0 +1 @@ +DIST c_icap_modules-0.2.4.tar.gz 373120 SHA256 63108dfbc36af9f44cfbe073b4248d368eb64c9d3612aeab0d46171be5c15713 SHA512 5752a52f58852f71c98ff60e5670468998fa481807b866b238bfc3f2465387cf4ce4b2ee1544c35021b618cda69798765479129133d9ac25d23662eac1adbc7f WHIRLPOOL 62fae3fa2b3cceffc210b86119715bbfcaa6a48e38986e7553d7442ad1c8402b8d09ab60134e57e05a9a4b7134642f826d34cd00a600eca45b53ada903caf142 diff --git a/net-proxy/c-icap-modules/c-icap-modules-0.2.4.ebuild b/net-proxy/c-icap-modules/c-icap-modules-0.2.4.ebuild new file mode 100644 index 000000000000..fe49ad18060e --- /dev/null +++ b/net-proxy/c-icap-modules/c-icap-modules-0.2.4.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils multilib flag-o-matic + +MY_PN=c_icap_modules #${PN/-/_} +MY_P=${MY_PN}-${PV} + +DESCRIPTION="URL blocklist and virus scanner for the C-ICAP server" +HOMEPAGE="http://c-icap.sourceforge.net/" +SRC_URI="mirror://sourceforge/c-icap/${PN}/0.2.x/${MY_P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="~amd64 ~arm ~x86" +IUSE="berkdb clamav" + +DEPEND="berkdb? ( sys-libs/db ) + clamav? ( app-antivirus/clamav ) + net-proxy/c-icap + sys-libs/glibc + sys-libs/zlib" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +src_configure() { + # some void *** pointers get casted around and can be troublesome to + # fix properly. + append-flags -fno-strict-aliasing + + econf --sysconfdir=/etc/c-icap \ + --disable-dependency-tracking \ + --disable-maintainer-mode \ + --disable-static \ + $(use_with berkdb bdb) \ + $(use_with clamav) +} + +src_compile() { + emake LOGDIR="/var/log" +} + +src_install() { + dodir /etc/c-icap + + emake LOGDIR="/var/log" \ + DESTDIR="${D}" install + + find "${ED}" -name '*.la' -delete || die +} diff --git a/net-proxy/c-icap-modules/metadata.xml b/net-proxy/c-icap-modules/metadata.xml new file mode 100644 index 000000000000..d962f7d9f2de --- /dev/null +++ b/net-proxy/c-icap-modules/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription>URL blocklist and virus scanner for the C-ICAP server</longdescription> + <upstream> + <remote-id type="sourceforge">c-icap</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/c-icap/Manifest b/net-proxy/c-icap/Manifest new file mode 100644 index 000000000000..e7c36ddd237c --- /dev/null +++ b/net-proxy/c-icap/Manifest @@ -0,0 +1 @@ +DIST c_icap-0.2.6.tar.gz 581856 SHA256 e5caf8d53975fbffdd50f99ebf7bf88067c842609ab69e08b4337961ac46482a SHA512 3b1fe1f89581ec4649f74771f4a33a08637428f6cf81a9228f5d08405207c3495e6dadd590254dd6804ccbb7c34af1fc62973563c6156c4249941a599a072a40 WHIRLPOOL 8dd8a999e8863f3873629b0e0dc72e7a4109d37531bf2752d587b4c4df128dba6280b0d9226e3e4edffc615cca6cb6795cc62c9fe2b75ba7adbbcc2f108935ea diff --git a/net-proxy/c-icap/c-icap-0.2.6.ebuild b/net-proxy/c-icap/c-icap-0.2.6.ebuild new file mode 100644 index 000000000000..d78e107ea3d9 --- /dev/null +++ b/net-proxy/c-icap/c-icap-0.2.6.ebuild @@ -0,0 +1,113 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils multilib flag-o-matic + +MY_PN="${PN/-/_}" +MY_P="${MY_PN}-${PV}" + +DESCRIPTION="C Implementation of an ICAP server" +HOMEPAGE="http://c-icap.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" + +LICENSE="LGPL-2.1" +SLOT="0" +KEYWORDS="amd64 ~arm x86" +IUSE="berkdb ipv6 ldap" + +RDEPEND="berkdb? ( sys-libs/db ) + ldap? ( net-nds/openldap ) + sys-libs/zlib" + +DEPEND="${RDEPEND}" +RDEPEND="${RDEPEND}" + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + epatch "${FILESDIR}"/c-icap-0.2.6-fix-icap-parsing.patch +} + +src_configure() { + # some void *** pointers get casted around and can be troublesome to + # fix properly. + append-flags -fno-strict-aliasing + + econf \ + --sysconfdir=/etc/${PN} \ + --disable-dependency-tracking \ + --disable-maintainer-mode \ + --disable-static \ + --enable-large-files \ + $(use_enable ipv6) \ + $(use_with berkdb bdb) \ + $(use_with ldap) +} + +src_compile() { + emake LOGDIR="/var/log" +} + +src_install() { + emake \ + LOGDIR="/var/log" \ + DESTDIR="${D}" install + + find "${D}" -name '*.la' -delete || die + + # Move the daemon out of the way + dodir /usr/libexec + mv "${D}"/usr/bin/c-icap "${D}"/usr/libexec || die + + # Remove the default configuration files since we have etc-update to + # take care of it for us. + rm "${D}"/etc/${PN}/c-icap.*.default || die + + # Fix the configuration file; for some reason it's a bit messy + # around. + sed -i \ + -e 's:/usr/var/:/var/:g' \ + -e 's:/var/log/:/var/log/c-icap/:g' \ + -e 's:/usr/etc/:/etc/c-icap/:g' \ + -e 's:/usr/local/c-icap/etc/:/etc/c-icap/:g' \ + -e 's:/usr/lib/:/usr/'$(get_libdir)'/:g' \ + "${D}"/etc/${PN}/c-icap.conf \ + || die + + dodoc AUTHORS README TODO ChangeLog + + newinitd "${FILESDIR}/${PN}.init.3" ${PN} + newconfd "${FILESDIR}/${PN}.conf" ${PN} + keepdir /var/log/c-icap + + insopts -m0644 + insinto /etc/logrotate.d + newins "${FILESDIR}"/${PN}.logrotate ${PN} + + # avoid triggering portage's symlink protection; this is handled by + # the init script anyway. + rm -rf "${D}"/var/run +} + +pkg_postinst() { + elog "To enable Squid to call the ICAP modules from a local server you should set" + elog "the following in your squid.conf:" + elog "" + elog " icap_enable on" + elog "" + elog " # not strictly needed, but some modules might make use of these" + elog " icap_send_client_ip on" + elog " icap_send_client_username on" + elog "" + elog " icap_service service_req reqmod_precache bypass=1 icap://localhost:1344/service" + elog " adaptation_access service_req allow all" + elog "" + elog " icap_service service_resp respmod_precache bypass=0 icap://localhost:1344/service" + elog " adaptation_access service_resp allow all" + elog "" + elog "You obviously will have to replace \"service\" with the actual ICAP service to" + elog "use." +} diff --git a/net-proxy/c-icap/files/c-icap-0.1.3+db-5.0.patch b/net-proxy/c-icap/files/c-icap-0.1.3+db-5.0.patch new file mode 100644 index 000000000000..6be5fafb2311 --- /dev/null +++ b/net-proxy/c-icap/files/c-icap-0.1.3+db-5.0.patch @@ -0,0 +1,13 @@ +Index: c_icap-0.1.3/modules/bdb_tables.c +=================================================================== +--- c_icap-0.1.3.orig/modules/bdb_tables.c ++++ c_icap-0.1.3/modules/bdb_tables.c +@@ -108,7 +108,7 @@ int bdb_table_do_real_open(struct ci_loo + } + + +-#if(DB_VERSION_MINOR>=1) ++#if (DB_VERSION_MAJOR > 4) || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) + if ((ret = dbdata->db->open( dbdata->db, NULL, table->path, NULL, + DB_BTREE, DB_RDONLY|DB_THREAD, 0)) != 0) { + #else diff --git a/net-proxy/c-icap/files/c-icap-0.1.4-crosscompile.patch b/net-proxy/c-icap/files/c-icap-0.1.4-crosscompile.patch new file mode 100644 index 000000000000..2e2a325989bb --- /dev/null +++ b/net-proxy/c-icap/files/c-icap-0.1.4-crosscompile.patch @@ -0,0 +1,72 @@ +--- a/configure.in 2010-12-21 17:50:08.000000000 +0100 ++++ b/configure.in 2011-06-10 00:24:06.000000000 +0200 +@@ -423,10 +423,8 @@ + ) + + dnl Checking if interprocess posix semaphores works.... +-POSIX_SEMAPHORES="0" +-AC_MSG_CHECKING(if posix 1003.1b interprocess semaphores works) +-AC_TRY_RUN( +-[ ++AC_CACHE_CHECK([if posix 1003.1b interprocess semaphores works], ac_cv_10031b_ipc_sem, ++[AC_TRY_RUN([ + #include <semaphore.h> + #include <sys/wait.h> + +@@ -452,18 +450,24 @@ + exit(0); + } + ], +-AC_DEFINE(HAVE_POSIX_SEMAPHORES,1,[Define HAVE_POSIX_SEMAPHORES if posix 1003.1b semaphores works]) +-POSIX_SEMAPHORES="1" +-AC_MSG_RESULT(yes), +-AC_MSG_RESULT(no) ++ac_cv_10031b_ipc_sem=yes, ++ac_cv_10031b_ipc_sem=no, ++[AC_MSG_ERROR([cross-compiling, ++ presetting ac_cv_10031b_ipc_sem=(yes|no) will help])] + ) ++]) ++AS_IF( ++ [test $ac_cv_10031b_ipc_sem = yes], ++ [AC_DEFINE(HAVE_POSIX_SEMAPHORES,1,[Define HAVE_POSIX_SEMAPHORES if posix 1003.1b semaphores works]) ++ POSIX_SEMAPHORES="1" ++ ],[ ++ POSIX_SEMAPHORES="0" ++ ]) + AC_SUBST(POSIX_SEMAPHORES) + + dnl Checking for file locking +-POSIX_FILE_LOCK="0" +-AC_MSG_CHECKING(if fcntl file locking works) +-AC_TRY_RUN( +-[ ++AC_CACHE_CHECK([if fcntl file locking works], ac_cv_fcntl, ++[AC_TRY_RUN([ + #include <unistd.h> + #include <fcntl.h> + +@@ -487,11 +491,19 @@ + return 0; + } + ], +-AC_DEFINE(HAVE_POSIX_FILE_LOCK,1,[Define HAVE_POSIX_FILE_LOCK if posix fcntl file locking works]) +-POSIX_FILE_LOCK="1" +-AC_MSG_RESULT(yes), +-AC_MSG_RESULT(no) ++ac_cv_fcntl=yes, ++ac_cv_fcntl=no, ++[AC_MSG_ERROR([cross-compiling, ++ presetting ac_cv_fcntl=(yes|no) will help])] + ) ++]) ++AS_IF( ++ [test $ac_cv_fcntl = yes], ++ [AC_DEFINE(HAVE_POSIX_FILE_LOCK,1,[Define HAVE_POSIX_FILE_LOCK if posix fcntl file locking works]) ++ POSIX_FILE_LOCK="1" ++ ],[ ++ POSIX_FILE_LOCK="0" ++ ]) + AC_SUBST(POSIX_FILE_LOCK) + + #pthread_rwlock diff --git a/net-proxy/c-icap/files/c-icap-0.1.6-implicit.patch b/net-proxy/c-icap/files/c-icap-0.1.6-implicit.patch new file mode 100644 index 000000000000..aabffea7dc53 --- /dev/null +++ b/net-proxy/c-icap/files/c-icap-0.1.6-implicit.patch @@ -0,0 +1,12 @@ +Index: c_icap-0.1.6/txtTemplate.c +=================================================================== +--- c_icap-0.1.6.orig/txtTemplate.c ++++ c_icap-0.1.6/txtTemplate.c +@@ -27,6 +27,7 @@ + #include <sys/param.h> + #include <assert.h> + #include <stdlib.h> ++#include <ctype.h> + + #include "body.h" + #include "c-icap.h" diff --git a/net-proxy/c-icap/files/c-icap-0.2.2-asneeded.patch b/net-proxy/c-icap/files/c-icap-0.2.2-asneeded.patch new file mode 100644 index 000000000000..17d5877d3ad5 --- /dev/null +++ b/net-proxy/c-icap/files/c-icap-0.2.2-asneeded.patch @@ -0,0 +1,27 @@ +Index: c_icap-0.2.1/Makefile.am +=================================================================== +--- c_icap-0.2.1.orig/Makefile.am ++++ c_icap-0.2.1/Makefile.am +@@ -37,7 +37,7 @@ c_icap_SOURCES = aserver.c request.c cfg + # libicapapi ...... + libicapapi_la_CFLAGS= -Iinclude/ @ZLIB_ADD_FLAG@ -DCI_BUILD_LIB + +-libicapapi_la_LIBADD = @ZLIB_ADD_LDADD@ ++libicapapi_la_LIBADD = @ZLIB_ADD_LDADD@ @DL_ADD_FLAG@ @THREADS_LDADD@ + libicapapi_la_LDFLAGS= -shared -version-info @CICAPLIB_VERSION@ + + +@@ -47,10 +47,10 @@ c_icap_CFLAGS= -Iinclude/ -DCONFDIR=\"$( + -DSERVDIR=\"$(SERVICESDIR)\" -DLOGDIR=\"$(LOGDIR)\" \ + -DDATADIR=\"$(DATADIR)\" + +-c_icap_LDADD = libicapapi.la @DL_ADD_FLAG@ @THREADS_LDADD@ +-c_icap_LDFLAGS = -rdynamic -rpath @libdir@ @THREADS_LDFLAGS@ ++c_icap_LDADD = libicapapi.la ++c_icap_LDFLAGS = -rdynamic @THREADS_LDFLAGS@ + +-EXT_PROGRAMS_MKLIB = -licapapi @DL_ADD_FLAG@ @THREADS_LDADD@ ++EXT_PROGRAMS_MKLIB = -licapapi + + + INCS = access.h body.h cfg_param.h c-icap-conf.h c-icap.h ci_threads.h \ diff --git a/net-proxy/c-icap/files/c-icap-0.2.6-fix-icap-parsing.patch b/net-proxy/c-icap/files/c-icap-0.2.6-fix-icap-parsing.patch new file mode 100644 index 000000000000..b0275edefee5 --- /dev/null +++ b/net-proxy/c-icap/files/c-icap-0.2.6-fix-icap-parsing.patch @@ -0,0 +1,11 @@ +--- c-icap-0.2.2.orig/request.c 2013-02-03 16:37:43.000000000 +0000 ++++ c-icap-02.2/request.c 2012-06-19 12:55:51.000000000 +0000 +@@ -267,7 +267,7 @@ + req->req_server[servnamelen] = '\0'; + if (*end == '/') { /*service */ + start = ++end; +- while (*end != ' ' && *end != '?') ++ while (*end && *end != ' ' && *end != '?') + end++; + len = end - start; + if (len > 0) { diff --git a/net-proxy/c-icap/files/c-icap.conf b/net-proxy/c-icap/files/c-icap.conf new file mode 100644 index 000000000000..b41176a5396d --- /dev/null +++ b/net-proxy/c-icap/files/c-icap.conf @@ -0,0 +1,13 @@ +# $Id$ + +# Use this to change the configuration file to use for c-icap. +configfile=/etc/c-icap/c-icap.conf + +# Use this to set any extra option for the daemon. Do not use the -f +# option here. +EXTRA_OPTS="" + +# If you enabled LDAP support, and you'd like to access tables stored +# in the local LDAP instance, you want to uncomment the following +# line. +#rc_need="slapd" diff --git a/net-proxy/c-icap/files/c-icap.init.2 b/net-proxy/c-icap/files/c-icap.init.2 new file mode 100644 index 000000000000..398990d22ec0 --- /dev/null +++ b/net-proxy/c-icap/files/c-icap.init.2 @@ -0,0 +1,19 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +pidfile=$(awk '$1 == "PidFile" { print $2 }' /etc/c-icap/c-icap.conf) + +command="/usr/libexec/c-icap" +command_arguments="${EXTRA_OPTS}" + +depend() { + need localmount +} + +start_pre() { + cmdsocket=$(awk '$1 == "CommandsSocket" { print $2 }' /etc/c-icap/c-icap.conf) + + checkpath -d "$(dirname "${cmdsocket}")" "$(dirname "${pidfile}")" +} diff --git a/net-proxy/c-icap/files/c-icap.init.3 b/net-proxy/c-icap/files/c-icap.init.3 new file mode 100644 index 000000000000..4a3e0269bae1 --- /dev/null +++ b/net-proxy/c-icap/files/c-icap.init.3 @@ -0,0 +1,27 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +: ${configfile:=/etc/c-icap/c-icap.conf} + +get_config() { + local value=$(awk '$1 == "'$1'" { print $2 }' ${configfile}) + echo ${value:-$2} +} + +command="/usr/libexec/c-icap" +command_arguments="${EXTRA_OPTS} -f ${configfile}" +pidfile=$(get_config PidFile /var/run/c-icap/c-icap.pid) + +depend() { + need localmount + config ${configfile} + [ "$(get_config Logger file_logger)" = "sys_logger" ] && use logger +} + +start_pre() { + local cmdsocket=$(get_config CommandsSocket /var/run/c-icap/c-icap.ctl) + + checkpath -d "$(dirname "${cmdsocket}")" "$(dirname "${pidfile}")" +} diff --git a/net-proxy/c-icap/files/c-icap.logrotate b/net-proxy/c-icap/files/c-icap.logrotate new file mode 100644 index 000000000000..c4c0a5d34f6e --- /dev/null +++ b/net-proxy/c-icap/files/c-icap.logrotate @@ -0,0 +1,13 @@ +/var/log/c-icap/access.log { + missingok + postrotate + /etc/init.d/c-icap restart + endscript +} + +/var/log/cicap-server.log { + missingok + postrotate + /etc/init.d/c-icap restart + endscript +} diff --git a/net-proxy/c-icap/metadata.xml b/net-proxy/c-icap/metadata.xml new file mode 100644 index 000000000000..6f1cc64be402 --- /dev/null +++ b/net-proxy/c-icap/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>flameeyes@gentoo.org</email> + <description>Co-maintainer, not trying to call for exclusive</description> + </maintainer> + <upstream> + <remote-id type="sourceforge">c-icap</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/cntlm/Manifest b/net-proxy/cntlm/Manifest new file mode 100644 index 000000000000..f42a38cd093c --- /dev/null +++ b/net-proxy/cntlm/Manifest @@ -0,0 +1 @@ +DIST cntlm-0.93beta5.tar.gz 718018 SHA256 97d0d7162e1c782a74958af3b7f48f61ae72b49d2f608d21155f804583a6a754 SHA512 5cb59788a0d6dc5cd787acb36dbe6de9a3909727d63327c9a12b20973619b777add9e0acbe94ed6a3cf1c189ef0e0ac6c01aa3c1c4739881bbd371b4c90744cd WHIRLPOOL e2627cf54e3e91bcc08cbaa9e6e95cb7fb8464bf48e6f924575a86237188d976d86ef9b1cb960c2cd982316dd3ebb6d1bd7129aa4191cbd605f69df09af4b715 diff --git a/net-proxy/cntlm/cntlm-0.93_beta5-r1.ebuild b/net-proxy/cntlm/cntlm-0.93_beta5-r1.ebuild new file mode 100644 index 000000000000..d206912adda0 --- /dev/null +++ b/net-proxy/cntlm/cntlm-0.93_beta5-r1.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils systemd toolchain-funcs user + +DESCRIPTION="Cntlm is an NTLM/NTLMv2 authenticating HTTP proxy" +HOMEPAGE="http://cntlm.sourceforge.net/" +SRC_URI="http://ftp.awk.cz/pub/${P//_}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="" +RDEPEND="" + +S="${WORKDIR}/${P//_}" + +src_prepare() { + epatch "${FILESDIR}"/${P}-buildsystem.patch # 334647 +} + +src_configure() { + tc-export CC + + econf + + # Replace default config file path in Makefile + sed -i -e 's~SYSCONFDIR=/usr/local/etc~SYSCONFDIR=/etc~' \ + "${S}"/Makefile || die "sed failed" +} + +src_compile() { + emake V=1 +} + +src_install() { + dobin cntlm + dodoc COPYRIGHT README VERSION doc/cntlm.conf + doman doc/cntlm.1 + newinitd "${FILESDIR}"/cntlm.initd cntlm + newconfd "${FILESDIR}"/cntlm.confd cntlm + systemd_dounit "${FILESDIR}"/cntlm.service + insinto /etc + insopts -m0600 + doins doc/cntlm.conf +} + +pkg_postinst() { + enewgroup cntlm + enewuser cntlm -1 -1 -1 cntlm +} diff --git a/net-proxy/cntlm/files/cntlm-0.93_beta5-buildsystem.patch b/net-proxy/cntlm/files/cntlm-0.93_beta5-buildsystem.patch new file mode 100644 index 000000000000..d553e8661484 --- /dev/null +++ b/net-proxy/cntlm/files/cntlm-0.93_beta5-buildsystem.patch @@ -0,0 +1,195 @@ +Gentoo Bug#334647: +Respect CC, CFLAGS, LDFLAGS (with gcc). +Support verbose building via 'make V=1'. +--- configure.orig 2012-10-02 14:01:48.735669564 +0200 ++++ configure 2012-10-02 14:23:01.224271511 +0200 +@@ -10,7 +10,7 @@ + # This can be disabled if neccessary. + # + +-CCS="xlc_r gcc" ++CCS=${CC-"xlc_r gcc"} + + # + # Look for supported compilers +@@ -31,15 +31,21 @@ + else + echo "Using $CCPATH to compile Cntlm" + [ -h Makefile ] && rm -f Makefile 2>/dev/null +- case "$CC" in +- gcc) ++ if $CC -v >/dev/null 2>&1; then + # default Makefile is for GCC; just revert back to + # GCC if Makefile is linked to other compiler version + if [ ! -f Makefile ]; then + mv Makefile.gcc Makefile + fi +- ;; +- *) ++ : ${CFLAGS=-O3} ++ : ${LDFLAGS=} ++ CFLAGS="$CFLAGS -std=c99 -Wall -Wno-unused-but-set-variable -pedantic -pthread" ++ LDFLAGS="$LDFLAGS -pthread" ++ sed -e "s~^CFLAGS[ :]*=~CFLAGS=$CFLAGS ~" \ ++ -e "s~^LDFLAGS[ :]*=.*~LDFLAGS=$LDFLAGS~" \ ++ -e "s~^CC[ :]*=.*~CC=$CC~" \ ++ -i Makefile ++ else + # backup default GCC Makefile and create a link to other + if [ -f Makefile ]; then + mv Makefile Makefile.gcc +@@ -47,8 +53,7 @@ + + EXT=`echo "$CC" | sed 's/_.*//'` + ln -s Makefile.$EXT Makefile +- ;; +- esac ++ fi + fi + + STAMP=configure-stamp +@@ -62,7 +67,7 @@ + for i in $TESTS; do + printf "Checking $i... " + printf "#define config_$i " >> $CONFIG +- OUT=`$CC -D_POSIX_C_SOURCE=199506L -D_ISOC99_SOURCE -D_REENTRANT -o config/$i config/$i.c 2>&1` ++ OUT=`$CC $CFLAGS $LDFLAGS -D_POSIX_C_SOURCE=199506L -D_ISOC99_SOURCE -D_REENTRANT -o config/$i config/$i.c 2>&1` + rc=$? + + if [ $rc -ne 0 ]; then # -o -n "$OUT" ]; then +--- Makefile.orig 2012-10-02 15:31:03.986270993 +0200 ++++ Makefile 2012-10-02 15:40:10.277689068 +0200 +@@ -16,14 +16,13 @@ + CC := gcc + VER := $(shell cat VERSION) + OS := $(shell uname -s) +-OSLDFLAGS := $(shell [ $(OS) = "SunOS" ] && echo "-lrt -lsocket -lnsl") +-LDFLAGS := -lpthread $(OSLDFLAGS) ++LIBS := $(shell [ $(OS) = "SunOS" ] && echo "-lrt -lsocket -lnsl") ++LDFLAGS := -pthread + CYGWIN_REQS := cygwin1.dll cyggcc_s-1.dll cygstdc++-6.dll cygrunsrv.exe + ++CFLAGS=-D__BSD_VISIBLE -D_ALL_SOURCE -D_XOPEN_SOURCE=600 -D_POSIX_C_SOURCE=200112 -D_ISOC99_SOURCE -D_REENTRANT -D_BSD_SOURCE -DVERSION=\"'$(VER)'\" + ifeq ($(DEBUG),1) +- CFLAGS += -g -std=c99 -Wall -pedantic -D__BSD_VISIBLE -D_ALL_SOURCE -D_XOPEN_SOURCE=600 -D_POSIX_C_SOURCE=200112 -D_ISOC99_SOURCE -D_REENTRANT -D_BSD_SOURCE -DVERSION=\"'$(VER)'\" +-else +- CFLAGS += -O3 -std=c99 -D__BSD_VISIBLE -D_ALL_SOURCE -D_XOPEN_SOURCE=600 -D_POSIX_C_SOURCE=200112 -D_ISOC99_SOURCE -D_REENTRANT -D_BSD_SOURCE -DVERSION=\"'$(VER)'\" ++ CFLAGS += -g -O0 + endif + + ifneq ($(findstring CYGWIN,$(OS)),) +@@ -32,28 +31,35 @@ + OBJS=utils.o ntlm.o xcrypt.o config.o socket.o acl.o auth.o http.o forward.o direct.o scanner.o pages.o main.o + endif + ++VE_=@echo ++VE_1=@: ++VE=$(VE_$(V)) ++VV_=@ ++VV_1= ++VV=$(VV_$(V)) ++ + $(NAME): configure-stamp $(OBJS) +- @echo "Linking $@" +- @$(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS) ++ $(VE) "Linking $@" ++ $(VV) $(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS) $(LIBS) + + main.o: main.c +- @echo "Compiling $<" +- @if [ -z "$(SYSCONFDIR)" ]; then \ ++ $(VE) "Compiling $<" ++ $(VV) if [ -z "$(SYSCONFDIR)" ]; then \ + $(CC) $(CFLAGS) -c main.c -o $@; \ + else \ + $(CC) $(CFLAGS) -DSYSCONFDIR=\"$(SYSCONFDIR)\" -c main.c -o $@; \ + fi + + %.o: %.c +- @echo "Compiling $<" +- @$(CC) $(CFLAGS) -c -o $@ $< ++ $(VE) "Compiling $<" ++ $(VV) $(CC) $(CFLAGS) -c -o $@ $< + + configure-stamp: + ./configure + + win/resources.o: win/resources.rc +- @echo Adding EXE resources +- @windres $^ -o $@ ++ $(VE) Adding EXE resources ++ $(VV) windres $^ -o $@ + + install: $(NAME) + # Special handling for install(1) +@@ -115,31 +121,31 @@ + + $(NAME)-$(VER)-win32.exe: + @echo - preparing binaries for GUI installer +- @cp $(patsubst %, /bin/%, $(CYGWIN_REQS)) win/ ++ $(VV) cp $(patsubst %, /bin/%, $(CYGWIN_REQS)) win/ + ifeq ($(DEBUG),1) +- @cp -p cntlm.exe win/ ++ $(VV) cp -p cntlm.exe win/ + else +- @strip -o win/cntlm.exe cntlm.exe ++ $(VV) strip -o win/cntlm.exe cntlm.exe + endif + @echo - generating GUI installer +- @win/Inno5/ISCC.exe /Q win/setup.iss #/Q win/setup.iss ++ $(VV) win/Inno5/ISCC.exe /Q win/setup.iss #/Q win/setup.iss + + $(NAME)-$(VER)-win32.zip: + @echo - creating ZIP release for manual installs +- @ln -s win $(NAME)-$(VER) ++ $(VV) ln -s win $(NAME)-$(VER) + zip -9 $(NAME)-$(VER)-win32.zip $(patsubst %, $(NAME)-$(VER)/%, $(CYGWIN_REQS) cntlm.ini LICENSE.txt cntlm_manual.pdf) +- @rm -f $(NAME)-$(VER) ++ $(VV) rm -f $(NAME)-$(VER) + + win/cntlm.ini: doc/cntlm.conf +- @cat doc/cntlm.conf | unix2dos > win/cntlm.ini ++ $(VV) cat doc/cntlm.conf | unix2dos > win/cntlm.ini + + win/LICENSE.txt: COPYRIGHT LICENSE +- @cat COPYRIGHT LICENSE | unix2dos > win/LICENSE.txt ++ $(VV) cat COPYRIGHT LICENSE | unix2dos > win/LICENSE.txt + + win/cntlm_manual.pdf: doc/cntlm.1 + @echo - generating PDF manual +- @rm -f win/cntlm_manual.pdf +- @groff -t -e -mandoc -Tps doc/cntlm.1 | ps2pdf - win/cntlm_manual.pdf ++ $(VV) rm -f win/cntlm_manual.pdf ++ $(VV) groff -t -e -mandoc -Tps doc/cntlm.1 | ps2pdf - win/cntlm_manual.pdf + + win/setup.iss: win/setup.iss.in + ifeq ($(findstring CYGWIN,$(OS)),) +@@ -148,16 +154,16 @@ + @echo + @exit 1 + endif +- @sed "s/\$$VERSION/$(VER)/g" $^ > $@ ++ $(VV) sed "s/\$$VERSION/$(VER)/g" $^ > $@ + + uninstall: + rm -f $(BINDIR)/$(NAME) $(MANDIR)/man1/$(NAME).1 2>/dev/null || true + + clean: +- @rm -f config/endian config/gethostname config/strdup config/socklen_t config/*.exe +- @rm -f *.o cntlm cntlm.exe configure-stamp build-stamp config/config.h ++ $(VV) rm -f config/endian config/gethostname config/strdup config/socklen_t config/*.exe ++ $(VV) rm -f *.o cntlm cntlm.exe configure-stamp build-stamp config/config.h + rm -f $(patsubst %, win/%, $(CYGWIN_REQS) cntlm.exe cntlm.ini LICENSE.txt setup.iss cntlm_manual.pdf) +- @if [ -h Makefile ]; then rm -f Makefile; mv Makefile.gcc Makefile; fi ++ $(VV) if [ -h Makefile ]; then rm -f Makefile; mv Makefile.gcc Makefile; fi + + distclean: clean + ifeq ($(findstring CYGWIN,$(OS)),) +@@ -169,6 +175,6 @@ + fakeroot rpm/rules clean; \ + fi + endif +- @rm -f *.exe *.deb *.rpm *.tgz *.tar.gz *.tar.bz2 *.zip *.exe tags ctags pid 2>/dev/null ++ $(VV) rm -f *.exe *.deb *.rpm *.tgz *.tar.gz *.tar.bz2 *.zip *.exe tags ctags pid 2>/dev/null + + .PHONY: all install tgz tbz2 deb rpm win uninstall clean distclean diff --git a/net-proxy/cntlm/files/cntlm.confd b/net-proxy/cntlm/files/cntlm.confd new file mode 100644 index 000000000000..bc3dce0fb18c --- /dev/null +++ b/net-proxy/cntlm/files/cntlm.confd @@ -0,0 +1,5 @@ +# cntlm init script configuration file + +# here you can specify additional options to cntlm +# NOTE that using config file is recommended +CNTLM_OPTS="" diff --git a/net-proxy/cntlm/files/cntlm.initd b/net-proxy/cntlm/files/cntlm.initd new file mode 100644 index 000000000000..daa19e32313a --- /dev/null +++ b/net-proxy/cntlm/files/cntlm.initd @@ -0,0 +1,22 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +PIDFILE=${PIDFILE:-/var/run/cntlm.pid} + +depend() { + need net +} + +start() { + ebegin "Starting cntlm" + start-stop-daemon --start --background --make-pidfile --pidfile ${PIDFILE} --exec /usr/bin/cntlm -- -f -U cntlm ${CNTLM_OPTS} + eend $? +} + +stop() { + ebegin "Stopping cntlm" + start-stop-daemon --stop --pidfile ${PIDFILE} + eend $? +} diff --git a/net-proxy/cntlm/files/cntlm.service b/net-proxy/cntlm/files/cntlm.service new file mode 100644 index 000000000000..01f2bcdfd803 --- /dev/null +++ b/net-proxy/cntlm/files/cntlm.service @@ -0,0 +1,9 @@ +[Unit] +Description=CNTLM HTTP Accelerator For NTLM Secured Proxies Authenticator +After=network.target + +[Service] +ExecStart=/usr/bin/cntlm -f -U cntlm -c /etc/cntlm.conf + +[Install] +WantedBy=multi-user.target diff --git a/net-proxy/cntlm/metadata.xml b/net-proxy/cntlm/metadata.xml new file mode 100644 index 000000000000..ff08a45e3a0f --- /dev/null +++ b/net-proxy/cntlm/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription lang="en"> + NTLM authorizing proxy. Upstream seems dead, but this is still a good + alternative to ntlmaps. + </longdescription> +</pkgmetadata> + diff --git a/net-proxy/dansguardian/Manifest b/net-proxy/dansguardian/Manifest new file mode 100644 index 000000000000..e68dc7113ef4 --- /dev/null +++ b/net-proxy/dansguardian/Manifest @@ -0,0 +1 @@ +DIST dansguardian-2.12.0.3.tar.bz2 577701 SHA256 c74e9a32b97f9a9a056fced3da23fe48fca2bc6aa9af670afe9a53dc819414f5 SHA512 37155ef4f1a6dd6bdd87f79c7199b77de49746e4bff0631c239a569c21bf26240cbc9eae5a2436653bfc3d170a664710af9d80c4cfac3082a0620caeaac6740b WHIRLPOOL 64f64161a3dbf48c122fbf341ac8a7b4892be2049d1ac05948e9aa8c4cb927efa6ce929404b60c43f67457268f3c432b0ff109fb333ffe8ab84bba0b528b52eb diff --git a/net-proxy/dansguardian/dansguardian-2.12.0.3-r2.ebuild b/net-proxy/dansguardian/dansguardian-2.12.0.3-r2.ebuild new file mode 100644 index 000000000000..714780bc4f2a --- /dev/null +++ b/net-proxy/dansguardian/dansguardian-2.12.0.3-r2.ebuild @@ -0,0 +1,111 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils user + +DESCRIPTION="Web content filtering via proxy" +HOMEPAGE="http://www.${PN}.org" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc ppc64 ~sparc x86" +IUSE="avast backtrace clamav commandline debug email +fancydm icap kaspersky +lfs logrotate ntlm orig-ip +pcre static-libs trickledm" + +RDEPEND="sys-libs/zlib + clamav? ( app-antivirus/clamav ) + logrotate? ( app-admin/logrotate ) + ntlm? ( virtual/libiconv ) + pcre? ( >=dev-libs/libpcre-8.32 )" +DEPEND="${RDEPEND} + virtual/pkgconfig" + +WIKI="http://contentfilter.futuragts.com/wiki/doku.php" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /dev/null ${PN} +} + +src_configure() { + local debug + if use debug ; then + debug="$(use_with debug dgdebug)" + fi + + econf \ + $(use_enable avast avastd) \ + $(use_enable backtrace segv-backtrace) \ + $(use_enable clamav clamd) \ + $(use_enable commandline) \ + ${debug} \ + $(use_enable email) \ + $(use_enable fancydm) \ + $(use_enable icap) \ + $(use_enable kaspersky kavd) \ + $(use_enable lfs) \ + --with-logdir=/var/log/${PN} \ + $(use_enable ntlm) \ + $(use_enable orig-ip) \ + $(use_enable pcre) \ + --with-piddir=/var/run \ + --with-proxygroup=${PN} \ + --with-proxyuser=${PN} \ + $(use_enable static-libs static-zlib) \ + $(use_enable trickledm) +} + +src_install() { + default + + # Edit config files for virus scanners chosen based on USE flags. + if use avast; then + sed -r -i -e 's/^#( *contentscanner *=.*avastdscan[.]conf.*)/\1/' "${D}/etc/${PN}/${PN}.conf" + fi + + if use clamav; then + sed -r -i -e 's/[ \t]+use dns/& clamd/' "${D}/etc/init.d/${PN}" + sed -r -i -e 's/^#( *contentscanner *=.*clamdscan[.]conf.*)/\1/' "${D}/etc/${PN}/${PN}.conf" + fi + + if use commandline; then + sed -r -i -e 's/^#( *contentscanner *=.*commandlinescan[.]conf.*)/\1/' "${D}/etc/${PN}/${PN}.conf" + fi + + if use icap; then + sed -r -i -e 's/^#( *contentscanner *=.*icapscan[.]conf.*)/\1/' "${D}/etc/${PN}/${PN}.conf" + fi + + if use kaspersky; then + sed -r -i -e 's/^#( *contentscanner *=.*kavdscan[.]conf.*)/\1/' "${D}/etc/${PN}/${PN}.conf" + fi + + # Install Gentoo init script + newinitd "${FILESDIR}/${PN}.init" ${PN} + + # Install log rotation file. + if use logrotate; then + insinto /etc/logrotate.d + newins "${FILESDIR}/${PN}.logrotate" ${PN} + else + exeinto /etc/cron.weekly + newexe data/scripts/logrotation ${PN}.cron + fi + + keepdir /var/log/${PN} + fperms o-rwx /var/log/${PN} +} + +pkg_postinst() { + local runas="${PN}:${PN}" + + if [ -d "${ROOT}/var/log/${PN}" ] ; then + chown -R ${runas} "${ROOT}/var/log/${PN}" + chmod o-rwx "${ROOT}/var/log/${PN}" + fi + + einfo "For assistance configuring ${PN}, visit the wiki at ${WIKI}" +} diff --git a/net-proxy/dansguardian/files/dansguardian.init b/net-proxy/dansguardian/files/dansguardian.init new file mode 100644 index 000000000000..1be86f757538 --- /dev/null +++ b/net-proxy/dansguardian/files/dansguardian.init @@ -0,0 +1,32 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +extra_started_commands="reload" + +depend() { + need net + use dns \ + squid apache2 bfilter mman junkbuster oops polipo privoxy tinyproxy wwwoffled + #dansguardian could be used in conjuction with any of the above web proxies + provide dansguardian +} + +start() { + ebegin "Starting DansGuardian" + start-stop-daemon --start --background --pidfile /var/run/dansguardian.pid --exec /usr/sbin/dansguardian --progress --quiet + eend $? +} + +stop() { + ebegin "Stopping DansGuardian" + start-stop-daemon --stop --pidfile /var/run/dansguardian.pid --exec /usr/sbin/dansguardian --progress --quiet + eend $? +} + +reload() { + ebegin "Leaving current connections open. Reloading filter group config files." + /usr/sbin/dansguardian -g + eend $? +} diff --git a/net-proxy/dansguardian/files/dansguardian.logrotate b/net-proxy/dansguardian/files/dansguardian.logrotate new file mode 100644 index 000000000000..2fe8ad51204b --- /dev/null +++ b/net-proxy/dansguardian/files/dansguardian.logrotate @@ -0,0 +1,14 @@ +/var/log/dansguardian/access.log { + rotate 4 + weekly + missingok + notifempty + nocreate + nocopy + nocopytruncate + nocompress + + postrotate + /usr/sbin/dansguardian -r + endscript +} diff --git a/net-proxy/dansguardian/metadata.xml b/net-proxy/dansguardian/metadata.xml new file mode 100644 index 000000000000..b8eb20582e58 --- /dev/null +++ b/net-proxy/dansguardian/metadata.xml @@ -0,0 +1,26 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription>DansGuardian is an award winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters.</longdescription> + <use> + <flag name="avast">Enable support for the AvastD content scanner.</flag> + <flag name="backtrace">Enable logging a backtrace when a segmentation fault occurs.</flag> + <flag name="clamav">Enable support for the ClamD content scanner.</flag> + <flag name="commandline">Enable support for command-line content scanners.</flag> + <flag name="email">Enable support for email reporting functionality.</flag> + <flag name="fancydm">Enable support for the fancy download manager.</flag> + <flag name="icap">Enable support for ICAP AV server content scanner.</flag> + <flag name="kaspersky">Enable support for the Kaspersky AV daemon content scanner.</flag> + <flag name="lfs">Enable large file support on 32 bit systems.</flag> + <flag name="logrotate">Use app-admin/logrotate for rotating logs.</flag> + <flag name="ntlm">Enable support for the NTLM auth plugin.</flag> + <flag name="orig-ip">Enable support for checking the client's original destination IP address against HTTP request details when deployed as a transparent proxy (US-CERT VU#435052).</flag> + <flag name="trickledm">Enable support for the trickle download manager.</flag> + </use> + <upstream> + <remote-id type="sourceforge">dansguardian</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/dante/Manifest b/net-proxy/dante/Manifest new file mode 100644 index 000000000000..a3aeb6faaa28 --- /dev/null +++ b/net-proxy/dante/Manifest @@ -0,0 +1,3 @@ +DIST dante-1.1.19.tar.gz 895713 SHA256 b49f0936282a14c41a03cd70158d1a11e6af3564a18d4b3337f291fb6dae0936 SHA512 765e0042f323d9cb20e42642b30856132737974cd756c303d544c1a400dde5e86b6528d4233afdcf73f1baf9b3e0efacda8aabe5c04afa50495edf6e8a248b83 WHIRLPOOL c83553cbf58c6ea7651a7bfad408460c38d3cda6342825d46e0c1311a665f5422afeb00c5f936262172673764323a96377545bcd5815356dbcad3ba6c0f54f72 +DIST dante-1.4.0.tar.gz 1253458 SHA256 55d448f2d523e69b5637ef12c05556f39201a2c397b4671a2aaaa914ba65684b SHA512 978a70eb789dd2d00a9ac4a7671d13450f9ac96344ae41382c38de7a12e98c2e24159c2e140c95caff0cc9119f7cf409a8716130b34957020706a17c0f96de38 WHIRLPOOL 72e03fe8dabb71d25b34600db4e59dbbc2dfacc32ada26c9931bf33fc0050e7bd506182658517d7653027dbc4cc01e27dd1294fafef7dc3589135c16efa92d96 +DIST dante-1.4.1.tar.gz 1284288 SHA256 b6d232bd6fefc87d14bf97e447e4fcdeef4b28b16b048d804b50b48f261c4f53 SHA512 1c8e2966ba68c8584fb99ff76ae1d9c8dfe669c7e5e61c7e6e7f87295d1280c3e7849491a6369ce27795040f951dcc11f4f2b3d7e46c54219594c89315d0487e WHIRLPOOL ab59762ac2f429cb32afd98b396e432f9c62260dd69e8f96d384491cd8620f6530537dcaaf4c39270d0d2448ef06e85cd9018dcc93bb2366e5e8d6606be57b23 diff --git a/net-proxy/dante/dante-1.1.19-r4.ebuild b/net-proxy/dante/dante-1.1.19-r4.ebuild new file mode 100644 index 000000000000..5cb9c6c8558f --- /dev/null +++ b/net-proxy/dante/dante-1.1.19-r4.ebuild @@ -0,0 +1,87 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils autotools user + +DESCRIPTION="A free socks4,5 and msproxy implementation" +HOMEPAGE="http://www.inet.no/dante/" +SRC_URI="ftp://ftp.inet.no/pub/socks/${P}.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~m68k ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd" +IUSE="tcpd debug selinux pam" + +RDEPEND="pam? ( virtual/pam ) + tcpd? ( sys-apps/tcp-wrappers ) + selinux? ( sec-policy/selinux-dante ) + userland_GNU? ( virtual/shadow )" +DEPEND="${RDEPEND} + sys-devel/flex + sys-devel/bison + >=sys-apps/sed-4" + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}/${P}-socksify.patch" + epatch "${FILESDIR}/${P}-libpam.patch" + + sed -i \ + -e 's:/etc/socks\.conf:/etc/socks/socks.conf:' \ + -e 's:/etc/sockd\.conf:/etc/socks/sockd.conf:' \ + doc/{faq.ps,faq.tex,sockd.8,sockd.conf.5,socks.conf.5} + + sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:' configure.ac || die + + eautoreconf +} + +src_compile() { + econf \ + `use_enable debug` \ + `use_enable tcpd libwrap` \ + `use_with pam` \ + --with-socks-conf=/etc/socks/socks.conf \ + --with-sockd-conf=/etc/socks/sockd.conf \ + || die "bad ./configure" + # the comments in the source say this is only useful for 2.0 kernels ... + # well it may fix 2.0 but it breaks with 2.6 :) + sed -i 's:if HAVE_LINUX_ECCENTRICITIES:if 0:' include/common.h + emake || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install has failed" + + # bor: comment libdl.so out it seems to work just fine without it + sed -i -e 's:libdl\.so::' "${D}/usr/bin/socksify" || die 'sed failed' + + # default configuration files + insinto /etc/socks + doins "${FILESDIR}"/sock?.conf + cd "${D}/etc/socks" && { + use pam && epatch "${FILESDIR}/sockd.conf-with-pam.patch" + use tcpd && epatch "${FILESDIR}/sockd.conf-with-libwrap.patch" + } + cd "${S}" + + # our init script + newinitd "${FILESDIR}/dante-sockd-init" dante-sockd + newconfd "${FILESDIR}/dante-sockd-conf" dante-sockd + + # install documentation + dodoc BUGS CREDITS NEWS README SUPPORT TODO + docinto txt + cd doc + dodoc README* *.txt SOCKS4.* + docinto example + cd ../example + dodoc *.conf +} + +pkg_postinst() { + enewuser sockd -1 -1 /etc/socks daemon +} diff --git a/net-proxy/dante/dante-1.4.0-r2.ebuild b/net-proxy/dante/dante-1.4.0-r2.ebuild new file mode 100644 index 000000000000..e2443d8d772f --- /dev/null +++ b/net-proxy/dante/dante-1.4.0-r2.ebuild @@ -0,0 +1,98 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit autotools eutils systemd user + +DESCRIPTION="A free socks4,5 and msproxy implementation" +HOMEPAGE="http://www.inet.no/dante/" +MY_P="${P/_/-}" +SRC_URI="ftp://ftp.inet.no/pub/socks/${MY_P}.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha amd64 arm hppa ia64 ~m68k ~mips ppc ppc64 ~s390 ~sh ~sparc x86 ~amd64-fbsd ~x86-fbsd" +IUSE="debug kerberos pam selinux static-libs tcpd upnp" + +CDEPEND="pam? ( virtual/pam ) + kerberos? ( virtual/krb5 ) + tcpd? ( sys-apps/tcp-wrappers ) + userland_GNU? ( virtual/shadow ) + upnp? ( net-libs/miniupnpc )" +DEPEND="${CDEPEND} + sys-devel/flex + sys-devel/bison" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-dante ) +" +DOCS="BUGS CREDITS NEWS README SUPPORT doc/README* doc/*.txt doc/SOCKS4.protocol" + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + epatch \ + "${FILESDIR}"/${PN}-1.4.0-socksify.patch \ + "${FILESDIR}"/${PN}-1.4.0-osdep-format-macro.patch \ + "${FILESDIR}"/${PN}-1.4.0-cflags.patch \ + "${FILESDIR}"/${PN}-1.4.0-HAVE_SENDBUF_IOCTL.patch + + sed -i \ + -e 's:/etc/socks\.conf:"${EPREFIX}"/etc/socks/socks.conf:' \ + -e 's:/etc/sockd\.conf:"${EPREFIX}"/etc/socks/sockd.conf:' \ + doc/{socksify.1,socks.conf.5,sockd.conf.5,sockd.8} \ + || die + + sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:' configure.ac || die + + eautoreconf +} + +src_configure() { + # hardcoded the libc name otherwise the scan on a amd64 multilib system + # ends up finding /usr/lib32/libc.so.5. That cascades and causes the + # preload/libdsocks to not be built. + econf \ + --with-socks-conf="${EPREFIX}"/etc/socks/socks.conf \ + --with-sockd-conf="${EPREFIX}"/etc/socks/sockd.conf \ + --enable-preload \ + --enable-clientdl \ + --enable-serverdl \ + --enable-drt-fallback \ + --with-libc=libc.so.6 \ + $(use_enable debug) \ + $(use_with kerberos gssapi) \ + $(use_with pam) \ + $(use_with upnp) \ + $(use_enable static-libs static) \ + $(use_enable tcpd libwrap) +} + +src_install() { + default + + # default configuration files + insinto /etc/socks + doins "${FILESDIR}"/sock?.conf + pushd "${ED}/etc/socks" > /dev/null + use pam && epatch "${FILESDIR}/sockd.conf-with-pam.patch" + use tcpd && epatch "${FILESDIR}/sockd.conf-with-libwrap.patch" + popd > /dev/null + + # init script + newinitd "${FILESDIR}/${PN}-1.3.2-sockd-init" dante-sockd + newconfd "${FILESDIR}/dante-sockd-conf" dante-sockd + + systemd_dounit "${FILESDIR}/dante-sockd.service" + + # example configuration files + docinto examples + dodoc example/*.conf + + use static-libs || find "${ED}" -name '*.la' -exec rm '{}' + +} + +pkg_postinst() { + enewuser sockd -1 -1 /etc/socks daemon +} diff --git a/net-proxy/dante/dante-1.4.1.ebuild b/net-proxy/dante/dante-1.4.1.ebuild new file mode 100644 index 000000000000..edd98b91e92e --- /dev/null +++ b/net-proxy/dante/dante-1.4.1.ebuild @@ -0,0 +1,98 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit autotools eutils systemd user + +DESCRIPTION="A free socks4,5 and msproxy implementation" +HOMEPAGE="http://www.inet.no/dante/" +MY_P="${P/_/-}" +SRC_URI="ftp://ftp.inet.no/pub/socks/${MY_P}.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd" +IUSE="debug kerberos pam selinux static-libs tcpd upnp" + +CDEPEND="kerberos? ( virtual/krb5 ) + pam? ( virtual/pam ) + tcpd? ( sys-apps/tcp-wrappers ) + upnp? ( net-libs/miniupnpc ) + userland_GNU? ( virtual/shadow )" +DEPEND="${CDEPEND} + sys-devel/bison + sys-devel/flex" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-dante ) +" +DOCS="BUGS CREDITS NEWS README SUPPORT doc/README* doc/*.txt doc/SOCKS4.protocol" + +S="${WORKDIR}/${MY_P}" + +src_prepare() { + epatch \ + "${FILESDIR}"/${PN}-1.4.0-socksify.patch \ + "${FILESDIR}"/${PN}-1.4.0-osdep-format-macro.patch \ + "${FILESDIR}"/${PN}-1.4.0-cflags.patch \ + "${FILESDIR}"/${PN}-1.4.0-HAVE_SENDBUF_IOCTL.patch + + sed -i \ + -e 's:/etc/socks\.conf:"${EPREFIX}"/etc/socks/socks.conf:' \ + -e 's:/etc/sockd\.conf:"${EPREFIX}"/etc/socks/sockd.conf:' \ + doc/{socksify.1,socks.conf.5,sockd.conf.5,sockd.8} \ + || die + + sed -i -e 's:AM_CONFIG_HEADER:AC_CONFIG_HEADERS:' configure.ac || die + + eautoreconf +} + +src_configure() { + # hardcoded the libc name otherwise the scan on a amd64 multilib system + # ends up finding /usr/lib32/libc.so.5. That cascades and causes the + # preload/libdsocks to not be built. + econf \ + --with-socks-conf="${EPREFIX}"/etc/socks/socks.conf \ + --with-sockd-conf="${EPREFIX}"/etc/socks/sockd.conf \ + --enable-preload \ + --enable-clientdl \ + --enable-serverdl \ + --enable-drt-fallback \ + --with-libc=libc.so.6 \ + $(use_enable debug) \ + $(use_with kerberos gssapi) \ + $(use_with pam) \ + $(use_with upnp) \ + $(use_enable static-libs static) \ + $(use_enable tcpd libwrap) +} + +src_install() { + default + + # default configuration files + insinto /etc/socks + doins "${FILESDIR}"/sock?.conf + pushd "${ED}"/etc/socks > /dev/null + use pam && epatch "${FILESDIR}"/sockd.conf-with-pam.patch + use tcpd && epatch "${FILESDIR}"/sockd.conf-with-libwrap.patch + popd > /dev/null + + # init script + newinitd "${FILESDIR}"/${PN}-1.3.2-sockd-init dante-sockd + newconfd "${FILESDIR}"/dante-sockd-conf dante-sockd + + systemd_dounit "${FILESDIR}"/dante-sockd.service + + # example configuration files + docinto examples + dodoc example/*.conf + + prune_libtool_files +} + +pkg_postinst() { + enewuser sockd -1 -1 /etc/socks daemon +} diff --git a/net-proxy/dante/files/dante-1.1.19-libpam.patch b/net-proxy/dante/files/dante-1.1.19-libpam.patch new file mode 100644 index 000000000000..5c732e2f1e92 --- /dev/null +++ b/net-proxy/dante/files/dante-1.1.19-libpam.patch @@ -0,0 +1,76 @@ +diff -Nru dante-1.1.19.orig/acinclude.m4 dante-1.1.19/acinclude.m4 +--- dante-1.1.19.orig/acinclude.m4 2005-12-18 21:57:57.000000000 +0100 ++++ dante-1.1.19/acinclude.m4 2008-06-25 22:24:16.000000000 +0200 +@@ -260,4 +260,4 @@ + + tproto($@)]) + +-# -- acinclude end -- +\ No newline at end of file ++# -- acinclude end -- +diff -Nru dante-1.1.19.orig/configure.ac dante-1.1.19/configure.ac +--- dante-1.1.19.orig/configure.ac 2006-01-15 16:33:37.000000000 +0100 ++++ dante-1.1.19/configure.ac 2008-06-25 22:25:09.000000000 +0200 +@@ -21,7 +21,7 @@ + #NOTE: save CFLAGS; wish to compile without -O2 when debugging + oCFLAGS=$CFLAGS + unset CFLAGS +-AC_AIX #evidently also modifies CFLAGS ++#AC_AIX #evidently also modifies CFLAGS + AC_PROG_LIBTOOL + autoconf_compflags=$CFLAGS + CFLAGS=$oCFLAGS +@@ -30,18 +30,6 @@ + + AM_CONDITIONAL(PRERELEASE, test x$prerelease != x) + +-#known keywords for --enable/disable-foo(=yes/no)? +-LTINTERNAL="dlopen|dlopen_self|dlopen_self_static|fast_install|libtool_lock|win32_dll|shared_with_static_runtimes|shared_with_static_runtimes_CXX|shared_with_static_runtimes_F77" +-KNOWN_KEYWORDS="$LTINTERNAL|shared|static|debug|warnings|diagnostic|profiling|linting|libwrap|preload|serverdl|clientdl|internal|pidfile" +-for keyword in `set | egrep '^enable_' | sed -e 's/^enable_\(.*\)=.*/\1/'`; +-do +- echo $keyword | egrep "^(${KNOWN_KEYWORDS})$" > /dev/null +- if test $? -ne 0; then +- AC_MSG_WARN([unknown option '$keyword', ignoring ...]) +- sleep 10; +- fi +-done +- + #Solaris 2.5.1 is broken in many places + case $host in + *-*-solaris2.5.1) +@@ -1288,15 +1288,18 @@ + [ --without-pam disable pam support @<:@default=detect@:>@], + [PAM=$withval]) + ++LIBPAM= + if test "${PAM}" != no; then + #look for PAM header and lib + AC_CHECK_HEADERS(security/pam_appl.h, [have_pam_header=t]) +- AC_SEARCH_LIBS(pam_start, pam, [have_libpam=t]) ++ AC_CHECK_LIB(pam, pam_start, [have_libpam=t]) + + if test x"${have_pam_header}" != x -a x"${have_libpam}" != x; then + AC_DEFINE(HAVE_PAM, 1, [PAM support]) ++ LIBPAM=-lpam + fi + fi ++AC_SUBST(LIBPAM) + + #expected select behaviour? + unset nb_select_err +diff -Nru dante-1.1.19.orig/sockd/Makefile.am dante-1.1.19/sockd/Makefile.am +--- dante-1.1.19.orig/sockd/Makefile.am 2005-11-06 18:37:14.000000000 +0100 ++++ dante-1.1.19/sockd/Makefile.am 2008-06-25 22:24:16.000000000 +0200 +@@ -35,9 +35,9 @@ + + #XXXhack + if STATIC_SOCKD +-sockd_LDADD = ../libscompat/sockatmark.o ${LIBWRAP} ++sockd_LDADD = ../libscompat/sockatmark.o ${LIBWRAP} ${LIBPAM} + else +-sockd_LDADD = ../libscompat/libscompat.la ${LIBWRAP} ++sockd_LDADD = ../libscompat/libscompat.la ${LIBWRAP} ${LIBPAM} + endif + + INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/libscompat diff --git a/net-proxy/dante/files/dante-1.1.19-socksify.patch b/net-proxy/dante/files/dante-1.1.19-socksify.patch new file mode 100644 index 000000000000..632deb1f9b58 --- /dev/null +++ b/net-proxy/dante/files/dante-1.1.19-socksify.patch @@ -0,0 +1,16 @@ +--- dante-1.1.15-pre1/bin/socksify.in.agriffis 2004-11-04 16:07:04.000000000 -0500 ++++ dante-1.1.15-pre1/bin/socksify.in 2004-11-04 16:07:08.977460049 -0500 +@@ -60,7 +60,11 @@ + @PRELOAD_VARIABLE@="${LIBRARY}${SOCKSIFY_PRELOAD_LIBS:+${PRELOAD_SEPERATOR}}${SOCKSIFY_PRELOAD_LIBS}${PRELOAD_POSTFIX:+${PRELOAD_SEPERATOR}}${PRELOAD_POSTFIX}" + export @PRELOAD_VARIABLE@ + +-LD_LIBRARY_PATH="${LD_LIBRARY_PATH}${LD_LIBRARY_PATH:+:}${LIBDIR}" +-export LD_LIBRARY_PATH ++# There is no reason to set LD_LIBRARY_PATH, at least on Linux, where ++# LD_PRELOAD can contain a full path to the library. Setting the ++# following breaks socksify on Linux/Alpha at least with ++# binutils-2.14.90.0.7-r3 (08 Dec 2003 agriffis) ++#LD_LIBRARY_PATH="${LD_LIBRARY_PATH}${LD_LIBRARY_PATH:+:}${LIBDIR}" ++#export LD_LIBRARY_PATH + + exec "$@" diff --git a/net-proxy/dante/files/dante-1.3.0-socksify.patch b/net-proxy/dante/files/dante-1.3.0-socksify.patch new file mode 100644 index 000000000000..45fd0fd2ed54 --- /dev/null +++ b/net-proxy/dante/files/dante-1.3.0-socksify.patch @@ -0,0 +1,26 @@ +--- dante-1.3.0/bin/socksify.in.orig ++++ dante-1.3.0/bin/socksify.in +@@ -53,8 +53,6 @@ + exit 1 + fi + +-SOCKSIFY_PRELOAD_LIBS="@SOCKSIFY_PRELOAD_LIBS@" +- + SOCKS_LIBDIR="${SOCKS_LIBDIR:-@LIBRARY_PREFIX@}" + + if test x`uname` = xDarwin; then +@@ -80,8 +78,12 @@ + @PRELOAD_VARIABLE@="${LIBRARY}${SOCKSIFY_PRELOAD_LIBS:+${PRELOAD_SEPERATOR}}${SOCKSIFY_PRELOAD_LIBS}${PRELOAD_POSTFIX:+${PRELOAD_SEPERATOR}}${PRELOAD_POSTFIX}" + export @PRELOAD_VARIABLE@ + +-LD_LIBRARY_PATH="${LD_LIBRARY_PATH}${LD_LIBRARY_PATH:+:}${SOCKS_LIBDIR}" +-export LD_LIBRARY_PATH ++# There is no reason to set LD_LIBRARY_PATH, at least on Linux, where ++# LD_PRELOAD can contain a full path to the library. Setting the ++# following breaks socksify on Linux/Alpha at least with ++# binutils-2.14.90.0.7-r3 (08 Dec 2003 agriffis) ++#LD_LIBRARY_PATH="${LD_LIBRARY_PATH}${LD_LIBRARY_PATH:+:}${LIBDIR}" ++#export LD_LIBRARY_PATH + + if test x"@ISA64DIR@" != x; then + SOCKS_LIB64DIR="${LIB64DIR:-${SOCKS_LIBDIR}/@ISA64DIR@}" diff --git a/net-proxy/dante/files/dante-1.3.1-flags.patch b/net-proxy/dante/files/dante-1.3.1-flags.patch new file mode 100644 index 000000000000..fb8c211b3a0a --- /dev/null +++ b/net-proxy/dante/files/dante-1.3.1-flags.patch @@ -0,0 +1,43 @@ +Respect CFLAGS (bug #377353) -JeR + + +--- a/configure.ac ++++ b/configure.ac +@@ -199,18 +199,6 @@ + #XXX make sure compiling with compiler options works + esac + +-AC_MSG_CHECKING([for support for -pipe compiler flag]) +-oCFLAGS=$CFLAGS +-CFLAGS="$CFLAGS -pipe" +-AC_TRY_RUN([ +-int main() +-{ +- return 0; +-}], [AC_MSG_RESULT([yes]) +- comp_flags="${comp_flags} -pipe"], +- AC_MSG_RESULT([no])) +-CFLAGS="$oCFLAGS" +- + AC_MSG_CHECKING([for support for -Wbounded compiler flag]) + oCFLAGS=$CFLAGS + CFLAGS="$CFLAGS -Wbounded" +@@ -233,18 +221,11 @@ + fi]) + + if test x$debug_enabled = xt; then +- #no optimization wanted +- if test $ac_cv_prog_cc_g = yes; then +- CFLAGS="$CFLAGS -g" +- fi + CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-DDEBUG=1" + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) +- #autoconf_compflags is set to "-g -O2" with GCC +- #override CFLAGS when running configure to avoid this + CPPFLAGS="$CPPFLAGS${CPPFLAGS:+ }-DDEBUG=0" +- CFLAGS="$CFLAGS $autoconf_compflags" + fi + + #-Wall ? diff --git a/net-proxy/dante/files/dante-1.3.2-sockd-init b/net-proxy/dante/files/dante-1.3.2-sockd-init new file mode 100644 index 000000000000..e2b90fd57510 --- /dev/null +++ b/net-proxy/dante/files/dante-1.3.2-sockd-init @@ -0,0 +1,57 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +SOCKD_OPT="" +[ "${SOCKD_FORKDEPTH:-1}" -gt 1 ] && SOCKD_OPT="${SOCKD_OPT} -N ${SOCKD_FORKDEPTH}" +[ "${SOCKD_DEBUG:-0}" -eq 1 ] && SOCKD_OPT="${SOCKD_OPT} -d" +[ "${SOCKD_DISABLE_KEEPALIVE:-0}" -eq 1 ] && SOCKD_OPT="${SOCKD_OPT} -n" +PIDFILE=/var/run/sockd.pid +SOCKDIR=/var/lock/dante-sockd/ + +depend() { + need net +} + +checkconfig() { + # first check that it exists + if [ ! -f /etc/socks/sockd.conf ] ; then + eerror "You need to setup /etc/socks/sockd.conf first" + eerror "Examples are in /usr/share/doc/dante[version]/example" + eerror "for more info, see: man sockd.conf" + return 1 + fi + + /usr/sbin/sockd -V >/tmp/dante-sockd.checkconf 2>&1 + if [ $? -ne 0 ]; then + cat /tmp/dante-sockd.checkconf + eerror "Something is wrong with your configuration file" + eerror "for more info, see: man sockd.conf" + return 1 + fi + rm /tmp/dante-sockd.checkconf + + DAEMON_UID=`sed -e '/^[ \t]*user[.]notprivileged[ \t]*:/{s/.*:[ \t]*//;q};d' /etc/socks/sockd.conf` + if [ -n "$DAEMON_UID" ]; then + [ ! -d $SOCKDIR ] && mkdir $SOCKDIR && chown $DAEMON_UID $SOCKDIR + [ ! -f $SOCKDIR/.keep ] && touch $SOCKDIR/.keep + fi + + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Starting dante sockd" + start-stop-daemon --start --quiet \ + --background --pidfile $PIDFILE --make-pidfile --env TMPDIR=$SOCKDIR \ + --exec /usr/sbin/sockd -- ${SOCKD_OPT} >/dev/null 2>&1 + eend $? "Failed to start sockd" +} + +stop() { + ebegin "Stopping dante sockd" + start-stop-daemon --stop --quiet --pidfile $PIDFILE + eend $? "Failed to stop sockd" +} diff --git a/net-proxy/dante/files/dante-1.4.0-HAVE_SENDBUF_IOCTL.patch b/net-proxy/dante/files/dante-1.4.0-HAVE_SENDBUF_IOCTL.patch new file mode 100644 index 000000000000..d8e2c220ce92 --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.0-HAVE_SENDBUF_IOCTL.patch @@ -0,0 +1,11 @@ +--- a/libscompat.m4 ++++ b/libscompat.m4 +@@ -373,7 +373,7 @@ + + return 0; + }], [AC_MSG_RESULT(yes) +- AC_DEFINE(HAVE_SENDBUF_IOCTL, TIOCOUTQ, [send buffer data]) ++ AC_DEFINE(HAVE_SENDBUF_IOCTL, 1, [send buffer data]) + AC_DEFINE(SENDBUF_IOCTLVAL, TIOCOUTQ, [send buffer ioctl])], + [AC_MSG_RESULT(no)])], + [dnl assume no when cross-compiling diff --git a/net-proxy/dante/files/dante-1.4.0-cflags.patch b/net-proxy/dante/files/dante-1.4.0-cflags.patch new file mode 100644 index 000000000000..eccb64a5d7d8 --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.0-cflags.patch @@ -0,0 +1,32 @@ +The upstream code tries to remove -g from CFLAGS, but the logic also matches +the -g in the middle of flags, like: +-frecord-gcc-switches => -frecordcc-switches +-ggdb3 => ggdb3 +Both of which cause GCC to fail horribly! + +Fix the grep & sed to only match standalone instances. + +Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> + +diff -Nuar dante-1.4.0.orig/compiler.m4 dante-1.4.0/compiler.m4 +--- dante-1.4.0.orig/compiler.m4 2013-10-24 13:20:23.000000000 -0700 ++++ dante-1.4.0/compiler.m4 2014-01-05 15:18:03.544336373 -0800 +@@ -375,14 +375,14 @@ + gcc) + if test x"$aixldbug" != x; then + #disable debug info +- if echo $CFLAGS | grep -- "-g" >/dev/null; then +- CFLAGS="`echo $CFLAGS | sed -e 's/-g//g'`" ++ if echo $CFLAGS | grep -w -- "-g" >/dev/null; then ++ CFLAGS="`echo $CFLAGS | sed -e 's/\<-g\>//g'`" + fi + CFLAGS="$CFLAGS${CFLAGS:+ }-g0" + else + #use -ggdb also when not debugging +- if echo $CFLAGS | grep -- "-g" >/dev/null; then +- CFLAGS="`echo $CFLAGS | sed -e 's/-g//g'`" ++ if echo $CFLAGS | grep -w -- "-g" >/dev/null; then ++ CFLAGS="`echo $CFLAGS | sed -e 's/\<-g\>//g'`" + fi + CFLAGS="$CFLAGS${CFLAGS:+ }-ggdb" + fi diff --git a/net-proxy/dante/files/dante-1.4.0-osdep-format-macro.patch b/net-proxy/dante/files/dante-1.4.0-osdep-format-macro.patch new file mode 100644 index 000000000000..02a0d916e563 --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.0-osdep-format-macro.patch @@ -0,0 +1,15 @@ +diff -Nuar --exclude '*.orig' --exclude '*.rej' dante-1.4.0.orig/include/osdep.h dante-1.4.0/include/osdep.h +--- dante-1.4.0.orig/include/osdep.h 2013-10-27 08:24:41.000000000 -0700 ++++ dante-1.4.0/include/osdep.h 2014-01-05 15:06:45.346071952 -0800 +@@ -254,9 +254,9 @@ + #endif /* HAVE_DECL_NONNULL */ + + #if HAVE_DECL_FORMAT +-#define FORMAT(x, y, z) format(x, y, z) ++#define FORMAT(...) format(__VA_ARGS__) + #else +-#define FORMAT(x, y, z) ++#define FORMAT(...) + #endif /* HAVE_DECL_FORMAT */ + + #if HAVE_DECL_BOUNDED diff --git a/net-proxy/dante/files/dante-1.4.0-socksify.patch b/net-proxy/dante/files/dante-1.4.0-socksify.patch new file mode 100644 index 000000000000..2063327b42c5 --- /dev/null +++ b/net-proxy/dante/files/dante-1.4.0-socksify.patch @@ -0,0 +1,27 @@ +diff -Nuar --exclude '*.orig' --exclude '*.rej' dante-1.4.0.orig/bin/socksify.in dante-1.4.0/bin/socksify.in +--- dante-1.4.0.orig/bin/socksify.in 2013-10-27 08:24:41.000000000 -0700 ++++ dante-1.4.0/bin/socksify.in 2014-01-05 15:04:32.495670262 -0800 +@@ -53,7 +53,7 @@ + exit 1 + fi + +-SOCKSIFY_PRELOAD_LIBS="@SOCKSIFY_PRELOAD_LIBS@" ++#SOCKSIFY_PRELOAD_LIBS="@SOCKSIFY_PRELOAD_LIBS@" + SOCKS_LIBDIR="${SOCKS_LIBDIR:-@LIBRARY_PREFIX@}" + + #platform that requires full path to libdsocks? +@@ -82,8 +82,12 @@ + @PRELOAD_VARIABLE@="${LIBRARY}${SOCKSIFY_PRELOAD_LIBS:+${PRELOAD_SEPERATOR}}${SOCKSIFY_PRELOAD_LIBS}${PRELOAD_POSTFIX:+${PRELOAD_SEPERATOR}}${PRELOAD_POSTFIX}" + export @PRELOAD_VARIABLE@ + +-LD_LIBRARY_PATH="${SOCKS_LIBDIR}${LD_LIBRARY_PATH:+:}${LD_LIBRARY_PATH}" +-export LD_LIBRARY_PATH ++# There is no reason to set LD_LIBRARY_PATH, at least on Linux, where ++# LD_PRELOAD can contain a full path to the library. Setting the ++# following breaks socksify on Linux/Alpha at least with ++# binutils-2.14.90.0.7-r3 (08 Dec 2003 agriffis) ++#LD_LIBRARY_PATH="${SOCKS_LIBDIR}${LD_LIBRARY_PATH:+:}${LD_LIBRARY_PATH}" ++#export LD_LIBRARY_PATH + + #SunOS 64-bit library path + if test x"@ISA64DIR@" != x; then diff --git a/net-proxy/dante/files/dante-sockd-conf b/net-proxy/dante/files/dante-sockd-conf new file mode 100644 index 000000000000..1957925c6efd --- /dev/null +++ b/net-proxy/dante/files/dante-sockd-conf @@ -0,0 +1,14 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +# Number of processes to fork off +# 1 is plenty for most users +# increment SLOWLY for bigger demand +SOCKD_FORKDEPTH=1 + +# set this to 1 to enable debug +SOCKD_DEBUG=0 + +# disable TCP keepalive for better resource usage +SOCKD_DISABLE_KEEPALIVE=1 diff --git a/net-proxy/dante/files/dante-sockd-init b/net-proxy/dante/files/dante-sockd-init new file mode 100644 index 000000000000..8b95e4a79adc --- /dev/null +++ b/net-proxy/dante/files/dante-sockd-init @@ -0,0 +1,58 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +SOCKD_OPT="-D" +[ "${SOCKD_FORKDEPTH:-1}" -gt 1 ] && SOCKD_OPT="${SOCKD_OPT} -N ${SOCKD_FORKDEPTH}" +[ "${SOCKD_DEBUG:-0}" -eq 1 ] && SOCKD_OPT="${SOCKD_OPT} -d" +[ "${SOCKD_DISABLE_KEEPALIVE:-0}" -eq 1 ] && SOCKD_OPT="${SOCKD_OPT} -n" +PIDFILE=/var/run/sockd.pid +SOCKDIR=/var/lock/dante-sockd/ + +depend() { + need net +} + +checkconfig() { + # first check that it exists + if [ ! -f /etc/socks/sockd.conf ] ; then + eerror "You need to setup /etc/socks/sockd.conf first" + eerror "Examples are in /usr/share/doc/dante[version]/example" + eerror "for more info, see: man sockd.conf" + return 1 + fi + + /usr/sbin/sockd -V >/tmp/dante-sockd.checkconf 2>&1 + if [ $? -ne 0 ]; then + cat /tmp/dante-sockd.checkconf + eerror "Something is wrong with your configuration file" + eerror "for more info, see: man sockd.conf" + return 1 + fi + rm /tmp/dante-sockd.checkconf + + #Create pidfile with owner set to daemon's uid + DAEMON_UID=`sed -e '/^[ \t]*user[.]notprivileged[ \t]*:/{s/.*:[ \t]*//;q};d' /etc/socks/sockd.conf` + if [ -n "$DAEMON_UID" ]; then + touch $PIDFILE && chown $DAEMON_UID $PIDFILE + mkdir $SOCKDIR && chown $DAEMON_UID $SOCKDIR + [ ! -f $SOCKDIR/.keep ] && touch $SOCKDIR/.keep + fi + + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Starting dante sockd" + start-stop-daemon --start --quiet --pidfile $PIDFILE --env TMPDIR=$SOCKDIR \ + --make-pidfile --exec /usr/sbin/sockd -- ${SOCKD_OPT} >/dev/null 2>&1 + eend $? "Failed to start sockd" +} + +stop() { + ebegin "Stopping dante sockd" + start-stop-daemon --stop --quiet --pidfile $PIDFILE + eend $? "Failed to stop sockd" +} diff --git a/net-proxy/dante/files/dante-sockd.service b/net-proxy/dante/files/dante-sockd.service new file mode 100644 index 000000000000..647a2dcc8cd8 --- /dev/null +++ b/net-proxy/dante/files/dante-sockd.service @@ -0,0 +1,9 @@ +[Unit] +Description=SOCKS v4 and v5 compatible proxy server and client +After=network.target + +[Service] +ExecStart=/usr/sbin/sockd + +[Install] +WantedBy=multi-user.target diff --git a/net-proxy/dante/files/sockd.conf b/net-proxy/dante/files/sockd.conf new file mode 100644 index 000000000000..70b18747ba34 --- /dev/null +++ b/net-proxy/dante/files/sockd.conf @@ -0,0 +1,243 @@ +# The configfile is divided into two parts; first serversettings, +# then the rules. +# +# The recommended order is: +# Serversettings: +# logoutput +# internal +# external +# method +# clientmethod +# users +# compatibility +# extension +# connecttimeout +# iotimeout +# srchost +# +# Rules: +# client block/pass +# from to +# log +# +# block/pass +# from to +# method +# command +# log +# protocol +# proxyprotocol + +# the server will log both via syslog, to stdout and to /var/log/lotsoflogs +#logoutput: syslog stdout /var/log/lotsoflogs +logoutput: syslog + +# The server will bind to the address 10.1.1.1, port 1080 and will only +# accept connections going to that address. +#internal: 10.1.1.1 port = 1080 +# Alternatively, the interface name can be used instead of the address. +#internal: eth0 port = 1080 + +# all outgoing connections from the server will use the IP address +# 195.168.1.1 +#external: 192.168.1.1 + +# list over acceptable methods, order of preference. +# A method not set here will never be selected. +# +# If the method field is not set in a rule, the global +# method is filled in for that rule. +# + +# methods for socks-rules. +#method: username none #rfc931 + +# methods for client-rules. +#clientmethod: none + +#or if you want to allow rfc931 (ident) too +#method: username rfc931 none + +# +# An important section, pay attention. +# + +# when doing something that can require privilege, +# it will use the userid "sockd". +user.privileged: sockd + +# when running as usual, +# it will use the unprivileged userid of "sockd". +user.notprivileged: sockd + +# +# some options to help clients with compatibility: +# + +# when a client connection comes in the socksserver will try to use +# the same port as the client is using, when the socksserver +# goes out on the clients behalf (external: IP address). +# If this option is set, Dante will try to do it for reserved ports aswell. +# This will usually require user.privileged to be set to "root". +#compatibility: sameport + +# If you are using the bind extension and have trouble running servers +# via the server, you might try setting this. The consequences of it +# are unknown. +#compatibility: reuseaddr + +# +# The Dante server supports some extensions to the socks protocol. +# These require that the socks client implements the same extension and +# can be enabled using the "extension" keyword. +# +# enable the bind extension. +#extension: bind + + +# +# +# misc options. +# + +# how many seconds can pass from when a client connects til it has +# sent us it's request? Adjust according to your network performance +# and methods supported. +#connecttimeout: 30 # on a lan, this should be enough if method is "none". + +# how many seconds can the client and it's peer idle without sending +# any data before we dump it? Unless you disable tcp keep-alive for +# some reason, it's probably best to set this to 0, which is +# "forever". +#iotimeout: 0 # or perhaps 86400, for a day. + +# do you want to accept connections from addresses without +# dns info? what about addresses having a mismatch in dnsinfo? +#srchost: nounknown nomismatch + +# +# The actual rules. There are two kinds and they work at different levels. +# +# The rules prefixed with "client" are checked first and say who is allowed +# and who is not allowed to speak/connect to the server. I.e the +# ip range containing possibly valid clients. +# It is especially important that these only use IP addresses, not hostnames, +# for security reasons. +# +# The rules that do not have a "client" prefix are checked later, when the +# client has sent its request and are used to evaluate the actual +# request. +# +# The "to:" in the "client" context gives the address the connection +# is accepted on, i.e the address the socksserver is listening on, or +# just "0.0.0.0/0" for any address the server is listening on. +# +# The "to:" in the non-"client" context gives the destination of the clients +# socksrequest. +# +# "from:" is the source address in both contexts. +# + + +# the "client" rules. All our clients come from the net 10.0.0.0/8. +# + +# Allow our clients, also provides an example of the port range command. +#client pass { +# from: 10.0.0.0/8 port 1-65535 to: 0.0.0.0/0 +# method: rfc931 # match all idented users that also are in passwordfile +#} + +# This is identical to above, but allows clients without a rfc931 (ident) +# too. In practise this means the socksserver will try to get a rfc931 +# reply first (the above rule), if that fails, it tries this rule. +#client pass { +# from: 10.0.0.0/8 port 1-65535 to: 0.0.0.0/0 +#} + + +# drop everyone else as soon as we can and log the connect, they are not +# on our net and have no business connecting to us. This is the default +# but if you give the rule yourself, you can specify details. +#client block { +# from: 0.0.0.0/0 to: 0.0.0.0/0 +# log: connect error +#} + + +# the rules controlling what clients are allowed what requests +# + +# you probably don't want people connecting to loopback addresses, +# who knows what could happen then. +#block { +# from: 0.0.0.0/0 to: 127.0.0.0/8 +# log: connect error +#} + +# the people at the 172.16.0.0/12 are bad, no one should talk to them. +# log the connect request. +#block { +# from: 0.0.0.0/0 to: 172.16.0.0/12 +# log: connect error +#} + +# unless you need it, you could block any bind requests. +#block { +# from: 0.0.0.0/0 to: 0.0.0.0/0 +# command: bind +# log: connect error +#} + +# or you might want to allow it, for instance "active" ftp uses it. +# Note that a "bindreply" command must also be allowed, it +# should usually by from "0.0.0.0/0", i.e if a client of yours +# has permission to bind, it will also have permission to accept +# the reply from anywhere. +#pass { +# from: 10.0.0.0/8 to: 0.0.0.0/0 +# command: bind +# log: connect error +#} + +# some connections expect some sort of "reply", this might be +# the reply to a bind request or it may be the reply to a +# udppacket, since udp is packetbased. +# Note that nothing is done to verify that it's a "genuine" reply, +# that is in general not possible anyway. The below will allow +# all "replies" in to your clients at the 10.0.0.0/8 net. +#pass { +# from: 0.0.0.0/0 to: 10.0.0.0/8 +# command: bindreply udpreply +# log: connect error +#} + + +# pass any http connects to the example.com domain if they +# authenticate with username. +# This matches "example.com" itself and everything ending in ".example.com". +#pass { +# from: 10.0.0.0/8 to: .example.com port = http +# log: connect error +# method: username +#} + +# block any other http connects to the example.com domain. +#block { +# from: 0.0.0.0/0 to: .example.com port = http +# log: connect error +#} + +# everyone from our internal network, 10.0.0.0/8 is allowed to use +# tcp and udp for everything else. +#pass { +# from: 10.0.0.0/8 to: 0.0.0.0/0 +# protocol: tcp udp +#} + +# last line, block everyone else. This is the default but if you provide +# one yourself you can specify your own logging/actions +#block { +# from: 0.0.0.0/0 to: 0.0.0.0/0 +# log: connect error +#} diff --git a/net-proxy/dante/files/sockd.conf-with-libwrap.patch b/net-proxy/dante/files/sockd.conf-with-libwrap.patch new file mode 100644 index 000000000000..97d2a33f71bb --- /dev/null +++ b/net-proxy/dante/files/sockd.conf-with-libwrap.patch @@ -0,0 +1,41 @@ +--- sockd.conf.orig 2005-06-04 13:57:39.770322448 +0300 ++++ sockd.conf 2005-06-04 13:47:47.000000000 +0300 +@@ -18,12 +18,14 @@ + # Rules: + # client block/pass + # from to ++# libwrap + # log + # + # block/pass + # from to + # method + # command ++# libwrap + # log + # protocol + # proxyprotocol +@@ -73,6 +75,10 @@ + # it will use the unprivileged userid of "sockd". + user.notprivileged: sockd + ++# when running libwrap commands, ++# it will use the userid "sockd". ++user.libwrap: sockd ++ + # + # some options to help clients with compatibility: + # +@@ -179,9 +185,11 @@ + #} + + # the people at the 172.16.0.0/12 are bad, no one should talk to them. +-# log the connect request. ++# log the connect request and also provide an example on how to ++# interact with libwrap. + #block { + # from: 0.0.0.0/0 to: 172.16.0.0/12 ++# libwrap: spawn finger @%a + # log: connect error + #} + diff --git a/net-proxy/dante/files/sockd.conf-with-pam.patch b/net-proxy/dante/files/sockd.conf-with-pam.patch new file mode 100644 index 000000000000..d6735a1cf30e --- /dev/null +++ b/net-proxy/dante/files/sockd.conf-with-pam.patch @@ -0,0 +1,12 @@ +--- sockd.conf.orig 2005-06-04 14:01:40.492727080 +0300 ++++ sockd.conf 2005-06-04 13:57:39.770322448 +0300 +@@ -58,6 +58,9 @@ + #or if you want to allow rfc931 (ident) too + #method: username rfc931 none + ++#or for PAM authentification ++#method: pam ++ + # + # An important section, pay attention. + # diff --git a/net-proxy/dante/files/socks.conf b/net-proxy/dante/files/socks.conf new file mode 100644 index 000000000000..4a7d1520a7b5 --- /dev/null +++ b/net-proxy/dante/files/socks.conf @@ -0,0 +1,127 @@ +# The configfile is divided into two parts; first misc. settings, +# then the routes. Objects in '[]' are optional. +# +# +# recommended order is: +# [debug] +# [logoutput] +# [resolveprotocol] +# +# routes: +# from to via +# [command] +# [extension] +# [protocol] +# [proxyprotocol] + + +#debug: 1 # uncomment to enable debugging + +#logoutput: stdout # users usually don't want to be bothered with that. + +# What protocol should be used for resolving hostnames? It's important +# to set this right. +#resolveprotocol: udp # default +#resolveprotocol: tcp # set this if your socksserver only supports socksv4. +#resolveprotocol: fake # set this if your clients can't access nameserver, + # neither directly nor proxied. + + + +# +# the routes +# + +# specifying routes for accepting remote connections (via bind()) is +# difficult since we can't know what the "to:" address is +# until we actually get the connection Since we support letting +# the client accept connections both via the proxyserver and +# "directly" at the same time, we have two options though: +# a) specify a route for bind (only) first going via the proxyserver. +# This will also handle "direct" connections. +# b) specify a route for bind (only) first going "direct". +# This means clients will only be able to accept "direct" +# connections. + +# we want to accept remote connections via the proxyserver. +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: 10.1.1.1 port = 1080 +# command: bind +#} + +# we do not want to accept remote connections via the proxyserver. +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: direct +# command: bind +#} + + +# if you don't route all local connections via direct, you should +# at least route nameserver connections via direct connections if you +# can. That can make for much better performance, depending on +# your setup. Make sure the nameserver line is the first. +# +# Assuming your nameserver runs on address 10.1.1.1, you can do it like this: +#route { +# from: 0.0.0.0/0 to: 10.1.1.1/32 port = domain via: direct +#} + + +# have a route making all connections to loopback addresses be direct. +#route { +# from: 0.0.0.0/0 to: 127.0.0.0/8 via: direct +# command: connect udpassociate # everything but bind, bind confuses us. +#} + +# Our net is the 10.0.0.0/8 net, let clients going to local address go +# direct, not via server. +#route { +# from: 0.0.0.0/0 to: 10.0.0.0/8 via: direct +#} + +# for poor souls trapped behind a msproxy server. +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: 10.1.1.1 port = 1745 +# protocol: tcp # server supports tcp +# proxyprotocol: msproxy_v2 # server runs msproxy_v2 +#} + +# clients going anywhere else go via server listening at +# IP address 10.1.1.1, port 1080. Note that unless you have +# specified a direct connection for DNS, or the socksserver is resolvable +# without network traffic, you can't give a hostname for the socksserver, +# you must give a IP address. (the reasons for that are logical enough, +# you would create a loop otherwise.) +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: 10.1.1.1 port = 1080 +# protocol: tcp udp # server supports tcp and udp. +# proxyprotocol: socks_v4 socks_v5 # server supports socks v4 and v5. +# method: none #username # we are willing to authenticate via +# # method "none", not "username". +#} + +# this is identical to the above, but it matches hostnames instead. +# This is if you have clients that are unable to resolve hostnames. +# It can be important that hostname routes come after address routes. +#route { +# from: 0.0.0.0/0 to: . via: 10.1.1.1 port = 1080 +# protocol: tcp udp # server supports tcp and udp. +# proxyprotocol: socks_v4 socks_v5 # server supports socks v4 and v5. +# method: none #username # we are willing to authenticate via +# # method "none", not "username". +#} + +# identical to above two routes, but using a httpproxy instead. +# + +#route { +# from: 0.0.0.0/0 to: 0.0.0.0/0 via: 10.1.1.1 port = 3128 +# command: connect # only thing a httproxy supports. +# proxyprotocol: http_v1.0 +#} + +#route { +# from: 0.0.0.0/0 to: . via: 10.1.1.1 port = 3128 +# command: connect # only thing a httproxy supports. +# proxyprotocol: http_v1.0 +#} diff --git a/net-proxy/dante/metadata.xml b/net-proxy/dante/metadata.xml new file mode 100644 index 000000000000..11217cab087e --- /dev/null +++ b/net-proxy/dante/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>robbat2@gentoo.org</email></maintainer> +<longdescription>A free socks4, socks5 and msproxy implementation</longdescription> +</pkgmetadata> diff --git a/net-proxy/dnsproxy/Manifest b/net-proxy/dnsproxy/Manifest new file mode 100644 index 000000000000..2985c8a0441c --- /dev/null +++ b/net-proxy/dnsproxy/Manifest @@ -0,0 +1 @@ +DIST dnsproxy-1.16.tar.gz 47239 SHA256 5d9df5ce547409a0e33888853f0fbaf7c599311992191c939010d2bc57ed63de SHA512 f02498de963555556b656be432612e6d9ed72f29c838672c45ed2b4100cd6ae30b19091cbd33587259935342c86a733b820d2df54a8c3c1c699edb050b1b3d2b WHIRLPOOL cc55fd72966236be4329f6d9320b9d1da0bd630634db5d025d83134f1f4a00a6662ab0af53163b642930f539d07c9a406a85ffccbe608a8b36fa5db62649db6e diff --git a/net-proxy/dnsproxy/dnsproxy-1.16-r1.ebuild b/net-proxy/dnsproxy/dnsproxy-1.16-r1.ebuild new file mode 100644 index 000000000000..7e7b39a5fb7c --- /dev/null +++ b/net-proxy/dnsproxy/dnsproxy-1.16-r1.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit eutils flag-o-matic + +DESCRIPTION="The dnsproxy daemon is a proxy for DNS queries" +HOMEPAGE="http://www.wolfermann.org/dnsproxy.html" +SRC_URI="http://www.wolfermann.org/${P}.tar.gz" + +LICENSE="MIT GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="" + +DEPEND="dev-libs/libevent" +RDEPEND="${DEPEND}" + +src_prepare() { + epatch "${FILESDIR}"/${P}-include.patch + append-flags -D_GNU_SOURCE +} + +src_compile() { + emake ${PN} +} + +src_install() { + dosbin ${PN} + keepdir /var/empty + + newconfd "${FILESDIR}"/${PN}.confd ${PN} + newinitd "${FILESDIR}"/${PN}.initd ${PN} + insinto /etc/${PN} + newins ${PN}.conf ${PN}.conf.dist + + dodoc README + doman ${PN}.1 +} diff --git a/net-proxy/dnsproxy/files/dnsproxy-1.16-include.patch b/net-proxy/dnsproxy/files/dnsproxy-1.16-include.patch new file mode 100644 index 000000000000..96296f5ed2d8 --- /dev/null +++ b/net-proxy/dnsproxy/files/dnsproxy-1.16-include.patch @@ -0,0 +1,10 @@ +--- dnsproxy.c.orig 2010-01-11 16:02:00.000000000 +0100 ++++ dnsproxy.c 2010-10-27 05:07:05.000000000 +0200 +@@ -28,6 +28,7 @@ + #include <stdio.h> + #include <stdlib.h> + #include <string.h> ++#include <grp.h> /* setgroups() */ + #include <unistd.h> + + #define GLOBALS 1 diff --git a/net-proxy/dnsproxy/files/dnsproxy.confd b/net-proxy/dnsproxy/files/dnsproxy.confd new file mode 100644 index 000000000000..48f8a51e57f0 --- /dev/null +++ b/net-proxy/dnsproxy/files/dnsproxy.confd @@ -0,0 +1,3 @@ +# Options for dnsproxy daemon (rarely you need to change these) +DNSPROXY_CONFFILE="/etc/dnsproxy/dnsproxy.conf" +DNSPROXY_PIDFILE="/var/run/dnsproxy.pid" diff --git a/net-proxy/dnsproxy/files/dnsproxy.initd b/net-proxy/dnsproxy/files/dnsproxy.initd new file mode 100644 index 000000000000..000fc95eaa2b --- /dev/null +++ b/net-proxy/dnsproxy/files/dnsproxy.initd @@ -0,0 +1,31 @@ +#!/sbin/runscript +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net +} + +checkconfig() { + if [ ! -e "${DNSPROXY_CONFFILE}" ] ; then + eerror "You need to create and select the configuration file first." + eerror "An example can be found in /etc/dnsproxy/dnsproxy.conf.dist" + return 1 + fi +} + +start() { + ebegin "Starting dnsproxy" + checkconfig && \ + start-stop-daemon --start --make-pidfile \ + --quiet -b --pidfile ${DNSPROXY_PIDFILE} \ + --exec /usr/sbin/dnsproxy -- -c "${DNSPROXY_CONFFILE}" + eend $? +} + +stop() { + ebegin "Stopping dnsproxy" + start-stop-daemon --stop --quiet \ + --pidfile ${DNSPROXY_PIDFILE} + eend $? +} diff --git a/net-proxy/dnsproxy/metadata.xml b/net-proxy/dnsproxy/metadata.xml new file mode 100644 index 000000000000..a2bd924e4079 --- /dev/null +++ b/net-proxy/dnsproxy/metadata.xml @@ -0,0 +1,9 @@ +<?xml version = '1.0' encoding = 'UTF-8'?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>The dnsproxy daemon is a proxy for DNS queries. It forwards these queries to +two previously configured nameservers: one for authoritative queries and another +for recursive queries. The received answers are sent back to the client unchanged. +No local caching is done.</longdescription> +</pkgmetadata> diff --git a/net-proxy/haproxy/Manifest b/net-proxy/haproxy/Manifest new file mode 100644 index 000000000000..0c4fa2a1e5bc --- /dev/null +++ b/net-proxy/haproxy/Manifest @@ -0,0 +1,4 @@ +DIST haproxy-1.4.25.tar.gz 838775 SHA256 84408ec1e37bf308c6b45ae3c7e66f2a9d2f762cb689ab6d322c67bba691db62 SHA512 c3424151309be5eea761ff02b29a0e54bd34f5fcb4087e8b99fb2f4cde17bbc3caf07b6cb41ae5a2606325f8a950a06c4683ceb04c05fd6ebf0177326030bca9 WHIRLPOOL 0b32acffc82d216325abd330073717d951aa8cff349d538fa42a9de76154e1f7be5b1718854d04be41f78834b914b83be804557eb20aa174db71769060c9f644 +DIST haproxy-1.4.26.tar.gz 837280 SHA256 a8787dae723c045eebd0ed9e0213514f909a67325d64e963eaf50c35b147d3d3 SHA512 f21901069f651f3320c2b7cb6aee96fced5d4d5d4a73eec0d94dd8bd109a391d8da85026389e7209f85026cdefc1b879afcfd0a9bc0970e41aedd59e35935454 WHIRLPOOL 406b7f8bb4b9b3f6b8080f58431a804abea1d834ef9b8d86ede328b27e4f3fe944fbdae5bad8c3f7da75c81c92ff0e030950e09feac28eac4f763e511b5e7dce +DIST haproxy-1.5.14.tar.gz 1345345 SHA256 9565dd38649064d0350a2883fa81ccfe92eb17dcda457ebdc01535e1ab0c8f99 SHA512 83d6101fd402f37845ab3febc914335e4c6d9bdebbb0ff81c8e048d5252ffa5a1b77c4250a434fed5dd541ef1f1f2c47d969b59f7a51d6ab9aea38a8646a9798 WHIRLPOOL 7d2c580589b9b31e1eba169e4bf930ac42d2564e21eb1c25adbdd39b701abd221fd671ebc227167ab956a48b2c30eeb740a6394355a8fa748c408ee42fdff6fc +DIST haproxy-1.5.4.tar.gz 1336140 SHA256 75056ca5b9121b193d383ba4ebc6e5a3782c537a7499db80fce8d6d5fd265e10 SHA512 9ba6a82207487a8e59117c21de0dd7a178cc4bf472cc99fbca21146883f8a2ffe1b3d0bab316999abc151e16ad363f80b593205f39fa2cb173ba37b086076323 WHIRLPOOL 19ef3cbe10aac30c80ac193e7728f5f5127ce690e4f4e314e3ea23743701adffb2f7248a37b2d3737461abf89f575612980208a8af8499dffc34e28b40817389 diff --git a/net-proxy/haproxy/files/haproxy.initd-r2 b/net-proxy/haproxy/files/haproxy.initd-r2 new file mode 100644 index 000000000000..c25c71e09268 --- /dev/null +++ b/net-proxy/haproxy/files/haproxy.initd-r2 @@ -0,0 +1,47 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +extra_commands="checkconfig" +extra_started_commands="reload" + +command="/usr/bin/haproxy" +pidfile="/var/run/${SVCNAME}.pid" + +if [ -z "${CONFFILE}" -a -d "/etc/haproxy" -a -f "/etc/haproxy/${SVCNAME}.cfg" ]; then + CONFFILE=/etc/haproxy/${SVCNAME}.cfg +else + CONFFILE=/etc/${SVCNAME}.cfg +fi + +command_args="-D -p ${pidfile} -f ${CONFFILE}" + +depend() { + need net + use dns logger +} + +checkconfig() { + if [ ! -f "${CONFFILE}" ]; then + eerror "${CONFFILE} does not exist!" + return 1 + fi + + ebegin "Checking ${CONFFILE}" + $command -q -c -f "${CONFFILE}" + eend $? +} + +stop_pre() { + if [ "${RC_CMD}" = "restart" ]; then + checkconfig || return 1 + fi +} + +reload() { + ebegin "Reloading ${SVCNAME}" + checkconfig || { eerror "Reloading failed, please fix your ${CONFFILE} first"; return 1; } + $command -D -p "${pidfile}" -f "${CONFFILE}" -sf $(cat "${pidfile}") + eend $? +} diff --git a/net-proxy/haproxy/haproxy-1.4.25.ebuild b/net-proxy/haproxy/haproxy-1.4.25.ebuild new file mode 100644 index 000000000000..7bf4532bb2d4 --- /dev/null +++ b/net-proxy/haproxy/haproxy-1.4.25.ebuild @@ -0,0 +1,89 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit user versionator toolchain-funcs flag-o-matic + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://haproxy.1wt.eu" +SRC_URI="http://haproxy.1wt.eu/download/$(get_version_component_range 1-2)/src/${P}.tar.gz" + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +KEYWORDS="amd64 ppc x86" +IUSE="+crypt examples +pcre vim-syntax" + +DEPEND="pcre? ( dev-libs/libpcre )" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy +} + +src_compile() { + local args="TARGET=linux2628" + + if use pcre; then + args="${args} USE_PCRE=1" + else + args="${args} USE_PCRE=" + fi + +# if use kernel_linux; then +# args="${args} USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1" +# else +# args="${args} USE_LINUX_SPLICE= USE_LINUX_TPROXY=" +# fi + + if use crypt; then + args="${args} USE_LIBCRYPT=1" + else + args="${args} USE_LIBCRYPT=" + fi + + # For now, until the strict-aliasing breakage will be fixed +# append-cflags -fno-strict-aliasing + + emake CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args} || die +} + +src_install() { + dobin haproxy || die + + newinitd "${FILESDIR}/haproxy.initd-r2" haproxy || die + + # Don't install useless files + rm examples/build.cfg doc/*gpl.txt + + dodoc CHANGELOG ROADMAP TODO doc/{configuration,haproxy-en}.txt + doman doc/haproxy.1 + + if use examples; + then + docinto examples + dodoc examples/*.cfg || die + fi + + if use vim-syntax; + then + insinto /usr/share/vim/vimfiles/syntax + doins examples/haproxy.vim || die + fi +} + +pkg_postinst() { + if [[ ! -f "${ROOT}/etc/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${ROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${ROOT}usr/share/doc/${PF}" + fi + fi +} diff --git a/net-proxy/haproxy/haproxy-1.4.26.ebuild b/net-proxy/haproxy/haproxy-1.4.26.ebuild new file mode 100644 index 000000000000..60db25b6cfba --- /dev/null +++ b/net-proxy/haproxy/haproxy-1.4.26.ebuild @@ -0,0 +1,89 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit user versionator toolchain-funcs flag-o-matic + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://haproxy.1wt.eu" +SRC_URI="http://haproxy.1wt.eu/download/$(get_version_component_range 1-2)/src/${P}.tar.gz" + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +KEYWORDS="amd64 ppc ~x86" +IUSE="+crypt examples +pcre vim-syntax" + +DEPEND="pcre? ( dev-libs/libpcre )" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy +} + +src_compile() { + local args="TARGET=linux2628" + + if use pcre; then + args="${args} USE_PCRE=1" + else + args="${args} USE_PCRE=" + fi + +# if use kernel_linux; then +# args="${args} USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1" +# else +# args="${args} USE_LINUX_SPLICE= USE_LINUX_TPROXY=" +# fi + + if use crypt; then + args="${args} USE_LIBCRYPT=1" + else + args="${args} USE_LIBCRYPT=" + fi + + # For now, until the strict-aliasing breakage will be fixed +# append-cflags -fno-strict-aliasing + + emake CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args} || die +} + +src_install() { + dobin haproxy || die + + newinitd "${FILESDIR}/haproxy.initd-r2" haproxy || die + + # Don't install useless files + rm examples/build.cfg doc/*gpl.txt + + dodoc CHANGELOG ROADMAP doc/{configuration,haproxy-en}.txt + doman doc/haproxy.1 + + if use examples; + then + docinto examples + dodoc examples/*.cfg || die + fi + + if use vim-syntax; + then + insinto /usr/share/vim/vimfiles/syntax + doins examples/haproxy.vim || die + fi +} + +pkg_postinst() { + if [[ ! -f "${ROOT}/etc/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${ROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${ROOT}usr/share/doc/${PF}" + fi + fi +} diff --git a/net-proxy/haproxy/haproxy-1.5.14.ebuild b/net-proxy/haproxy/haproxy-1.5.14.ebuild new file mode 100644 index 000000000000..b86d295c1659 --- /dev/null +++ b/net-proxy/haproxy/haproxy-1.5.14.ebuild @@ -0,0 +1,135 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit user versionator toolchain-funcs flag-o-matic systemd + +MY_P="${PN}-${PV/_beta/-dev}" + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://haproxy.1wt.eu" +SRC_URI="http://haproxy.1wt.eu/download/$(get_version_component_range 1-2)/src/${MY_P}.tar.gz" + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +KEYWORDS="amd64 ppc x86" +IUSE="+crypt examples +pcre pcre-jit ssl tools vim-syntax +zlib" + +DEPEND="pcre? ( dev-libs/libpcre + pcre-jit? ( dev-libs/libpcre[jit] ) + ) + ssl? ( dev-libs/openssl:0[zlib?] ) + zlib? ( sys-libs/zlib )" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy +} + +src_prepare() { + sed -e 's:@SBINDIR@:'/usr/bin':' contrib/systemd/haproxy.service.in \ + > contrib/systemd/haproxy.service || die + + sed -ie 's:/usr/sbin/haproxy:/usr/bin/haproxy:' src/haproxy-systemd-wrapper.c || die +} + +src_compile() { + local args="TARGET=linux2628 USE_GETADDRINFO=1" + + if use pcre ; then + args="${args} USE_PCRE=1" + if use pcre-jit; then + args="${args} USE_PCRE_JIT=1" + else + args="${args} USE_PCRE_JIT=" + fi + else + args="${args} USE_PCRE= USE_PCRE_JIT=" + fi + +# if use kernel_linux; then +# args="${args} USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1" +# else +# args="${args} USE_LINUX_SPLICE= USE_LINUX_TPROXY=" +# fi + + if use crypt ; then + args="${args} USE_LIBCRYPT=1" + else + args="${args} USE_LIBCRYPT=" + fi + + if use ssl ; then + args="${args} USE_OPENSSL=1" + else + args="${args} USE_OPENSSL=" + fi + + if use zlib ; then + args="${args} USE_ZLIB=1" + else + args="${args} USE_ZLIB=" + fi + + # For now, until the strict-aliasing breakage will be fixed + append-cflags -fno-strict-aliasing + + emake CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args} + + if use tools ; then + for contrib in halog iprange ; do + emake -C contrib/${contrib} \ + CFLAGS="${CFLAGS}" OPTIMIZE="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args} + done + fi +} + +src_install() { + dobin haproxy + + newinitd "${FILESDIR}/haproxy.initd-r2" haproxy + + # Don't install useless files +# rm examples/build.cfg doc/*gpl.txt + + dodoc CHANGELOG ROADMAP doc/{configuration,haproxy-en}.txt + doman doc/haproxy.1 + + dobin haproxy-systemd-wrapper + systemd_dounit contrib/systemd/haproxy.service + + if use tools ; then + for contrib in halog iprange ; do + dobin contrib/${contrib}/${contrib} + done + fi + + if use examples ; then + docinto examples + dodoc examples/*.cfg + fi + + if use vim-syntax ; then + insinto /usr/share/vim/vimfiles/syntax + doins examples/haproxy.vim + fi +} + +pkg_postinst() { + if [[ ! -f "${ROOT}/etc/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${ROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${ROOT}usr/share/doc/${PF}" + fi + fi +} diff --git a/net-proxy/haproxy/haproxy-1.5.4.ebuild b/net-proxy/haproxy/haproxy-1.5.4.ebuild new file mode 100644 index 000000000000..e5c0140c1d03 --- /dev/null +++ b/net-proxy/haproxy/haproxy-1.5.4.ebuild @@ -0,0 +1,128 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit user versionator toolchain-funcs flag-o-matic systemd + +MY_P="${PN}-${PV/_beta/-dev}" + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://haproxy.1wt.eu" +SRC_URI="http://haproxy.1wt.eu/download/$(get_version_component_range 1-2)/src/${MY_P}.tar.gz" + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +KEYWORDS="amd64 ppc x86" +IUSE="+crypt examples +pcre ssl tools vim-syntax +zlib" + +DEPEND="pcre? ( dev-libs/libpcre ) + ssl? ( dev-libs/openssl[zlib?] ) + zlib? ( sys-libs/zlib )" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy +} + +src_prepare() { + sed -e 's:@SBINDIR@:'/usr/bin':' contrib/systemd/haproxy.service.in \ + > contrib/systemd/haproxy.service || die + + sed -ie 's:/usr/sbin/haproxy:/usr/bin/haproxy:' src/haproxy-systemd-wrapper.c || die +} + +src_compile() { + local args="TARGET=linux2628 USE_GETADDRINFO=1" + + if use pcre ; then + args="${args} USE_PCRE=1 USE_PCRE_JIT=1" + else + args="${args} USE_PCRE= USE_PCRE_JIT=" + fi + +# if use kernel_linux; then +# args="${args} USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1" +# else +# args="${args} USE_LINUX_SPLICE= USE_LINUX_TPROXY=" +# fi + + if use crypt ; then + args="${args} USE_LIBCRYPT=1" + else + args="${args} USE_LIBCRYPT=" + fi + + if use ssl ; then + args="${args} USE_OPENSSL=1" + else + args="${args} USE_OPENSSL=" + fi + + if use zlib ; then + args="${args} USE_ZLIB=1" + else + args="${args} USE_ZLIB=" + fi + + # For now, until the strict-aliasing breakage will be fixed + append-cflags -fno-strict-aliasing + + emake CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args} + + if use tools ; then + for contrib in halog iprange ; do + emake -C contrib/${contrib} \ + CFLAGS="${CFLAGS}" OPTIMIZE="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args} + done + fi +} + +src_install() { + dobin haproxy + + newinitd "${FILESDIR}/haproxy.initd-r2" haproxy + + # Don't install useless files +# rm examples/build.cfg doc/*gpl.txt + + dodoc CHANGELOG ROADMAP doc/{configuration,haproxy-en}.txt + doman doc/haproxy.1 + + dobin haproxy-systemd-wrapper + systemd_dounit contrib/systemd/haproxy.service + + if use tools ; then + for contrib in halog iprange ; do + dobin contrib/${contrib}/${contrib} + done + fi + + if use examples ; then + docinto examples + dodoc examples/*.cfg + fi + + if use vim-syntax ; then + insinto /usr/share/vim/vimfiles/syntax + doins examples/haproxy.vim + fi +} + +pkg_postinst() { + if [[ ! -f "${ROOT}/etc/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${ROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${ROOT}usr/share/doc/${PF}" + fi + fi +} diff --git a/net-proxy/haproxy/haproxy-9999.ebuild b/net-proxy/haproxy/haproxy-9999.ebuild new file mode 100644 index 000000000000..2446dbfdac11 --- /dev/null +++ b/net-proxy/haproxy/haproxy-9999.ebuild @@ -0,0 +1,135 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit user versionator toolchain-funcs flag-o-matic git-2 systemd + +MY_P="${PN}-${PV/_beta/-dev}" + +DESCRIPTION="A TCP/HTTP reverse proxy for high availability environments" +HOMEPAGE="http://haproxy.1wt.eu" +EGIT_REPO_URI="http://master.formilux.org/git/people/willy/haproxy.git" + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +KEYWORDS="" +IUSE="+crypt examples +pcre pcre-jit ssl tools vim-syntax +zlib" + +DEPEND="pcre? ( dev-libs/libpcre + pcre-jit? ( dev-libs/libpcre[jit] ) + ) + ssl? ( dev-libs/openssl:0[zlib?] ) + zlib? ( sys-libs/zlib )" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + enewgroup haproxy + enewuser haproxy -1 -1 -1 haproxy +} + +src_prepare() { + sed -e 's:@SBINDIR@:'/usr/bin':' contrib/systemd/haproxy.service.in \ + > contrib/systemd/haproxy.service || die + + sed -ie 's:/usr/sbin/haproxy:/usr/bin/haproxy:' src/haproxy-systemd-wrapper.c || die +} + +src_compile() { + local args="TARGET=linux2628 USE_GETADDRINFO=1" + + if use pcre ; then + args="${args} USE_PCRE=1" + if use pcre-jit; then + args="${args} USE_PCRE_JIT=1" + else + args="${args} USE_PCRE_JIT=" + fi + else + args="${args} USE_PCRE= USE_PCRE_JIT=" + fi + +# if use kernel_linux; then +# args="${args} USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1" +# else +# args="${args} USE_LINUX_SPLICE= USE_LINUX_TPROXY=" +# fi + + if use crypt ; then + args="${args} USE_LIBCRYPT=1" + else + args="${args} USE_LIBCRYPT=" + fi + + if use ssl ; then + args="${args} USE_OPENSSL=1" + else + args="${args} USE_OPENSSL=" + fi + + if use zlib ; then + args="${args} USE_ZLIB=1" + else + args="${args} USE_ZLIB=" + fi + + # For now, until the strict-aliasing breakage will be fixed + append-cflags -fno-strict-aliasing + + emake CFLAGS="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args} + + if use tools ; then + for contrib in halog iprange ; do + emake -C contrib/${contrib} \ + CFLAGS="${CFLAGS}" OPTIMIZE="${CFLAGS}" LDFLAGS="${LDFLAGS}" CC=$(tc-getCC) ${args} + done + fi +} + +src_install() { + dobin haproxy + + newinitd "${FILESDIR}/haproxy.initd-r2" haproxy + + # Don't install useless files +# rm examples/build.cfg doc/*gpl.txt + + dodoc CHANGELOG ROADMAP doc/{configuration,haproxy-en}.txt + doman doc/haproxy.1 + + dobin haproxy-systemd-wrapper + systemd_dounit contrib/systemd/haproxy.service + + if use tools ; then + for contrib in halog iprange ; do + dobin contrib/${contrib}/${contrib} + done + fi + + if use examples ; then + docinto examples + dodoc examples/*.cfg + fi + + if use vim-syntax ; then + insinto /usr/share/vim/vimfiles/syntax + doins examples/haproxy.vim + fi +} + +pkg_postinst() { + if [[ ! -f "${ROOT}/etc/haproxy.cfg" ]] ; then + ewarn "You need to create /etc/haproxy.cfg before you start the haproxy service." + ewarn "It's best practice to not run haproxy as root, user and group haproxy was therefore created." + ewarn "Make use of them with the \"user\" and \"group\" directives." + + if [[ -d "${ROOT}/usr/share/doc/${PF}" ]]; then + einfo "Please consult the installed documentation for learning the configuration file's syntax." + einfo "The documentation and sample configuration files are installed here:" + einfo " ${ROOT}usr/share/doc/${PF}" + fi + fi +} diff --git a/net-proxy/haproxy/metadata.xml b/net-proxy/haproxy/metadata.xml new file mode 100644 index 000000000000..2691f323b3fa --- /dev/null +++ b/net-proxy/haproxy/metadata.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>idl0r@gentoo.org</email> + <name>Christian Ruppert</name> + </maintainer> + <longdescription> +HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer7 processing. Supporting tens of thousands of connections is clearly realistic with todays hardware. Its mode of operation makes its integration into existing architectures very easy and riskless, while still offering the possibility not to expose fragile web servers to the Net. + +It can: + - route HTTP requests depending on statically assigned cookies + - spread the load among several servers while assuring server persistence through the use of HTTP cookies + - switch to backup servers in the event a main one fails + - accept connections to special ports dedicated to service monitoring + - stop accepting connections without breaking existing ones + - add/modify/delete HTTP headers both ways + - block requests matching a particular pattern +Its event-driven architecture allows it to easily handle thousands of simultaneous connections on hundreds of instances without risking the system's stability. + </longdescription> + <use> + <flag name="pcre-jit">Use JIT support for PCRE</flag> + <flag name="tools">Install additional tools (halog, iprange)</flag> + </use> +</pkgmetadata> diff --git a/net-proxy/hatop/Manifest b/net-proxy/hatop/Manifest new file mode 100644 index 000000000000..5c10fb7d3301 --- /dev/null +++ b/net-proxy/hatop/Manifest @@ -0,0 +1 @@ +DIST hatop-0.7.7.tar.gz 134143 SHA256 0b9fc1b84ce4e469a069e3a3c7c1b5eea10e6bb24bc66bd32af453acd54636ab SHA512 879de0e13af1d1c4e86be034066fb4bbc5c1700a30abebbfb1e1d524fb50cec0fa90fe160a7b7d00bf6aedd49ab7bb8fa1447f751fae95200e850ff506feb074 WHIRLPOOL cd19b4c80a4de8466ca05d182e76208782863084737b77ce90435c1a70d548a813694050fa2879bbad66013cff13218abf2a788ff3a8ad96bfda6dec22535b72 diff --git a/net-proxy/hatop/hatop-0.7.7.ebuild b/net-proxy/hatop/hatop-0.7.7.ebuild new file mode 100644 index 000000000000..767af76aca2e --- /dev/null +++ b/net-proxy/hatop/hatop-0.7.7.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT="python2_7" +PYTHON_REQ_USE="ncurses" + +inherit python-r1 + +DESCRIPTION="interactive ncurses client and real-time monitoring, +statistics displaying tool for the HAProxy" +HOMEPAGE="http://feurix.org/projects/hatop/" +SRC_URI="http://hatop.googlecode.com/files/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="" +RDEPEND="${DEPEND} + net-proxy/haproxy" + +src_install() { + python_foreach_impl python_doscript bin/hatop + + doman man/hatop.1 + + dodoc CHANGES KEYBINDS README +} diff --git a/net-proxy/hatop/metadata.xml b/net-proxy/hatop/metadata.xml new file mode 100644 index 000000000000..b71a8a2e034d --- /dev/null +++ b/net-proxy/hatop/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>idl0r@gentoo.org</email> + <name>Christian Ruppert</name> + </maintainer> +</pkgmetadata> diff --git a/net-proxy/havp/Manifest b/net-proxy/havp/Manifest new file mode 100644 index 000000000000..124bf361223d --- /dev/null +++ b/net-proxy/havp/Manifest @@ -0,0 +1 @@ +DIST havp-0.92a.tar.gz 121987 SHA256 0dec86390b5738184aa7155af0c66dd00a97476fcd7377bcec8f1f0bf50f0e9a SHA512 3eb742519795a7d10520bdc1c78af0d3bf580a56e14f90bff9f519607a4e82cbf704372bd6da2fc05fcd436d580f4c226874d8df7770d22e2160b5d01afb9c62 WHIRLPOOL 9459d3bab10ed5a6b9053b72795f1e3729765665804fd01f5bae64170510a4427212357ff987cfbb4e93c9770702bb23d18d37dbfdfbc37958f16ff6890178f2 diff --git a/net-proxy/havp/files/havp-0.92a-r1-pkg-config-libclamav.patch b/net-proxy/havp/files/havp-0.92a-r1-pkg-config-libclamav.patch new file mode 100644 index 000000000000..ea761f7e3476 --- /dev/null +++ b/net-proxy/havp/files/havp-0.92a-r1-pkg-config-libclamav.patch @@ -0,0 +1,66 @@ +--- a/configure.in ++++ b/configure.in +@@ -5,6 +5,7 @@ + unset CDPATH + + AC_PROG_CXX ++PKG_PROG_PKG_CONFIG + + AC_PREFIX_DEFAULT(/usr/local) + +@@ -83,48 +84,15 @@ + AC_DEFINE(SSLTUNNEL) + fi + +-AC_MSG_CHECKING(for ClamAV scanner library) +- + if test "$enable_clamav" = "yes" + then +- clamprefix="`clamav-config --prefix 2>/dev/null`" +- clamversion="`clamav-config --version 2>/dev/null`" +- +- if test "x$clamprefix" = "x" +- then +- AC_MSG_RESULT([clamav-config not found]) +- +- echo "" +- echo " Error finding ClamAV installation!" +- echo " Add ClamAV binaries path to PATH and run configure again." +- echo "" +- echo " To disable ClamAV library support, use --disable-clamav." +- echo "" +- +- exit 1 +- fi +- +- for cl in `clamav-config --cflags 2>/dev/null`; do +- if test "x`echo $cl | perl -ne 'print if (/^-I/)' 2>/dev/null`" != "x" +- then +- CFLAGS="$CFLAGS $cl" +- fi +- done +- +- for cl in `clamav-config --libs 2>/dev/null`; do +- if test "x`echo $cl | perl -ne 'print if (/(^-L|thread|c_r)/)' 2>/dev/null`" != "x" +- then +- LDFLAGS="$LDFLAGS $cl" +- fi +- done +- LDFLAGS="$LDFLAGS -lclamav" +- +- SCANNEROBJECTS="clamlibscanner.o" +- AC_DEFINE(USECLAMLIB) +- +- AC_MSG_RESULT([found $clamversion in $clamprefix]) +-else +- AC_MSG_RESULT([disabled :-(]) ++ PKG_CHECK_MODULES(clamav, libclamav, ++ [CFLAGS="$clamav_CFLAGS $CFLAGS" ++ LDFLAGS="$clamav_LIBS $LDFLAGS" ++ ++ SCANNEROBJECTS="clamlibscanner.o" ++ AC_DEFINE(USECLAMLIB) ++ ]) + fi + + AC_MSG_CHECKING(for Trend Micro scanner) diff --git a/net-proxy/havp/files/havp-0.92a-run.patch b/net-proxy/havp/files/havp-0.92a-run.patch new file mode 100644 index 000000000000..d13761bee86d --- /dev/null +++ b/net-proxy/havp/files/havp-0.92a-run.patch @@ -0,0 +1,51 @@ +--- a/etc/havp/havp.config.in ++++ b/etc/havp/havp.config.in +@@ -39,7 +39,7 @@ + # /etc/init.d/havp script requires this to work. + # + # Default: +-# PIDFILE @localstatedir@/run/havp/havp.pid ++# PIDFILE /run/havp/havp.pid + + # + # For performance reasons several instances of HAVP have to run. +@@ -539,7 +539,7 @@ + # Path to aveserver socket + # + # Default: +-# AVESOCKET /var/run/aveserver ++# AVESOCKET /run/aveserver + + + ##### +@@ -551,7 +551,7 @@ + # Path to sophie socket + # + # Default: +-# SOPHIESOCKET /var/run/sophie ++# SOPHIESOCKET /run/sophie + + + ##### +@@ -600,7 +600,7 @@ + # Path to avastd socket + # + # Default: +-# AVASTSOCKET /var/run/avast4/local.sock ++# AVASTSOCKET /run/avast4/local.sock + + # ..OR if you use avastd TCP socket, uncomment to enable use + # +@@ -619,10 +619,10 @@ + + # Path to arcavird socket + # +-# For version 2008, default socket is /var/run/arcad.ctl ++# For version 2008, default socket is /run/arcad.ctl + # + # Default: +-# ARCAVIRSOCKET /var/run/arcavird.socket ++# ARCAVIRSOCKET /run/arcavird.socket + + # Used Arcavir version + # 2007 = Version 2007 and earlier diff --git a/net-proxy/havp/files/havp.initd b/net-proxy/havp/files/havp.initd new file mode 100644 index 000000000000..44b00fcd0fbe --- /dev/null +++ b/net-proxy/havp/files/havp.initd @@ -0,0 +1,59 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +depend() { + need net + use clamd \ + squid apache2 bfilter mman junkbuster oops polipo privoxy tinyproxy wwwoffled + #havp could be used in conjuction with any parent proxies enumerated above +} + +get_havp_opt() { + eval HAVP_$1=`awk '/^[ \t]*'$1'[ \t]+/ { print $2; }' < /etc/havp/havp.config` +} + +checkconfig() { + if [ ! -f /etc/havp/havp.config ] ; then + eerror "No /etc/havp/havp.config file exists!" + return 1 + fi + + local HAVP_USER + get_havp_opt USER + if [ -n "${HAVP_USER}" ] && ! getent passwd ${HAVP_USER} > /dev/null ; then + eerror "${HAVP_USER} user is missing!" + return 1 + fi + local HAVP_GROUP + get_havp_opt GROUP + if [ -n "${HAVP_GROUP}" ] && ! getent group ${HAVP_GROUP} > /dev/null ; then + eerror "${HAVP_GROUP} group is missing!" + return 1 + fi +} + + +start() { + checkconfig || return 1 + + checkpath --directory \ + --owner "${HAVP_USER:-havp}:${HAVP_GROUP:-havp}" --mode 0755 /run/havp + checkpath --directory \ + --owner "${HAVP_USER:-havp}:${HAVP_GROUP:-havp}" --mode 0700 /var/log/havp + checkpath --directory \ + --owner "${HAVP_USER:-havp}:${HAVP_GROUP:-havp}" --mode 0750 /var/tmp/havp + + ebegin "Starting HTTP AntiVirus Proxy" + start-stop-daemon --start --exec /usr/sbin/havp > /dev/null + eend $? +} + +stop() { + local HAVP_PIDFILE + get_havp_opt PIDFILE + + ebegin "Stopping HTTP AntiVirus Proxy" + start-stop-daemon --stop --pidfile=${HAVD_PIDFILE:-/var/run/havp/havp.pid} + eend $? +} diff --git a/net-proxy/havp/havp-0.92a-r1.ebuild b/net-proxy/havp/havp-0.92a-r1.ebuild new file mode 100644 index 000000000000..8f5a0177c05b --- /dev/null +++ b/net-proxy/havp/havp-0.92a-r1.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools eutils toolchain-funcs user + +DESCRIPTION="HTTP AntiVirus Proxy" +HOMEPAGE="http://www.server-side.de/" +SRC_URI="http://www.server-side.de/download/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="clamav ssl" + +DEPEND="clamav? ( >=app-antivirus/clamav-0.98.5 )" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /etc/${PN} ${PN} +} + +src_prepare() { + epatch \ + "${FILESDIR}"/${PN}-0.92a-run.patch \ + "${FILESDIR}"/${PF}-pkg-config-libclamav.patch + sed -i configure.in -e '/^CFLAGS=/d' || die + mv configure.{in,ac} || die + eautoreconf +} + +src_configure() { + tc-export AR + export CFLAGS="${CXXFLAGS}" + econf \ + $(use_enable clamav) \ + $(use_enable ssl ssl-tunnel) \ + --localstatedir=/var +} + +src_install() { + dosbin ${PN}/${PN} + + newinitd "${FILESDIR}/${PN}.initd" ${PN} + + insinto /etc + rm -r etc/${PN}/${PN}.config.in + doins -r etc/${PN} + + dodoc ChangeLog +} + +pkg_postinst() { + ewarn "/var/tmp/${PN} must be on a filesystem with mandatory locks!" + ewarn "You should add \"mand\" to the mount options on the relevant line in /etc/fstab." + + if use ssl; then + echo + ewarn "Note: ssl USE flag only enable SSL pass-through, which means that" + ewarn " HTTPS pages will not be scanned for viruses!" + ewarn " It is impossible to decrypt data sent through SSL connections without knowing" + ewarn " the private key of the used certificate." + fi + + if use clamav; then + echo + ewarn "If you plan to use clamav daemon, you should make sure clamav user can read" + ewarn "/var/tmp/${PN} content. This can be accomplished by enabling AllowSupplementaryGroups" + ewarn "in /etc/clamd.conf and adding clamav user to the ${PN} group." + fi +} diff --git a/net-proxy/havp/metadata.xml b/net-proxy/havp/metadata.xml new file mode 100644 index 000000000000..547d2588d36c --- /dev/null +++ b/net-proxy/havp/metadata.xml @@ -0,0 +1,7 @@ +<?xml version = '1.0' encoding = 'UTF-8'?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>HAVP (HTTP AntiVirus proxy) is a proxy with an anti-virus +filter. It does not cache or filter content.</longdescription> +</pkgmetadata> diff --git a/net-proxy/http-replicator/Manifest b/net-proxy/http-replicator/Manifest new file mode 100644 index 000000000000..ff417839c3e6 --- /dev/null +++ b/net-proxy/http-replicator/Manifest @@ -0,0 +1,2 @@ +DIST http-replicator_3.0.tar.gz 39291 SHA256 cd5b2c8b4b6da4fd5a9313cd5e7d4179805002f2de5fd25a42301df4f5bd161e SHA512 d98a608c38201db6f2d8ba809a4777ab5588f5ed395882bdf542c2788df1770c61a2de160604c09297d847f2c73463ba0530d7f2c2e482467f8e8f35be068d57 WHIRLPOOL 965524243895a6a00df3b4be3bae391bc532f3ccef87383a487c87efbcd858aa1a2d15598be752b7640e57aef47ab7cbaad8430033925935f16a527aa50db36a +DIST http-replicator_4.0alpha2.tgz 27575 SHA256 43f466b691244104caba96fd16df75978731ea248ad1681beaf88342a708875a SHA512 437e0cc881af0cb8f84bfd1366bb6edeee4f76112c4b2ac2af4bcb8809462852b96e9c99e04c8f370492c9e1eb33ddc68a85c4f09b073694242cd6c05b4d3a6c WHIRLPOOL 599d2ee6bab4ffb4792913763b303da3a473dee2aa15510ceee32d042e54abdb49a902eee3346c4c735c97169e11fcd2340e7c741e160500c4a6bbd064a57561 diff --git a/net-proxy/http-replicator/files/http-replicator-3.0-callrepcacheman-0.1 b/net-proxy/http-replicator/files/http-replicator-3.0-callrepcacheman-0.1 new file mode 100755 index 000000000000..14cd0a70a53b --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-3.0-callrepcacheman-0.1 @@ -0,0 +1,3 @@ +#! /bin/bash +source /etc/conf.d/http-replicator +/usr/bin/repcacheman.py $GENERAL_OPTS diff --git a/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44 b/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44 new file mode 100755 index 000000000000..b200a7be48f8 --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44 @@ -0,0 +1,201 @@ +#! /usr/bin/python +# +# repcacheman ver 0.44 +# +# Cache Manager for Http-Replicator +# deletes duplicate files in PORTDIR. +# imports authenticated (checksum + listed in portage) +# files from PORTDIR to replicator's cache directory. +# +# Uses portage to perform checksum and database functions. +# All else, Copyright(C)2004-2007 Tom Poplawski (poplawtm@earthlink.net) +# Distributed under the terms of the GNU General Public License v2 +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + + +import portage_manifest +import portage_checksum +import portage_exception +import portage +import string +import os +import pwd,sys,optparse + +if os.getuid(): + print"Must be root" + sys.exit(1) + +# Parse Options + +parser = optparse.OptionParser() +parser.add_option('-d', '--dir', type='string', default="/var/cache/http-replicator", help='http-replicators cache DIR') +parser.add_option('-u','--user', type='string', default="portage", help='http-replicator USER') +options, args = parser.parse_args() # parse command line + +if options.user: + try: + uid=pwd.getpwnam(options.user)[2] + gid=pwd.getpwnam(options.user)[3] + except: + print "User \'" + options.user + "\' Doesn't exist on system - edit config or add user to system." + sys.exit(1) +else: + print "Error\n\tunable to get USER from /etc/http-replicator.conf" + sys.exit(1) + +# dir is replicator's cache directory +dir=options.dir+"/" + +if os.path.isdir(dir) : + newdir=0 +else : + print"\n\nBegin Http-Replicator Setup...." + try: + os.makedirs(dir) + print "\tcreated " + dir + newdir=1 + except: + print "\tcreate " + dir + " failed" + print '\terror:', sys.exc_info()[1] + sys.exit(1) + try: + os.chown(dir,uid,gid) + print "\tchanged owner of " + dir + " to " + options.user + except: + print "\tchange owner " + dir + " to " + options.user + " failed:" + print '\terror:', sys.exc_info()[1] + +print "\n\nReplicator's cache directory: " + dir + +# Import Portage settings + +distdir=portage.settings["DISTDIR"]+"/" +if distdir: + print "Portage's DISTDIR: " + distdir +else: + print"Unable to get Portage's DISTDIR" + sys.exit(1) + +# Start Work + +print "\nComparing directories...." + +# Create filecmp object +import filecmp +dc=filecmp.dircmp (distdir,dir,['cvs-src','git-src','hg-src','.locks']) +print "Done!" + +dupes=dc.common +deleted=0 + +if dupes: + print "\nDeleting duplicate file(s) in " + distdir + + for s in dupes: + print s + try: + os.remove(distdir + s ) + deleted +=1 + except: + print "\tdelete " + distdir + s + " failed:" + print '\terror:', sys.exc_info()[1] + + print "Done!" + + +newfiles=dc.left_only +nf=len(dc.left_only) + +if nf: + print "\nNew files in DISTDIR:" + for s in newfiles: + print s + print"\nChecking authenticity and integrity of new files..." + added=0 + errors=0 + badsum=0 + +# search all packages + + for mycp in portage.db["/"]["porttree"].dbapi.cp_all(): + manifest = portage_manifest.Manifest("/usr/portage/" + mycp , distdir) + if manifest == None: + portage.writemsg("Missing manifest: %s\n" % mycpv) + + remove=[] + for file in newfiles: + if manifest.hasFile("DIST",file): + try: + myok, myreason = manifest.checkFileHashes("DIST",file) + + try: + os.rename(distdir+file,dir+file) + added += 1 + except: + try: + import shutil + shutil.copyfile(distdir+file,dir+file) + added += 1 + os.remove(distdir+file) + except: + print "\tmove/copy " + file + " failed:" + print '\terror:', sys.exc_info()[1] + errors+=1 + + try: + os.chown(dir+file,uid,gid) + except: + print "\tchown " + file + " failed:" + print '\terror:', sys.exc_info()[1] + errors +=1 + + remove.append( file ) + + except portage_exception.DigestException, e: + print("\n!!! Digest verification failed:") + print("!!! %s" % e.value[0]) + print("!!! Reason: %s" % e.value[1]) + print("!!! Got: %s" % e.value[2]) + print("!!! Expected: %s" % e.value[3]) + badsum+=1 + if remove: + for rf in remove: + newfiles.remove ( rf ) + + +print "\nSUMMARY:" +print "Found " + str(len(dupes)) + " duplicate file(s)" +if deleted: + print "\tDeleted " + str(deleted) + " dupe(s)" + +if nf: + print "Found " + str(nf) + " new file(s)" + print "\tAdded " + str(added) + " of those file(s) to the cache" + + print "Rejected " +str(len(newfiles)) + " File(s) - ", + print str(badsum) + " failed checksum(s)" + for s in newfiles: + print "\t%s" %s + if errors: + print "Encountered " +str(errors) + " errors" +# if badsum: +# print str(badsum) + " partial/corrupted file(s)" + +if newdir: + print"\n\nexecute:\n/etc/init.d/http-replicator start" + print"to run http-replicator.\n\nexecute:\nrc-update add http-replicator default" + print"to make http-replicator start at boot" + print"\n\nexecute:\n/usr/bin/repcacheman\nafter emerge's on the server to delete" + print"dup files and add new files to the cache" + +print "\n\nHTTP-Replicator requires you delete any partial downloads in " + distdir +print "run rm -rf " + distdir +'*' + diff --git a/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44-r1 b/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44-r1 new file mode 100755 index 000000000000..9f0069bc7ebb --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44-r1 @@ -0,0 +1,201 @@ +#! /usr/bin/python +# +# repcacheman ver 0.44 +# +# Cache Manager for Http-Replicator +# deletes duplicate files in PORTDIR. +# imports authenticated (checksum + listed in portage) +# files from PORTDIR to replicator's cache directory. +# +# Uses portage to perform checksum and database functions. +# All else, Copyright(C)2004-2007 Tom Poplawski (poplawtm@earthlink.net) +# Distributed under the terms of the GNU General Public License v2 +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + + +import portage.manifest +import portage.checksum +import portage.exception +import portage +import string +import os +import pwd,sys,optparse + +if os.getuid(): + print"Must be root" + sys.exit(1) + +# Parse Options + +parser = optparse.OptionParser() +parser.add_option('-d', '--dir', type='string', default="/var/cache/http-replicator", help='http-replicators cache DIR') +parser.add_option('-u','--user', type='string', default="portage", help='http-replicator USER') +options, args = parser.parse_args() # parse command line + +if options.user: + try: + uid=pwd.getpwnam(options.user)[2] + gid=pwd.getpwnam(options.user)[3] + except: + print "User \'" + options.user + "\' Doesn't exist on system - edit config or add user to system." + sys.exit(1) +else: + print "Error\n\tunable to get USER from /etc/http-replicator.conf" + sys.exit(1) + +# dir is replicator's cache directory +dir=options.dir+"/" + +if os.path.isdir(dir) : + newdir=0 +else : + print"\n\nBegin Http-Replicator Setup...." + try: + os.makedirs(dir) + print "\tcreated " + dir + newdir=1 + except: + print "\tcreate " + dir + " failed" + print '\terror:', sys.exc_info()[1] + sys.exit(1) + try: + os.chown(dir,uid,gid) + print "\tchanged owner of " + dir + " to " + options.user + except: + print "\tchange owner " + dir + " to " + options.user + " failed:" + print '\terror:', sys.exc_info()[1] + +print "\n\nReplicator's cache directory: " + dir + +# Import Portage settings + +distdir=portage.settings["DISTDIR"]+"/" +if distdir: + print "Portage's DISTDIR: " + distdir +else: + print"Unable to get Portage's DISTDIR" + sys.exit(1) + +# Start Work + +print "\nComparing directories...." + +# Create filecmp object +import filecmp +dc=filecmp.dircmp (distdir,dir,['cvs-src','git-src','hg-src','.locks']) +print "Done!" + +dupes=dc.common +deleted=0 + +if dupes: + print "\nDeleting duplicate file(s) in " + distdir + + for s in dupes: + print s + try: + os.remove(distdir + s ) + deleted +=1 + except: + print "\tdelete " + distdir + s + " failed:" + print '\terror:', sys.exc_info()[1] + + print "Done!" + + +newfiles=dc.left_only +nf=len(dc.left_only) + +if nf: + print "\nNew files in DISTDIR:" + for s in newfiles: + print s + print"\nChecking authenticity and integrity of new files..." + added=0 + errors=0 + badsum=0 + +# search all packages + + for mycp in portage.db["/"]["porttree"].dbapi.cp_all(): + manifest = portage.manifest.Manifest("/usr/portage/" + mycp , distdir) + if manifest == None: + portage.writemsg("Missing manifest: %s\n" % mycpv) + + remove=[] + for file in newfiles: + if manifest.hasFile("DIST",file): + try: + myok, myreason = manifest.checkFileHashes("DIST",file) + + try: + os.rename(distdir+file,dir+file) + added += 1 + except: + try: + import shutil + shutil.copyfile(distdir+file,dir+file) + added += 1 + os.remove(distdir+file) + except: + print "\tmove/copy " + file + " failed:" + print '\terror:', sys.exc_info()[1] + errors+=1 + + try: + os.chown(dir+file,uid,gid) + except: + print "\tchown " + file + " failed:" + print '\terror:', sys.exc_info()[1] + errors +=1 + + remove.append( file ) + + except portage.exception.DigestException, e: + print("\n!!! Digest verification failed:") + print("!!! %s" % e.value[0]) + print("!!! Reason: %s" % e.value[1]) + print("!!! Got: %s" % e.value[2]) + print("!!! Expected: %s" % e.value[3]) + badsum+=1 + if remove: + for rf in remove: + newfiles.remove ( rf ) + + +print "\nSUMMARY:" +print "Found " + str(len(dupes)) + " duplicate file(s)" +if deleted: + print "\tDeleted " + str(deleted) + " dupe(s)" + +if nf: + print "Found " + str(nf) + " new file(s)" + print "\tAdded " + str(added) + " of those file(s) to the cache" + + print "Rejected " +str(len(newfiles)) + " File(s) - ", + print str(badsum) + " failed checksum(s)" + for s in newfiles: + print "\t%s" %s + if errors: + print "Encountered " +str(errors) + " errors" +# if badsum: +# print str(badsum) + " partial/corrupted file(s)" + +if newdir: + print"\n\nexecute:\n/etc/init.d/http-replicator start" + print"to run http-replicator.\n\nexecute:\nrc-update add http-replicator default" + print"to make http-replicator start at boot" + print"\n\nexecute:\n/usr/bin/repcacheman\nafter emerge's on the server to delete" + print"dup files and add new files to the cache" + +print "\n\nHTTP-Replicator requires you delete any partial downloads in " + distdir +print "run rm -rf " + distdir +'*' + diff --git a/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44-r2 b/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44-r2 new file mode 100755 index 000000000000..35d0a9e39fa2 --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-3.0-repcacheman-0.44-r2 @@ -0,0 +1,201 @@ +#! /usr/bin/python +# +# repcacheman ver 0.44 +# +# Cache Manager for Http-Replicator +# deletes duplicate files in PORTDIR. +# imports authenticated (checksum + listed in portage) +# files from PORTDIR to replicator's cache directory. +# +# Uses portage to perform checksum and database functions. +# All else, Copyright(C)2004-2007 Tom Poplawski (poplawtm@earthlink.net) +# Distributed under the terms of the GNU General Public License v2 +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + + +import portage.manifest +import portage.checksum +import portage.exception +import portage +import string +import os +import pwd,sys,optparse + +if os.getuid(): + print"Must be root" + sys.exit(1) + +# Parse Options + +parser = optparse.OptionParser() +parser.add_option('-d', '--dir', type='string', default="/var/cache/http-replicator", help='http-replicators cache DIR') +parser.add_option('-u','--user', type='string', default="portage", help='http-replicator USER') +options, args = parser.parse_args() # parse command line + +if options.user: + try: + uid=pwd.getpwnam(options.user)[2] + gid=pwd.getpwnam(options.user)[3] + except: + print "User \'" + options.user + "\' Doesn't exist on system - edit config or add user to system." + sys.exit(1) +else: + print "Error\n\tunable to get USER from /etc/http-replicator.conf" + sys.exit(1) + +# dir is replicator's cache directory +dir=options.dir+"/" + +if os.path.isdir(dir) : + newdir=0 +else : + print"\n\nBegin Http-Replicator Setup...." + try: + os.makedirs(dir) + print "\tcreated " + dir + newdir=1 + except: + print "\tcreate " + dir + " failed" + print '\terror:', sys.exc_info()[1] + sys.exit(1) + try: + os.chown(dir,uid,gid) + print "\tchanged owner of " + dir + " to " + options.user + except: + print "\tchange owner " + dir + " to " + options.user + " failed:" + print '\terror:', sys.exc_info()[1] + +print "\n\nReplicator's cache directory: " + dir + +# Import Portage settings + +distdir=portage.settings["DISTDIR"]+"/" +if distdir: + print "Portage's DISTDIR: " + distdir +else: + print"Unable to get Portage's DISTDIR" + sys.exit(1) + +# Start Work + +print "\nComparing directories...." + +# Create filecmp object +import filecmp +dc=filecmp.dircmp (distdir,dir,['cvs-src','git-src','hg-src','egit-src','.locks']) +print "Done!" + +dupes=dc.common +deleted=0 + +if dupes: + print "\nDeleting duplicate file(s) in " + distdir + + for s in dupes: + print s + try: + os.remove(distdir + s ) + deleted +=1 + except: + print "\tdelete " + distdir + s + " failed:" + print '\terror:', sys.exc_info()[1] + + print "Done!" + + +newfiles=dc.left_only +nf=len(dc.left_only) + +if nf: + print "\nNew files in DISTDIR:" + for s in newfiles: + print s + print"\nChecking authenticity and integrity of new files..." + added=0 + errors=0 + badsum=0 + +# search all packages + + for mycp in portage.db["/"]["porttree"].dbapi.cp_all(): + manifest = portage.manifest.Manifest("/usr/portage/" + mycp , distdir) + if manifest == None: + portage.writemsg("Missing manifest: %s\n" % mycpv) + + remove=[] + for file in newfiles: + if manifest.hasFile("DIST",file): + try: + myok, myreason = manifest.checkFileHashes("DIST",file) + + try: + os.rename(distdir+file,dir+file) + added += 1 + except: + try: + import shutil + shutil.copyfile(distdir+file,dir+file) + added += 1 + os.remove(distdir+file) + except: + print "\tmove/copy " + file + " failed:" + print '\terror:', sys.exc_info()[1] + errors+=1 + + try: + os.chown(dir+file,uid,gid) + except: + print "\tchown " + file + " failed:" + print '\terror:', sys.exc_info()[1] + errors +=1 + + remove.append( file ) + + except portage.exception.DigestException, e: + print("\n!!! Digest verification failed:") + print("!!! %s" % e.value[0]) + print("!!! Reason: %s" % e.value[1]) + print("!!! Got: %s" % e.value[2]) + print("!!! Expected: %s" % e.value[3]) + badsum+=1 + if remove: + for rf in remove: + newfiles.remove ( rf ) + + +print "\nSUMMARY:" +print "Found " + str(len(dupes)) + " duplicate file(s)" +if deleted: + print "\tDeleted " + str(deleted) + " dupe(s)" + +if nf: + print "Found " + str(nf) + " new file(s)" + print "\tAdded " + str(added) + " of those file(s) to the cache" + + print "Rejected " +str(len(newfiles)) + " File(s) - ", + print str(badsum) + " failed checksum(s)" + for s in newfiles: + print "\t%s" %s + if errors: + print "Encountered " +str(errors) + " errors" +# if badsum: +# print str(badsum) + " partial/corrupted file(s)" + +if newdir: + print"\n\nexecute:\n/etc/init.d/http-replicator start" + print"to run http-replicator.\n\nexecute:\nrc-update add http-replicator default" + print"to make http-replicator start at boot" + print"\n\nexecute:\n/usr/bin/repcacheman\nafter emerge's on the server to delete" + print"dup files and add new files to the cache" + +print "\n\nHTTP-Replicator requires you delete any partial downloads in " + distdir +print "run rm -f " + distdir +'*' + diff --git a/net-proxy/http-replicator/files/http-replicator-3.0-sighup.patch b/net-proxy/http-replicator/files/http-replicator-3.0-sighup.patch new file mode 100644 index 000000000000..969bbc91f9da --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-3.0-sighup.patch @@ -0,0 +1,20 @@ +--- a/http-replicator 2007-07-09 20:09:44.000000000 +0200 ++++ b/http-replicator 2007-07-09 20:11:48.433913445 +0200 +@@ -5,7 +5,7 @@ + # Because of this the server runs as a single process, multiplexing I/O with its various client and server connections within a single process/thread. + # According to the readme <http://www.nightmare.com/medusa/README.html> this means it is capable of smoother and higher performance than most other servers, while placing a dramatically reduced load on the server machine. + +-import asyncore, socket, os, time, calendar, sys, re, optparse, logging ++import asyncore, socket, os, time, calendar, sys, re, optparse, logging, signal + + # LISTENER + # +@@ -636,6 +636,8 @@ + pidfile.write(str(pid)) # store child's pid + pidfile.close() + return ++ else: ++ signal.signal(signal.SIGHUP, signal.SIG_IGN) + else: + handler = logging.StreamHandler(sys.stdout) # log to stdout + handler.setFormatter(logging.Formatter('%(levelname)s: %(name)s %(message)s')) diff --git a/net-proxy/http-replicator/files/http-replicator-3.0.conf b/net-proxy/http-replicator/files/http-replicator-3.0.conf new file mode 100644 index 000000000000..35671fd262c0 --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-3.0.conf @@ -0,0 +1,46 @@ +## Config file for http-replicator +## sourced by init scripts automatically +## GENERAL_OPTS used by repcacheman +## DAEMON_OPTS used by http-replicator + + +## Set the cache dir +GENERAL_OPTS="--dir /var/cache/http-replicator" + +## Change UID/GID to user after opening the log and pid file. +## 'user' must have read/write access to cache dir: +GENERAL_OPTS="$GENERAL_OPTS --user portage" + +## Don't change or comment this out: +DAEMON_OPTS="$GENERAL_OPTS" + +## Do you need a proxy to reach the internet? +## This will forward requests to an external proxy server: +## Use one of the following, not both: +#DAEMON_OPTS="$DAEMON_OPTS --external somehost:1234" +#DAEMON_OPTS="$DAEMON_OPTS --external username:password@host:port" + +## Local dir to serve clients. Great for serving binary packages +## See PKDIR and PORTAGE_BINHOST settings in 'man make.conf' +## --alias /path/to/serve:location will make /path/to/serve +## browsable at http://http-replicator.com:port/location +DAEMON_OPTS="$DAEMON_OPTS --alias /usr/portage/packages:packages" + +## Dir to hold the log file: +DAEMON_OPTS="$DAEMON_OPTS --log /var/log/http-replicator.log" + +## Make the log messages less and less verbose. +## Up to four times to make it extremely quiet. +#DAEMON_OPTS="$DAEMON_OPTS --quiet" +#DAEMON_OPTS="$DAEMON_OPTS --quiet" + +## Make the log messages extra verbose for debugging. +#DAEMON_OPTS="$DAEMON_OPTS --debug" + +## The ip addresses from which access is allowed. Can be used as many times +## as necessary. Access from localhost is allowed by default. +DAEMON_OPTS="$DAEMON_OPTS --ip 192.168.*.*" +DAEMON_OPTS="$DAEMON_OPTS --ip 10.*.*.*" + +## The proxy port on which the server listens for http requests: +DAEMON_OPTS="$DAEMON_OPTS --port 8080" diff --git a/net-proxy/http-replicator/files/http-replicator-3.0.init b/net-proxy/http-replicator/files/http-replicator-3.0.init new file mode 100755 index 000000000000..85f773ed7339 --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-3.0.init @@ -0,0 +1,21 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +start() { + ebegin "Starting Http-Replicator" + start-stop-daemon --start --pidfile /var/run/http-replicator.pid --name http-replicator \ + --exec /usr/bin/http-replicator -- -s -f --pid /var/run/http-replicator.pid --daemon $DAEMON_OPTS + eend $? "Failed to start Http-Replicator" +} + +stop() { + ebegin "Stopping Http-Replicator" + start-stop-daemon --stop --pidfile /var/run/http-replicator.pid --name http-replicator --signal 2 + eend $? "Failed to stop Http-Replicator" +} diff --git a/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r2.conf b/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r2.conf new file mode 100644 index 000000000000..cea7c9632a34 --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r2.conf @@ -0,0 +1,46 @@ +## Configuration file for HTTP Replicator automatically sourced by init script. + +################# +## REPCACHEMAN ## +################# + +## Set the cache dir. +GENERAL_OPTS="--dir /var/cache/http-replicator/" + +## Change UID/GID to user after opening the log and pid file. +## 'user' must have read/write access to cache dir. +GENERAL_OPTS="$GENERAL_OPTS --user portage" + +##################### +## HTTP-REPLICATOR ## +##################### + +## Specify which file to log too, use /dev/null to disable. +LOG_FILE="/var/log/http-replicator.log" + +# Set cache root directory. +DAEMON_OPTS="--root /var/cache/http-replicator/" + +## Try IPv6 addresses if available. +# DAEMON_OPTS="$DAEMON_OPTS --ipv6" + +## The proxy port on which the server listens for http requests, default 8080. +# DAEMON_OPTS="$DAEMON_OPTS --port 8080" + +## Break connection after so many seconds of inactivity, default 15. +# DAEMON_OPTS="$DAEMON_OPTS --timeout 15" + +## Limit download rate at a fixed K/s. +# DAEMON_OPTS="$DAEMON_OPTS --limit RATE" + +## Do you need the proxy to work offline, never connecting to a server? +# DAEMON_OPTS="$DAEMON_OPTS --offline" + +## Show http headers and other info in log messages. +# DAEMON_OPTS="$DAEMON_OPTS --verbose" + +## Switch from gather to debug output module. +# DAEMON_OPTS="$DAEMON_OPTS --debug" + +## More options (eg --flat and --static) are listed in `http-replicator --help`, +## the --daemon parameter is automatically passed by the init script.
\ No newline at end of file diff --git a/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r3-pid.patch b/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r3-pid.patch new file mode 100644 index 000000000000..a1cf5eddbfcb --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r3-pid.patch @@ -0,0 +1,101 @@ +Bring back the --pid functionality of 3.x, needed for our init script. + +Patch contributed by Nikita Kozlov (klnikita / klnikita_ on IRC). + +Slight adjustments made to use --pid instead of --pidfile and reordered --help. + +URL: https://dpaste.org/Menvq/ +BUG: https://bugs.gentoo.org/show_bug.cgi?id=472422 + +--- a/fiber.py ++++ b/fiber.py +@@ -136,11 +136,13 @@ + self.__stdout.flush() + self.__newline = string.endswith( '\n' ) + + +-def fork( output ): ++def fork( output, pidfile ): + + try: ++ if pidfile: ++ pidout = open(pidfile, 'w') # open pid file for writing + log = open( output, 'w' ) + nul = open( '/dev/null', 'r' ) + pid = os.fork() + except IOError, e: +@@ -166,17 +168,20 @@ + print 'error:', e + sys.exit( 1 ) + + if pid: ++ if pidfile: ++ pidout.write(str(pid)) ++ pidout.close() + print pid + sys.exit( 0 ) + + os.dup2( log.fileno(), sys.stdout.fileno() ) + os.dup2( log.fileno(), sys.stderr.fileno() ) + os.dup2( nul.fileno(), sys.stdin.fileno() ) + + +-def spawn( generator, port, debug, log ): ++def spawn( generator, port, debug, log, pidfile ): + + try: + listener = socket.socket( socket.AF_INET, socket.SOCK_STREAM ) + listener.setblocking( 0 ) +@@ -187,9 +192,9 @@ + print 'error: failed to create socket:', e + sys.exit( 1 ) + + if log: +- fork( log ) ++ fork( log, pidfile ) + + if debug: + myFiber = DebugFiber + else: +--- a/http-replicator ++++ b/http-replicator +@@ -59,5 +59,5 @@ + + print 'Transaction successfully completed' + + +-fiber.spawn( Replicator, Params.PORT, Params.DEBUG, Params.LOG ) ++fiber.spawn( Replicator, Params.PORT, Params.DEBUG, Params.LOG, Params.PIDFILE ) +--- a/Params.py ++++ b/Params.py +@@ -6,8 +6,9 @@ + PORT = 8080 + ROOT = os.getcwd() + os.sep + VERBOSE = 0 + TIMEOUT = 15 ++PIDFILE = False + FAMILY = socket.AF_INET + FLAT = False + STATIC = False + ONLINE = True +@@ -21,8 +22,9 @@ + + options: ++ --pid FILE write process ID to FILE + -h --help show this help message and exit + -p --port PORT listen on this port for incoming connections, default %(PORT)i + -r --root DIR set cache root directory, default current: %(ROOT)s + -v --verbose show http headers and other info + -t --timeout SEC break connection after so many seconds of inactivity, default %(TIMEOUT)i + -6 --ipv6 try ipv6 addresses if available +@@ -74,8 +76,10 @@ + except: + sys.exit( 'Error: %s requires a numerical argument' % _arg ) + elif _arg == '--daemon': + LOG = _args.next() ++ elif _arg == '--pid': ++ PIDFILE = _args.next() + elif _arg == '--debug': + DEBUG = True + else: + sys.exit( 'Error: invalid option %r' % _arg )
\ No newline at end of file diff --git a/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r3.init b/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r3.init new file mode 100644 index 000000000000..b1eae998553e --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator-4.0_alpha2-r3.init @@ -0,0 +1,22 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +start() { + ebegin "Starting HTTP Replicator" + start-stop-daemon --start --pidfile /var/run/http-replicator.pid \ + --name http-replicator --exec /usr/bin/http-replicator -- --static \ + --flat --daemon $LOG_FILE $DAEMON_OPTS --pid /var/run/http-replicator.pid + eend $? "Failed to start HTTP Replicator" +} + +stop() { + ebegin "Stopping HTTP Replicator" + start-stop-daemon --stop --pidfile /var/run/http-replicator.pid --name http-replicator --signal 2 + eend $? "Failed to stop HTTP Replicator" +} diff --git a/net-proxy/http-replicator/files/http-replicator.service b/net-proxy/http-replicator/files/http-replicator.service new file mode 100644 index 000000000000..6a2a7e5f5dff --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator.service @@ -0,0 +1,11 @@ +[Unit] +Description=http-replicator daemon +After=network.target + +[Service] +ExecStart=/usr/bin/http-replicator -s -f \ + --dir /var/cache/http-replicator --user portage --log /var/log/http-replicator.log \ + $DAEMON_OPTS + +[Install] +WantedBy=multi-user.target diff --git a/net-proxy/http-replicator/files/http-replicator.service.conf b/net-proxy/http-replicator/files/http-replicator.service.conf new file mode 100644 index 000000000000..da7445d080c4 --- /dev/null +++ b/net-proxy/http-replicator/files/http-replicator.service.conf @@ -0,0 +1,3 @@ +# Set various parameters for http-replicator +[Service] +Environment="DAEMON_OPTS= --alias /usr/portage/packages:packages --ip 192.168.*.* --ip 10.*.*.* --port 8080" diff --git a/net-proxy/http-replicator/http-replicator-3.0-r4.ebuild b/net-proxy/http-replicator/http-replicator-3.0-r4.ebuild new file mode 100644 index 000000000000..63e46c55528c --- /dev/null +++ b/net-proxy/http-replicator/http-replicator-3.0-r4.ebuild @@ -0,0 +1,68 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 +PYTHON_DEPEND="2:2.7:2.7" # not 2.6 bug #33907, not 3.0 bug #411083 +inherit eutils python systemd + +MY_P="${PN}_${PV}" + +DESCRIPTION="Proxy cache for Gentoo packages" +HOMEPAGE="http://sourceforge.net/projects/http-replicator" +SRC_URI="mirror://sourceforge/http-replicator/${MY_P}.tar.gz" +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha amd64 hppa ppc ~sparc x86" +IUSE="" + +DEPEND="" +RDEPEND="${DEPEND}" + +src_compile() { + epatch "${FILESDIR}/http-replicator-3.0-sighup.patch" + einfo "No compilation necessary" +} + +src_install(){ + # Daemon and repcacheman into /usr/bin + dobin http-replicator + newexe "${FILESDIR}/http-replicator-3.0-callrepcacheman-0.1" repcacheman + newexe "${FILESDIR}/http-replicator-3.0-repcacheman-0.44-r2" repcacheman.py + + # init.d scripts + newinitd "${FILESDIR}/http-replicator-3.0.init" http-replicator + newconfd "${FILESDIR}/http-replicator-3.0.conf" http-replicator + + systemd_dounit "${FILESDIR}"/http-replicator.service + systemd_install_serviced "${FILESDIR}"/http-replicator.service.conf + + # not 2.6 bug #33907, not 3.0 bug #411083 + python_convert_shebangs -r 2.7 "${ED}" + + # Docs + dodoc README debian/changelog + + # Man Page - Not Gentooified yet + doman http-replicator.1 + + insinto /etc/logrotate.d + newins debian/logrotate http-replicator +} + +pkg_postinst() { + einfo + einfo "Before starting http-replicator, please follow the next few steps:" + einfo "- modify /etc/conf.d/http-replicator if required" + einfo "- run /usr/bin/repcacheman to set up the cache" + einfo "- add http_proxy=\"http://serveraddress:8080\" to make.conf on" + einfo " the server as well as on the client machines" + einfo "- make sure GENTOO_MIRRORS in /etc/make.conf starts with several" + einfo " good http mirrors" + einfo + einfo "For more information please refer to the following forum thread:" + einfo " http://forums.gentoo.org/viewtopic-t-173226.html" + einfo +} diff --git a/net-proxy/http-replicator/http-replicator-4.0_alpha2-r4.ebuild b/net-proxy/http-replicator/http-replicator-4.0_alpha2-r4.ebuild new file mode 100644 index 000000000000..02b37992e864 --- /dev/null +++ b/net-proxy/http-replicator/http-replicator-4.0_alpha2-r4.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +PYTHON_COMPAT=( python2_7 ) + +inherit eutils python-r1 systemd + +MY_P="${PN}_${PV/_/}" + +DESCRIPTION="Proxy cache for Gentoo packages" +HOMEPAGE="http://sourceforge.net/projects/http-replicator" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tgz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~sparc ~x86" + +S="${WORKDIR}/${MY_P}" + +# Tests downloads files as well as breaks, should be turned into local tests. +RESTRICT="test" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-4.0_alpha2-r3-pid.patch +} + +src_test() { + ./unit-test && die +} + +src_install(){ + python_foreach_impl python_doscript http-replicator + + newbin "${FILESDIR}"/${PN}-3.0-callrepcacheman-0.1 repcacheman + + python_foreach_impl python_domodule *.py + + python_foreach_impl python_newscript "${FILESDIR}"/${PN}-3.0-repcacheman-0.44-r2 repcacheman.py + + newinitd "${FILESDIR}"/${PN}-4.0_alpha2-r3.init http-replicator + newconfd "${FILESDIR}"/${PN}-4.0_alpha2-r2.conf http-replicator + + systemd_dounit "${FILESDIR}"/http-replicator.service + systemd_install_serviced "${FILESDIR}"/http-replicator.service.conf + + dodoc README.user README.devel RELNOTES +} + +pkg_postinst() { + echo + einfo "Before starting ${PN}, please follow the next few steps:" + einfo + einfo "- Modify /etc/conf.d/${PN} if required." + einfo "- Run \`repcacheman\` to set up the cache." + einfo "- Add HTTP_PROXY=\"http://serveraddress:8080\" to make.conf on" + einfo " the server as well as on the client machines." + einfo "- Make sure GENTOO_MIRRORS in /etc/portage/make.conf" + einfo " starts with several good HTTP mirrors." + einfo + einfo "For more information please refer to the following forum thread:" + einfo + einfo " http://forums.gentoo.org/viewtopic-t-173226.html" + einfo + einfo "Starting with 4.x releases, the conf.d parameters have changed." + echo +} diff --git a/net-proxy/http-replicator/metadata.xml b/net-proxy/http-replicator/metadata.xml new file mode 100644 index 000000000000..c5d9e246c468 --- /dev/null +++ b/net-proxy/http-replicator/metadata.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <upstream> + <remote-id type="sourceforge">http-replicator</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/httpush/Manifest b/net-proxy/httpush/Manifest new file mode 100644 index 000000000000..585d8444c6d0 --- /dev/null +++ b/net-proxy/httpush/Manifest @@ -0,0 +1 @@ +DIST httpush-0.9b11.tar.gz 39342 SHA256 f6c3a3bce0957557d744c27d1bf33dca33a09dede80842ee70fdbbfc42e608a8 diff --git a/net-proxy/httpush/httpush-0.9_beta11-r1.ebuild b/net-proxy/httpush/httpush-0.9_beta11-r1.ebuild new file mode 100644 index 000000000000..112a5dade9ff --- /dev/null +++ b/net-proxy/httpush/httpush-0.9_beta11-r1.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils + +MY_P="${P/_beta/b}" + +DESCRIPTION="Httpush is an intercepting proxy, allowing user to modify HTTP requests on-the-fly" +HOMEPAGE="http://httpush.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~x86" +IUSE="xml" + +RDEPEND="dev-perl/URI + virtual/perl-MIME-Base64 + dev-perl/libwww-perl + dev-perl/Net-SSLeay + dev-perl/Crypt-SSLeay + dev-perl/HTML-Parser + xml? ( dev-perl/XML-Twig )" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + if ! use xml ; then + echo + einfo "If you'd like to use httpush's learning mode, please CTRL-C now" + einfo "and enable the xml USE flag." + epause 3 + echo + fi +} + +src_unpack() { + unpack ${A} + cd "${S}" + sed -i 's:^\(require httpush;\)$:push @INC, "/usr/lib/httpush";\n\1:' \ + httpush.pl || die "sed INC failed" + sed -i 's:^\(.*DATADIR="\)data\(.*\)$:\1/var/lib/httpush\2:' *.pl \ + lib/plugin/broker.pm || die "sed DATADIR= failed" +} + +src_install() { + keepdir /var/lib/httpush + + insinto /usr/lib/httpush + doins -r httpush.{dtd,lck,pem,pm} lib + + insinto /usr/share/httpush/plugins + doins plugins/* + + newbin httpush.pl httpush + newbin reindex.pl httpush-reindex + ewarn "reindex script has been renamed httpush-reindex" + + dodoc README ChangeLog doc/* +} diff --git a/net-proxy/httpush/metadata.xml b/net-proxy/httpush/metadata.xml new file mode 100644 index 000000000000..af81e3a61e05 --- /dev/null +++ b/net-proxy/httpush/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription>HTTPush aims at providing an easy way to audit HTTP and HTTPS application/server security. It supports on-the-fly request modification, automated decision making and vulnerability detection through the use of plugins.</longdescription> + <upstream> + <remote-id type="sourceforge">httpush</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/metadata.xml b/net-proxy/metadata.xml new file mode 100644 index 000000000000..32488608746e --- /dev/null +++ b/net-proxy/metadata.xml @@ -0,0 +1,33 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE catmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<catmetadata> + <longdescription lang="en"> + The net-proxy category contains network proxy software. + </longdescription> + <longdescription lang="de"> + Die Kategorie net-proxy enthält verschiedene Netzwerk-Proxies. + </longdescription> + <longdescription lang="es"> + La categoría net-proxy contiene proxies de red. + </longdescription> + <longdescription lang="ja"> + net-proxyカテゴリーにはネットワーク・プロキシの + ソフトウェアが含まれています。 + </longdescription> + <longdescription lang="nl"> + De net-proxy categorie bevat verschillende netwerkproxy's. + </longdescription> + <longdescription lang="vi"> + Nhóm net-proxy chứa các phần mềm proxy mạng. + </longdescription> + <longdescription lang="it"> + La categoria net-proxy contiene software proxy come squid e privoxy. + </longdescription> + <longdescription lang="pt"> + A categoria net-proxy contém softwares de proxy de rede. + </longdescription> + <longdescription lang="pl"> + Kategoria net-proxy zawiera oprogramowanie związane z serwerami proxy. + </longdescription> +</catmetadata> + diff --git a/net-proxy/mitmproxy/Manifest b/net-proxy/mitmproxy/Manifest new file mode 100644 index 000000000000..19fccf291ad6 --- /dev/null +++ b/net-proxy/mitmproxy/Manifest @@ -0,0 +1,3 @@ +DIST mitmproxy-0.10.1.tar.gz 3426109 SHA256 527cbff76e0d49d7db62561252d399e1c747730676515c4ed89250c223e2fe56 SHA512 2bef02f07942177044afa24749c4e8e2ba1aae5ee33e2cbffbecc557a09351865b70dc92b9acfd285716a82c84026a3eb93f889176fd288c1e8d67a415a5c79a WHIRLPOOL 73391bf717df855016db3158e4e38126f4b5e29a28566202843b3cf15412e9b1f281ad062d86f50965dfeab344488a11e2f8ba11a3181c1da56998a297b262d0 +DIST mitmproxy-0.11.1.tar.gz 6253324 SHA256 0d2de6210b5eee3f196943d9e6e137a27bf32bdc0213620bde54bfd5d384e53d SHA512 f265441825b22e2a7ec3c8f2f3152d123fbd6ac463fd4de0e973e24b2ab9feaf28689d3c995bb361ff06a88a6d88536b642944463573117640b1c096b79f20b1 WHIRLPOOL a32f44fa9a2392d08b9bb9c4fb701e3b6e351b4d820bb35b0fd27a8d3281e2982a2b88f1216cf8eedf3a3c0a14ad38406c9d80ee23b146706be8f98c27d197f1 +DIST mitmproxy-0.11.3.tar.gz 6172130 SHA256 e774760fc33864caa708eeaafb756e110d7adeb619f3734f2f50b2a0e4910d5c SHA512 81184b3034b78d51368b4066adcc8337fc59332c80ce085c854610f70cd96531612520c1b751135e26093265c5475c8fef5fcb0908b77b5a18a5c605c0c94934 WHIRLPOOL d0867387fe2188599d68e48a8db691b508748e9dc4704998af0bb062be3d5cd242445d220b07e8fb75cc4f26cebd87d6afffa7f5abe6f80607bae3f7ce93cb22 diff --git a/net-proxy/mitmproxy/files/mitmproxy-0.10-jsbeautifier-imports.patch b/net-proxy/mitmproxy/files/mitmproxy-0.10-jsbeautifier-imports.patch new file mode 100644 index 000000000000..bd6f65aa920e --- /dev/null +++ b/net-proxy/mitmproxy/files/mitmproxy-0.10-jsbeautifier-imports.patch @@ -0,0 +1,44 @@ +--- mitmproxy-0.10/libmproxy/contrib/jsbeautifier/__init__.py ++++ mitmproxy-0.10/libmproxy/contrib/jsbeautifier/__init__.py +@@ -246,7 +246,7 @@ + return sweet_code + + def unpack(self, source, evalcode=False): +- import jsbeautifier.unpackers as unpackers ++ from ..jsbeautifier import unpackers + try: + return unpackers.run(source, evalcode) + except unpackers.UnpackingError as error: +--- mitmproxy-0.10/libmproxy/contrib/jsbeautifier/unpackers/__init__.py ++++ mitmproxy-0.10/libmproxy/contrib/jsbeautifier/unpackers/__init__.py +@@ -7,7 +7,7 @@ + + import pkgutil + import re +-from jsbeautifier.unpackers import evalbased ++from ...jsbeautifier.unpackers import evalbased + + # NOTE: AT THE MOMENT, IT IS DEACTIVATED FOR YOUR SECURITY: it runs js! + BLACKLIST = ['jsbeautifier.unpackers.evalbased'] +--- mitmproxy-0.10/libmproxy/contrib/jsbeautifier/unpackers/myobfuscate.py ++++ mitmproxy-0.10/libmproxy/contrib/jsbeautifier/unpackers/myobfuscate.py +@@ -40,7 +40,7 @@ + except ImportError: + from urllib.parse import unquote + +-from jsbeautifier.unpackers import UnpackingError ++from ...jsbeautifier.unpackers import UnpackingError + + PRIORITY = 1 + +--- mitmproxy-0.10/libmproxy/contrib/jsbeautifier/unpackers/packer.py ++++ mitmproxy-0.10/libmproxy/contrib/jsbeautifier/unpackers/packer.py +@@ -14,7 +14,7 @@ + + import re + import string +-from jsbeautifier.unpackers import UnpackingError ++from ...jsbeautifier.unpackers import UnpackingError + + PRIORITY = 1 + diff --git a/net-proxy/mitmproxy/metadata.xml b/net-proxy/mitmproxy/metadata.xml new file mode 100644 index 000000000000..3c1903962e95 --- /dev/null +++ b/net-proxy/mitmproxy/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>radhermit@gentoo.org</email> + <name>Tim Harder</name> + </maintainer> + <upstream> + <remote-id type="pypi">mitmproxy</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/mitmproxy/mitmproxy-0.10.1.ebuild b/net-proxy/mitmproxy/mitmproxy-0.10.1.ebuild new file mode 100644 index 000000000000..d401aa159ebd --- /dev/null +++ b/net-proxy/mitmproxy/mitmproxy-0.10.1.ebuild @@ -0,0 +1,52 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 versionator + +DESCRIPTION="An interactive, SSL-capable, man-in-the-middle HTTP proxy" +HOMEPAGE="http://mitmproxy.org/" +SRC_URI="http://mitmproxy.org/download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="doc examples test" + +RDEPEND=">=dev-python/pillow-2.3.0[${PYTHON_USEDEP}] + dev-python/flask[${PYTHON_USEDEP}] + >=dev-python/lxml-2.3[${PYTHON_USEDEP}] + =dev-python/netlib-$(get_version_component_range 1-2)*[${PYTHON_USEDEP}] + >dev-python/pyasn1-0.1.2[${PYTHON_USEDEP}] + >=dev-python/pyopenssl-0.13[${PYTHON_USEDEP}] + >=dev-python/urwid-1.1[${PYTHON_USEDEP}]" +DEPEND="${RDEPEND} + test? ( + >=dev-python/mock-1.0.1[${PYTHON_USEDEP}] + >=dev-python/nose-1.3.0[${PYTHON_USEDEP}] + =www-servers/pathod-$(get_version_component_range 1-2)*[${PYTHON_USEDEP}] + )" + +PATCHES=( "${FILESDIR}"/${PN}-0.10-jsbeautifier-imports.patch ) + +python_prepare_all() { + distutils-r1_python_prepare_all + + # remove unwanted bytecode files + rm -r libmproxy/protocol || die +} + +python_test() { + nosetests -v || die "Tests fail with ${EPYTHON}" +} + +python_install_all() { + local DOCS=( CHANGELOG CONTRIBUTORS ) + use doc && local HTML_DOCS=( doc/. ) + use examples && local EXAMPLES=( examples/. ) + + distutils-r1_python_install_all +} diff --git a/net-proxy/mitmproxy/mitmproxy-0.11.1.ebuild b/net-proxy/mitmproxy/mitmproxy-0.11.1.ebuild new file mode 100644 index 000000000000..b5c48f995118 --- /dev/null +++ b/net-proxy/mitmproxy/mitmproxy-0.11.1.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 versionator + +DESCRIPTION="An interactive, SSL-capable, man-in-the-middle HTTP proxy" +HOMEPAGE="http://mitmproxy.org/" +SRC_URI="http://mitmproxy.org/download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="doc examples test" + +RDEPEND=">=dev-python/pillow-2.3.0[${PYTHON_USEDEP}] + >=dev-python/flask-0.10.1[${PYTHON_USEDEP}] + >=dev-python/lxml-3.3.6[${PYTHON_USEDEP}] + =dev-python/netlib-$(get_version_component_range 1-2)*[${PYTHON_USEDEP}] + >dev-python/pyasn1-0.1.2[${PYTHON_USEDEP}] + >=dev-python/pyopenssl-0.14[${PYTHON_USEDEP}] + >=www-servers/tornado-4.0.2[${PYTHON_USEDEP}] + >=dev-python/urwid-1.1[${PYTHON_USEDEP}]" +DEPEND="${RDEPEND} + test? ( + >=dev-python/mock-1.0.1[${PYTHON_USEDEP}] + >=dev-python/nose-1.3.0[${PYTHON_USEDEP}] + =www-servers/pathod-$(get_version_component_range 1-2)*[${PYTHON_USEDEP}] + )" + +#PATCHES=( "${FILESDIR}"/${PN}-0.10-jsbeautifier-imports.patch ) + +python_prepare_all() { + distutils-r1_python_prepare_all + + # remove bundled netlib and pathod + rm -r libpathod netlib || die + + # remove unused dep + sed -i '/sortedcontainers/d' setup.py || die +} + +python_test() { + nosetests -v || die "Tests fail with ${EPYTHON}" +} + +python_install_all() { + local DOCS=( CHANGELOG CONTRIBUTORS ) + use doc && local HTML_DOCS=( doc/. ) + use examples && local EXAMPLES=( examples/. ) + + distutils-r1_python_install_all +} diff --git a/net-proxy/mitmproxy/mitmproxy-0.11.3.ebuild b/net-proxy/mitmproxy/mitmproxy-0.11.3.ebuild new file mode 100644 index 000000000000..826a6f23913b --- /dev/null +++ b/net-proxy/mitmproxy/mitmproxy-0.11.3.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 versionator + +DESCRIPTION="An interactive, SSL-capable, man-in-the-middle HTTP proxy" +HOMEPAGE="http://mitmproxy.org/" +SRC_URI="http://mitmproxy.org/download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="doc examples test" + +RDEPEND=" + >=dev-python/pillow-2.3.0[${PYTHON_USEDEP}] + >=dev-python/flask-0.10.1[${PYTHON_USEDEP}] + >=dev-python/configargparse-0.9.3[${PYTHON_USEDEP}] + >=dev-python/lxml-3.3.6[${PYTHON_USEDEP}] + =dev-python/netlib-$(get_version_component_range 1-2)*[${PYTHON_USEDEP}] + >dev-python/pyasn1-0.1.2[${PYTHON_USEDEP}] + >=dev-python/pyopenssl-0.14[${PYTHON_USEDEP}] + >=www-servers/tornado-4.0.2[${PYTHON_USEDEP}] + >=dev-python/urwid-1.1[${PYTHON_USEDEP}] +" +DEPEND="${RDEPEND} + test? ( + >=dev-python/mock-1.0.1[${PYTHON_USEDEP}] + >=dev-python/nose-1.3.0[${PYTHON_USEDEP}] + =www-servers/pathod-$(get_version_component_range 1-2)*[${PYTHON_USEDEP}] + )" + +python_prepare_all() { + distutils-r1_python_prepare_all + + # don't run example scripts tests + rm test/test_examples.py || die + +} + +python_test() { + nosetests -v || die "Tests fail with ${EPYTHON}" +} + +python_install_all() { + local DOCS=( CHANGELOG CONTRIBUTORS ) + use doc && local HTML_DOCS=( doc/. ) + use examples && local EXAMPLES=( examples/. ) + + distutils-r1_python_install_all +} diff --git a/net-proxy/ntlmaps/Manifest b/net-proxy/ntlmaps/Manifest new file mode 100644 index 000000000000..0582477aab11 --- /dev/null +++ b/net-proxy/ntlmaps/Manifest @@ -0,0 +1,2 @@ +DIST ntlmaps-0.9.9.6.tar.gz 60760 SHA256 005c66a84f535951dc6ad558b301b7b49b96a3bbc56e3a83a553a5500e3f6a2a SHA512 0b0c80f3a32c523fdad47af2d0c7fa21d01124d014aafb2f7e9a00ba525685917b6c24572a25d5c294848f88fd6775a0e9c9e95014d91e35b86411c83f12adff WHIRLPOOL 66431212f20e5451992a2f788d7c8077dae95ee3cb97e956bd65862ce9c93fe2bea31e46cf34922fe5cbd99c6ea5780cfecd3fbadc128cbbd820c5c772f9371e +DIST ntlmaps-0.9.9.tar.gz 55459 SHA256 6f955ef0a8f3e944df0a9b2d22e385ee4399fa4e16f4c30ccdcb6f4c92fdccd1 diff --git a/net-proxy/ntlmaps/files/ntlmaps-0.9.9-gentoo.patch b/net-proxy/ntlmaps/files/ntlmaps-0.9.9-gentoo.patch new file mode 100644 index 000000000000..02e90f2ccf9d --- /dev/null +++ b/net-proxy/ntlmaps/files/ntlmaps-0.9.9-gentoo.patch @@ -0,0 +1,37 @@ +diff -Nru ntlmaps-0.9.9.orig/__init__.py ntlmaps-0.9.9/__init__.py +--- ntlmaps-0.9.9.orig/__init__.py 2004-11-10 01:27:05.000000000 +0200 ++++ ntlmaps-0.9.9/__init__.py 2005-02-24 13:07:56.601327735 +0200 +@@ -22,8 +22,7 @@ + + import os, sys + +-ntlmaps_dir = os.path.dirname(os.path.abspath(__file__)) +-ntlmaps_libdir = ntlmaps_dir + '/lib' ++ntlmaps_dir = '/usr/lib/ntlmaps' + sys.path.append(ntlmaps_libdir) + + del os, sys +diff -Nru ntlmaps-0.9.9.orig/main.py ntlmaps-0.9.9/main.py +--- ntlmaps-0.9.9.orig/main.py 2005-02-01 04:45:02.000000000 +0200 ++++ ntlmaps-0.9.9/main.py 2005-02-24 13:11:46.762545214 +0200 +@@ -18,17 +18,17 @@ + # Free Software Foundation, Inc., + # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. + # +-import __init__ +- + import sys + ++sys.path.append('/usr/lib/ntlmaps') ++ + import server, config, config_affairs + + + #-------------------------------------------------------------- + # config affairs + # look for default config name in lib/config.py +-conf = config.read_config(config.findConfigFileNameInArgv(sys.argv, __init__.ntlmaps_dir+'/')) ++conf = config.read_config('/etc/ntlmaps/server.cfg') + + conf['GENERAL']['VERSION'] = '0.9.9' + diff --git a/net-proxy/ntlmaps/files/ntlmaps-0.9.9.6-gentoo.patch b/net-proxy/ntlmaps/files/ntlmaps-0.9.9.6-gentoo.patch new file mode 100644 index 000000000000..bda0843e6c9f --- /dev/null +++ b/net-proxy/ntlmaps/files/ntlmaps-0.9.9.6-gentoo.patch @@ -0,0 +1,33 @@ +--- __init__.py.old 2010-10-06 16:03:54.000000000 +0200 ++++ __init__.py 2010-10-06 16:05:38.000000000 +0200 +@@ -20,10 +20,3 @@ + # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. + # + +-import os, sys +- +-ntlmaps_dir = os.path.dirname(os.path.abspath(__file__)) +-ntlmaps_libdir = ntlmaps_dir + '/lib' +-sys.path.append(ntlmaps_libdir) +- +-del os, sys +--- main.py.old 2010-10-06 16:26:57.000000000 +0200 ++++ main.py 2010-10-06 16:27:29.000000000 +0200 +@@ -18,8 +18,6 @@ + # Free Software Foundation, Inc., + # 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. + # +-import __init__ +- + import sys + + import server, config, config_affairs +@@ -28,7 +26,7 @@ + #-------------------------------------------------------------- + # config affairs + # look for default config name in lib/config.py +-conf = config.read_config(config.findConfigFileNameInArgv(sys.argv, __init__.ntlmaps_dir+'/')) ++conf = config.read_config('/etc/ntlmaps/server.cfg') + + conf['GENERAL']['VERSION'] = '0.9.9.6' + diff --git a/net-proxy/ntlmaps/files/ntlmaps.init b/net-proxy/ntlmaps/files/ntlmaps.init new file mode 100644 index 000000000000..0d0251660670 --- /dev/null +++ b/net-proxy/ntlmaps/files/ntlmaps.init @@ -0,0 +1,27 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +PID_FILE="/var/run/ntlmaps.pid" + +depend() { + need net +} + +start() { + ebegin "Starting ntlmaps" + touch ${PID_FILE} + chown ntlmaps:ntlmaps ${PID_FILE} + cd /var/log/ntlmaps && \ + start-stop-daemon --quiet --start --background --exec /usr/bin/python \ + --make-pidfile --pidfile ${PID_FILE} --chuid ntlmaps -- /usr/bin/ntlmaps < /dev/null && \ + sleep 1 + eend $? +} +stop() { + ebegin "Stopping ntlmaps" + start-stop-daemon --stop --quiet --pidfile ${PID_FILE} && \ + rm -f ${PID_FILE} + eend $? +} diff --git a/net-proxy/ntlmaps/files/ntlmaps.service b/net-proxy/ntlmaps/files/ntlmaps.service new file mode 100644 index 000000000000..163ab2623ed2 --- /dev/null +++ b/net-proxy/ntlmaps/files/ntlmaps.service @@ -0,0 +1,10 @@ +[Unit] +Description=NTLM proxy Authentication against MS proxy/web server +Wants=network.target +Before=network.target + +[Service] +ExecStart=/usr/bin/ntlmaps + +[Install] +WantedBy=multi-user.target diff --git a/net-proxy/ntlmaps/metadata.xml b/net-proxy/ntlmaps/metadata.xml new file mode 100644 index 000000000000..c40105f6d14d --- /dev/null +++ b/net-proxy/ntlmaps/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription lang="en"> + ntlmaps is a http/ftp/socks proxy server written in python that + implements samba-like ntlm authentication against a Microsoft Proxy + Server (which does not support 'normal' digest authentication). + </longdescription> + <upstream> + <remote-id type="sourceforge">ntlmaps</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/ntlmaps/ntlmaps-0.9.9-r2.ebuild b/net-proxy/ntlmaps/ntlmaps-0.9.9-r2.ebuild new file mode 100644 index 000000000000..c23b818c53c4 --- /dev/null +++ b/net-proxy/ntlmaps/ntlmaps-0.9.9-r2.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils user + +DESCRIPTION="NTLM proxy Authentication against MS proxy/web server" +HOMEPAGE="http://ntlmaps.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 x86" +IUSE="" + +DEPEND="dev-lang/python" + +pkg_setup() { + enewgroup ntlmaps + enewuser ntlmaps -1 -1 -1 ntlmaps +} + +src_prepare() { + epatch "${FILESDIR}/${P}-gentoo.patch" + + sed -i -e 's/\r//' lib/*.py server.cfg *.txt doc/*.{txt,htm} || die 'Failed to convert line endings.' +} + +src_install() { + exeinto /usr/bin + newexe main.py ntlmaps + insinto /usr/lib/ntlmaps + doins lib/* + + dodoc *.txt doc/*.txt + dohtml doc/* + + insopts -m0640 -g ntlmaps + insinto /etc/ntlmaps + doins server.cfg + newinitd "${FILESDIR}/ntlmaps.init" ntlmaps + + diropts -m 0770 -g ntlmaps + keepdir /var/log/ntlmaps +} + +pkg_preinst() { + #Remove the following lines sometime in December 2005 + #Their purpose is to fix security bug #107766 + if [ -f "${ROOT}/etc/ntlmaps/server.cfg" ]; then + chmod 0640 "${ROOT}/etc/ntlmaps/server.cfg" + chgrp ntlmaps "${ROOT}/etc/ntlmaps/server.cfg" + fi +} + +pkg_prerm() { + einfo "Removing python compiled bytecode" + rm -f "${ROOT}"/usr/lib/ntlmaps/*.py? +} diff --git a/net-proxy/ntlmaps/ntlmaps-0.9.9.6-r3.ebuild b/net-proxy/ntlmaps/ntlmaps-0.9.9.6-r3.ebuild new file mode 100644 index 000000000000..0773811d7052 --- /dev/null +++ b/net-proxy/ntlmaps/ntlmaps-0.9.9.6-r3.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +PYTHON_COMPAT=( python2_7 ) + +inherit eutils multilib systemd user python-r1 + +DESCRIPTION="NTLM proxy Authentication against MS proxy/web server" +HOMEPAGE="http://ntlmaps.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~x86" + +DEPEND="${PYTHON_DEPS}" +RDEPEND="${DEPEND}" + +pkg_setup() { + enewgroup ntlmaps + enewuser ntlmaps -1 -1 -1 ntlmaps +} + +src_prepare() { + epatch "${FILESDIR}/${P}-gentoo.patch" + + sed \ + -e 's/\r//' \ + -i lib/*.py server.cfg doc/*.{txt,htm} || die 'Failed to convert line endings.' +} + +src_install() { + # Bug #351305, prevent file collision. + rm "${S}"/lib/utils.py || die + + python_foreach_impl python_domodule lib/*.py + + python_foreach_impl python_newscript main.py ntlmaps + + python_foreach_impl python_optimize + + dodoc doc/*.txt + dohtml doc/*.{gif,htm} + + insopts -m0640 -g ntlmaps + insinto /etc/ntlmaps + doins server.cfg + newinitd "${FILESDIR}/ntlmaps.init" ntlmaps + systemd_dounit "${FILESDIR}"/${PN}.service + + diropts -m 0770 -g ntlmaps + keepdir /var/log/ntlmaps +} diff --git a/net-proxy/nutcracker/Manifest b/net-proxy/nutcracker/Manifest new file mode 100644 index 000000000000..eb585643c933 --- /dev/null +++ b/net-proxy/nutcracker/Manifest @@ -0,0 +1,2 @@ +DIST nutcracker-0.2.4.tar.gz 1723439 SHA256 132f524541c6cf4dd1d570ec5da29312ed6150e8a369df703116498b65703b4e SHA512 13d7d2a778a5d85a1d73eaa220f2e95eb7765eff0c8af390ab916f099b12d6c1a99cb61ff418b9a909ff7e2b416b271ba034eb9f50cd7df1ee53600d8b681409 WHIRLPOOL a9e09376f70ade19ef6f80f769edef26b86f3af1d529f68fd6fc42575d4521603da230ee236f8b53c275c9695602e21a586d38fc33a68960b8c11359271af902 +DIST nutcracker-0.3.0.tar.gz 1825106 SHA256 e9993d6827b2e93ee2b865e827acbf9efadbbfc81ccd9103a85948ee2580942a SHA512 81ba21c54b9a15fbb1d0a42b426643b65bcd20b7bb4b35cf3427235703a01a44188b762edff412afe20c193a4e75bf618f69d8c77bae9d66cd2c4e619416f565 WHIRLPOOL 073d411619d14ff57ef9ec72975db99791d29b4b606b6a3af99a2e64b19983a0200b797e753626e7b21aeaae02a28a02402646aeb20919d0910441e5981f8da4 diff --git a/net-proxy/nutcracker/files/nutcracker-0.2.4-use-system-libyaml.patch b/net-proxy/nutcracker/files/nutcracker-0.2.4-use-system-libyaml.patch new file mode 100644 index 000000000000..5cf7b3660bdf --- /dev/null +++ b/net-proxy/nutcracker/files/nutcracker-0.2.4-use-system-libyaml.patch @@ -0,0 +1,64 @@ +diff -uNr nutcracker-0.2.4.orig/Makefile.am nutcracker-0.2.4/Makefile.am +--- nutcracker-0.2.4.orig/Makefile.am 2013-09-11 10:11:19.869975912 -0400 ++++ nutcracker-0.2.4/Makefile.am 2013-09-11 10:11:36.709975757 -0400 +@@ -2,6 +2,6 @@ + + ACLOCAL_AMFLAGS = -I m4 + +-SUBDIRS = contrib src ++SUBDIRS = src + + EXTRA_DIST = README.md NOTICE LICENSE ChangeLog conf scripts notes +diff -uNr nutcracker-0.2.4.orig/src/Makefile.am nutcracker-0.2.4/src/Makefile.am +--- nutcracker-0.2.4.orig/src/Makefile.am 2013-09-11 10:16:16.449973187 -0400 ++++ nutcracker-0.2.4/src/Makefile.am 2013-09-11 10:16:44.019972934 -0400 +@@ -3,7 +3,6 @@ + AM_CPPFLAGS = -D_GNU_SOURCE -D_XOPEN_SOURCE + AM_CPPFLAGS += -I $(top_srcdir)/src/hashkit + AM_CPPFLAGS += -I $(top_srcdir)/src/proto +-AM_CPPFLAGS += -I $(top_srcdir)/contrib/yaml-0.1.4/include + + AM_CFLAGS = -Wall -Wshadow + AM_CFLAGS += -Wpointer-arith +@@ -43,4 +42,3 @@ + + nutcracker_LDADD = $(top_builddir)/src/hashkit/libhashkit.a + nutcracker_LDADD += $(top_builddir)/src/proto/libproto.a +-nutcracker_LDADD += $(top_builddir)/contrib/yaml-0.1.4/src/.libs/libyaml.a +diff -uNr nutcracker-0.2.4.orig/configure.ac nutcracker-0.2.4/configure.ac +--- nutcracker-0.2.4.orig/configure.ac 2013-09-11 10:23:27.879969223 -0400 ++++ nutcracker-0.2.4/configure.ac 2013-09-11 10:24:28.729968664 -0400 +@@ -138,11 +138,7 @@ + [AC_DEFINE([HAVE_STATS], [1], [Define to 1 if stats is not disabled])]) + AC_MSG_RESULT($disable_stats) + +-# Untar the yaml-0.1.4 in contrib/ before config.status is rerun +-AC_CONFIG_COMMANDS_PRE([tar xvfz contrib/yaml-0.1.4.tar.gz -C contrib]) +- +-# Call yaml-0.1.4 ./configure recursively +-AC_CONFIG_SUBDIRS([contrib/yaml-0.1.4]) ++PKG_CHECK_MODULES([YAML], [yaml-0.1 >= 0.1]) + + # Define Makefiles + AC_CONFIG_FILES([Makefile +diff -uNr nutcracker-0.2.4.orig/src/Makefile.am nutcracker-0.2.4/src/Makefile.am +--- nutcracker-0.2.4.orig/src/Makefile.am 2013-09-11 10:23:27.879969223 -0400 ++++ nutcracker-0.2.4/src/Makefile.am 2013-09-11 10:26:16.549967674 -0400 +@@ -11,8 +11,9 @@ + AM_CFLAGS += -Wno-unused-parameter -Wno-unused-value + AM_CFLAGS += -Wconversion -Wsign-compare + AM_CFLAGS += -Wstrict-prototypes -Wmissing-prototypes -Wredundant-decls -Wmissing-declarations ++AM_CFLAGS += $(YAML_CFLAGS) + +-AM_LDFLAGS = -lm -lpthread -rdynamic ++AM_LDFLAGS = -lm -lpthread -rdynamic $(YAML_LIBS) + + SUBDIRS = hashkit proto + +@@ -40,5 +41,5 @@ + nc_queue.h \ + nc.c + +-nutcracker_LDADD = $(top_builddir)/src/hashkit/libhashkit.a ++nutcracker_LDADD = $(top_builddir)/src/hashkit/libhashkit.a + nutcracker_LDADD += $(top_builddir)/src/proto/libproto.a diff --git a/net-proxy/nutcracker/files/nutcracker-0.3.0-use-system-libyaml.patch b/net-proxy/nutcracker/files/nutcracker-0.3.0-use-system-libyaml.patch new file mode 100644 index 000000000000..8a30fae46fc1 --- /dev/null +++ b/net-proxy/nutcracker/files/nutcracker-0.3.0-use-system-libyaml.patch @@ -0,0 +1,57 @@ +diff -uNr nutcracker-0.3.0.orig/configure.ac nutcracker-0.3.0/configure.ac +--- nutcracker-0.3.0.orig/configure.ac 2014-03-17 17:55:54.500000001 -0400 ++++ nutcracker-0.3.0/configure.ac 2014-03-17 17:58:50.290000001 -0400 +@@ -195,11 +195,8 @@ + [AC_DEFINE([HAVE_STATS], [1], [Define to 1 if stats is not disabled])]) + AC_MSG_RESULT($disable_stats) + +-# Untar the yaml-0.1.4 in contrib/ before config.status is rerun +-AC_CONFIG_COMMANDS_PRE([tar xvfz contrib/yaml-0.1.4.tar.gz -C contrib]) +- +-# Call yaml-0.1.4 ./configure recursively +-AC_CONFIG_SUBDIRS([contrib/yaml-0.1.4]) ++# Use systems libyaml. ++PKG_CHECK_MODULES([YAML], [yaml-0.1 >= 0.1]) + + # Define Makefiles + AC_CONFIG_FILES([Makefile +diff -uNr nutcracker-0.3.0.orig/Makefile.am nutcracker-0.3.0/Makefile.am +--- nutcracker-0.3.0.orig/Makefile.am 2014-03-17 17:55:54.500000001 -0400 ++++ nutcracker-0.3.0/Makefile.am 2014-03-17 17:56:38.920000001 -0400 +@@ -2,7 +2,7 @@ + + ACLOCAL_AMFLAGS = -I m4 + +-SUBDIRS = contrib src ++SUBDIRS = src + + dist_man_MANS = man/nutcracker.8 + +diff -uNr nutcracker-0.3.0.orig/src/Makefile.am nutcracker-0.3.0/src/Makefile.am +--- nutcracker-0.3.0.orig/src/Makefile.am 2014-03-17 17:55:54.500000001 -0400 ++++ nutcracker-0.3.0/src/Makefile.am 2014-03-17 18:00:08.480000001 -0400 +@@ -7,7 +7,6 @@ + AM_CPPFLAGS += -I $(top_srcdir)/src/hashkit + AM_CPPFLAGS += -I $(top_srcdir)/src/proto + AM_CPPFLAGS += -I $(top_srcdir)/src/event +-AM_CPPFLAGS += -I $(top_srcdir)/contrib/yaml-0.1.4/include + + AM_CFLAGS = + AM_CFLAGS += -Wall -Wshadow +@@ -17,9 +16,10 @@ + AM_CFLAGS += -Wno-unused-parameter -Wno-unused-value + AM_CFLAGS += -Wconversion -Wsign-compare + AM_CFLAGS += -Wstrict-prototypes -Wmissing-prototypes -Wredundant-decls -Wmissing-declarations ++AM_CFLAGS += $(YAML_CFLAGS) + + AM_LDFLAGS = +-AM_LDFLAGS += -lm -lpthread -rdynamic ++AM_LDFLAGS += -lm -lpthread -rdynamic $(YAML_LIBS) + if OS_SOLARIS + AM_LDFLAGS += -lnsl -lsocket + endif +@@ -52,4 +52,3 @@ + nutcracker_LDADD = $(top_builddir)/src/hashkit/libhashkit.a + nutcracker_LDADD += $(top_builddir)/src/proto/libproto.a + nutcracker_LDADD += $(top_builddir)/src/event/libevent.a +-nutcracker_LDADD += $(top_builddir)/contrib/yaml-0.1.4/src/.libs/libyaml.a diff --git a/net-proxy/nutcracker/files/nutcracker.confd b/net-proxy/nutcracker/files/nutcracker.confd new file mode 100644 index 000000000000..fd9aef360b12 --- /dev/null +++ b/net-proxy/nutcracker/files/nutcracker.confd @@ -0,0 +1,10 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +#USER="nobody" +#PIDFILE="/var/run/nutcracker.pid" +#CONF_FILE="/etc/nutcracker/nutcracker.yaml" + +NUTCRACKER_BIN="/usr/bin/nutcracker" +NUTCRACKER_OPTS="--daemonize" diff --git a/net-proxy/nutcracker/files/nutcracker.initd b/net-proxy/nutcracker/files/nutcracker.initd new file mode 100644 index 000000000000..344e310456f3 --- /dev/null +++ b/net-proxy/nutcracker/files/nutcracker.initd @@ -0,0 +1,40 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +USER="${USER:-nobody}" +PIDFILE="${PIDFILE:-/var/run/nutcracker.pid}" +NUTCRACKER_BIN="${NUTCRACKER_BIN:-/usr/bin/nutcracker}" +CONF_FILE="${CONF_FILE:-/etc/nutcracker/nutcracker.yml}" + +depend() { + need net +} + +checkconf() { + ebegin "Testing configuration" + ${NUTCRACKER_BIN} --test-conf \ + --conf-file=${CONF_FILE} \ + >/dev/null 2>&1 + eend $? +} + +start() { + checkconf || exit 1 + ebegin "Starting Nutcracker" + start-stop-daemon --start -u ${USER} \ + --name ${SVCNAME} \ + --exec ${NUTCRACKER_BIN} -- \ + --conf-file="${CONF_FILE}" \ + --pid-file=${PIDFILE} \ + ${NUTCRACKER_OPTS} + eend $? +} + +stop() { + ebegin "Stopping Nutcracker" + start-stop-daemon --stop --pidfile "${PIDFILE}" + eend $? +} + diff --git a/net-proxy/nutcracker/metadata.xml b/net-proxy/nutcracker/metadata.xml new file mode 100644 index 000000000000..41dc58dd7120 --- /dev/null +++ b/net-proxy/nutcracker/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>neurogeek@gentoo.org</email> + <name>Jesus Rivero</name> + <description>Primary maintainer</description> + </maintainer> + <upstream> + <remote-id type="github">twitter/twemproxy</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/nutcracker/nutcracker-0.2.4.ebuild b/net-proxy/nutcracker/nutcracker-0.2.4.ebuild new file mode 100644 index 000000000000..7b94aba290c5 --- /dev/null +++ b/net-proxy/nutcracker/nutcracker-0.2.4.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools eutils + +DESCRIPTION="A fast, light-weight proxy for Memcached and Redis. +(Twitter's Twemproxy)" +HOMEPAGE="https://github.com/twitter/twemproxy" +SRC_URI="http://twemproxy.googlecode.com/files/${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="debug doc" + +DEPEND=">=dev-libs/libyaml-0.1.4" +RDEPEND="${DEPEND}" + +src_prepare() { + # Lets use system libyaml + epatch "${FILESDIR}/${P}-use-system-libyaml.patch" + eautoreconf +} + +src_configure() { + econf $(use debug) || die "Econf failed" +} + +src_install() { + default_src_install + + insinto /etc/nutcracker + newins conf/nutcracker.yml nutcracker.yml.example + + newconfd "${FILESDIR}/nutcracker.confd" nutcracker + newinitd "${FILESDIR}/nutcracker.initd" nutcracker + + if use doc; then + dodoc -r notes + fi +} diff --git a/net-proxy/nutcracker/nutcracker-0.3.0.ebuild b/net-proxy/nutcracker/nutcracker-0.3.0.ebuild new file mode 100644 index 000000000000..5beeaf7aaf75 --- /dev/null +++ b/net-proxy/nutcracker/nutcracker-0.3.0.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools eutils + +DESCRIPTION="A fast, light-weight proxy for Memcached and Redis. +(Twitter's Twemproxy)" +HOMEPAGE="https://github.com/twitter/twemproxy" +SRC_URI="http://twemproxy.googlecode.com/files/${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="debug doc" + +DEPEND=">=dev-libs/libyaml-0.1.4" +RDEPEND="${DEPEND}" + +src_prepare() { + # Lets use system libyaml + epatch "${FILESDIR}/${P}-use-system-libyaml.patch" + eautoreconf +} + +src_configure() { + econf $(use debug) || die "Econf failed" +} + +src_install() { + default_src_install + + insinto /etc/nutcracker + newins conf/nutcracker.yml nutcracker.yml.example + + newconfd "${FILESDIR}/nutcracker.confd" nutcracker + newinitd "${FILESDIR}/nutcracker.initd" nutcracker + + if use doc; then + dodoc -r notes + fi +} diff --git a/net-proxy/nylon/Manifest b/net-proxy/nylon/Manifest new file mode 100644 index 000000000000..e3361ddf21c5 --- /dev/null +++ b/net-proxy/nylon/Manifest @@ -0,0 +1 @@ +DIST nylon-1.21.tar.gz 115954 SHA256 34c132b005c025c1a5079aae9210855c80f50dc51dde719298e1113ad73408a4 SHA512 7338ebf376843a49777bfc2c04dc0f9b14a25162efb008a555b6d74991bfbddbe5eb8fa6371c8c6a4dae9739f15d6d85135ba9d39472bc2646293a39777b5cfa WHIRLPOOL 50d223998e5f7992dbba17568839d1c6992dc4231d5855a904a93e0e076aea5bc0c57e550fc4f3cd3b72399da16f227342ad061f31e8e0dd626192154a5c8699 diff --git a/net-proxy/nylon/files/nylon-1.21-libevent.patch b/net-proxy/nylon/files/nylon-1.21-libevent.patch new file mode 100644 index 000000000000..d7ca2a1ab0e9 --- /dev/null +++ b/net-proxy/nylon/files/nylon-1.21-libevent.patch @@ -0,0 +1,63 @@ +--- a/configure.in ++++ b/configure.in +@@ -95,44 +95,10 @@ + AC_REPLACE_FUNCS(strlcpy strlcat strsep setproctitle daemon) + + dnl Checks for libevent +-AC_MSG_CHECKING(for libevent) +-AC_ARG_WITH(libevent, +-[ --with-libevent=DIR use libevent in DIR], +-[ case "$withval" in +- yes|no) +- AC_MSG_RESULT(no) +- ;; +- *) +- AC_MSG_RESULT($withval) +- if test -f $withval/include/event.h -a -f $withval/lib/libevent.a; then +- owd=`pwd` +- if cd $withval; then withval=`pwd`; cd $owd; fi +- EVENTINC="-I$withval/include" +- EVENTLIB="-L$withval/lib -levent" +- elif test -f $withval/event.h -a -f $withval/libevent.a; then +- owd=`pwd` +- if cd $withval; then withval=`pwd`; cd $owd; fi +- EVENTINC="-I$withval" +- EVENTLIB="-L$withval -levent" +- else +- AC_ERROR(event.h or libevent.a not found in $withval) +- fi +- ;; +- esac ], +-[ if test -f ${prefix}/include/event.h -a -f ${prefix}/lib/libevent.a; +-then +- EVENTINC="-I${prefix}/include" +- EVENTLIB="-L${prefix}/lib -levent" +- elif test -f /usr/include/event.h; then +- EVENTLIB="-levent" +- else +- AC_MSG_RESULT(no) +- AC_ERROR(libevent not found) +- fi +- AC_MSG_RESULT(yes) ] +-) +-AC_SUBST(EVENTINC) +-AC_SUBST(EVENTLIB) ++PKG_CHECK_MODULES(LIBEVENT,libevent,,) ++ ++AC_SUBST(LIBEVENT_CFLAGS) ++AC_SUBST(LIBEVENT_LIBS) + + if test "x${sysconfdir}" = 'x${prefix}/etc'; then + csysconfdir="${prefix}/etc" +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -5,7 +5,7 @@ + nylon_SOURCES = nylon.c print.c cfg.c expanda.c net.c access.c atomicio.c \ + socks4.c socks5.c mirror.c cleanup.c misc.c + +-AM_CFLAGS = @EVENTINC@ -Wall -g +-LDADD = @EVENTLIB@ @LIBOBJS@ ++AM_CFLAGS = @LIBEVENT_CFLAGS@ ++LDADD = @LIBEVENT_LIBS@ @LIBOBJS@ + + EXTRA_DIST = strlcpy.c strlcat.c setproctitle.c strsep.c err.c daemon.c diff --git a/net-proxy/nylon/files/nylon.conf b/net-proxy/nylon/files/nylon.conf new file mode 100644 index 000000000000..825cc0a3e7e4 --- /dev/null +++ b/net-proxy/nylon/files/nylon.conf @@ -0,0 +1,37 @@ +# sample configuration +# marius aamodt eriksen (marius@umich.edu) +# $Id$ +# general settings +[General] + +# number of simultaneous connections allowed +No-Simultaneous-Conn=10 + +# log connections and other information to syslog? 1: on, 0: off +Log=1 + +# be verbose on the console? 1: on, 0: off +Verbose=0 + +# store pid file +#PIDfile=/var/run/nylon.pid + +# server settings +[Server] + +# interface to listen to connections +#Binding-Interface=fxp1 + +# interface to bind outgoing connections to +#Connecting-Interface=fxp0 + +# listening port to bind to +Port=1080 + +# allowed is processed first, then deny + +# allowable connect ips/ranges +#Allow-IP=141.0.0.0/8 127.0.0.1 10.0.0.0/24 +Allow-IP=127.0.0.1/32 +# denied connect ips/ranges +#Deny-IP=10.0.0.0/24 diff --git a/net-proxy/nylon/files/nylon.init b/net-proxy/nylon/files/nylon.init new file mode 100644 index 000000000000..20a96da58b93 --- /dev/null +++ b/net-proxy/nylon/files/nylon.init @@ -0,0 +1,23 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +start() { + ebegin "Starting Nylon" + start-stop-daemon --start --quiet --pidfile /var/run/nylon.pid \ + --startas /usr/bin/nylon + eend $? +} + +stop() { + ebegin "Stopping Nylon" + start-stop-daemon --stop --quiet --pidfile /var/run/nylon.pid + eend $? +} + + diff --git a/net-proxy/nylon/metadata.xml b/net-proxy/nylon/metadata.xml new file mode 100644 index 000000000000..ee6d311bbe07 --- /dev/null +++ b/net-proxy/nylon/metadata.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>nylon is a proxy server, developed on OpenBSD. It supports SOCKS version 4 and 5, +as well as a mirror mode so that services can be mirrored directly.</longdescription> +</pkgmetadata> diff --git a/net-proxy/nylon/nylon-1.21-r1.ebuild b/net-proxy/nylon/nylon-1.21-r1.ebuild new file mode 100644 index 000000000000..f0c4072676d6 --- /dev/null +++ b/net-proxy/nylon/nylon-1.21-r1.ebuild @@ -0,0 +1,34 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 +inherit autotools eutils + +DESCRIPTION="A lightweight SOCKS proxy server" +HOMEPAGE="http://monkey.org/~marius/nylon/" +SRC_URI="http://monkey.org/~marius/nylon/${P}.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc ppc64 ~sparc x86" +IUSE="" + +RDEPEND=">=dev-libs/libevent-0.6" +DEPEND=" + ${RDEPEND} + virtual/pkgconfig +" + +DOCS=( README THANKS ) + +src_prepare() { + epatch "${FILESDIR}"/${P}-libevent.patch + eautoreconf +} + +src_install() { + default + insinto /etc ; doins "${FILESDIR}/nylon.conf" + newinitd "${FILESDIR}/nylon.init" nylond +} diff --git a/net-proxy/obfsproxy/Manifest b/net-proxy/obfsproxy/Manifest new file mode 100644 index 000000000000..48f61f1b7507 --- /dev/null +++ b/net-proxy/obfsproxy/Manifest @@ -0,0 +1,3 @@ +DIST obfsproxy-0.2.11.tar.gz 92478 SHA256 121a0e5869e5233e3130ab8355f9cda94bb366e845556cb03b5beb63fb26cb94 SHA512 305667c8a9d7050a8a2eb5e9d889607e25b4a1adf116bb7d1c078285f6e43b734c7e39d505993a3d7389ae2316b2ac026b89ee86a429599682fbd6335e4d21fd WHIRLPOOL ce205ea7179c82c4475cfcd509a57f832c9abcf14720924b744cf5e085d61dc162e905a42d1d0a8406c24ac5fdb34ac3691d5f992589c8f65b4cafd2eb10e767 +DIST obfsproxy-0.2.12.tar.gz 92513 SHA256 419a5b0ac138ea46e62a5bcfcf173d3346d2b8d5feb8d07c0616278e2aa74527 SHA512 fd4cb967200b188607327dda612ff5f6c59ccf18852b8229077c56e0b32696d6bedb26a89dbfbf2ea88f5d315500e94c88df14e530cb09f7df6838468f074058 WHIRLPOOL f711ab624dd410d8c114a8f565597db9ba3a493d41259c7e4fe7daaf59c7e0ae6ede27e090172bd3e31eb879f5123e3737849fded6b975db1131c7920ffecf1a +DIST obfsproxy-0.2.13.tar.gz 93435 SHA256 1e26c2faef1cfcf856ddf60e9647058a7c78fb0d47f05b58a0f847ed7cc41a66 SHA512 1ed4a70e932a71224f731f3bb5510e4d6ddc58e07ff7205bb9e627fd2848fd28d2c23c9b4c8813c2e7dd1b5c1713c09a23754966f2c60bd359028568e1de655b WHIRLPOOL 2ac34f5f495703df3fa3f44db33ab5f02fd7de609ec37e00e32360a1084f4abaf6860736a1a2c225f742349f03d374224f4e155ef8f6e9e93462fcf211e2638a diff --git a/net-proxy/obfsproxy/files/obfsproxy-0.2.8-remove-argparse.patch b/net-proxy/obfsproxy/files/obfsproxy-0.2.8-remove-argparse.patch new file mode 100644 index 000000000000..9c5051667669 --- /dev/null +++ b/net-proxy/obfsproxy/files/obfsproxy-0.2.8-remove-argparse.patch @@ -0,0 +1,11 @@ +diff -Naur obfsproxy-0.2.8.orig/setup.py obfsproxy-0.2.8/setup.py +--- obfsproxy-0.2.8.orig/setup.py 2014-03-27 13:24:39.000000000 -0400 ++++ obfsproxy-0.2.8/setup.py 2014-03-29 15:10:05.063283282 -0400 +@@ -32,7 +32,6 @@ + 'setuptools', + 'PyCrypto', + 'Twisted', +- 'argparse', + 'pyptlib >= 0.0.5', + 'pyyaml' + ], diff --git a/net-proxy/obfsproxy/files/obfsproxy-0.2.9-remove-argparse.patch b/net-proxy/obfsproxy/files/obfsproxy-0.2.9-remove-argparse.patch new file mode 100644 index 000000000000..ef3d28ecf75c --- /dev/null +++ b/net-proxy/obfsproxy/files/obfsproxy-0.2.9-remove-argparse.patch @@ -0,0 +1,11 @@ +diff -Naur obfsproxy-0.2.9.orig/setup.py obfsproxy-0.2.9/setup.py +--- obfsproxy-0.2.9.orig/setup.py 2014-05-01 14:37:27.000000000 -0400 ++++ obfsproxy-0.2.9/setup.py 2014-05-02 09:28:37.278675261 -0400 +@@ -32,7 +32,6 @@ + 'setuptools', + 'PyCrypto', + 'Twisted', +- 'argparse', + 'pyptlib >= 0.0.6', + 'pyyaml' + ], diff --git a/net-proxy/obfsproxy/files/obfsproxy.confd b/net-proxy/obfsproxy/files/obfsproxy.confd new file mode 100644 index 000000000000..f86d648c9ab8 --- /dev/null +++ b/net-proxy/obfsproxy/files/obfsproxy.confd @@ -0,0 +1,45 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +# protocols ofbsproxy will obfuscate = obfs2 | dummy +PROTOCOL="obfs2" + +#options for PROTOCOLE="dummy" +# dummy <mode> <listen_address> [<target_address>] +# mode ~ server|client|socks +# listen_address, target_address ~ host:port +# target_address is required for server and client mode, and forbidden for socks mode. +# Examples: +# obfsproxy dummy socks 127.0.0.1:5000 +# obfsproxy dummy client 127.0.0.1:5000 192.168.1.99:11253 +# obfsproxy dummy server 192.168.1.99:11253 127.0.0.1:9005 + +#MODE="socks" +#LISTEN="127.0.0.1:5000" +#TARGET="127.0.0.1:9005" + + +#options for PROTOCOL="obfs2" +# obfs2 [obfs2_args] obfs2_opts +# 'obfs2_opts': +# mode ~ server|client|socks +# listen address ~ host:port +# 'obfs2_args': +# Destination Address ~ --dest=host:port +# Shared Secret ~ --shared-secret=<secret> +# Example: +# obfsproxy obfs2 --dest=127.0.0.1:666 --shared-secret=himitsu server 127.0.0.1:1026 + +MODE="server" +DESTINATION="127.0.0.1:666" +SECRET="changeme" +LISTEN="127.0.0.1:1026" + +#Logging +# --log-file=<file> ~ set logfile +# --log-min-severity=warn|notice|info|debug ~ set minimum logging severity (default: notice) +# --no-log ~ disable logging +# --no-safe-logging ~ disable safe (scrubbed address) logging + +LOGGING="--log-file=/var/log/obfsproxy.log --log-min-severity=warn" diff --git a/net-proxy/obfsproxy/files/obfsproxy.initd b/net-proxy/obfsproxy/files/obfsproxy.initd new file mode 100644 index 000000000000..fbdf6fc8f148 --- /dev/null +++ b/net-proxy/obfsproxy/files/obfsproxy.initd @@ -0,0 +1,58 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +PIDFILE="/var/run/obfsproxy.pid" +DAEMON="/usr/bin/obfsproxy" + +depend() { + need net +} + +checkconfig() { + [[ "x${PROTOCOL}" = "x" ]] \ + && eerror "PROTOCOL not given" && return 1 + [[ "x${MODE}" = "x" ]] \ + && eerror "MODE not given" && return 1 + if [ ${PROTOCOL} = "dummy" ] ; then + [[ "x${LISTEN}" = "x" ]] \ + && eerror "No listen address was given" && return 1 + [[ "x${MODE}" = "xserver" && "x${TARGET}" = "x" ]] \ + && eerror "MODE=server but no target address was given" && return 1 + [[ "x${MODE}" = "xsocks" && "x${TARGET}" != "x" ]] \ + && eerror "MODE=sock but a target address was given" && return 1 + CMDLINE="${LOGGING} ${PROTOCOL} ${MODE} ${LISTEN} ${TARGET}" + elif [ ${PROTOCOL} = "obfs2" ] ; then + [[ "x${MODE}" = "xsocks" && "x${DESTINATION}" != "x" ]] \ + && eerror "MODE=sock but a destination address was given" && return 1 + [[ "x${LISTEN}" = "x" ]] \ + && eerror "LISTEN host:port was not given" && return 1 + [[ "x${DESTINATION}" != "x" ]] \ + && DESTINATION="--dest=${DESTINATION}" + [[ "x${SECRET}" != "x" ]] \ + && SECRET="--shared-secret=${SECRET}" + CMDLINE="${LOGGING} ${PROTOCOL} ${DESTINATION} ${SECRET} ${MODE} ${LISTEN}" + else + eerror "Unknown protocol ${PROTOCOL}" + return 1 + fi + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Starting obfsproxy server" + start-stop-daemon --start \ + --background --make-pidfile --pidfile ${PIDFILE} \ + --exec ${DAEMON} -- ${CMDLINE} + eend $? +} + +stop() { + ebegin "Stopping obfsproxy server" + start-stop-daemon --stop \ + --pidfile ${PIDFILE} \ + --exec ${DAEMON} + eend $? +} diff --git a/net-proxy/obfsproxy/metadata.xml b/net-proxy/obfsproxy/metadata.xml new file mode 100644 index 000000000000..6a0f62fd3235 --- /dev/null +++ b/net-proxy/obfsproxy/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>blueness@gentoo.org</email> + <name>Anthony G. Basile</name> + </maintainer> + <upstream> + <remote-id type="pypi">obfsproxy</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/obfsproxy/obfsproxy-0.2.11.ebuild b/net-proxy/obfsproxy/obfsproxy-0.2.11.ebuild new file mode 100644 index 000000000000..d212f2c34ff2 --- /dev/null +++ b/net-proxy/obfsproxy/obfsproxy-0.2.11.ebuild @@ -0,0 +1,27 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 + +DESCRIPTION="An obfuscating proxy using Tor's pluggable transport protocol" +HOMEPAGE="https://www.torproject.org/projects/obfsproxy.html" +SRC_URI="mirror://pypi/o/${PN}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~mips ~x86" + +DOCS=( ChangeLog INSTALL README TODO doc/HOWTO.txt ) + +DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" + +RDEPEND=">=dev-python/pyptlib-0.0.6[${PYTHON_USEDEP}] + >=dev-python/pycrypto-2.6-r2[${PYTHON_USEDEP}] + dev-python/twisted-core[${PYTHON_USEDEP}] + dev-python/pyyaml[${PYTHON_USEDEP}]" + +PATCHES=( "${FILESDIR}"/${PN}-0.2.9-remove-argparse.patch ) diff --git a/net-proxy/obfsproxy/obfsproxy-0.2.12.ebuild b/net-proxy/obfsproxy/obfsproxy-0.2.12.ebuild new file mode 100644 index 000000000000..d212f2c34ff2 --- /dev/null +++ b/net-proxy/obfsproxy/obfsproxy-0.2.12.ebuild @@ -0,0 +1,27 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 + +DESCRIPTION="An obfuscating proxy using Tor's pluggable transport protocol" +HOMEPAGE="https://www.torproject.org/projects/obfsproxy.html" +SRC_URI="mirror://pypi/o/${PN}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~mips ~x86" + +DOCS=( ChangeLog INSTALL README TODO doc/HOWTO.txt ) + +DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" + +RDEPEND=">=dev-python/pyptlib-0.0.6[${PYTHON_USEDEP}] + >=dev-python/pycrypto-2.6-r2[${PYTHON_USEDEP}] + dev-python/twisted-core[${PYTHON_USEDEP}] + dev-python/pyyaml[${PYTHON_USEDEP}]" + +PATCHES=( "${FILESDIR}"/${PN}-0.2.9-remove-argparse.patch ) diff --git a/net-proxy/obfsproxy/obfsproxy-0.2.13.ebuild b/net-proxy/obfsproxy/obfsproxy-0.2.13.ebuild new file mode 100644 index 000000000000..d212f2c34ff2 --- /dev/null +++ b/net-proxy/obfsproxy/obfsproxy-0.2.13.ebuild @@ -0,0 +1,27 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" +PYTHON_COMPAT=( python2_7 ) + +inherit distutils-r1 + +DESCRIPTION="An obfuscating proxy using Tor's pluggable transport protocol" +HOMEPAGE="https://www.torproject.org/projects/obfsproxy.html" +SRC_URI="mirror://pypi/o/${PN}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~mips ~x86" + +DOCS=( ChangeLog INSTALL README TODO doc/HOWTO.txt ) + +DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]" + +RDEPEND=">=dev-python/pyptlib-0.0.6[${PYTHON_USEDEP}] + >=dev-python/pycrypto-2.6-r2[${PYTHON_USEDEP}] + dev-python/twisted-core[${PYTHON_USEDEP}] + dev-python/pyyaml[${PYTHON_USEDEP}]" + +PATCHES=( "${FILESDIR}"/${PN}-0.2.9-remove-argparse.patch ) diff --git a/net-proxy/oops/Manifest b/net-proxy/oops/Manifest new file mode 100644 index 000000000000..112ff567b3b7 --- /dev/null +++ b/net-proxy/oops/Manifest @@ -0,0 +1,2 @@ +DIST oops-1.5.23.tar.gz 473290 SHA256 b9ab7c0b5b11de7944f098d6f99158fe1b9c3b9cf82fe7827685c6cec8ccfa04 SHA512 5d33b19d6a48f3b38cffe7eb17ef0b0a00cc92cb1608a05f196ec747df51e318e8f0a82d1f0c2e254c16a7d97f640ed8bf30be62994f3b81d5ebd3cdc6358be3 WHIRLPOOL d2d9d1da409e91beb5e7761285b360dce3824f3defacc3c7f10305617bcdbd9e8807be645e74c268f4b8126ff330a7c49936ced06247c3bdc2190f8d194b4710 +DIST oops-1.5.24_pre20050503.patch.gz 101103 SHA256 954e59d046096867a8e818bf47190ab06c8416abb80d151757825a664192aded SHA512 230fede3d76ebd35f404055605381555707aed4d3fdf53e5e5074c66500b55360e7546c3faa54466791f485a89e359c3e5576162eef6c17ca49c1006ebfddb0a WHIRLPOOL 6ae6284393ed53d3d083af6abca2b7a5cb2c80d0c02838f5d518f02de12a13122900e2dbe62532953bdd839430d94523d28a8abf555e463d25a807a75f692cff diff --git a/net-proxy/oops/files/implicit-decl.patch b/net-proxy/oops/files/implicit-decl.patch new file mode 100644 index 000000000000..767814dd6a82 --- /dev/null +++ b/net-proxy/oops/files/implicit-decl.patch @@ -0,0 +1,9 @@ +diff -Nru oops-1.5.23.orig/src/hash.c oops-1.5.23/src/hash.c +--- oops-1.5.23.orig/src/hash.c 2001-01-28 14:34:43.000000000 +0200 ++++ oops-1.5.23/src/hash.c 2007-04-11 14:19:26.000000000 +0300 +@@ -1,4 +1,5 @@ + #include <stdio.h> ++#include <string.h> + #include <strings.h> + #include "hash.h" + diff --git a/net-proxy/oops/files/libpcreposix.patch b/net-proxy/oops/files/libpcreposix.patch new file mode 100644 index 000000000000..1648ecabb152 --- /dev/null +++ b/net-proxy/oops/files/libpcreposix.patch @@ -0,0 +1,19 @@ +diff -Nru oops-1.5.23.orig/configure.in oops-1.5.23/configure.in +--- oops-1.5.23.orig/configure.in 2007-11-20 22:47:27.000000000 +0200 ++++ oops-1.5.23/configure.in 2007-11-20 22:58:42.000000000 +0200 +@@ -454,14 +454,7 @@ + AC_DEFINE(REGEX_H, <regex.h>) + ;; + pcre) +- if test -r "/usr/lib/libpcreposix.a" -a -r "/usr/lib/libpcre.a"; then +- LIBS="$LIBS /usr/lib/libpcreposix.a /usr/lib/libpcre.a" +- elif test -r "/usr/local/lib/libpcreposix.a" -a -r "/usr/local/lib/libpcre.a"; then +- LIBS="$LIBS /usr/local/lib/libpcreposix.a /usr/local/lib/libpcre.a" +- fi +- if test "X`echo $CFLAGS | grep '\-I/usr/local/include'`" = "X"; then +- CFLAGS="$CFLAGS -I/usr/local/include" +- fi ++ LIBS="$LIBS -lpcreposix" + AC_DEFINE(REGEX_H, <pcreposix.h>) + ;; + builtin) diff --git a/net-proxy/oops/files/modules-as-needed.patch b/net-proxy/oops/files/modules-as-needed.patch new file mode 100644 index 000000000000..41703cd389ee --- /dev/null +++ b/net-proxy/oops/files/modules-as-needed.patch @@ -0,0 +1,17 @@ +diff -Nru src/modules.orig/Makefile.in src/modules/Makefile.in +--- src/modules.orig/Makefile.in 2006-05-20 01:28:11.000000000 +0300 ++++ src/modules/Makefile.in 2006-05-20 01:29:11.827604500 +0300 +@@ -110,11 +110,11 @@ + + passwd_pgsql.so: passwd_sql.c ../modules.h ../oops.h + ${CC} ${CFLAGS} ${CDEFS} -D__PGSQL -c passwd_sql.c -o passwd_pgsql.o +- ${LD} $(SOFLAGS) $(LDFLAGS) $(LIBS) -o passwd_pgsql.so passwd_pgsql.o $(PGSQL_LIB) ++ ${LD} $(SOFLAGS) $(LDFLAGS) -o passwd_pgsql.so passwd_pgsql.o $(LIBS) $(PGSQL_LIB) + + passwd_mysql.so: passwd_sql.c ../modules.h ../oops.h + ${CC} ${CFLAGS} ${CDEFS} -D__MYSQL -c passwd_sql.c -o passwd_mysql.o +- ${LD} $(SOFLAGS) $(LDFLAGS) $(LIBS) -o passwd_mysql.so passwd_mysql.o $(MYSQL_LIB) ++ ${LD} $(SOFLAGS) $(LDFLAGS) -o passwd_mysql.so passwd_mysql.o $(LIBS) $(MYSQL_LIB) + + passwd_pgsql.o: passwd_sql.c ../modules.h ../oops.h + ${CC} ${CFLAGS} ${CDEFS} -D__PGSQL -c passwd_sql.c -o passwd_pgsql.o diff --git a/net-proxy/oops/files/oops-1.5.24-pthread-rwlock.patch b/net-proxy/oops/files/oops-1.5.24-pthread-rwlock.patch new file mode 100644 index 000000000000..2606af7330d5 --- /dev/null +++ b/net-proxy/oops/files/oops-1.5.24-pthread-rwlock.patch @@ -0,0 +1,30 @@ +diff -Nru oops-1.5.23.orig/src/lib/rwlock/rwlock.c oops-1.5.23/src/lib/rwlock/rwlock.c +--- oops-1.5.23.orig/src/lib/rwlock/rwlock.c 2000-11-29 19:03:35.000000000 +0200 ++++ oops-1.5.23/src/lib/rwlock/rwlock.c 2006-09-06 00:30:36.000000000 +0300 +@@ -53,6 +53,8 @@ + #include <pthread.h> + #include "rwlock.h" + ++#if defined(OOPS_IMPLEMENT_RWLOCK) ++ + /* maximum number of times a read lock may be obtained */ + #define MAX_READ_LOCKS (INT_MAX - 1) + +@@ -375,4 +377,6 @@ + return(0); + } + ++#endif /* defined(OOPS_IMPLEMENT_RWLOCK) */ ++ + #endif /* _THREAD_SAFE || _PTHREADS || _REENTRANT */ +diff -Nru oops-1.5.23.orig/src/lib/rwlock/rwlock.h oops-1.5.23/src/lib/rwlock/rwlock.h +--- oops-1.5.23.orig/src/lib/rwlock/rwlock.h 2003-10-06 17:15:40.000000000 +0300 ++++ oops-1.5.23/src/lib/rwlock/rwlock.h 2006-09-06 00:29:46.000000000 +0300 +@@ -53,6 +53,7 @@ + + #if !defined(PTHREAD_RWLOCK_INITIALIZER) + #define PTHREAD_RWLOCK_INITIALIZER NULL ++#define OOPS_IMPLEMENT_RWLOCK 1 + + struct pthread_rwlock { + pthread_mutex_t lock; /* monitor lock */ diff --git a/net-proxy/oops/files/oops-1.5.24-respect-flags.patch b/net-proxy/oops/files/oops-1.5.24-respect-flags.patch new file mode 100644 index 000000000000..67c814aea2f2 --- /dev/null +++ b/net-proxy/oops/files/oops-1.5.24-respect-flags.patch @@ -0,0 +1,352 @@ +diff --git a/configure.in b/configure.in +index 0b9ac65..a68d7c1 100644 +--- a/configure.in ++++ b/configure.in +@@ -204,8 +204,6 @@ tm.__tm_gmtoff__ = tm.__tm_gmtoff__*2; + AC_DEFINE(HAVE__GMTOFF__) AC_MSG_RESULT(yes) + ],[AC_MSG_RESULT(no)]) + +-LD=ld +- + ## + ## + ## +@@ -309,18 +307,18 @@ CXXCOMPFLAGS=-c + CXXSOFLAGS=$SOFLAGS + + case "$host_os" in +-irix*) CFLAGS="-D_SGI_MP_SOURCE" ++irix*) EXTCFLAGS+="-D_SGI_MP_SOURCE" + ;; +-osf*) CFLAGS="$CFLAGS -D_REENTRANT -DOSF" ++osf*) EXTCFLAGS+="$CFLAGS -D_REENTRANT -DOSF" + LIBS="-oldstyle_liblookup -lpthread $LIBS" + + ;; +-freebsd*) CFLAGS="$CFLAGS -D_REENTRANT -DFREEBSD -D_THREAD_SAFE -DFD_SETSIZE=2048 -I." ++freebsd*) EXTCFLAGS+="$CFLAGS -D_REENTRANT -DFREEBSD -D_THREAD_SAFE -DFD_SETSIZE=2048 -I." + CXXSOFLAGS="-shared" + LIBS="$LEXLIB $LIBS" + if test "$large_files" = "yes" ; then + ## FreeBSD need no any special flags for 64bit files +- CFLAGS="$CFLAGS -DWITH_LARGE_FILES" ++ EXTCFLAGS+=" -DWITH_LARGE_FILES" + fi + if test "X$LIBGB_NAME" != "X" ; then + LIBGB_NAME="$LIBGB_NAME -lstdc++" +@@ -328,39 +326,38 @@ freebsd*) CFLAGS="$CFLAGS -D_REENTRANT -DFREEBSD -D_THREAD_SAFE -DFD_SETSIZE=204 + rel=`uname -r` + case "$rel" in + 4*) +- CFLAGS="$CFLAGS -pthread" ++ EXTCFLAGS+=" -pthread" + ;; + 5*) + LIBS="-lc_r $LEXLIB $LIBS" + ;; + *) +- CFLAGS="$CFLAGS -pthread" ++ EXTCFLAGS+=" -pthread" + LIBS="-lc_r $LEXLIB $LIBS" + ;; + esac + RPATH_OPTION="-rpath" + ;; +-bsdi*) CFLAGS="$CFLAGS -pthread -DBSDOS" ++bsdi*) EXTCFLAGS+=" -pthread -DBSDOS" + rel=`uname -r` + case "$rel" in + 4*) +- CFLAGS="$CFLAGS -pthread" ++ EXTCFLAGS+=" -pthread" + ;; + 5*) + LIBS="-lc_r $LEXLIB $LIBS" + ;; + *) +- CFLAGS="$CFLAGS -pthread" ++ EXTCFLAGS+=" -pthread" + LIBS="-lc_r $LEXLIB $LIBS" + ;; + esac + LIBS="$LEXLIB $LIBS" + CXX=g++ + ;; +-gnu*|linux*) CFLAGS="$CFLAGS -D_REENTRANT -DLINUX" +- CXX=g++ ++gnu*|linux*) EXTCFLAGS+=" -D_REENTRANT -DLINUX" + if test "$pthread_in" = "pthreads" ; then +- CFLAGS="$CFLAGS -D_MIT_POSIX_THREADS" ++ EXTCFLAGS+=" -D_MIT_POSIX_THREADS" + LIBS="-lpthreads $LEXLIB -ldb $LIBS" + echo Probably you have MIT-threads. If yes, swich to LinuxThreads. + else +@@ -369,11 +366,11 @@ gnu*|linux*) CFLAGS="$CFLAGS -D_REENTRANT -DLINUX" + if test "$large_files" = "yes" ; then + ## Linux ext2fs does'nt support large files yet. + AC_MSG_RESULT(Warning: Linux ext2fs doesn't support large files.) +- CFLAGS="$CFLAGS -DWITH_LARGE_FILES -D_FILE_OFFSET_BITS=64 -D__USE_LARGEFILE64 -D__USE_FILE_OFFSET64" ++ EXTCFLAGS+=" -DWITH_LARGE_FILES -D_FILE_OFFSET_BITS=64 -D__USE_LARGEFILE64 -D__USE_FILE_OFFSET64" + fi + RPATH_OPTION="-rpath" + ;; +-solaris*) CFLAGS="$CFLAGS -D_REENTRANT -DSOLARIS" ++solaris*) EXTCFLAGS="$CFLAGS -D_REENTRANT -DSOLARIS" + if test "X$LIBDB_REAL_PATH" != "X" ; then + LIBDB_NAME="-R$LIBDB_REAL_PATH $LIBDB_NAME" + fi +@@ -390,7 +387,7 @@ solaris*) CFLAGS="$CFLAGS -D_REENTRANT -DSOLARIS" + LIBGB_NAME="$LIBGB_NAME -lstdc++" + fi + ;; +- *) CFLAGS="$CFLAGS -mt" ++ *) EXTCFLAGS+="-mt" + SUNPRO_CC_VER=`CC -V 2>&1 | sed 's/.*C++ //' | sed 's/\..*//'` + if test "$SUNPRO_CC_VER" = "5" ; then + CXX="CC -compat=4 -w -fast -xO3 -DNO_MEMBER_TEMPLATES=1" +@@ -407,14 +404,14 @@ solaris*) CFLAGS="$CFLAGS -D_REENTRANT -DSOLARIS" + ;; + esac + if test "$large_files" = "yes" ; then +- CFLAGS="$CFLAGS -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DWITH_LARGE_FILES" ++ EXTCFLAGS=" -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DWITH_LARGE_FILES" + fi + ;; + aix4*) AC_DEFINE(MODULES) + LIBS="$LIBS -ldl $LEXLIB" + SOFLAGS=-G + case "$CC" in +- gcc*) CFLAGS="-D_THREAD_SAFE $CFLAGS" ++ gcc*) EXTCFLAGS+=" -D_THREAD_SAFE $CFLAGS" + CXX=g++ + LIBS="$LIBS -lpthreads -lc_r" + ;; +@@ -424,7 +421,7 @@ aix4*) AC_DEFINE(MODULES) + ;; + esac + if test "$large_files" = "yes" ; then +- CFLAGS="$CFLAGS -D_LARGE_FILES -D_LARGE_FILE_API -DWITH_LARGE_FILES" ++ EXTCFLAGS+=" -D_LARGE_FILES -D_LARGE_FILE_API -DWITH_LARGE_FILES" + fi + ;; + esac +@@ -432,14 +429,14 @@ esac + if test "X$MYSQL_PATH" != "X" ; then + LIBS="-L$MYSQL_PATH/lib -lmysqlclient $LIBS" + AC_DEFINE(HAVE_MYSQL) +- CFLAGS="$CFLAGS -I$MYSQL_PATH/include" ++ CFLAGS+=" -I$MYSQL_PATH/include" + MYSQL_LIB="-L$MYSQL_PATH/lib -lmysqlclient" + fi + + if test "X$PGSQL_PATH" != "X" ; then + LIBS="$LIBS -L$PGSQL_PATH/lib -lpg" + AC_DEFINE(HAVE_PGSQL) +- CFLAGS="-I$PGSQL_PATH/include $LIBS" ++ CFLAGS+="-I$PGSQL_PATH/include $LIBS" + PGSQL_LIB="-L$PGSQL_PATH/lib -lpg" + fi + +@@ -601,7 +598,7 @@ if test "X$LIBDB_PATH" != "X" ; then + esac + fi + +-CFLAGS="$CFLAGS $LIBDB_INCL" ++EXTCFLAGS+=" $LIBDB_INCL" + + AC_MSG_CHECKING(for GigaBASE) + if test "$LIBGB_PATH" = "no" ; then +@@ -653,7 +650,7 @@ elif test -r "/usr/local/lib/libz.a"; then + AC_DEFINE(HAVE_ZLIB) + AC_MSG_RESULT(/usr/local/lib/libz.a) + if test "X`echo $CFLAGS | grep '\-I/usr/local/include'`" = "X"; then +- CFLAGS="$CFLAGS -I/usr/local/include" ++ EXTCFLAGS+=" -I/usr/local/include" + fi + elif test -r "/usr/lib/libz.a"; then + LIBZ_NAME="/usr/lib/libz.a" +@@ -689,7 +686,7 @@ EOF + res=`./confmain` + fi + if test "$res" = "yes"; then +- CFLAGS="$CFLAGS -export-dynamic" ++ EXTCFLAGS+=" -export-dynamic" + AC_MSG_RESULT(yes) + else + AC_MSG_RESULT(no) +@@ -698,7 +695,7 @@ fi + rm -f confmain* + + echo $CC +-echo $CFLAGS ++echo $EXTCFLAGS + echo $LIBS + + if test "${enable_oops_user+set}" != set; then +@@ -728,8 +725,6 @@ AC_SUBST(MOD_EXT) + AC_SUBST(OPT_MODS) + AC_SUBST(STATIC_MODULES) + AC_SUBST(CHOWN) +-AC_SUBST(LD) +-AC_SUBST(LDFLAGS) + AC_SUBST(VER) + AC_SUBST(LIBGB_PATH) + AC_SUBST(LIBGB_NAME) +@@ -795,6 +790,7 @@ AC_SUBST(LIBDB_INCL) + AC_SUBST(LIBZ_NAME) + AC_SUBST(EXTRASRC) + AC_SUBST(EXTLDFLAGS) ++AC_SUBST(EXTCFLAGS) + + AC_DEFINE_UNQUOTED(OOPS_HOME, "$oops_prefix/oops") + AC_DEFINE_UNQUOTED(OOPS_SBINDIR, "$oops_sbindir") +diff --git a/src/Makefile.in b/src/Makefile.in +index b366c2f..0ac6aff 100644 +--- a/src/Makefile.in ++++ b/src/Makefile.in +@@ -1,6 +1,4 @@ +-CC = @CC@ +-CXX = @CXX@ +-LDFLAGS = @LDFLAGS@ ++EXTCFLAGS = @EXTCFLAGS@ + EXTLDFLAGS = @EXTLDFLAGS@ + INSTALL = @INSTALL@ @SETOWNER@ + INSTALL_DATA = @INSTALL@ -m 644 @SETOWNER@ +@@ -29,13 +27,13 @@ EXTRAOBJS = $(EXTRASRC:.c=.o) + + #CFLAGS = -Wall -ggdb -D_REENTRANT -D_POSIX_PTHREADS_SEMANTICS + +-CFLAGS = @CFLAGS@ -fPIE @DEFS@ ++CFLAGS += -fPIE @DEFS@ + + VER=@VER@ + OOPSPATH=@prefix@/oops + + .c.o: +- ${CC} -c ${CFLAGS} ${CDEFS} $< ++ ${CC} -c ${CFLAGS} ${EXTCFLAGS} ${CDEFS} $< + + all: extras modules oops + +@@ -45,7 +43,7 @@ modules:: + cd modules; $(MAKE) + + oops: ${OBJS} +- ${CXX} ${CFLAGS} ${OBJS} ${EXTLDFLAGS} ${LIBGB_PATH} ${LIBGB_NAME} ${OOPS_LIBS} ${LIBZ_NAME} ${OOPS_RPATH} -o oops ++ ${CXX} ${CFLAGS} ${EXTCFLAGS} ${OBJS} ${EXTLDFLAGS} ${LIBGB_PATH} ${LIBGB_NAME} ${OOPS_LIBS} ${LIBZ_NAME} ${OOPS_RPATH} -o oops + + mkinstalldirs: + ../mkinstalldirs ${OOPSPATH} \ +@@ -150,7 +148,7 @@ version.h: version + echo "#define VERSION \""`cat version`"\""> version.h + + lex.yy.o: lex.yy.c y.tab.h oops.h +- ${CC} ${CFLAGS} ${CDEFS} -c lex.yy.c ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} -c lex.yy.c + + lex.yy.c: parser.l + @LEX@ parser.l +@@ -159,13 +157,13 @@ y.tab.c: parser.y + @YACC@ -d parser.y + + y.tab.o: y.tab.c oops.h +- ${CC} ${CFLAGS} ${CDEFS} -c y.tab.c ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} -c y.tab.c + + malloc.o: malloc.c +- ${CC} ${CFLAGS} ${CDEFS} -DEBUG -c malloc.c ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} -DEBUG -c malloc.c + + gnu_regex.o: gnu_regex.c +- ${CC} ${CFLAGS} -DREGEX -c gnu_regex.c ++ ${CC} ${CFLAGS} ${EXTCFLAGS} -DREGEX -c gnu_regex.c + + clean: + rm -f *o lex.yy.c y.tab.[ch] version.h oops DEADJOE +diff --git a/src/modules/Makefile.in b/src/modules/Makefile.in +index d8e3c50..60c6b73 100644 +--- a/src/modules/Makefile.in ++++ b/src/modules/Makefile.in +@@ -1,9 +1,4 @@ +-CC = @CC@ +-CXX = @CXX@ + LIBS = @LIBS@ +-CFLAGS = @CFLAGS@ -fPIC @DEFS@ +-LDFLAGS = @LDFLAGS@ +-LD = @LD@ + SOFLAGS = @SOFLAGS@ + OPT_MODS = @OPT_MODS@ + CXXCOMPFLAGS = @LIBGB_INCL@ @CXXCOMPFLAGS@ +@@ -15,27 +10,30 @@ LIBDB_NAME = @LIBDB_NAME@ + MYSQL_LIB = @MYSQL_LIB@ + PGSQL_LIB = @PGSQL_LIB@ + EXTRASRC = @EXTRASRC@ ++EXTCFLAGS = @EXTCFLAGS@ ++ ++CFLAGS += -fPIC @DEFS@ + + .SUFFIXES: .c .cpp .o .so + + EXTRAOBJS = $(EXTRASRC:%c=../%o) + + .c.o: +- ${CC} ${CFLAGS} ${LIBDB_INCL} ${CDEFS} -c $< ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${LIBDB_INCL} ${CDEFS} -c $< + # + .o.so: + ${LD} $(SOFLAGS) $(LDFLAGS) -o $@ $< $(LIBS) + + .c.so: +- ${CC} ${CFLAGS} ${LIBDB_INCL} ${SOFLAGS} ${CDEFS} -c $< ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${LIBDB_INCL} ${SOFLAGS} ${CDEFS} -c $< + ${LD} $(SOFLAGS) $(LDFLAGS) -o $@ $(<:.c=.o) $(LIBS) + + .cpp.o: +- ${CXX} ${CFLAGS} ${SOFLAGS} ${CDEFS} $(CXXCOMPFLAGS) $< -o $*.a ++ ${CXX} ${CFLAGS} ${EXTCFLAGS} ${SOFLAGS} ${CDEFS} $(CXXCOMPFLAGS) $< -o $*.a + mv $*.a $*.o + + .cpp.so: +- ${CXX} ${CFLAGS} ${CXXSOFLAGS} ${CDEFS} $< @LIBGB_PATH@ @LIBGB_NAME@ $(LIBS) -o $@ ++ ${CXX} ${CFLAGS} ${EXTCFLAGS} ${CXXSOFLAGS} ${CDEFS} $< @LIBGB_PATH@ @LIBGB_NAME@ $(LIBS) -o $@ + + all: log_dummy.@MOD_EXT@ \ + err.@MOD_EXT@ \ +@@ -97,30 +95,30 @@ custom_log.@MOD_EXT@: custom_log.c ../modules.h ../oops.h + #berkeley_db_api.@MOD_EXT@: berkeley_db_api.c ../modules.h ../oops.h + + berkeley_db_api.o: berkeley_db_api.c ../modules.h ../oops.h +- ${CC} ${CFLAGS} ${CDEFS} ${LIBDB_INCL} -c berkeley_db_api.c -o berkeley_db_api.o ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} ${LIBDB_INCL} -c berkeley_db_api.c -o berkeley_db_api.o + + berkeley_db_api.so: berkeley_db_api.c ../modules.h ../oops.h +- ${CC} ${CFLAGS} ${CDEFS} ${LIBDB_INCL} -c berkeley_db_api.c -o berkeley_db_api.o ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} ${LIBDB_INCL} -c berkeley_db_api.c -o berkeley_db_api.o + ${LD} $(SOFLAGS) $(LDFLAGS) -L $(LIBDB_PATH)/lib berkeley_db_api.o -o berkeley_db_api.so $(LIBS) $(LIBDB_NAME) + + gigabase_db_api.@MOD_EXT@: gigabase_db_api.cpp ../modules.h ../oops.h + + oopsctl: oopsctl.c ../modules.h ../config.h ../oops.h +- ${CC} ${CFLAGS} ${CDEFS} oopsctl.c ${EXTRAOBJS} ${LIBS} -o oopsctl ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} oopsctl.c ${EXTRAOBJS} ${LIBS} -o oopsctl + + passwd_pgsql.so: passwd_sql.c ../modules.h ../oops.h +- ${CC} ${CFLAGS} ${CDEFS} -D__PGSQL -c passwd_sql.c -o passwd_pgsql.o ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} -D__PGSQL -c passwd_sql.c -o passwd_pgsql.o + ${LD} $(SOFLAGS) $(LDFLAGS) -o passwd_pgsql.so passwd_pgsql.o $(LIBS) $(PGSQL_LIB) + + passwd_mysql.so: passwd_sql.c ../modules.h ../oops.h +- ${CC} ${CFLAGS} ${CDEFS} -D__MYSQL -c passwd_sql.c -o passwd_mysql.o ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} -D__MYSQL -c passwd_sql.c -o passwd_mysql.o + ${LD} $(SOFLAGS) $(LDFLAGS) -o passwd_mysql.so passwd_mysql.o $(LIBS) $(MYSQL_LIB) + + passwd_pgsql.o: passwd_sql.c ../modules.h ../oops.h +- ${CC} ${CFLAGS} ${CDEFS} -D__PGSQL -c passwd_sql.c -o passwd_pgsql.o ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} -D__PGSQL -c passwd_sql.c -o passwd_pgsql.o + + passwd_mysql.o: passwd_sql.c ../modules.h ../oops.h +- ${CC} ${CFLAGS} ${CDEFS} -D__MYSQL -c passwd_sql.c -o passwd_mysql.o ++ ${CC} ${CFLAGS} ${EXTCFLAGS} ${CDEFS} -D__MYSQL -c passwd_sql.c -o passwd_mysql.o + + + clean: diff --git a/net-proxy/oops/files/oops-1.5.24-textrel.patch b/net-proxy/oops/files/oops-1.5.24-textrel.patch new file mode 100644 index 000000000000..432a86d07435 --- /dev/null +++ b/net-proxy/oops/files/oops-1.5.24-textrel.patch @@ -0,0 +1,24 @@ +diff -Nru oops-1.5.23.orig/src/Makefile.in oops-1.5.23/src/Makefile.in +--- oops-1.5.23.orig/src/Makefile.in 2006-03-06 22:14:53.000000000 +0200 ++++ oops-1.5.23/src/Makefile.in 2006-03-06 22:17:58.954199750 +0200 +@@ -29,7 +29,7 @@ + + #CFLAGS = -Wall -ggdb -D_REENTRANT -D_POSIX_PTHREADS_SEMANTICS + +-CFLAGS = @CFLAGS@ @DEFS@ ++CFLAGS = @CFLAGS@ -fPIE @DEFS@ + + VER=@VER@ + OOPSPATH=@prefix@/oops +diff -Nru oops-1.5.23.orig/src/modules/Makefile.in oops-1.5.23/src/modules/Makefile.in +--- oops-1.5.23.orig/src/modules/Makefile.in 2006-03-06 22:14:52.000000000 +0200 ++++ oops-1.5.23/src/modules/Makefile.in 2006-03-06 22:18:21.967638000 +0200 +@@ -1,7 +1,7 @@ + CC = @CC@ + CXX = @CXX@ + LIBS = @LIBS@ +-CFLAGS = @CFLAGS@ @DEFS@ ++CFLAGS = @CFLAGS@ -fPIC @DEFS@ + LDFLAGS = @LDFLAGS@ + LD = @LD@ + SOFLAGS = @SOFLAGS@ diff --git a/net-proxy/oops/files/oops-1.5.24_pre20050503+db-5.0.patch b/net-proxy/oops/files/oops-1.5.24_pre20050503+db-5.0.patch new file mode 100644 index 000000000000..190944828ee8 --- /dev/null +++ b/net-proxy/oops/files/oops-1.5.24_pre20050503+db-5.0.patch @@ -0,0 +1,13 @@ +Index: oops-1.5.23/src/modules/berkeley_db_api.c +=================================================================== +--- oops-1.5.23.orig/src/modules/berkeley_db_api.c ++++ oops-1.5.23/src/modules/berkeley_db_api.c +@@ -283,7 +283,7 @@ int rc; + dbp->set_bt_compare(dbp, my_bt_compare); + dbp->set_pagesize(dbp, OOPS_DB_PAGE_SIZE); + rc = dbp->open(dbp, +- #if DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR > 0 ++ #if DB_VERSION_MAJOR > 4 || DB_VERSION_MINOR > 0 + NULL, + #endif + dbname, diff --git a/net-proxy/oops/files/oops.cfg b/net-proxy/oops/files/oops.cfg new file mode 100644 index 000000000000..3dc96fad2331 --- /dev/null +++ b/net-proxy/oops/files/oops.cfg @@ -0,0 +1,654 @@ +## +# nameservers. Multiple nameserver entries are allowed. +## + +nameserver 127.0.0.1 + +## +# Ports and address to use for HTTP and ICP +## + +#bind ip_addr|hostname +http_port 3128 +icp_port 3130 + +## +## Change euid to that user +## +## WARNING: if you use userid, then you will not be able to open new sockets on +## reserved (< 1024) ports and will not be able to return to original userid. +## +userid oops + +## +## Change root directory. If don't know exactly what are you doing - +## leave commented. +#chroot ??? + +## +# Logfile - just debug output +# When used in form 'filename [{N S}] [[un]buffered]' +# will be rotated automatically (up to N files up to S bytes in size) +## +logfile /var/log/oops/oops.log +#logfile /usr/oops/logs/oops.log { 3 1m } unbuffered + +## +# Accesslog - the same as for squid. Re rotating - see note for logfile +## +accesslog /var/log/oops/oops.access +#accesslog /usr/oops/logs/access.log + +## +# Pidfile. for kill -1 `cat oops.pid` and for locking. +## +pidfile /var/run/oops/oops.pid + +## +# Statistics file - once per minute flush some statistics to this file +## +statistics /var/log/oops/oops_statfile + +## +# icons - where to find link.gif, dir.gif, binary.gif and so on (for +# ftp lists). If omitted - name of running host will be used. But +# using explicit names is better way. +## + +#icons-host ss5.paco.net +#icons-port 80 +#icons-path icons + +## +# When total object volume in memory grow over this (this mean +# that cachable data from network came faster then we can save on disk) +# drop objects (without attempt to save on disk). +## +mem_max 64m + +## +# Hint, how much cached objects keep in memory. +# When total amount become larger then this limit - start +# swaping cachable objects to disk +## +lo_mark 8m + +## +# start random early drop when number of clients reach some level. +# this can protect you against attacks and against situation when +# oops cant handle too much connections. By default - 0 (or no limits). +## +#start_red 0 + +## +# refuse any connection when number of already connected clients reach some +# level. By default - 0 (or no limits). +## +#refuse_at 0 + +## +# if document contain no Expires: then expire after (in days) +# ftp-expire-value - expire time for ftp (in days) +## +default-expire-value 7 +ftp-expire-value 7 + +## +# Maximum expite time - doc will not keep in cache more then +# this number of days (except if defaiult-expire-value used for this documeny) +## +max-expire-value 30 + +## +# in which proportion time passed since last document modification +# will accounted in expire time. For example, if last-modified-factor=5 +# and there was passed 10 days since document modification, then expiration +# will be setted to 2 days in future (but no nore then max-expire-value) +## +last-modified-factor 5 + +## +# If you want not cache replies without Last-Modified: +# uncomment next line. +## +#dont_cache_without_last_modified + +# run expire every ( in hours ) +## +default-expire-interval 1 + +## +# icp_timeout - how long to wait icp reply from peer (in ms, e.g 1000 = 1sec) +## +icp_timeout 1000 + +## +# start disk cache cleanup when free space will be (in %%) +# As on the very large storages 1% is large space (1% from 9G is +# 90M), then on such storages you can set both disk-low-free and +# disk-ok-free to 0. Oops will start cleanup if it have less then 256 +# free blocks(1M), and stop when it reach 512 bree blocks(2M). +## +disk-low-free 3 + +## +# stop disk cache cleanup when free space will be (in %%) +## +disk-ok-free 5 + +## +# Force_http11 - turn on http/1.1 for each request to document server +# This option required if module 'vary' used. +## +force_http11 + +## +# Always check document freshness, even it is not stale or expired +# This force Oops behave like squid - first check cached doc, then send +## +#always_check_freshness + +## +# If user-requestor aborted connection to proxy, but there was received more +# then some percent ot the document - then continue. +# default value - 75% +## +force_completion 75 + +## +# maximum size of the object we will cache +## +maxresident 1m + +insert_x_forwarded_for yes +insert_via yes + +## +# If host have several interfaces or aliases, use exactly +# this name when connecting to server: +## +#connect-from proxy.paco.net + +## +# ACLs - currently: urlregex, urlpath, usercharset +# port, dstdom, dstdom_regex, src_ip, time +# each acl can be loaded from file. +## +#acl CACHEABLECGI urlregex http://www\.topping\.com\.ua/cgi-bin/pingstat\.cgi\?072199131826 +#acl WWWPACO urlregex www\.paco\.net +#acl NO_RLH urlregex zipper +#acl REWRITEPORTS urlregex (www.job.ru|www.sale.ru) +#acl REWRITEHOSTS urlregex (www.asm.ru|zipper\.paco) +#acl WINUSER usercharset windows-1251 +#acl DOSUSER usercharset ibm866 +#acl UNIXUSER usercharset koi8-r +#acl RUS dstdom ru su +#acl UKR dstdom ua +#acl BADPORTS port [0:79],110,138,139,513,[6000:6010] +#acl BADDOMAIN dstdom baddomain1.com baddomain2.com +#acl BADDOMREGEX dstdom_regex baddomain\.((com)|(org)) +#acl LOCAL_NETWORKS src_ip include:/etc/oops/acl_local_networks +#acl BADNETWORKS src_ip 192.168.10/24 +#acl WORKTIME time Mon,Tue:Fri 0900:1800 +#acl HTMLS content_type text/html +#acl USERS username joe +acl ADMINS src_ip 127.0.0.1 +acl PURGE method PURGE + +## +# acl_deny [!]ACL [!]ACL ... +# deny access for combined acl +## +acl_deny PURGE !ADMINS + +## +# Never cache objects with URL, containing... +## +stop_cache ? +stop_cache cgi-bin + +## +# stop_cache_acl [!]ACL [!]ACL ... +# Stop cache using ACL +## +#stop_cache_acl WWWPACO + +## +# refresh_pattern ACLNAME min percent max +# 'min' and 'max' are limits between Expite time will be assigned +# Iff document have no expire: header and have Last-Modified: header +# we will use 'percent' to estimate how far in the future document will +# be expired. +## +#refresh_pattern CACHEABLECGI 20 50% 200 +#refresh_pattern WWWPACO 0 0% 0 + +## +# bind_acl {hostname|ip} [!]ACL [!]ACL ... +# bind to given address when connecting to server +# if request match ACLNAME +## +#bind_acl outname1 RUS +#bind_acl outname2 UKR + +## +# Always check document freshness, but now on acl basis. +# You can have several such lines. +## This example will force to check freshness only for html documents. +#always_check_freshness_acl HTMLS + +## +# line 'parent ....' will force all connections (except to destinations +# in local-domain or local-networks) go through parent host +## +#parent proxy.paco.net 3128 + +## +# parent_auth login:password +# if your parent require login/password from your proxy +## +#parent_auth login:password + +# ICP peer's +#peer proxy.paco.net 3128 3130 { +## ^^^ peer name ^http port ^icp port +## icp port can be 0, in which case we assume this is non-icp +## proxy. We assume that non-icp peer act like parent which +## answer MISS all th etime. If this peer refused connection +## then it goes down for 60 seconds - it doesn't take part in +## any peer-related decisions. +# sibling ; +## if this peer require login/password from your proxy +# my_auth my_login:my_password; +## we will send requests for these domains +# allow dstdomain * ; +## we will NOT send requests for these domains +# deny dstdomain * ; +## we will send only requests matched to this acl +# peer_access [!]ACL1 [!]ACL2 +## if (and only if) peer is not icp-capable, then , in case of fail we +## leave failed peer alone for the down_timeout interval (in seconds). +## Then we will try again +# down_timeout 60 ; +#} + +#peer proxy.gu.net 80 3130 { +# parent ; +# allow dstdomain * ; +# deny dstdomain paco.net odessa.ua ; +#} + +## +# Never use "parent" when connecting to server in these domains +## +local-domain odessa.ua od.ua +local-domain odessa.net paco.net netsy.net netsy.com te.net.ua + +local-networks 195.114.128/19 10/8 192.168/16 + +# +# Groups +# + +group main { +## +# You can describe group ip adresses here, or using src_ip acl's +# with networks_acl directive. +# networks_acl always have higher preference (checked first) and +# are checked in the order of appearance. +# If host wil not fall in any networks_acl - we check in networks. +# networks are ordered by masklen - longest masks(most specific networks) +# are checked first. +## + +#Next line enables redirection features and transparent proxying + redir_mods fastredir transparent; +#Change this next line to list the IP's of everyone in this group + networks 195.114.128/19 127/8 195.5.40.93/32 ; + +# networks_acl LOCAL_NETWORKS !BAD_NETWORKS ; + badports [0:79],110,138,139,513,[6000:6010] ; + miss allow; +## +# denytime - when deny access to proxy server for this group +## +# denytime Sat,Sun 0642:1000 +# denytime Mon,Thu:Fri,Sun 0900:2100 +## +# Authentication modules for this group (seprated by space) +## +# auth_mods passwd_file; + +## +# URL-Redirector (porno, ad. filtering) modules for this group (separate by +# space) +## +# redir_mods redir; + + +## +# limit whole group to 8Kbytes per sec +## +# bandwidth 8k; + +## +# limit each host 8Kbytes per sec +## +# per_ip_bw 8k; + +## +# limit connections number from each host +# +# per_ip_conn 8; + +## +# limit request rate from this group (requests per second). This is crude, +# and must be used as last resort +## +# maxreqrate 100; + +## +# icp acl ... +## +# icp { +# allow dstdomain * ; +# } + +## +# http acl +## + http { +## +# http acls can be in form 'allow dstdomain domainname domainname ... domainname ; +# or in form 'allow dstdomain include:filename ; +# where filename - name of the file, which contain +# domainnames (one per line, # - comment line); +# the same rules for 'deny' +## + allow dstdomain * ; + } +} + +group world { + networks 0/0; + badports [0:79],110,138,139,513,[6000:6010]; + http { + deny dstdomain * ; + } + icp { + deny dstdomain * ; + } +} + +## +# Storage section +# Change this for your own situation. Oops can work without +# storages (using only in-memory cache). +## + +## +# Storage description (can be several) +# path - filename of storage. can be raw device (be carefull!) +# size - size (of storage file). Can be smthng like 100k or 200m or 4g +# Size used only durig format process (oops -z). +## + +storage { + path /var/lib/oops/storage/oops_storage ; +# Size of the storage. Can be in bytes or 'auto'. Auto is +# usefull for pre-created storages or disk slices. +# NOTE: 'size auto' won't work for Linux on disk slices. +# To use large ( > 2G ) files run configure with --enable-large-files + + size 100m ; + +# You have to use 'offset' in the case your raw device (or slice) +# require that. For example if you use entire disk as storage +# under AIX and Soalris/Sparc - you have to skip first block +# which contain disk label (that is storage will start from +# next 512 sector. +# offset 512; +} + +#storage { +# path /usr/oops/storages/oops_storage1 ; +# size 600m ; +#} + +module lang { + + default_charset eng + + # Recode tables and other charset stuff + CharsetRecodeTable windows-1251 /etc/oops/tables/koi-win.tab + CharsetRecodeTable ISO-8859-5 /etc/oops/tables/koi-iso.tab + CharsetRecodeTable ibm866 /etc/oops/tables/koi-alt.tab + CharsetAgent windows-1251 AIR_Mosaic IWENG/1 MSIE WinMosaic (Windows (WinNT; + CharsetAgent windows-1251 (Win16; (Win95; (Win98; (16-bit) Opera/3.0 + CharsetAgent ibm866 DosLynx Lynx2/OS/2 +} + +module err { + # error reporting module + + # template + template /etc/oops/err_template.html + + # Language to use when generate Error messages + lang eng +} + +module passwd_file { + # password proxy-authentication module + # + # default realm, scheme and passwd file + # the only thing you really want to change is 'file' and 'template' + # you don't have to reconfigure oops if you only + # change content passwd file or template: oops authomatically + # reload file + + realm oops + scheme Basic + file /etc/oops/passwd + template /etc/oops/auth_template.html +} + +module passwd_pgsql { + # proxy authentication using postgresql + # "Ivan B. Yelnikov" <bahek@khspu.ru> + # + # host - host where database live, + # user,password - login and password for database access + # database - database name + # select - file with request body + # template - file with html doc which user will receive + # during authentication + scheme Basic + realm oops + host <host address/name> + user <database_user> + password <user_password> + database <database_name> + select /etc/oops/select.sql + template /etc/oops/auth_template.html +} + +module passwd_mysql { + # proxy authentication usin mysql + # "Ivan B. Yelnikov" <bahek@khspu.ru> + # + # look passwd_pgsql description + # + scheme Basic + realm oops + host <host address/name> + user <database_user> + password <user_password> + database <database_name> + select /etc/oops/select.sql + template /etc/oops/auth_template.html +} + +module redir { + # file - regex rules. + # each line consist of one or two fields (separated with white space) + # 1. regular expression + # 2. redirect-location + # if requested (by client) url match regex then + # if we have redirect-url then we send '302 Moved Temporary' to + # redirect-location + # if we have no redirect-location (i.e. we have no 2-nd field) + # then we send template.html (%R will be substituted by rule) + # or some default message if we have no template. + # you don't have to reconfigure oops each time + # you edit rules or template, they will be reloaded authomatically + + file /etc/oops/redir_rules + template /etc/oops/redir_template.html +## mode control will redir rewrite url or send Location: header +## with new location. Values are 'rewrite' or 'bounce' +# mode rewrite + + # This module can process requests which come on http_port + # and/or on different port. For example, you wish oops + # bind on two ports - 3128 and 3129, and all requests which come on + # port 3129 must pass through filters, and requests which come on port + # 3128 (common http_port) - not. Then you have to uncomment next line + # myport 3129 + # which means exactly: bind oops to additional port 3129 and process + # requests which come on this port. + # myport can be in the next form: + # myport [{hostname|ip_addr}:]port +} + +module oopsctl { + # path to oopsctl unix socket + socket_path /var/run/oops/oopsctl + # time to auto-refresh page (seconds) + html_refresh 300 +} + +## +## This module hadnle 'Vary' header - it was written to better support +## Russian Apache +## +module vary { + user-agent by_charset + accept-charset ignore +} + +## +## WWW -accelerator. To use - add word accel to +## redir_mods line for +## the group 'world' description +## You will find more description of this module in supplied accel_maps file +## +#module accel { +# myport can have next form: +# myport [{hostname|ip_addr}:]port ... +# myport 80 +## +# allow access to proxy through accel module. +# Deny will stop proxy through accel completely, regardless +# of any other access rules +## +# proxy_requests deny +# +## +# File with maps and other config directives +# Checked once per minute. No need to restart oops if maps changed +## +# file /etc/oops/accel_maps +#} + +## +## Transparent proxy. To use - add word 'transparent' into +## redir_mods line for your group. +## in the your local (or any other) group description +## +#module transparent { +# myport can have next form: +# myport [{hostname|ip_addr}:]port ... +# myport 3128 +#} + +## +## %h - remote ip address +## %A - local ip address +## %d - ip address of source (peer or document server) +## %l - remote logname from identd (not suported now) +## %U - remote user (from 'Authorization' header) +## %u - remote user (from proxy-auth) +## %{format}t - time with optional {format} (for strftime) +## %t - time with standard format %d/%b/%Y:%T %Z +## %r - request line +## %s - status code +## %b - bytes received +## %{header}i - value of header in request +## %m - HIT/MISS +## %k - hierarchy (DIRECT/NONE/...) +## +## directive buffered can be followed by size of the buffer, +## like 'buffered 32000' +## +#module customlog { +# path /usr/local/oops/logs/access_custom1 +# format "%h %l %u %t \"%r\" %>s %b" +# squid httpd mode log emulation +# format "%h %u %l %t \"%r\" %s %b %m:%k" +# buffered +# path /usr/local/oops/logs/access_custom2 +# format "%h->%A %l %u [%t] \"%r\" %s %b \"%{User-Agent}i\"" +#} + +module berkeley_db { + ## + # dbhome - directory where all DB indexes reside. Use full path + # this directory must exist. + # dbname - filename for index file. Use just filename (no full path) + ## + + dbhome /var/lib/oops/db + dbname dburl + + ## + # This parameter specifies internal cache size of BerkeleyDB. + # Increase this parameter for best performance (if you have a lot of memory). + # For example: db_cache_mem 64m + # Default and minimum value: 4m + # + # This memory pool is not part of memory pool, specified by mem_max parameter. + # WARNING: the amount of RAM used by oops will be increased by the value of + # this parameter. + ## + #db_cache_mem 4m + +} + +#module gigabase_db { +# This module enable GigaBASE as database engine. +# You can use berkeley_db or gigabase_db, not both. +# Also, important notice - indexes created with different modules +# are not compatible. +# ## +# # dbhome - directory where all DB indexes reside. Use full path +# # this directory must exist. +# # dbname - filename for index file. Use just filename (no full path) +# ## +# +# dbhome /var/lib/oops/db +# dbname gdburl +# +# ## +# # This parameter specifies internal cache size of BerkeleyDB. +# # Increase this parameter for best performance (if you have a lot of memory). +# # For example: db_cache_mem 64m +# # Default and minimum value: 4m +# # +# # This memory pool is not part of memory pool, specified by mem_max parameter. +# # WARNING: the amount of RAM used by oops will be increased by the value of +# # this parameter. +# ## +# #db_cache_mem 4m +# +#} diff --git a/net-proxy/oops/files/oops.initd b/net-proxy/oops/files/oops.initd new file mode 100644 index 000000000000..fec45e6afda4 --- /dev/null +++ b/net-proxy/oops/files/oops.initd @@ -0,0 +1,27 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +start() { + ebegin "Starting oops" + /usr/sbin/oopsctl start &> /dev/null + eend $? +} + +status() { + if service_started "${myservice}"; then + /usr/sbin/oopsctl stat + fi + return 0 +} + +stop() { + ebegin "Stopping oops" + /usr/sbin/oopsctl stop &> /dev/null + eend $? +} diff --git a/net-proxy/oops/files/rotate-logs.patch b/net-proxy/oops/files/rotate-logs.patch new file mode 100644 index 000000000000..236aa4b60926 --- /dev/null +++ b/net-proxy/oops/files/rotate-logs.patch @@ -0,0 +1,12 @@ +diff -Nru oops-1.5.23.orig/src/rotate_logs.c oops-1.5.23/src/rotate_logs.c +--- oops-1.5.23.orig/src/rotate_logs.c 2001-08-31 15:30:30.000000000 +0200 ++++ oops-1.5.23/src/rotate_logs.c 2009-07-12 12:47:56.000000000 +0200 +@@ -32,7 +32,7 @@ + if ( !num ) { + /* if no number of logs configured just reopen file */ + close(fb->fd); +- fb->fd = open(name, O_WRONLY|O_APPEND|O_CREAT); ++ fb->fd = open(name, O_WRONLY|O_APPEND|O_CREAT, 0660); + return; + + } diff --git a/net-proxy/oops/metadata.xml b/net-proxy/oops/metadata.xml new file mode 100644 index 000000000000..3a9154222f27 --- /dev/null +++ b/net-proxy/oops/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>An advanced multithreaded caching web proxy</longdescription> +</pkgmetadata> diff --git a/net-proxy/oops/oops-1.5.24_pre20050503-r4.ebuild b/net-proxy/oops/oops-1.5.24_pre20050503-r4.ebuild new file mode 100644 index 000000000000..daad5346c82a --- /dev/null +++ b/net-proxy/oops/oops-1.5.24_pre20050503-r4.ebuild @@ -0,0 +1,98 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="2" + +inherit eutils flag-o-matic toolchain-funcs autotools user + +MY_P="${PN}-1.5.23" + +DESCRIPTION="An advanced multithreaded caching web proxy" +HOMEPAGE="http://zipper.paco.net/~igor/oops.eng/" +SRC_URI="http://zipper.paco.net/~igor/oops/${MY_P}.tar.gz + mirror://gentoo/${P}.patch.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 sparc x86" +IUSE="" + +RDEPEND="dev-libs/libpcre + >=sys-libs/db-3" +DEPEND="${RDEPEND} + sys-devel/flex" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + enewgroup oops + enewuser oops -1 -1 /var/lib/oops oops +} + +src_prepare() { + epatch "${WORKDIR}/${P}.patch" + epatch "${FILESDIR}/${P/_*}-textrel.patch" + epatch "${FILESDIR}/${P/_*}-pthread-rwlock.patch" + epatch "${FILESDIR}/modules-as-needed.patch" + epatch "${FILESDIR}/implicit-decl.patch" + epatch "${FILESDIR}/libpcreposix.patch" + epatch "${FILESDIR}/rotate-logs.patch" + epatch "${FILESDIR}/${P}+db-5.0.patch" + sed -i -e 's:y\.tab\.h:y.tab.c:' src/Makefile.in + eautoreconf +} + +src_configure() { + econf \ + --prefix=/usr \ + --libdir=/usr/$(get_libdir)/oops \ + --enable-oops-user=oops \ + --sysconfdir=/etc/oops \ + --sbindir=/usr/sbin \ + --with-regexp=pcre \ + --localstatedir=/var/run/oops \ + --enable-large-files \ + --with-zlib=-lz \ + || die "configure problem" + + sed -i -e '/STRERROR_R/d' src/config.h.in + sed -i \ + -e "s|OOPS_LIBDIR = /usr/$(get_libdir)/oops|OOPS_LIBDIR = ${D}/usr/$(get_libdir)/oops|" \ + -e "s|OOPS_SBINDIR = /usr/sbin|OOPS_SBINDIR = ${D}/usr/sbin|" \ + -e "s|OOPS_SYSCONFDIR = /etc/oops|OOPS_SYSCONFDIR = ${D}/etc/oops|" \ + -e "s|OOPS_LOCALSTATEDIR = /var/run/oops|OOPS_LOCALSTATEDIR = ${D}/var/run/oops|" \ + -e "s|OOPSPATH=/usr/oops|OOPSPATH=${D}/usr/oops|" \ + src/Makefile + sed -i \ + -e "s|^\(LDFLAGS *= *\)${LDFLAGS}|\1$(raw-ldflags)|" \ + src/modules/Makefile #modules makefile use ld directly +} + +src_install() { + dodir /usr/sbin + einstall || die "install problem" + + newinitd "${FILESDIR}/oops.initd" oops + diropts -m0750 -o root -g oops + dodir /etc/oops + insinto /etc/oops + doins "${FILESDIR}/oops.cfg" + + diropts -m0755 -o oops -g oops + keepdir /var/run/oops + diropts -m0770 -o oops -g oops + keepdir /var/log/oops + keepdir /var/lib/oops/storage + keepdir /var/lib/oops/db + + # cleanups + rm -rf "${D}/usr/oops" + rm -rf "${D}/usr/lib/oops/modules" +} + +pkg_postinst() { + #Set proper owner/group if installed from binary package + chgrp oops "${ROOT}/etc/oops" + chown -R oops:oops "${ROOT}/var/run/oops" "${ROOT}/var/log/oops" "${ROOT}/var/lib/oops" +} diff --git a/net-proxy/oops/oops-1.5.24_pre20050503-r5.ebuild b/net-proxy/oops/oops-1.5.24_pre20050503-r5.ebuild new file mode 100644 index 000000000000..e14de892a7f0 --- /dev/null +++ b/net-proxy/oops/oops-1.5.24_pre20050503-r5.ebuild @@ -0,0 +1,112 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils flag-o-matic toolchain-funcs autotools user + +MY_P="${PN}-1.5.23" + +DESCRIPTION="An advanced multithreaded caching web proxy" +HOMEPAGE="http://zipper.paco.net/~igor/oops.eng/" +SRC_URI="http://zipper.paco.net/~igor/oops/${MY_P}.tar.gz + mirror://gentoo/${P}.patch.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~sparc ~x86" +IUSE="" + +RDEPEND="dev-libs/libpcre + >=sys-libs/db-3" +DEPEND="${RDEPEND} + sys-devel/flex" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + enewgroup oops + enewuser oops -1 -1 /var/lib/oops oops +} + +src_prepare() { + epatch "${WORKDIR}/${P}.patch" + epatch "${FILESDIR}/${P/_*}-textrel.patch" + epatch "${FILESDIR}/${P/_*}-pthread-rwlock.patch" + epatch "${FILESDIR}/modules-as-needed.patch" + epatch "${FILESDIR}/implicit-decl.patch" + epatch "${FILESDIR}/libpcreposix.patch" + epatch "${FILESDIR}/rotate-logs.patch" + epatch "${FILESDIR}/${P}+db-5.0.patch" + epatch "${FILESDIR}/${P/_*}-respect-flags.patch" + sed -i -e 's:y\.tab\.h:y.tab.c:' src/Makefile.in + eautoreconf +} + +src_configure() { + econf \ + --prefix=/usr \ + --libdir=/usr/$(get_libdir)/oops \ + --enable-oops-user=oops \ + --sysconfdir=/etc/oops \ + --sbindir=/usr/sbin \ + --with-regexp=pcre \ + --localstatedir=/run/oops \ + --enable-large-files \ + --with-zlib=-lz \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + CXX="$(tc-getCXX)" \ + LD="$(tc-getCC)" + + sed -i -e '/STRERROR_R/d' src/config.h.in || die + sed -i \ + -e "s|OOPS_LIBDIR = /usr/$(get_libdir)/oops|OOPS_LIBDIR = ${D}/usr/$(get_libdir)/oops|" \ + -e "s|OOPS_SBINDIR = /usr/sbin|OOPS_SBINDIR = ${D}/usr/sbin|" \ + -e "s|OOPS_SYSCONFDIR = /etc/oops|OOPS_SYSCONFDIR = ${D}/etc/oops|" \ + -e "s|OOPS_LOCALSTATEDIR = /var/run/oops|OOPS_LOCALSTATEDIR = ${D}/run/oops|" \ + -e "s|OOPSPATH=/usr/oops|OOPSPATH=${D}/usr/oops|" \ + src/Makefile || die + sed -i \ + -e "s|^\(LDFLAGS *= *\)${LDFLAGS}|\1$(raw-ldflags)|" \ + src/modules/Makefile || die #modules makefile use ld directly +} + +src_compile() { + emake \ + AR="$(tc-getAR)" \ + CC="$(tc-getCC)" \ + CXX="$(tc-getCXX)" \ + LD="$(tc-getCC)" \ + RANLIB=":" \ + STRIP=":" +} + +src_install() { + dodir /usr/sbin + einstall || die "install problem" + + newinitd "${FILESDIR}/oops.initd" oops + diropts -m0750 -o root -g oops + dodir /etc/oops + insinto /etc/oops + doins "${FILESDIR}/oops.cfg" + + diropts -m0755 -o oops -g oops + keepdir /run/oops + diropts -m0770 -o oops -g oops + keepdir /var/log/oops + keepdir /var/lib/oops/storage + keepdir /var/lib/oops/db + + # cleanups + rm -rf "${D}/usr/oops" + rm -rf "${D}/usr/lib/oops/modules" +} + +pkg_postinst() { + #Set proper owner/group if installed from binary package + chgrp oops "${ROOT}/etc/oops" + chown -R oops:oops "${ROOT}/run/oops" "${ROOT}/var/log/oops" "${ROOT}/var/lib/oops" +} diff --git a/net-proxy/pingtunnel/Manifest b/net-proxy/pingtunnel/Manifest new file mode 100644 index 000000000000..13d05868ebfd --- /dev/null +++ b/net-proxy/pingtunnel/Manifest @@ -0,0 +1 @@ +DIST PingTunnel-0.72.tar.gz 64188 SHA256 b318f7aa7d88918b6269d054a7e26f04f97d8870f47bd49a76cb2c99c73407a4 SHA512 943fc571ca95bb6af59f2a74458470865a89a502145bb1e5cf9b86159d61d897418d10d100691337f299892af7aba65964624462068a77ef1645890a4abf5d17 WHIRLPOOL a39fe5cc57d87b5977fcec53083a405c5310d74ea857af3a3837c0347d78c217a3e8fc911130a93e2ec1ab43f793104185cfeb7277caf6dc7b70b2c0209d0b74 diff --git a/net-proxy/pingtunnel/files/pingtunnel-0.72_makefile.patch b/net-proxy/pingtunnel/files/pingtunnel-0.72_makefile.patch new file mode 100644 index 000000000000..9dce0992cbda --- /dev/null +++ b/net-proxy/pingtunnel/files/pingtunnel-0.72_makefile.patch @@ -0,0 +1,60 @@ +--- Makefile
++++ Makefile
+@@ -2,11 +2,26 @@
+ # (c) 2004-2009 Daniel Stoedle, daniels@cs.uit.no
+ # ptunnel.exe target added by Mike Miller, mike@mikeage.net
+
+-CC = gcc
+-CFLAGS = -Wall -g
+-LDOPTS = -lpthread -lpcap
++# set to 1 to enable debug symbols
++DEBUG=0
++
++# set to 1 to enable selinux support
++SELINUX=0
++
++CC ?= gcc
++CFLAGS += -Wall
++LIBS += -lpthread -lpcap
+ PT_OBJS = ptunnel.o md5.o
+
++ifeq ($(DEBUG),1)
++CFLAGS += -g
++endif
++
++ifeq ($(SELINUX),1)
++CPPFLAGS += -DHAVE_SELINUX
++LIBS += -lselinux
++endif
++
+ WIN32_CC = mingw32-gcc
+ WIN32_CFLAGS = -g -Wall -DWIN32 -I"c:\Program Files\WpdPack\Include"
+ WIN32_LDOPTS = -lwpcap -lwsock32 -L"c:\Program Files\WpdPack\Lib"
+@@ -26,13 +41,13 @@
+
+
+ install: ptunnel
+- install -d $(bindir)/
+- install -d $(mandir)/
+- install ./ptunnel $(bindir)/ptunnel
+- install ./ptunnel.8 $(mandir)/ptunnel.8
++ install -d "$(DESTDIR)/$(bindir)/"
++ install -d "$(DESTDIR)/$(mandir)/"
++ install -m755 ./ptunnel "$(DESTDIR)/$(bindir)/ptunnel"
++ install -m644 ./ptunnel.8 "$(DESTDIR)/$(mandir)/ptunnel.8"
+
+ ptunnel: $(PT_OBJS)
+- $(CC) -o $@ $^ $(LDOPTS) `[ -e /usr/include/selinux/selinux.h ] && echo -lselinux`
++ $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS) $(LIBS)
+
+ ptunnel.exe: $(WIN32_PT_OBJS)
+ $(CC) -o $@ $^ $(WIN32_LDOPTS)
+@@ -47,7 +62,7 @@
+ $(CC) $(CFLAGS) -MM *.c > $@
+
+ %.o:%.c
+- $(CC) $(CFLAGS) `[ -e /usr/include/selinux/selinux.h ] && echo -DHAVE_SELINUX` -c -o $@ $<
++ $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+
+ %.obj:%.c
+ $(WIN32_CC) $(WIN32_CFLAGS) -c -o $@ $<
diff --git a/net-proxy/pingtunnel/metadata.xml b/net-proxy/pingtunnel/metadata.xml new file mode 100644 index 000000000000..38e901528de8 --- /dev/null +++ b/net-proxy/pingtunnel/metadata.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>bircoph@gentoo.org</email> +</maintainer> +<longdescription>Ptunnel is an application that allows you to reliably tunnel TCP connections to a remote host +using ICMP echo request and reply packets, commonly known as ping requests and replies.</longdescription> +</pkgmetadata> diff --git a/net-proxy/pingtunnel/pingtunnel-0.72.ebuild b/net-proxy/pingtunnel/pingtunnel-0.72.ebuild new file mode 100644 index 000000000000..8e775dc57965 --- /dev/null +++ b/net-proxy/pingtunnel/pingtunnel-0.72.ebuild @@ -0,0 +1,38 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils toolchain-funcs + +DESCRIPTION="Tunnel TCP over ICMP" +HOMEPAGE="http://www.cs.uit.no/~daniels/PingTunnel" +SRC_URI="http://www.cs.uit.no/~daniels/PingTunnel/PingTunnel-${PV}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ppc ~sh ~x86" +IUSE="doc selinux" + +DEPEND=" + net-libs/libpcap + selinux? ( sys-libs/libselinux ) +" +RDEPEND="${DEPEND}" + +S="${WORKDIR}"/PingTunnel + +src_prepare(){ + epatch "${FILESDIR}"/${P}_makefile.patch +} + +src_compile() { + tc-export CC + emake $(usex selinux "SELINUX=1" "SELINUX=0") +} + +src_install() { + default + use doc && dohtml web/* +} diff --git a/net-proxy/piper/Manifest b/net-proxy/piper/Manifest new file mode 100644 index 000000000000..3e12f3bf51a7 --- /dev/null +++ b/net-proxy/piper/Manifest @@ -0,0 +1 @@ +DIST piper-1.14.tar.gz 20121 RMD160 1021a04a26dbb86c80fe9eb77ed4d3099a2f69f6 SHA1 0111525568f61df36b05a9372db2e02af24e3a11 SHA256 5f644ce2d0aa36d8059ae53630d781285621fb234ed5f16e79bb1e4ccf3f7ea1 diff --git a/net-proxy/piper/metadata.xml b/net-proxy/piper/metadata.xml new file mode 100644 index 000000000000..c6d862855eb5 --- /dev/null +++ b/net-proxy/piper/metadata.xml @@ -0,0 +1,7 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>robbat2@gentoo.org</email> +</maintainer> +</pkgmetadata> diff --git a/net-proxy/piper/piper-1.14.ebuild b/net-proxy/piper/piper-1.14.ebuild new file mode 100644 index 000000000000..413bf4b2b1e1 --- /dev/null +++ b/net-proxy/piper/piper-1.14.ebuild @@ -0,0 +1,25 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit flag-o-matic toolchain-funcs + +DESCRIPTION="Piper (a tool for manipulating SOCKS5 servers)" +HOMEPAGE="http://www.qwirx.com/" +SRC_URI="http://www.qwirx.com/piper/${P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~amd64 ~ppc" +IUSE="" +DEPEND="" +#RDEPEND="" + +src_compile() { + append-flags -g -Wall + emake CC="$(tc-getCC)" CFLAGS="${CFLAGS}" +} + +src_install() { + dobin piper + dodoc README +} diff --git a/net-proxy/polipo/Manifest b/net-proxy/polipo/Manifest new file mode 100644 index 000000000000..e3126c35d333 --- /dev/null +++ b/net-proxy/polipo/Manifest @@ -0,0 +1 @@ +DIST polipo-1.1.1.tar.gz 182891 SHA256 a259750793ab79c491d05fcee5a917faf7d9030fb5d15e05b3704e9c9e4ee015 SHA512 7324ca96c19bf9f089146a12dba349ea8cd2669ee02d0599ed6c6116d11eb0e7cef7830d91d16921ba5cdd0ce06e6f831901832326d8118ebe0a565feeec7fb1 WHIRLPOOL 2904a68cc64500dc6207713e255e49eb6d9fb3d73c0ff80c19b71cf1ae6ceee533b625643c7a177924f4d254deae659cdc4137218ae152582da65d0b933f65e3 diff --git a/net-proxy/polipo/files/config b/net-proxy/polipo/files/config new file mode 100644 index 000000000000..4c9235582594 --- /dev/null +++ b/net-proxy/polipo/files/config @@ -0,0 +1,8 @@ +daemonise=false +diskCacheRoot=/var/cache/polipo/ +proxyAddress=127.0.0.1 +proxyName=localhost +serverSlots=4 +serverMaxSlots=8 +cacheIsShared=true +allowedClients=127.0.0.1 diff --git a/net-proxy/polipo/files/polipo.crond-2 b/net-proxy/polipo/files/polipo.crond-2 new file mode 100644 index 000000000000..6b2d609d6d6a --- /dev/null +++ b/net-proxy/polipo/files/polipo.crond-2 @@ -0,0 +1,22 @@ +#!/bin/bash + +# Loop through all init.d instances +for f in /etc/init.d/polipo*; do + # only proceed if daemon is running + "${f}" --quiet status || continue + + myname="${f#/etc/init.d/polipo}" + conffile="/etc/polipo/config${myname}" + pidfile="/var/run/polipo${myname}.pid" + + # check if disk cache is enabled + polipo -v -c "${CONFFILE}" | + awk '$1 ~ /diskCacheRoot/ { if ($3 == "(none)") exit 1}' || + continue + + # Expire old cached objects + kill -USR1 $(cat "${pidfile}") + sleep 1 + nice -n 15 su -s "/bin/sh" -c "polipo -c ${conffile} -x" polipo > /dev/null + kill -USR2 $(cat "${pidfile}") +done diff --git a/net-proxy/polipo/files/polipo.initd-2 b/net-proxy/polipo/files/polipo.initd-2 new file mode 100644 index 000000000000..e24fff01de83 --- /dev/null +++ b/net-proxy/polipo/files/polipo.initd-2 @@ -0,0 +1,66 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +CONFFILE="/etc/polipo/config${SVCNAME#polipo}" +PIDFILE="/var/run/${SVCNAME}.pid" + +depend() { + need net +} + +checkconfig() { + { polipo -v -c "${CONFFILE}" || return 1 ; } | { + local retvalue=0 + local name type value desc + while read name type value desc ; do + case ${name} in + configFile) + if [ "${value}" = "(none)" ] ; then + eerror "Unable to read configuration file /etc/polipo/config" + retvalue=1 + fi + ;; + daemonise) + if [ "${value}" != "false" ] ; then + eerror "Configuration option not supported by this init script: ${name}=${value}" + retvalue=1 + fi + ;; + pidFile) + if [ "${value}" != "(none)" ] ; then + eerror "Configuration option not supported by this init script: ${name}=${value}" + retvalue=1 + fi + ;; + diskCacheRoot) + if [ "${value}" != "(none)" ] ; then + # Ensure that cache directory exists and have proper permissions + if ! [[ -d "{value}" ]]; then + mkdir -p -m 0750 "${value}" + chown polipo:polipo "${value}" + fi + fi + ;; + esac + done + return ${retvalue} + } +} + +start() { + checkconfig || return 1 + + ebegin "Starting Polipo HTTP proxy" + start-stop-daemon --start --user polipo \ + --background --pidfile "${PIDFILE}" --make-pidfile \ + --exec /usr/bin/polipo -- -c "${CONFFILE}" + eend $? +} + +stop() { + ebegin "Stopping Polipo HTTP proxy" + start-stop-daemon --stop --pidfile "${PIDFILE}" + eend $? +} diff --git a/net-proxy/polipo/files/polipo_at.service b/net-proxy/polipo/files/polipo_at.service new file mode 100644 index 000000000000..5018ac6c75e0 --- /dev/null +++ b/net-proxy/polipo/files/polipo_at.service @@ -0,0 +1,11 @@ +[Unit] +Description=Polipo Proxy Server +After=network.target + +[Service] +ExecStart=/usr/bin/polipo -c /etc/polipo/%i +User=polipo +PrivateDevices=yes + +[Install] +WantedBy=multi-user.target diff --git a/net-proxy/polipo/metadata.xml b/net-proxy/polipo/metadata.xml new file mode 100644 index 000000000000..b6c2d4e1def9 --- /dev/null +++ b/net-proxy/polipo/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> + <email>bircoph@gentoo.org</email> +</maintainer> +<longdescription>A small and fast caching web proxy designed to be used by one person or a small group of people.</longdescription> +</pkgmetadata> diff --git a/net-proxy/polipo/polipo-1.1.1-r1.ebuild b/net-proxy/polipo/polipo-1.1.1-r1.ebuild new file mode 100644 index 000000000000..8882b5d7f7c7 --- /dev/null +++ b/net-proxy/polipo/polipo-1.1.1-r1.ebuild @@ -0,0 +1,62 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +if [[ ${PV} == "9999" ]] ; then + _GIT=git-r3 + EGIT_REPO_URI="https://github.com/jech/${PN}.git" + SRC_URI="" + KEYWORDS="" +else + SRC_URI="http://www.pps.jussieu.fr/~jch/software/files/${PN}/${P}.tar.gz" + KEYWORDS="~amd64 ~x86" +fi + +inherit ${_GIT} toolchain-funcs user systemd + +DESCRIPTION="A caching web proxy" +HOMEPAGE="http://www.pps.jussieu.fr/~jch/software/polipo/" +LICENSE="MIT GPL-2" +SLOT="0" +IUSE="systemd" + +DEPEND="sys-apps/texinfo" +RDEPEND="" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /var/cache/${PN} ${PN} +} + +src_compile() { + tc-export CC + emake PREFIX=/usr "CDEBUGFLAGS=${CFLAGS}" all +} + +src_install() { + einstall PREFIX=/usr MANDIR=/usr/share/man INFODIR=/usr/share/info "TARGET=${D}" + + newinitd "${FILESDIR}/${PN}.initd-2" ${PN} + insinto /etc/${PN} ; doins "${FILESDIR}/config" + systemd_newunit "${FILESDIR}/${PN}_at.service" "${PN}@.service" + if ! use systemd; then + exeinto /etc/cron.weekly ; newexe "${FILESDIR}/${PN}.crond-2" ${PN} + fi + + dodoc CHANGES README + dohtml html/* +} + +pkg_postinst() { + elog "Do not forget to read the manual." + elog "Change the config file in /etc/${PN} to suit your needs." + elog "" + elog "Polipo init scripts can now be multiplexed:" + elog "1. create /etc/${PN}/config.foo" + elog "2. symlink /etc/init.d/{${PN}.foo -> ${PN}}" + elog " a. if you are using OpenRC, symlink /etc/init.d/{${PN}.foo -> ${PN}}" + elog " b. if you are using systemd, execute \"systemctl enable polipo@config.foo\"" + elog "3. make sure all instances use unique ip:port pair and cachedir, if any" +} diff --git a/net-proxy/polipo/polipo-1.1.1.ebuild b/net-proxy/polipo/polipo-1.1.1.ebuild new file mode 100644 index 000000000000..b19d3bfe0092 --- /dev/null +++ b/net-proxy/polipo/polipo-1.1.1.ebuild @@ -0,0 +1,56 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +if [[ ${PV} == "9999" ]] ; then + _GIT=git-r3 + EGIT_REPO_URI="https://github.com/jech/${PN}.git" + SRC_URI="" + KEYWORDS="" +else + SRC_URI="http://www.pps.jussieu.fr/~jch/software/files/${PN}/${P}.tar.gz" + KEYWORDS="amd64 x86" +fi + +inherit ${_GIT} toolchain-funcs user + +DESCRIPTION="A caching web proxy" +HOMEPAGE="http://www.pps.jussieu.fr/~jch/software/polipo/" +LICENSE="MIT GPL-2" +SLOT="0" + +DEPEND="sys-apps/texinfo" +RDEPEND="" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /var/cache/${PN} ${PN} +} + +src_compile() { + tc-export CC + emake PREFIX=/usr "CDEBUGFLAGS=${CFLAGS}" all +} + +src_install() { + einstall PREFIX=/usr MANDIR=/usr/share/man INFODIR=/usr/share/info "TARGET=${D}" + + newinitd "${FILESDIR}/${PN}.initd-2" ${PN} + insinto /etc/${PN} ; doins "${FILESDIR}/config" + exeinto /etc/cron.weekly ; newexe "${FILESDIR}/${PN}.crond-2" ${PN} + + dodoc CHANGES README + dohtml html/* +} + +pkg_postinst() { + einfo "Do not forget to read the manual." + einfo "Change the config file in /etc/${PN} to suit your needs." + einfo "" + einfo "Polipo OpenRC init scripts can now be multiplexed:" + einfo "1. create /etc/${PN}/config.foo" + einfo "2. symlink /etc/init.d/{${PN}.foo -> ${PN}}" + einfo "3. make sure all instances use unique ip:port pair and cachedir, if any" +} diff --git a/net-proxy/polipo/polipo-9999.ebuild b/net-proxy/polipo/polipo-9999.ebuild new file mode 100644 index 000000000000..8882b5d7f7c7 --- /dev/null +++ b/net-proxy/polipo/polipo-9999.ebuild @@ -0,0 +1,62 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +if [[ ${PV} == "9999" ]] ; then + _GIT=git-r3 + EGIT_REPO_URI="https://github.com/jech/${PN}.git" + SRC_URI="" + KEYWORDS="" +else + SRC_URI="http://www.pps.jussieu.fr/~jch/software/files/${PN}/${P}.tar.gz" + KEYWORDS="~amd64 ~x86" +fi + +inherit ${_GIT} toolchain-funcs user systemd + +DESCRIPTION="A caching web proxy" +HOMEPAGE="http://www.pps.jussieu.fr/~jch/software/polipo/" +LICENSE="MIT GPL-2" +SLOT="0" +IUSE="systemd" + +DEPEND="sys-apps/texinfo" +RDEPEND="" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /var/cache/${PN} ${PN} +} + +src_compile() { + tc-export CC + emake PREFIX=/usr "CDEBUGFLAGS=${CFLAGS}" all +} + +src_install() { + einstall PREFIX=/usr MANDIR=/usr/share/man INFODIR=/usr/share/info "TARGET=${D}" + + newinitd "${FILESDIR}/${PN}.initd-2" ${PN} + insinto /etc/${PN} ; doins "${FILESDIR}/config" + systemd_newunit "${FILESDIR}/${PN}_at.service" "${PN}@.service" + if ! use systemd; then + exeinto /etc/cron.weekly ; newexe "${FILESDIR}/${PN}.crond-2" ${PN} + fi + + dodoc CHANGES README + dohtml html/* +} + +pkg_postinst() { + elog "Do not forget to read the manual." + elog "Change the config file in /etc/${PN} to suit your needs." + elog "" + elog "Polipo init scripts can now be multiplexed:" + elog "1. create /etc/${PN}/config.foo" + elog "2. symlink /etc/init.d/{${PN}.foo -> ${PN}}" + elog " a. if you are using OpenRC, symlink /etc/init.d/{${PN}.foo -> ${PN}}" + elog " b. if you are using systemd, execute \"systemctl enable polipo@config.foo\"" + elog "3. make sure all instances use unique ip:port pair and cachedir, if any" +} diff --git a/net-proxy/privoxy/Manifest b/net-proxy/privoxy/Manifest new file mode 100644 index 000000000000..9b273e38ead2 --- /dev/null +++ b/net-proxy/privoxy/Manifest @@ -0,0 +1 @@ +DIST privoxy-3.0.23-stable-src.tar.gz 1715099 SHA256 80b1a172d0518a9f95cde83d18dc62b9c7f117b9ada77bdcd3d310107f28f964 SHA512 487513f4f6f8c868b537132599d0f573384a0b7ed2b3c6778b163d61f94a419e1594d4e0bff286051902bfca292d68c5eeef215955f072c1744bef50db279c25 WHIRLPOOL 68f3ce6dd86a95bb515af2dfe4f166263800f8ff71fb266cb7d8630888f30c93194634b74c5d491a5687afc5842428bd23811ef71ee9358f1cd7ec5ad1ce11a4 diff --git a/net-proxy/privoxy/files/privoxy-3.0.19-gentoo.patch b/net-proxy/privoxy/files/privoxy-3.0.19-gentoo.patch new file mode 100644 index 000000000000..4571e24e1f06 --- /dev/null +++ b/net-proxy/privoxy/files/privoxy-3.0.19-gentoo.patch @@ -0,0 +1,114 @@ +--- a/GNUmakefile.in ++++ b/GNUmakefile.in +@@ -62,8 +62,8 @@ + MAN_DEST = $(MAN_DIR)/man1 + MAN_PAGE = privoxy.1 + SHARE_DEST = @datadir@ +-DOC_DEST = $(SHARE_DEST)/doc/privoxy +-VAR_DEST = @localstatedir@ ++DOC_DEST = @docdir@ ++VAR_DEST = /var + LOGS_DEST = $(VAR_DEST)/log/privoxy + PIDS_DEST = $(VAR_DEST)/run + +@@ -852,7 +852,6 @@ + $(INSTALL) $(INSTALL_T) $(DOK_WEB)/man-page/*html $(DESTDIR)$$DOC/man-page;\ + $(INSTALL) $(INSTALL_T) $(DOK_WEB)/privoxy-index.html $(DESTDIR)$$DOC/index.html;\ + $(INSTALL) $(INSTALL_T) AUTHORS $(DESTDIR)$$DOC;\ +- $(INSTALL) $(INSTALL_T) LICENSE $(DESTDIR)$$DOC;\ + $(INSTALL) $(INSTALL_T) README $(DESTDIR)$$DOC;\ + $(INSTALL) $(INSTALL_T) ChangeLog $(DESTDIR)$$DOC;\ + $(INSTALL) $(INSTALL_T) $(DOK_WEB)/p_doc.css $(DESTDIR)$$DOC;\ +@@ -923,34 +922,8 @@ + fi ;\ + $(ECHO) Installing configuration files to $(DESTDIR)$(CONF_DEST);\ + for i in $(CONFIGS); do \ +- if [ "$$i" = "default.action" ] || [ "$$i" = "default.filter" ] ; then \ +- $(RM) $(DESTDIR)$(CONF_DEST)/$$i ;\ +- $(ECHO) Installing fresh $$i;\ + $(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST) || exit 1;\ +- elif [ -s "$(CONF_DEST)/$$i" ]; then \ +- $(ECHO) Installing $$i as $$i.new ;\ +- $(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST)/$$i.new || exit 1;\ +- NEW=1;\ +- else \ +- $(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST) || exit 1;\ +- fi ;\ + done ;\ +- if [ -n "$$NEW" ]; then \ +- $(CHMOD) $(RWD_MODE) $(DESTDIR)$(CONF_DEST)/*.new || exit 1 ;\ +- $(ECHO) "Warning: Older config files are preserved. Check new versions for changes!" ;\ +- fi ;\ +- [ ! -f $(DESTDIR)$(LOG_DEST)/logfile ] && $(ECHO) Creating logfiles in $(DESTDIR)$(LOG_DEST) || \ +- $(ECHO) Checking logfiles in $(DESTDIR)$(LOG_DEST) ;\ +- $(TOUCH) $(DESTDIR)$(LOG_DEST)/logfile || exit 1 ;\ +- if [ x$$USER != x ]; then \ +- $(CHOWN) $$USER $(DESTDIR)$(LOG_DEST)/logfile || \ +- $(ECHO) "** WARNING ** current install user different from configured user. Logging may fail!!" ;\ +- fi ;\ +- if [ x$$GROUP_T != x ]; then \ +- $(CHGRP) $$GROUP_T $(DESTDIR)$(LOG_DEST)/logfile || \ +- $(ECHO) "** WARNING ** current install user different from configured user. Logging may fail!!" ;\ +- fi ;\ +- $(CHMOD) $(RWD_MODE) $(DESTDIR)$(LOG_DEST)/logfile || exit 1 ;\ + if [ "$(prefix)" = "/usr/local" ] || [ "$(prefix)" = "/usr" ]; then \ + if [ -f /etc/slackware-version ] && [ -d /etc/rc.d/ ] && [ -w /etc/rc.d/ ] ; then \ + $(SED) 's+%PROGRAM%+$(PROGRAM)+' slackware/rc.privoxy.orig | \ +--- a/config ++++ b/config +@@ -265,7 +265,7 @@ + # + # No trailing "/", please. + # +-confdir . ++confdir /etc/privoxy + # + # + # 2.2. templdir +@@ -322,7 +322,7 @@ + # + # No trailing "/", please. + # +-logdir . ++logdir /var/log/privoxy + # + # + # 2.4. actionsfile +@@ -462,7 +462,7 @@ + # Any log files must be writable by whatever user Privoxy is + # being run as (on Unix, default user id is "privoxy"). + # +-logfile logfile ++logfile privoxy.log + # + # + # 2.7. trustfile +--- a/default.action.master ++++ b/default.action.master +@@ -566,7 +566,7 @@ + +client-header-tagger{css-requests} \ + +client-header-tagger{image-requests} \ + +hide-from-header{block} \ +-+set-image-blocker{pattern} \ +++set-image-blocker{blank} \ + } + standard.Cautious + +@@ -588,7 +588,7 @@ + +hide-from-header{block} \ + +hide-referrer{conditional-block} \ + +session-cookies-only \ +-+set-image-blocker{pattern} \ +++set-image-blocker{blank} \ + } + standard.Medium + +@@ -627,7 +627,7 @@ + +hide-referrer{conditional-block} \ + +limit-connect{,} \ + +overwrite-last-modified{randomize} \ +-+set-image-blocker{pattern} \ +++set-image-blocker{blank} \ + } + standard.Advanced + diff --git a/net-proxy/privoxy/files/privoxy.initd b/net-proxy/privoxy/files/privoxy.initd new file mode 100644 index 000000000000..febdc795763c --- /dev/null +++ b/net-proxy/privoxy/files/privoxy.initd @@ -0,0 +1,29 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +CONFFILE=/etc/${SVCNAME}/config +PIDFILE=/var/run/${SVCNAME}.pid + +depend() { + need net +} + +start() { + if [ ! -f "${CONFFILE}" ]; then + eerror "Configuration file ${CONFFILE} not found!" + return 1 + fi + + ebegin "Starting privoxy" + start-stop-daemon --start --quiet --exec /usr/sbin/privoxy --pidfile "${PIDFILE}" \ + -- --pidfile "${PIDFILE}" --user privoxy.privoxy "${CONFFILE}" #2>/dev/null + eend $? +} + +stop() { + ebegin "Stopping privoxy" + start-stop-daemon --stop --quiet --pidfile "${PIDFILE}" + eend $? +} diff --git a/net-proxy/privoxy/files/privoxy.logrotate b/net-proxy/privoxy/files/privoxy.logrotate new file mode 100644 index 000000000000..aa7463bd572e --- /dev/null +++ b/net-proxy/privoxy/files/privoxy.logrotate @@ -0,0 +1,9 @@ +/var/log/privoxy/privoxy.log /var/log/privoxy/jarfile { + missingok + notifempty + create 0640 privoxy privoxy + sharedscripts + postrotate + killall -HUP privoxy 2>/dev/null || true + endscript +} diff --git a/net-proxy/privoxy/files/privoxy.service b/net-proxy/privoxy/files/privoxy.service new file mode 100644 index 000000000000..568123924781 --- /dev/null +++ b/net-proxy/privoxy/files/privoxy.service @@ -0,0 +1,10 @@ +[Unit] +Description=Privoxy Web Proxy With Advanced Filtering Capabilities +After=network.target + +[Service] +ExecStart=/usr/sbin/privoxy --no-daemon --user privoxy.privoxy /etc/privoxy/config +SuccessExitStatus=15 + +[Install] +WantedBy=multi-user.target diff --git a/net-proxy/privoxy/metadata.xml b/net-proxy/privoxy/metadata.xml new file mode 100644 index 000000000000..1619ff6d10e5 --- /dev/null +++ b/net-proxy/privoxy/metadata.xml @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>bircoph@gentoo.org</email> + </maintainer> + <use> + <flag name="editor">Enable the web-based actions file editor</flag> + <flag name="external-filters">Allow to filter content with scripts and programs. Experimental</flag> + <flag name="fast-redirects">Support fast redirects</flag> + <flag name="force">Allow single-page disable (force load)</flag> + <flag name="graceful-termination">Allow to shutdown Privoxy through the webinterface</flag> + <flag name="image-blocking">Allows the +handle-as-image action, to send "blocked" images instead of HTML</flag> + <flag name="lfs">Support large files (>2GB) on 32-bit systems</flag> + <flag name="png-images">Use PNG format instead of GIF for built-in images</flag> + <flag name="stats">Keep statistics</flag> + <flag name="toggle">Support temporary disable toggle via web interface</flag> + <flag name="whitelists">Support trust files (white lists)</flag> + </use> + <upstream> + <remote-id type="sourceforge">ijbswa</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/privoxy/privoxy-3.0.23.ebuild b/net-proxy/privoxy/privoxy-3.0.23.ebuild new file mode 100644 index 000000000000..6c8be872ab2a --- /dev/null +++ b/net-proxy/privoxy/privoxy-3.0.23.ebuild @@ -0,0 +1,81 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils toolchain-funcs autotools systemd user + +[ "${PV##*_}" = "beta" ] && + PRIVOXY_STATUS="beta" || + PRIVOXY_STATUS="stable" + +HOMEPAGE="http://www.privoxy.org http://sourceforge.net/projects/ijbswa/" +DESCRIPTION="A web proxy with advanced filtering capabilities for protecting privacy against Internet junk" +SRC_URI="mirror://sourceforge/ijbswa/${P%_*}-${PRIVOXY_STATUS}-src.tar.gz" + +IUSE="+acl editor external-filters +fast-redirects +force graceful-termination ++image-blocking ipv6 lfs png-images selinux +stats +threads toggle +whitelists +zlib" +SLOT="0" +KEYWORDS="alpha amd64 arm ppc ppc64 sparc x86 ~x86-fbsd" +LICENSE="GPL-2" + +DEPEND="dev-libs/libpcre + zlib? ( sys-libs/zlib )" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-privoxy )" + +REQUIRED_USE="toggle? ( editor )" + +S="${WORKDIR}/${P%_*}-${PRIVOXY_STATUS}" + +pkg_setup() { + enewgroup privoxy + enewuser privoxy -1 -1 /etc/privoxy privoxy +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-3.0.19-gentoo.patch + # autoreconf needs to be called even if we don't modify any autotools source files + # See main makefile + eautoreconf +} + +src_configure() { + + econf \ + $(use_enable acl acl-support) \ + $(use_enable editor) \ + $(use_enable fast-redirects) \ + $(use_enable force) \ + $(use_enable graceful-termination) \ + $(use_enable image-blocking) \ + $(use_enable ipv6 ipv6-support) \ + $(use_enable lfs large-file-support) \ + $(use_enable png-images no-gifs) \ + $(use_enable stats) \ + $(use_enable threads pthread) \ + $(use_enable toggle) \ + $(use_enable whitelists trust-files) \ + $(use_enable zlib) \ + $(usex zlib --enable-compression "") \ + --enable-dynamic-pcre \ + --with-user=privoxy \ + --with-group=privoxy \ + --sysconfdir=/etc/privoxy \ + --docdir=/usr/share/doc/${PF} +} + +src_install () { + default + + newinitd "${FILESDIR}/privoxy.initd" privoxy + systemd_dounit "${FILESDIR}"/${PN}.service + + insinto /etc/logrotate.d + newins "${FILESDIR}/privoxy.logrotate" privoxy + + diropts -m 0750 -g privoxy -o privoxy + keepdir /var/log/privoxy +} diff --git a/net-proxy/ratproxy/Manifest b/net-proxy/ratproxy/Manifest new file mode 100644 index 000000000000..8d3a95409b63 --- /dev/null +++ b/net-proxy/ratproxy/Manifest @@ -0,0 +1 @@ +DIST ratproxy-1.58.tar.gz 168700 SHA256 2142d5643305713d9be7fcc82a244048076190851e697b645c49b549a7ae0725 diff --git a/net-proxy/ratproxy/files/ratproxy-Makefile.patch b/net-proxy/ratproxy/files/ratproxy-Makefile.patch new file mode 100644 index 000000000000..323b52d1ff13 --- /dev/null +++ b/net-proxy/ratproxy/files/ratproxy-Makefile.patch @@ -0,0 +1,19 @@ +--- Makefile.bak 2008-07-08 21:34:10.000000000 +0200 ++++ Makefile 2008-07-08 21:35:34.000000000 +0200 +@@ -20,13 +20,13 @@ + # + + PROGNAME = ratproxy +-CFLAGS = -Wall -O3 -Wno-pointer-sign -D_GNU_SOURCE +-LDFLAGS = -lcrypto -lssl ++CFLAGS += -Wall -Wno-pointer-sign -D_GNU_SOURCE ++LIBS = -lcrypto -lssl + + all: $(PROGNAME) flare-check + + $(PROGNAME): $(PROGNAME).c http.c mime.c ssl.c http.h mime.h ssl.h nlist.h config.h debug.h types.h string-inl.h +- $(CC) $(PROGNAME).c -o $(PROGNAME) $(CFLAGS) http.c mime.c ssl.c $(LDFLAGS) ++ $(CC) $(PROGNAME).c -o $(PROGNAME) $(CFLAGS) $(LDFLAGS) http.c mime.c ssl.c $(LIBS) + + flare-check: + @flare-dist/flare 2>&1 | grep -qF Igor || ( \ diff --git a/net-proxy/ratproxy/metadata.xml b/net-proxy/ratproxy/metadata.xml new file mode 100644 index 000000000000..f99494e17823 --- /dev/null +++ b/net-proxy/ratproxy/metadata.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> + <longdescription lang="en">A semi-automated, largely passive web application security audit tool, + optimized for an accurate and sensitive detection, and automatic + annotation, of potential problems and security-relevant design patterns + based on the observation of existing, user-initiated traffic in complex + web 2.0 environments. + Detects and prioritizes broad classes of security problems, such as + dynamic cross-site trust model considerations, script inclusion issues, + content serving problems, insufficient XSRF and XSS defenses, and much + more.</longdescription> + <upstream> + <remote-id type="google-code">ratproxy</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/ratproxy/ratproxy-1.58.ebuild b/net-proxy/ratproxy/ratproxy-1.58.ebuild new file mode 100644 index 000000000000..2a8a70ef7305 --- /dev/null +++ b/net-proxy/ratproxy/ratproxy-1.58.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit eutils flag-o-matic + +DESCRIPTION="A semi-automated, largely passive web application security audit tool" +HOMEPAGE="http://code.google.com/p/ratproxy/" +SRC_URI="http://ratproxy.googlecode.com/files/${P}.tar.gz" + +LICENSE="Apache-2.0" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +DEPEND="dev-libs/openssl" +RDEPEND="${DEPEND}" + +S="${WORKDIR}"/${PN} + +src_unpack() { + unpack ${A} + cd "${S}" + + sed -i -e "s:keyfile\.pem:/usr/share/${PN}/&:" ssl.c + sed -r -i -e "s:(ratproxy-back\.png|messages\.list):/usr/share/${PN}/&:" ratproxy-report.sh + epatch "${FILESDIR}"/${PN}-Makefile.patch +} + +src_compile() { + tc-export CC + + emake || die "emake failed" +} + +src_install() { + dobin ${PN}-report.sh || die "install failed" + dobin ${PN} || die "install failed" + dodoc doc/{README,TODO} + insinto /usr/share/${PN} + doins keyfile.pem ratproxy-back.png messages.list +} diff --git a/net-proxy/rejik/Manifest b/net-proxy/rejik/Manifest new file mode 100644 index 000000000000..48dde094e461 --- /dev/null +++ b/net-proxy/rejik/Manifest @@ -0,0 +1,2 @@ +DIST banlists-2.x.x.tgz 116100 SHA256 221a40e8db9d19477d6fdece00c9152526a0d2f0c2298504fc99b4378457b09e SHA512 068d01685e01679b2726da1cbc5f31f6aba54ab2194e8ab145bd2409e7fc71e3662445a8274b08746e5cdeadea2197f5a72a1abef98ec91267df851615b188b3 WHIRLPOOL 8bea0d00cf0eea807eb5a0ec645715832f3cc8ba42b3110d72c61c7474ea76df1c5823173bf2cbc241b86c43aa4d581cbfbed9bacbd5daac935a86fe030c89ec +DIST redirector-3.2.10.tgz 45407 SHA256 1648af09df86dba5a73fa8d3ebaf02a62c281b847b96d5921507093056a0d05f SHA512 6e82341e402b149464b048e763cfa6f7bc514bae48514b482eded9288af9705942fbfd2e11b5701d3540489ec5ccab358848108fe15f25c5ab2915e44f3f1033 WHIRLPOOL 7b97124945d9d75077fe0047d5a89cf68da6ff9b8f38988e9984aed95927cc28893e50fb79863ec37109bdc872e6379cd1edbe408e30722351e9f24c90a06291 diff --git a/net-proxy/rejik/metadata.xml b/net-proxy/rejik/metadata.xml new file mode 100644 index 000000000000..056590827b98 --- /dev/null +++ b/net-proxy/rejik/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>pinkbyte@gentoo.org</email> + <name>Sergey Popov</name> + </maintainer> + <use> + <flag name='banlists'>Install upstream provided simple banlists</flag> + </use> +</pkgmetadata> diff --git a/net-proxy/rejik/rejik-3.2.10.ebuild b/net-proxy/rejik/rejik-3.2.10.ebuild new file mode 100644 index 000000000000..efe424cf6ffa --- /dev/null +++ b/net-proxy/rejik/rejik-3.2.10.ebuild @@ -0,0 +1,85 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +inherit eutils toolchain-funcs + +DESCRIPTION="A squid redirector used for blocking unwanted content" +HOMEPAGE="http://rejik.ru/" +SRC_URI="http://rejik.ru/download/redirector-${PV}.tgz + banlists? ( http://rejik.ru/download/banlists-2.x.x.tgz )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~amd64" +IUSE="banlists" + +DEPEND="dev-libs/libpcre" +RDEPEND="${DEPEND} + dev-perl/Text-Iconv + dev-perl/XML-Parser + net-proxy/squid" + +S=${WORKDIR}/redirector-${PV} + +src_prepare() { + sed -i -e "s:INSTALL_PATH=/usr/local/rejik3:INSTALL_PATH=${D}/opt/rejik:g" Makefile + sed -i -e "s:/usr/local/rejik3:/opt/rejik:g" vars.h + sed -i -e "s:SQUID_USER=nobody:SQUID_USER=squid:g" Makefile + sed -i -e "s:SQUID_GROUP=nogroup:SQUID_GROUP=squid:g" Makefile + # Respect CFLAGS + sed -i -e "s:CC=gcc -Wall:CC=$(tc-getCC) $CFLAGS:" Makefile + # Respect LDFLAGS + sed -i -e "s:LIBS=-L/lib \`pcre-config --libs\`:LIBS=-L/lib \`pcre-config --libs\` $LDFLAGS:" Makefile + # + sed -i -e "s:error_log /usr/local/rejik3:error_log /var/log/rejik:g" redirector.conf.dist + sed -i -e "s:change_log /usr/local/rejik3:change_log /var/log/rejik:g" redirector.conf.dist + sed -i -e "s:/usr/local/rejik3:/opt/rejik:g" redirector.conf.dist +} + +src_install() { + dodir /opt/rejik + exeinto /opt/rejik + insinto /opt/rejik + + doexe make-cache + doexe redirector + doins redirector.conf.dist + + dodir /opt/rejik/tools + insinto /opt/rejik/tools + exeinto /opt/rejik/tools + + fperms +x tools/kill-cache + fperms +x tools/benchmark + + doexe tools/kill-cache + doexe tools/benchmark + doins tools/IN.gz + + fowners -R squid:squid /opt/rejik + fperms 750 /opt/rejik + + keepdir /var/log/rejik + fowners -R squid:squid /var/log/rejik + + if use banlists; then + insinto /opt/rejik + doins -r "${WORKDIR}/banlists" + fi +} + +pkg_postinst() { + einfo "" + einfo "Copy /opt/rejik/redirector.conf.dist to /opt/rejik/redirector.conf and add line" + einfo "for squid 3.*" + einfo "url_rewrite_program /opt/rejik/redirector /opt/rejik/redirector.conf " + einfo "for squid 2.*" + einfo "redirect_program /opt/rejik/redirector /opt/rejik/redirector.conf" + einfo "to /etc/squid/squid.conf" + einfo "" + einfo "Dont forget to edit /opt/rejik/redirector.conf" + einfo "Be sure redirector.conf has right permissions" +} diff --git a/net-proxy/shadowsocks-libev/Manifest b/net-proxy/shadowsocks-libev/Manifest new file mode 100644 index 000000000000..dcfea531a7d3 --- /dev/null +++ b/net-proxy/shadowsocks-libev/Manifest @@ -0,0 +1,2 @@ +DIST shadowsocks-libev-2.2.1.tar.gz 2492392 SHA256 c8013bc56e507855913dd8972f3c629c1b0c58a7012c4c459186d7f6a0cfe953 SHA512 34209a0b86cf261bc544d2622015662918dc51f4e2bea115644653b20cede7b87360111b10d5dc194a3115099ae4256bf455472e0ed3da9af316a23d304c9bfc WHIRLPOOL b4bcc80edb33816ace40455670b5b243ec8d7d9018a11675a152767069b70aad2150260753e5e305e3921730c4d4b1c49f216f4f1179c682a8b18018bac11740 +DIST shadowsocks-libev-2.2.2.tar.gz 2492615 SHA256 9919d041a6ee4f7b7de2ea7209533b0b9d5fd5732eaa430a6f4055f6e7f1c23f SHA512 0d83a506e2ab95aa8ba1d1815d2e0a8213b96a901cf5e8939c00900167af96ae6045071f39fc07ac7daba328bc2eb1e89b0286e1e98744a8750916ec81b47f27 WHIRLPOOL 281ec6e2cc264c265c7a5b7de733e6cc71151a6d05c2fbf6f43b5cc8bea970229f74d04ec0633cd46d7fb49187d0fa834fcc0a0b039e078230168d89d0344432 diff --git a/net-proxy/shadowsocks-libev/files/shadowsocks.initd b/net-proxy/shadowsocks-libev/files/shadowsocks.initd new file mode 100644 index 000000000000..d32e6df9a915 --- /dev/null +++ b/net-proxy/shadowsocks-libev/files/shadowsocks.initd @@ -0,0 +1,52 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +SS_CONFIG="/etc/shadowsocks.json" + +SS_PIDFILE="/run/shadowsocks.pid" + +depend() { + need net +} + +checkconfig() { + if [ ! -f ${SS_CONFIG} ]; then + ewarn "${SS_CONFIG} does not exist." + fi + + SS_SVCNAME="${RC_SVCNAME#*.}" + case ${SS_SVCNAME} in + client) + SS_COMMAND="/usr/bin/ss-local" + return 0 + ;; + server) + SS_COMMAND="/usr/bin/ss-server" + return 0 + ;; + *) + eerror "please choose to run as server or client mode" + eerror " server: rc-update add shadowsocks.server default" + eerror " client: rc-update add shadowsocks.client default" + return 1 + ;; + esac +} + +start() { + checkconfig || return 1 + + ebegin "Starting Shadowsocks: ${SS_SVCNAME} mode" + start-stop-daemon --start --exec ${SS_COMMAND} \ + -- -c ${SS_CONFIG} -f ${SS_PIDFILE} >/dev/null 2>&1 & + eend $? +} + +stop() { + ebegin "Stopping Shadowsocks" + start-stop-daemon --stop --pidfile ${SS_PIDFILE} + eend $? +} + diff --git a/net-proxy/shadowsocks-libev/files/shadowsocks.json b/net-proxy/shadowsocks-libev/files/shadowsocks.json new file mode 100644 index 000000000000..a29c3a59b0ef --- /dev/null +++ b/net-proxy/shadowsocks-libev/files/shadowsocks.json @@ -0,0 +1,8 @@ +{ + "server":"server ip", + "server_port":8388, + "local_port":1080, + "password":"password", + "timeout":600, + "method":"aes-256-cfb" +} diff --git a/net-proxy/shadowsocks-libev/metadata.xml b/net-proxy/shadowsocks-libev/metadata.xml new file mode 100644 index 000000000000..e983078a92d8 --- /dev/null +++ b/net-proxy/shadowsocks-libev/metadata.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>dlan@gentoo.org</email> + <name>Yixun Lan</name> + </maintainer> + <longdescription lang="en"> +</longdescription> + <use> + <flag name="openssl">Use <pkg>dev-libs/openssl</pkg> as crypto backend</flag> + <flag name="polarssl">Use <pkg>net-libs/polarssl</pkg> as crypto backend</flag> + </use> + <upstream> + <remote-id type="github">shadowsocks/shadowsocks-libev</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/shadowsocks-libev/shadowsocks-libev-2.2.1.ebuild b/net-proxy/shadowsocks-libev/shadowsocks-libev-2.2.1.ebuild new file mode 100644 index 000000000000..d871ca0b138d --- /dev/null +++ b/net-proxy/shadowsocks-libev/shadowsocks-libev-2.2.1.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils + +DESCRIPTION="A lightweight secured scoks5 proxy for embedded devices and low end boxes" +HOMEPAGE="https://github.com/shadowsocks/shadowsocks-libev" + +MY_PV="v${PV}" +SRC_URI="https://github.com/shadowsocks/${PN}/archive/${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-3+" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="debug +openssl polarssl" + +DEPEND="openssl? ( dev-libs/openssl:= ) + polarssl? ( net-libs/polarssl ) + " +RDEPEND="${DEPEND}" + +REQUIRED_USE=" ^^ ( openssl polarssl )" + +src_configure() { + econf \ + $(use_enable debug assert) \ + --with-crypto-library=$(usex openssl openssl polarssl) +} + +src_install() { + default + prune_libtool_files --all + + insinto "/etc/" + newins "${FILESDIR}/shadowsocks.json" shadowsocks.json + + newinitd "${FILESDIR}/shadowsocks.initd" shadowsocks + dosym /etc/init.d/shadowsocks /etc/init.d/shadowsocks.server + dosym /etc/init.d/shadowsocks /etc/init.d/shadowsocks.client +} + +pkg_setup() { + elog "You need to choose to run as server or client mode" + elog " server: rc-update add shadowsocks.server default" + elog " client: rc-update add shadowsocks.client default" +} diff --git a/net-proxy/shadowsocks-libev/shadowsocks-libev-2.2.2.ebuild b/net-proxy/shadowsocks-libev/shadowsocks-libev-2.2.2.ebuild new file mode 100644 index 000000000000..d871ca0b138d --- /dev/null +++ b/net-proxy/shadowsocks-libev/shadowsocks-libev-2.2.2.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit eutils + +DESCRIPTION="A lightweight secured scoks5 proxy for embedded devices and low end boxes" +HOMEPAGE="https://github.com/shadowsocks/shadowsocks-libev" + +MY_PV="v${PV}" +SRC_URI="https://github.com/shadowsocks/${PN}/archive/${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-3+" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="debug +openssl polarssl" + +DEPEND="openssl? ( dev-libs/openssl:= ) + polarssl? ( net-libs/polarssl ) + " +RDEPEND="${DEPEND}" + +REQUIRED_USE=" ^^ ( openssl polarssl )" + +src_configure() { + econf \ + $(use_enable debug assert) \ + --with-crypto-library=$(usex openssl openssl polarssl) +} + +src_install() { + default + prune_libtool_files --all + + insinto "/etc/" + newins "${FILESDIR}/shadowsocks.json" shadowsocks.json + + newinitd "${FILESDIR}/shadowsocks.initd" shadowsocks + dosym /etc/init.d/shadowsocks /etc/init.d/shadowsocks.server + dosym /etc/init.d/shadowsocks /etc/init.d/shadowsocks.client +} + +pkg_setup() { + elog "You need to choose to run as server or client mode" + elog " server: rc-update add shadowsocks.server default" + elog " client: rc-update add shadowsocks.client default" +} diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest new file mode 100644 index 000000000000..d2153f81cd5d --- /dev/null +++ b/net-proxy/squid/Manifest @@ -0,0 +1,2 @@ +DIST squid-3.5.6.tar.xz 2291152 SHA256 cd080e8d5eaabebf6808792751322bd05f2a9c8fe4377f54c7155682ef6c38d5 SHA512 f6c2550cdb5b2f3317105c986caddf06d010bffa0c61d065cffcde72e5bc30c4608486c79c4b25418dfb9f0a8d7ef1d2fabb6b07d1f0262a19fafc945af98bef WHIRLPOOL 863c6f73c3c26737d98cbff15afa5b6630310226ee9ec10a3e38f646b1416137e998f9bb1e5b492e5871129aed3c98e729b3a757d35088162e671d310a887336 +DIST squid-3.5.7.tar.xz 2294580 SHA256 ec6f861bddee007b1dd320667a26ddc9ff76847bbe4cbb59c0134588e65c8699 SHA512 13757da759c1a64fe13d451cff40c4ae30b18c2939f6971b4ef25e24b771ea973e3357f05ec89fccff51acc9e2c77418880b05f6020d58b7633141b928aaf349 WHIRLPOOL 9ce722647f6144ae5192a0a177d5d085252039eed3a7cbdf1fcb638c32097bf21710db71044448fc98bdba7c15daefb79dee5912b4d0c41cbc0e0b0fda695ee1 diff --git a/net-proxy/squid/files/squid-3.3.4-gentoo.patch b/net-proxy/squid/files/squid-3.3.4-gentoo.patch new file mode 100644 index 000000000000..fb049e9ce5d6 --- /dev/null +++ b/net-proxy/squid/files/squid-3.3.4-gentoo.patch @@ -0,0 +1,131 @@ +diff --git a/configure.ac b/configure.ac +index a863327..deb44ed 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -26,9 +26,9 @@ PRESET_CFLAGS="$CFLAGS" + PRESET_LDFLAGS="$LDFLAGS" + + dnl Set default LDFLAGS +-if test "x$LDFLAGS" = "x" ; then +- LDFLAGS="-g" +-fi ++dnl if test "x$LDFLAGS" = "x" ; then ++dnl LDFLAGS="-g" ++dnl fi + + # Check for GNU cc + AC_PROG_CC +diff --git a/helpers/basic_auth/SMB/basic_smb_auth.sh b/helpers/basic_auth/SMB/basic_smb_auth.sh +index 2a1abb3..b3ebb7a 100755 +--- a/helpers/basic_auth/SMB/basic_smb_auth.sh ++++ b/helpers/basic_auth/SMB/basic_smb_auth.sh +@@ -24,7 +24,7 @@ read NMBCAST + read AUTHSHARE + read AUTHFILE + read SMBUSER +-read SMBPASS ++read -r SMBPASS + + # Find domain controller + echo "Domain name: $DOMAINNAME" +@@ -47,7 +47,7 @@ else + addropt="" + fi + echo "Query address options: $addropt" +-dcip=`nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` ++dcip=`nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` + echo "Domain controller IP address: $dcip" + [ -n "$dcip" ] || exit 1 + +diff --git a/src/Makefile.am b/src/Makefile.am +index 6b69267..10f506a 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -867,8 +867,8 @@ DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR) + DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log + DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log + DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log +-DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state +-DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/ssl_db ++DEFAULT_NETDB_FILE = $(localstatedir)/lib/squid/netdb.state ++DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/squid/ssl_db + DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_LOGFILED = $(libexecdir)/`echo log_file_daemon | sed '$(transform);s/$$/$(EXEEXT)/'` +diff --git a/src/debug.cc b/src/debug.cc +index 64ab0ba..062119a 100644 +--- a/src/debug.cc ++++ b/src/debug.cc +@@ -450,7 +450,7 @@ _db_init(const char *logfile, const char *options) + #if HAVE_SYSLOG && defined(LOG_LOCAL4) + + if (Debug::log_syslog) +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility); + + #endif /* HAVE_SYSLOG */ + +diff --git a/src/main.cc b/src/main.cc +index d6eb01a..0b93f0e 100644 +--- a/src/main.cc ++++ b/src/main.cc +@@ -1657,7 +1657,7 @@ watch_child(char *argv[]) + if (!IamMasterProcess()) + return; + +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); +@@ -1720,7 +1720,7 @@ watch_child(char *argv[]) + + if ((pid = fork()) == 0) { + /* child */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + prog = argv[0]; + argv[0] = const_cast<char*>(kid.name().termedBuf()); + execvp(prog, argv); +@@ -1733,7 +1733,7 @@ watch_child(char *argv[]) + } + + /* parent */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + + squid_signal(SIGINT, SIG_IGN, SA_RESTART); + +--- a/src/cf.data.pre 2013-04-29 11:17:59.256167134 +0300 ++++ b/src/cf.data.pre 2013-04-29 11:20:17.043924313 +0300 +@@ -1019,6 +1019,7 @@ + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -5300,11 +5301,11 @@ + + NAME: cache_mgr + TYPE: string +-DEFAULT: webmaster ++DEFAULT: root + LOC: Config.adminEmail + DOC_START + Email-address of local cache manager who will receive +- mail if the cache dies. The default is "webmaster". ++ mail if the cache dies. The default is "root". + DOC_END + + NAME: mail_from +@@ -8052,7 +8053,7 @@ + NAME: forwarded_for + COMMENT: on|off|transparent|truncate|delete + TYPE: string +-DEFAULT: on ++DEFAULT: delete + LOC: opt_forwarded_for + DOC_START + If set to "on", Squid will append your client's IP address diff --git a/net-proxy/squid/files/squid-3.5.7-gentoo.patch b/net-proxy/squid/files/squid-3.5.7-gentoo.patch new file mode 100644 index 000000000000..c4def050a2d0 --- /dev/null +++ b/net-proxy/squid/files/squid-3.5.7-gentoo.patch @@ -0,0 +1,100 @@ +diff --git a/configure.ac b/configure.ac +index a863327..deb44ed 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -26,9 +26,9 @@ PRESET_CFLAGS="$CFLAGS" + PRESET_LDFLAGS="$LDFLAGS" + + dnl Set default LDFLAGS +-if test "x$LDFLAGS" = "x" ; then +- LDFLAGS="-g" +-fi ++dnl if test "x$LDFLAGS" = "x" ; then ++dnl LDFLAGS="-g" ++dnl fi + + # Check for GNU cc + AC_PROG_CC +diff --git a/src/Makefile.am b/src/Makefile.am +index 6b69267..10f506a 100644 +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -867,8 +867,8 @@ DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR) + DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log + DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log + DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log +-DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state +-DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/ssl_db ++DEFAULT_NETDB_FILE = $(localstatedir)/lib/squid/netdb.state ++DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/squid/ssl_db + DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_LOGFILED = $(libexecdir)/`echo log_file_daemon | sed '$(transform);s/$$/$(EXEEXT)/'` +diff --git a/src/debug.cc b/src/debug.cc +index 64ab0ba..062119a 100644 +--- a/src/debug.cc ++++ b/src/debug.cc +@@ -450,7 +450,7 @@ _db_init(const char *logfile, const char *options) + #if HAVE_SYSLOG && defined(LOG_LOCAL4) + + if (Debug::log_syslog) +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility); + + #endif /* HAVE_SYSLOG */ + +diff --git a/src/main.cc b/src/main.cc +index d6eb01a..0b93f0e 100644 +--- a/src/main.cc ++++ b/src/main.cc +@@ -1657,7 +1657,7 @@ watch_child(char *argv[]) + if (!IamMasterProcess()) + return; + +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); +@@ -1720,7 +1720,7 @@ watch_child(char *argv[]) + + if ((pid = fork()) == 0) { + /* child */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + prog = argv[0]; + argv[0] = const_cast<char*>(kid.name().termedBuf()); + execvp(prog, argv); +@@ -1733,7 +1733,7 @@ watch_child(char *argv[]) + } + + /* parent */ +- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4); + + squid_signal(SIGINT, SIG_IGN, SA_RESTART); + +--- a/src/cf.data.pre 2013-04-29 11:17:59.256167134 +0300 ++++ b/src/cf.data.pre 2013-04-29 11:20:17.043924313 +0300 +@@ -1019,6 +1019,7 @@ + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -5300,11 +5301,11 @@ + + NAME: cache_mgr + TYPE: string +-DEFAULT: webmaster ++DEFAULT: root + LOC: Config.adminEmail + DOC_START + Email-address of local cache manager who will receive +- mail if the cache dies. The default is "webmaster". ++ mail if the cache dies. The default is "root". + DOC_END + + NAME: mail_from diff --git a/net-proxy/squid/files/squid.confd-r1 b/net-proxy/squid/files/squid.confd-r1 new file mode 100644 index 000000000000..c42e04e11add --- /dev/null +++ b/net-proxy/squid/files/squid.confd-r1 @@ -0,0 +1,13 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +# Config file for /etc/init.d/squid + +SQUID_OPTS="-YC" + +# Kerberos keytab file to use. This is required if you enable kerberos authentication. +SQUID_KEYTAB="" + +# Use max_filedescriptors setting in squid.conf to determine the maximum number +# of filedescriptors squid can open. diff --git a/net-proxy/squid/files/squid.cron b/net-proxy/squid/files/squid.cron new file mode 100644 index 000000000000..8726ddd72955 --- /dev/null +++ b/net-proxy/squid/files/squid.cron @@ -0,0 +1,5 @@ +#!/bin/sh +if test -e /var/run/squid.pid ; then + test -n "$(cat /var/run/squid.pid|xargs ps -p|grep squid)" && \ + /usr/sbin/squid -k rotate +fi diff --git a/net-proxy/squid/files/squid.initd-r4 b/net-proxy/squid/files/squid.initd-r4 new file mode 100644 index 000000000000..29c299bd2ecc --- /dev/null +++ b/net-proxy/squid/files/squid.initd-r4 @@ -0,0 +1,118 @@ +#!/sbin/runscript +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +extra_started_commands="reload rotate" + +depend() { + use dns net +} + +checkconfig() { + if [ ! -f /etc/squid/${SVCNAME}.conf ]; then + eerror "You need to create /etc/squid/${SVCNAME}.conf first." + eerror "An example can be found in /etc/squid/squid.conf.default" + return 1 + fi + + local PIDFILE=$(awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }' < /etc/squid/${SVCNAME}.conf) + [ -z ${PIDFILE} ] && PIDFILE=/run/squid.pid + if [ /run/${SVCNAME}.pid != ${PIDFILE} ]; then + eerror "/etc/squid/${SVCNAME}.conf must set pid_filename to" + eerror " /run/${SVCNAME}.pid" + eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than" + eerror " in any other instance of squid." + return 1 + fi + + # Maximum file descriptors squid can open is determined by: + # a basic default of N=1024 + # ... altered by ./configure --with-filedescriptors=N + # ... overridden on production by squid.conf max_filedescriptors (if, + # and only if, setrlimit() RLIMIT_NOFILE is able to be built+used). + # Since we do not configure hard coded # of filedescriptors anymore, + # there is no need for ulimit calls in the init script. + # Use max_filedescriptors in squid.conf instead. + + local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { if ( $2 == "rock" ) printf "%s/rock ", $3; else if ( $2 == "coss" ) printf "%s/stripe ", $3; else printf "%s/00 ", $3; }' < /etc/squid/${SVCNAME}.conf) + [ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00" + + local x + for x in $CACHE_SWAP ; do + if [ ! -e $x ] ; then + ebegin "Initializing cache directory ${x%/*}" + local ORIG_UMASK=$(umask) + umask 027 + + if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then + eend 1 + return 1 + fi + + local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${SVCNAME}.conf 2>&1)" + if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then + umask $ORIG_UMASK + eend 1 + echo "$INIT_CACHE_RESPONSE" + return 1 + fi + + umask $ORIG_UMASK + eend 0 + break + fi + done + + return 0 +} + +start() { + checkconfig || return 1 + checkpath -d -q -m 0750 -o squid:squid /run/${SVCNAME} + + ebegin "Starting ${SVCNAME}" + KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${SVCNAME}.conf + eend $? && sleep 1 +} + +stop() { + ebegin "Stopping ${SVCNAME}" + if /usr/sbin/squid -k shutdown -f /etc/squid/${SVCNAME}.conf ; then + # Now we have to wait until squid has _really_ stopped. + sleep 1 + if [ -f /run/${SVCNAME}.pid ] ; then + einfon "Waiting for squid to shutdown ." + cnt=0 + while [ -f /run/${SVCNAME}.pid ] ; do + cnt=$(expr $cnt + 1) + if [ $cnt -gt 60 ] ; then + # Waited 120 seconds now. Fail. + echo + eend 1 "Failed." + break + fi + sleep 2 + echo -n "." + done + echo + fi + else + eerror "Squid shutdown failed, probably service is already down." + fi + eend 0 +} + +reload() { + checkconfig || return 1 + ebegin "Reloading ${SVCNAME}" + /usr/sbin/squid -k reconfigure -f /etc/squid/${SVCNAME}.conf + eend $? +} + +rotate() { + service_started ${SVCNAME} || return 1 + ebegin "Rotating ${SVCNAME} logs" + /usr/sbin/squid -k rotate -f /etc/squid/${SVCNAME}.conf + eend $? +} diff --git a/net-proxy/squid/files/squid.logrotate b/net-proxy/squid/files/squid.logrotate new file mode 100644 index 000000000000..5bf289691aec --- /dev/null +++ b/net-proxy/squid/files/squid.logrotate @@ -0,0 +1,8 @@ +/var/log/squid/*.log { + copytruncate + compress + notifempty + missingok + sharedscripts +} + diff --git a/net-proxy/squid/files/squid.pam b/net-proxy/squid/files/squid.pam new file mode 100644 index 000000000000..95fbe6bfd6b5 --- /dev/null +++ b/net-proxy/squid/files/squid.pam @@ -0,0 +1,8 @@ +#%PAM-1.0 +# $Id$ +auth required pam_nologin.so +auth include system-auth +account include system-auth +password include system-auth +session optional pam_limits.so +session include system-auth diff --git a/net-proxy/squid/metadata.xml b/net-proxy/squid/metadata.xml new file mode 100644 index 000000000000..b4d2d4f828ae --- /dev/null +++ b/net-proxy/squid/metadata.xml @@ -0,0 +1,31 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>eras@gentoo.org</email> + <name>Eray Aslan</name> + </maintainer> + <longdescription>A full-featured web proxy cache</longdescription> + <use> + <flag name="ecap">Adds support for loadable content adaptation modules + (http://www.e-cap.org)</flag> + <flag name="esi">Enable ESI for accelerators, will cause squid reverse proxies + to be capable of the Edge Acceleration Specification (www.esi.org)</flag> + <flag name="htcp">Enable HTCP protocol</flag> + <flag name="ipf-transparent">Adds transparent proxy support for systems + using IP-Filter (only for *bsd)</flag> + <flag name="logrotate">Use <pkg>app-admin/logrotate</pkg> for rotating + logs</flag> + <flag name="kqueue">Enables *BSD kqueue() support</flag> + <flag name="pf-transparent">Adds transparent proxy support for systems using + PF (only for *bsd)</flag> + <flag name="qos">Adds support for Quality of Service using netfilter conntrack + - see qos_flow directive for more info</flag> + <flag name="ssl-crtd">Adds support for dynamic SSL certificate generation in + SslBump environments</flag> + <flag name="tproxy">Enables real Transparent Proxy support for Linux Netfilter + TPROXY</flag> + <flag name="wccp">Enable Web Cache Coordination Protocol</flag> + <flag name="wccpv2">Enable Web Cache Coordination V2 Protocol</flag> + </use> +</pkgmetadata> diff --git a/net-proxy/squid/squid-3.5.6.ebuild b/net-proxy/squid/squid-3.5.6.ebuild new file mode 100644 index 000000000000..9598d044ab8b --- /dev/null +++ b/net-proxy/squid/squid-3.5.6.ebuild @@ -0,0 +1,247 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools eutils linux-info pam toolchain-funcs user versionator + +DESCRIPTION="A full-featured web proxy cache" +HOMEPAGE="http://www.squid-cache.org/" +SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd" +IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \ + ecap esi ssl-crtd \ + mysql postgres sqlite \ + qos tproxy \ + +htcp +wccp +wccpv2 \ + pf-transparent ipf-transparent kqueue \ + elibc_uclibc kernel_linux" + +COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 ) + pam? ( virtual/pam ) + ldap? ( net-nds/openldap ) + kerberos? ( virtual/krb5 ) + qos? ( net-libs/libnetfilter_conntrack ) + ssl? ( dev-libs/openssl:* dev-libs/nettle >=net-libs/gnutls-3.1.5 ) + sasl? ( dev-libs/cyrus-sasl ) + ecap? ( net-libs/libecap:1 ) + esi? ( dev-libs/expat dev-libs/libxml2 ) + !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) + >=sys-libs/db-4:* + dev-lang/perl + dev-libs/libltdl:0" +DEPEND="${COMMON_DEPEND} + ecap? ( virtual/pkgconfig ) + sys-apps/ed + test? ( dev-util/cppunit )" +RDEPEND="${COMMON_DEPEND} + samba? ( net-fs/samba ) + mysql? ( dev-perl/DBD-mysql ) + postgres? ( dev-perl/DBD-Pg ) + selinux? ( sec-policy/selinux-squid ) + sqlite? ( dev-perl/DBD-SQLite ) + !<=sci-biology/meme-4.8.1-r1" + +REQUIRED_USE="tproxy? ( caps ) + qos? ( caps )" + +pkg_pretend() { + if use tproxy; then + local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY" + linux-info_pkg_setup + fi +} + +pkg_setup() { + enewgroup squid + enewuser squid -1 -1 /var/cache/squid squid +} + +src_prepare() { + epatch "${FILESDIR}/${PN}-3.3.4-gentoo.patch" + sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \ + INSTALL QUICKSTART \ + scripts/fileno-to-pathname.pl \ + scripts/check_cache.pl \ + tools/cachemgr.cgi.8 \ + tools/purge/conffile.hh \ + tools/purge/README || die + sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \ + INSTALL QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \ + QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \ + QUICKSTART \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \ + helpers/external_acl/unix_group/ext_unix_group_acl.8 \ + helpers/external_acl/session/ext_session_acl.8 \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \ + scripts/check_cache.pl || die + sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \ + src/ssl/ssl_crtd.8 || die + # /var/run/squid to /run/squid + sed -i -e 's:$(localstatedir)::' \ + src/ipc/Makefile.am || die + sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \ + libltdl/configure.ac || die + + epatch_user + + eautoreconf +} + +src_configure() { + local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam" + use samba && basic_modules+=",SMB" + use ldap && basic_modules+=",LDAP" + use pam && basic_modules+=",PAM" + use sasl && basic_modules+=",SASL" + use nis && ! use elibc_uclibc && basic_modules+=",NIS" + use radius && basic_modules+=",RADIUS" + if use mysql || use postgres || use sqlite ; then + basic_modules+=",DB" + fi + + local digest_modules="file" + use ldap && digest_modules+=",LDAP,eDirectory" + + local negotiate_modules="none" + local myconf="--without-mit-krb5 --without-heimdal-krb5" + if use kerberos ; then + negotiate_modules="kerberos,wrapper" + if has_version app-crypt/heimdal ; then + myconf="--without-mit-krb5 --with-heimdal-krb5" + else + myconf="--with-mit-krb5 --without-heimdal-krb5" + fi + fi + + local ntlm_modules="none" + use samba && ntlm_modules="smb_lm" + + local ext_helpers="file_userip,session,unix_group" + use samba && ext_helpers+=",wbinfo_group" + use ldap && ext_helpers+=",LDAP_group,eDirectory_userip" + use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group" + + local storeio_modules="aufs,diskd,rock,ufs" + + local transparent + if use kernel_linux ; then + transparent+=" --enable-linux-netfilter" + use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack" + fi + + if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then + transparent+=" $(use_enable kqueue)" + if use pf-transparent; then + transparent+=" --enable-pf-transparent" + elif use ipf-transparent; then + transparent+=" --enable-ipf-transparent" + fi + fi + + tc-export CC AR + + econf \ + --sysconfdir=/etc/squid \ + --libexecdir=/usr/libexec/squid \ + --localstatedir=/var \ + --with-pidfile=/run/squid.pid \ + --datadir=/usr/share/squid \ + --with-logdir=/var/log/squid \ + --with-default-user=squid \ + --enable-removal-policies="lru,heap" \ + --enable-storeio="${storeio_modules}" \ + --enable-disk-io \ + --enable-auth-basic="${basic_modules}" \ + --enable-auth-digest="${digest_modules}" \ + --enable-auth-ntlm="${ntlm_modules}" \ + --enable-auth-negotiate="${negotiate_modules}" \ + --enable-external-acl-helpers="${ext_helpers}" \ + --enable-log-daemon-helpers \ + --enable-url-rewrite-helpers \ + --enable-cache-digests \ + --enable-delay-pools \ + --enable-eui \ + --enable-icmp \ + --enable-follow-x-forwarded-for \ + --with-large-files \ + --disable-strict-error-checking \ + --disable-arch-native \ + $(use_with caps libcap) \ + $(use_enable ipv6) \ + $(use_enable snmp) \ + $(use_with ssl openssl) \ + $(use_with ssl nettle) \ + $(use_with ssl gnutls) \ + $(use_enable ssl-crtd) \ + $(use_enable ecap) \ + $(use_enable esi) \ + $(use_enable htcp) \ + $(use_enable wccp) \ + $(use_enable wccpv2) \ + ${transparent} \ + ${myconf} +} + +src_install() { + emake DESTDIR="${D}" install + + # need suid root for looking into /etc/shadow + fowners root:squid /usr/libexec/squid/basic_ncsa_auth + fperms 4750 /usr/libexec/squid/basic_ncsa_auth + if use pam; then + fowners root:squid /usr/libexec/squid/basic_pam_auth + fperms 4750 /usr/libexec/squid/basic_pam_auth + fi + # pinger needs suid as well + fowners root:squid /usr/libexec/squid/pinger + fperms 4750 /usr/libexec/squid/pinger + + # cleanup + rm -f "${D}"/usr/bin/Run* + rm -rf "${D}"/run/squid "${D}"/var/cache/squid + + dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt + newdoc helpers/negotiate_auth/kerberos/README README.kerberos + newdoc helpers/basic_auth/RADIUS/README README.RADIUS + newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group + newdoc tools/purge/README README.purge + newdoc tools/helper-mux.README README.helper-mux + dohtml RELEASENOTES.html + + newpamd "${FILESDIR}/squid.pam" squid + newconfd "${FILESDIR}/squid.confd-r1" squid + newinitd "${FILESDIR}/squid.initd-r4" squid + if use logrotate; then + insinto /etc/logrotate.d + newins "${FILESDIR}/squid.logrotate" squid + else + exeinto /etc/cron.weekly + newexe "${FILESDIR}/squid.cron" squid.cron + fi + + diropts -m0750 -o squid -g squid + keepdir /var/log/squid /etc/ssl/squid /var/lib/squid +} + +pkg_postinst() { + if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \ + [[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then + elog "Please read the release notes at:" + elog " http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html" + echo + fi +} diff --git a/net-proxy/squid/squid-3.5.7.ebuild b/net-proxy/squid/squid-3.5.7.ebuild new file mode 100644 index 000000000000..f0c50daf2a1c --- /dev/null +++ b/net-proxy/squid/squid-3.5.7.ebuild @@ -0,0 +1,247 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools eutils linux-info pam toolchain-funcs user versionator + +DESCRIPTION="A full-featured web proxy cache" +HOMEPAGE="http://www.squid-cache.org/" +SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \ + ecap esi ssl-crtd \ + mysql postgres sqlite \ + qos tproxy \ + +htcp +wccp +wccpv2 \ + pf-transparent ipf-transparent kqueue \ + elibc_uclibc kernel_linux" + +COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 ) + pam? ( virtual/pam ) + ldap? ( net-nds/openldap ) + kerberos? ( virtual/krb5 ) + qos? ( net-libs/libnetfilter_conntrack ) + ssl? ( dev-libs/openssl:* dev-libs/nettle >=net-libs/gnutls-3.1.5 ) + sasl? ( dev-libs/cyrus-sasl ) + ecap? ( net-libs/libecap:1 ) + esi? ( dev-libs/expat dev-libs/libxml2 ) + !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) + >=sys-libs/db-4:* + dev-lang/perl + dev-libs/libltdl:0" +DEPEND="${COMMON_DEPEND} + ecap? ( virtual/pkgconfig ) + sys-apps/ed + test? ( dev-util/cppunit )" +RDEPEND="${COMMON_DEPEND} + samba? ( net-fs/samba ) + mysql? ( dev-perl/DBD-mysql ) + postgres? ( dev-perl/DBD-Pg ) + selinux? ( sec-policy/selinux-squid ) + sqlite? ( dev-perl/DBD-SQLite ) + !<=sci-biology/meme-4.8.1-r1" + +REQUIRED_USE="tproxy? ( caps ) + qos? ( caps )" + +pkg_pretend() { + if use tproxy; then + local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY" + linux-info_pkg_setup + fi +} + +pkg_setup() { + enewgroup squid + enewuser squid -1 -1 /var/cache/squid squid +} + +src_prepare() { + epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch" + sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \ + INSTALL QUICKSTART \ + scripts/fileno-to-pathname.pl \ + scripts/check_cache.pl \ + tools/cachemgr.cgi.8 \ + tools/purge/conffile.hh \ + tools/purge/README || die + sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \ + INSTALL QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \ + QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \ + QUICKSTART \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \ + helpers/external_acl/unix_group/ext_unix_group_acl.8 \ + helpers/external_acl/session/ext_session_acl.8 \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \ + scripts/check_cache.pl || die + sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \ + src/ssl/ssl_crtd.8 || die + sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \ + src/ssl/ssl_crtd.8 || die + # /var/run/squid to /run/squid + sed -i -e 's:$(localstatedir)::' \ + src/ipc/Makefile.am || die + sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \ + libltdl/configure.ac || die + + epatch_user + + eautoreconf +} + +src_configure() { + local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam" + use samba && basic_modules+=",SMB" + use ldap && basic_modules+=",LDAP" + use pam && basic_modules+=",PAM" + use sasl && basic_modules+=",SASL" + use nis && ! use elibc_uclibc && basic_modules+=",NIS" + use radius && basic_modules+=",RADIUS" + if use mysql || use postgres || use sqlite ; then + basic_modules+=",DB" + fi + + local digest_modules="file" + use ldap && digest_modules+=",LDAP,eDirectory" + + local negotiate_modules="none" + local myconf="--without-mit-krb5 --without-heimdal-krb5" + if use kerberos ; then + negotiate_modules="kerberos,wrapper" + if has_version app-crypt/heimdal ; then + myconf="--without-mit-krb5 --with-heimdal-krb5" + else + myconf="--with-mit-krb5 --without-heimdal-krb5" + fi + fi + + local ntlm_modules="none" + use samba && ntlm_modules="smb_lm" + + local ext_helpers="file_userip,session,unix_group" + use samba && ext_helpers+=",wbinfo_group" + use ldap && ext_helpers+=",LDAP_group,eDirectory_userip" + use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group" + + local storeio_modules="aufs,diskd,rock,ufs" + + local transparent + if use kernel_linux ; then + transparent+=" --enable-linux-netfilter" + use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack" + fi + + if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then + transparent+=" $(use_enable kqueue)" + if use pf-transparent; then + transparent+=" --enable-pf-transparent" + elif use ipf-transparent; then + transparent+=" --enable-ipf-transparent" + fi + fi + + tc-export CC AR + + econf \ + --sysconfdir=/etc/squid \ + --libexecdir=/usr/libexec/squid \ + --localstatedir=/var \ + --with-pidfile=/run/squid.pid \ + --datadir=/usr/share/squid \ + --with-logdir=/var/log/squid \ + --with-default-user=squid \ + --enable-removal-policies="lru,heap" \ + --enable-storeio="${storeio_modules}" \ + --enable-disk-io \ + --enable-auth-basic="${basic_modules}" \ + --enable-auth-digest="${digest_modules}" \ + --enable-auth-ntlm="${ntlm_modules}" \ + --enable-auth-negotiate="${negotiate_modules}" \ + --enable-external-acl-helpers="${ext_helpers}" \ + --enable-log-daemon-helpers \ + --enable-url-rewrite-helpers \ + --enable-cache-digests \ + --enable-delay-pools \ + --enable-eui \ + --enable-icmp \ + --enable-follow-x-forwarded-for \ + --with-large-files \ + --disable-strict-error-checking \ + --disable-arch-native \ + $(use_with caps libcap) \ + $(use_enable ipv6) \ + $(use_enable snmp) \ + $(use_with ssl openssl) \ + $(use_with ssl nettle) \ + $(use_with ssl gnutls) \ + $(use_enable ssl-crtd) \ + $(use_enable ecap) \ + $(use_enable esi) \ + $(use_enable htcp) \ + $(use_enable wccp) \ + $(use_enable wccpv2) \ + ${transparent} \ + ${myconf} +} + +src_install() { + emake DESTDIR="${D}" install + + # need suid root for looking into /etc/shadow + fowners root:squid /usr/libexec/squid/basic_ncsa_auth + fperms 4750 /usr/libexec/squid/basic_ncsa_auth + if use pam; then + fowners root:squid /usr/libexec/squid/basic_pam_auth + fperms 4750 /usr/libexec/squid/basic_pam_auth + fi + # pinger needs suid as well + fowners root:squid /usr/libexec/squid/pinger + fperms 4750 /usr/libexec/squid/pinger + + # cleanup + rm -f "${D}"/usr/bin/Run* + rm -rf "${D}"/run/squid "${D}"/var/cache/squid + + dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt + newdoc helpers/negotiate_auth/kerberos/README README.kerberos + newdoc helpers/basic_auth/RADIUS/README README.RADIUS + newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group + newdoc tools/purge/README README.purge + newdoc tools/helper-mux.README README.helper-mux + dohtml RELEASENOTES.html + + newpamd "${FILESDIR}/squid.pam" squid + newconfd "${FILESDIR}/squid.confd-r1" squid + newinitd "${FILESDIR}/squid.initd-r4" squid + if use logrotate; then + insinto /etc/logrotate.d + newins "${FILESDIR}/squid.logrotate" squid + else + exeinto /etc/cron.weekly + newexe "${FILESDIR}/squid.cron" squid.cron + fi + + diropts -m0750 -o squid -g squid + keepdir /var/log/squid /etc/ssl/squid /var/lib/squid +} + +pkg_postinst() { + if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \ + [[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then + elog "Please read the release notes at:" + elog " http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html" + echo + fi +} diff --git a/net-proxy/squidclamav/Manifest b/net-proxy/squidclamav/Manifest new file mode 100644 index 000000000000..93f6a7f576bd --- /dev/null +++ b/net-proxy/squidclamav/Manifest @@ -0,0 +1,2 @@ +DIST squidclamav-6.10.tar.gz 436639 SHA256 4d1ed7012b5b8db4143d38196b0928bd44f2461226a3f9ae2cdc3643524a054b SHA512 36a49720ea8984d3075364cc6150bd5063983aaeaaad538f6e4fde013b92243b0aeb39ef151e0a6752259739e1258d8170fa27eedf3a91384a5814fd81ae9382 WHIRLPOOL 7d96880458303f974e0f4af166944936e2dc44e4ad026d77016d038ef6088d089394e531d5b35e919efdc78e86c0c1ab6d74401af80e4532ff4a6a374844efb0 +DIST squidclamav-6.8.tar.gz 840634 SHA256 70dc1de6aa1a5cc705e336512699a0da530cf6f6e1130b261c5983ee89b34c49 SHA512 03d4ccbb970c1b3c9f0d632eae2b0c43fa0d2fc4b2fd495ef972018c069e20b7a4d198989a6010a1778c87a173fa90c49ea3d2332b89a5a9f6b5b7cb914879d0 WHIRLPOOL 4502a912f60af6f48bf662b67957f8c919a04627d02b120e64ef0566f9108c89fef45793d3a6646ffb41892718acf90bfc5c493cfef29ca3b9cbb1c4bcdb3d8d diff --git a/net-proxy/squidclamav/files/squidclamav-6.1-crash.patch b/net-proxy/squidclamav/files/squidclamav-6.1-crash.patch new file mode 100644 index 000000000000..f197aac6618c --- /dev/null +++ b/net-proxy/squidclamav/files/squidclamav-6.1-crash.patch @@ -0,0 +1,19 @@ +Index: squidclamav-6.1/src/squidclamav.c +=================================================================== +--- squidclamav-6.1.orig/src/squidclamav.c ++++ squidclamav-6.1/src/squidclamav.c +@@ -427,8 +427,12 @@ int squidclamav_check_preview_handler(ch + } else { + data->user = NULL; + } +- data->clientip = ci_buffer_alloc(strlen(clientip)+1); +- strcpy(data->clientip, clientip); ++ if (clientip != NULL) { ++ data->clientip = ci_buffer_alloc(strlen(clientip)+1); ++ strcpy(data->clientip, clientip); ++ } else { ++ data->clientip = NULL; ++ } + + data->body = ci_simple_file_new(MAX_OBJECT_SIZE); + if (SEND_PERCENT_BYTES >= 0 && START_SEND_AFTER == 0) { diff --git a/net-proxy/squidclamav/metadata.xml b/net-proxy/squidclamav/metadata.xml new file mode 100644 index 000000000000..07daf285ea4a --- /dev/null +++ b/net-proxy/squidclamav/metadata.xml @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>flameeyes@gentoo.org</email> + <description>Co-maintainer, not trying to call for exclusive</description> + </maintainer> + <longdescription> + SquidClamAV is a <pkg>net-proxy/squid</pkg> redirector which allows easy antivirus file + scanning. It can use either a local or a remote ClamAV daemon. As + of version 6.0, it is now an ICAP module for + <pkg>net-proxy/c-icap</pkg>. + </longdescription> + <upstream> + <remote-id type="sourceforge">squidclamav</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/squidclamav/squidclamav-6.10.ebuild b/net-proxy/squidclamav/squidclamav-6.10.ebuild new file mode 100644 index 000000000000..b7b42b67b3dd --- /dev/null +++ b/net-proxy/squidclamav/squidclamav-6.10.ebuild @@ -0,0 +1,67 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit libtool autotools + +DESCRIPTION="HTTP Antivirus for Squid based on ClamAv and ICAP" +HOMEPAGE="http://squidclamav.darold.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~arm ~x86" +IUSE="" + +RDEPEND="net-proxy/c-icap" +DEPEND="${RDEPEND}" + +src_prepare() { + # version 6.3 causes maintainer-mode rebuild from tarball, and + # contains acinclude.m4 with libtool macros which cause trouble. + rm acinclude.m4 || die + eautoreconf + elibtoolize +} + +src_configure() { + econf --disable-static --enable-shared +} + +src_install() { + emake DESTDIR="${D}" install + find "${D}" -name '*.la' -delete || die + + # delete its own documentation installed + rm -r "${D}"/usr/share/${PN} || die + + dodoc README AUTHORS ChangeLog + + # Fix configuration file to adapt to the Gentoo configuration + sed -i \ + -e '/clamd_local/s:\.ctl:.sock:' \ + "${D}"/etc/squidclamav.conf || die +} + +pkg_postinst() { + elog "Starting from version 6, Squid Clamav is now a module for the c-icap" + elog "server, which is called from squid, rather than being a redirector" + elog "directly." + elog "" + elog "To enable the service, you should add this to your c-icap.conf file:" + elog "" + elog " Service clamav squidclamav.so" + elog "" + elog "And then this to squid.conf (for a local ICAP server):" + elog "" + elog " icap_enable on" + elog "" + elog " # not strictly needed, but useful for special access" + elog " icap_send_client_ip on" + elog " icap_send_client_username on" + elog "" + elog " icap_service clamav respmod_precache bypass=0 icap://localhost:1344/clamav" + elog " adaptation_access clamav allow all" +} diff --git a/net-proxy/squidclamav/squidclamav-6.8.ebuild b/net-proxy/squidclamav/squidclamav-6.8.ebuild new file mode 100644 index 000000000000..bda67ddfadd4 --- /dev/null +++ b/net-proxy/squidclamav/squidclamav-6.8.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit libtool autotools + +DESCRIPTION="HTTP Antivirus for Squid based on ClamAv and ICAP" +HOMEPAGE="http://squidclamav.darold.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="" + +RDEPEND="net-proxy/c-icap" +DEPEND="${RDEPEND}" + +src_prepare() { + # version 6.3 causes maintainer-mode rebuild from tarball, and + # contains acinclude.m4 with libtool macros which cause trouble. + rm acinclude.m4 || die + eautoreconf + elibtoolize +} + +src_install() { + emake DESTDIR="${D}" install + find "${D}" -name '*.la' -delete || die + + # delete its own documentation installed + rm -r "${D}"/usr/share/${PN} || die + + dodoc README AUTHORS ChangeLog + + # Fix configuration file to adapt to the Gentoo configuration + sed -i \ + -e '/clamd_local/s:\.ctl:.sock:' \ + "${D}"/etc/squidclamav.conf || die +} + +pkg_postinst() { + elog "Starting from version 6, Squid Clamav is now a module for the c-icap" + elog "server, which is called from squid, rather than being a redirector" + elog "directly." + elog "" + elog "To enable the service, you should add this to your c-icap.conf file:" + elog "" + elog " Service clamav squidclamav.so" + elog "" + elog "And then this to squid.conf (for a local ICAP server):" + elog "" + elog " icap_enable on" + elog "" + elog " # not strictly needed, but useful for special access" + elog " icap_send_client_ip on" + elog " icap_send_client_username on" + elog "" + elog " icap_service clamav respmod_precache bypass=0 icap://localhost:1344/clamav" + elog " adaptation_access clamav allow all" +} diff --git a/net-proxy/squidguard/Manifest b/net-proxy/squidguard/Manifest new file mode 100644 index 000000000000..5187ab6ce442 --- /dev/null +++ b/net-proxy/squidguard/Manifest @@ -0,0 +1,2 @@ +DIST squidGuard-1.4.tar.gz 1968492 SHA256 0711ce60b8e2bbba107b980fed446a88df35e1584b39f079c0cae54a172c5141 +DIST squidGuard-1.5-beta.tar.gz 1983030 SHA256 ba4b79cd193bd3095f3fd27a6e2fc1b36effc2e12a33e17159d4a51993fb3c8e SHA512 37ddc2ac82596e9d24aac6a610763f2eeb7c15b3a2d7babb85948e1da912aebb1dc85309766f7d8c3d7c22713e24a51f4cdef4520117a03d839662ef2494b6e7 WHIRLPOOL 6f65c6a9b23396a7c4a10f344a20cb4824e0abae451fb95a1b563084d0c9755b20f67a74d991b76a54d239ad3dbc6ba468d3c687fdbd80c31567608a927154fc diff --git a/net-proxy/squidguard/files/blockedsites b/net-proxy/squidguard/files/blockedsites new file mode 100644 index 000000000000..46279a47eed4 --- /dev/null +++ b/net-proxy/squidguard/files/blockedsites @@ -0,0 +1 @@ +sex.com diff --git a/net-proxy/squidguard/files/squidGuard.conf.blocksites b/net-proxy/squidguard/files/squidGuard.conf.blocksites new file mode 100644 index 000000000000..eaa8cdeef051 --- /dev/null +++ b/net-proxy/squidguard/files/squidGuard.conf.blocksites @@ -0,0 +1,13 @@ +logdir /var/log/squidGuard +dbhome /etc/squidGuard/db + +dest blockedsites { + domainlist blockedsites +} + +acl { + default { + pass !blockedsites all + redirect http://www.sample.com/empty.png + } +} diff --git a/net-proxy/squidguard/files/squidGuard.conf.minimal b/net-proxy/squidguard/files/squidGuard.conf.minimal new file mode 100644 index 000000000000..3b0ebf55c766 --- /dev/null +++ b/net-proxy/squidguard/files/squidGuard.conf.minimal @@ -0,0 +1,7 @@ +logdir /var/log/squidGuard + +acl { + default { + pass all + } +} diff --git a/net-proxy/squidguard/files/squidguard-1.4-autoheader.patch b/net-proxy/squidguard/files/squidguard-1.4-autoheader.patch new file mode 100644 index 000000000000..af97d8e9a5ca --- /dev/null +++ b/net-proxy/squidguard/files/squidguard-1.4-autoheader.patch @@ -0,0 +1,61 @@ +diff -Nru squidGuard-1.4.orig/configure.in squidGuard-1.4/configure.in +--- squidGuard-1.4.orig/configure.in 2009-01-03 20:04:30.000000000 +0000 ++++ squidGuard-1.4/configure.in 2009-01-10 13:08:49.000000000 +0000 +@@ -93,18 +93,18 @@ + squiduser=$withval) + + if test -n "$sg_config"; then +- AC_DEFINE(ACCONFIG) ++ AC_DEFINE(ACCONFIG, 1, [Defined if you supply --with-sg-config]) + changequote(, )dnl + sg_cfgdir=`echo $sg_config|sed "s%/[^/][^/]*$%%"` + changequote([, ])dnl + fi + + if test -n "$sg_logdir"; then +- AC_DEFINE(ACLOGDIR) ++ AC_DEFINE(ACLOGDIR, 1, [Defined if you supply --with-sg-logdir]) + fi + + if test -n "$sg_dbhome"; then +- AC_DEFINE(ACDBHOME) ++ AC_DEFINE(ACDBHOME, 1, [Defined if you supply --with-sg-dbhome]) + fi + + CFLAGS="$CFLAGS $db_inc" +@@ -186,7 +186,7 @@ + YACCLINE="" + fi + if test "$with_ldap" = "yes"; then +- AC_DEFINE(HAVE_LIBLDAP) ++ AC_DEFINE(HAVE_LIBLDAP, 1, [Define if LDAP support should be compiled]) + AC_RUN_IFELSE([ + + #include <ldap.h> +@@ -277,7 +277,7 @@ + CPPFLAGS="${CPPFLAGS} -I${MYSQL_INC_DIR}" + AC_CHECK_LIB(z, compress) + LIBS="-lmysqlclient ${LIBS}" +- AC_DEFINE(HAVE_MYSQL) ++ AC_DEFINE(HAVE_MYSQL, 1, [Define if MySQL support should be compiled]) + fi + fi + else +@@ -380,7 +380,7 @@ + ], dbg2_ok_version=yes, dbg2_ok_version=no, dbg2_ok_version=no) + + if test $dbg2_ok_version = yes; then +- AC_DEFINE(DB_VERSION_GT2) ++ AC_DEFINE(DB_VERSION_GT2, 1, [Define if you have dbversion greater than 3.2]) + fi + + AC_RUN_IFELSE([ +@@ -404,7 +404,7 @@ + ], dbg3_ok_version=yes, dbg3_ok_version=no, dbg3_ok_version=no) + + if test $dbg3_ok_version = yes; then +- AC_DEFINE(DB_VERSION_GT3) ++ AC_DEFINE(DB_VERSION_GT3, 1, [Define if you have dbversion greater than 4.0]) + fi + + diff --git a/net-proxy/squidguard/files/squidguard-1.4-cross-compile.patch b/net-proxy/squidguard/files/squidguard-1.4-cross-compile.patch new file mode 100644 index 000000000000..ad397fef8a1f --- /dev/null +++ b/net-proxy/squidguard/files/squidguard-1.4-cross-compile.patch @@ -0,0 +1,51 @@ +diff -Nru squidGuard-1.4.orig/configure.in squidGuard-1.4/configure.in +--- squidGuard-1.4.orig/configure.in 2009-01-03 20:04:30.000000000 +0000 ++++ squidGuard-1.4/configure.in 2009-04-25 09:53:49.000000000 +0000 +@@ -201,7 +201,9 @@ + echo "Unable to link to LDAP library." + echo + exit 1 +- ],) ++ ],[ ++ ac_status=0 ++ ]) + fi + + dnl +@@ -314,7 +316,8 @@ + exit (0); + exit (1); + } +- ], db_ok_version=yes, db_ok_version=no, db_ok_version=no) ++ ], db_ok_version=yes, db_ok_version=no, db_ok_version=yes) ++ + + if test $db_ok_version = no; then + echo +@@ -345,7 +348,7 @@ + exit (1); + exit (0); + } +- ], db_ok_version=yes, db_ok_version=no, db_ok_version=no) ++ ], db_ok_version=yes, db_ok_version=no, db_ok_version=yes) + + if test $db_ok_version = no; then + echo +@@ -377,7 +380,7 @@ + exit (0); + exit (1); + } +- ], dbg2_ok_version=yes, dbg2_ok_version=no, dbg2_ok_version=no) ++ ], dbg2_ok_version=yes, dbg2_ok_version=no, dbg2_ok_version=yes) + + if test $dbg2_ok_version = yes; then + AC_DEFINE(DB_VERSION_GT2) +@@ -401,7 +404,7 @@ + exit (0); + exit (1); + } +- ], dbg3_ok_version=yes, dbg3_ok_version=no, dbg3_ok_version=no) ++ ], dbg3_ok_version=yes, dbg3_ok_version=no, dbg3_ok_version=yes) + + if test $dbg3_ok_version = yes; then + AC_DEFINE(DB_VERSION_GT3) diff --git a/net-proxy/squidguard/files/squidguard-1.4-gentoo.patch b/net-proxy/squidguard/files/squidguard-1.4-gentoo.patch new file mode 100644 index 000000000000..60b5461e9ef2 --- /dev/null +++ b/net-proxy/squidguard/files/squidguard-1.4-gentoo.patch @@ -0,0 +1,74 @@ +diff -Nru squidGuard-1.4.orig/Makefile.in squidGuard-1.4/Makefile.in +--- squidGuard-1.4.orig/Makefile.in 2008-05-17 18:36:44.000000000 +0000 ++++ squidGuard-1.4/Makefile.in 2009-01-10 13:02:14.000000000 +0000 +@@ -43,7 +43,7 @@ + # Dependencies for installing + # + +-install: install-build install-conf ++install: install-build + + install-conf: + @echo Installing configuration file ; +@@ -85,10 +85,10 @@ + + install-build: + @echo Installing squidGuard +- @if [ ! -d $(bindir) ]; then \ +- $(MKINSTALLDIRS) $(bindir) ; \ ++ @if [ ! -d "$(INSTDIR)"/$(bindir) ]; then \ ++ $(MKINSTALLDIRS) "$(INSTDIR)"/$(bindir) ; \ + fi ; \ +- cp src/squidGuard $(bindir) || exit 1 ; \ ++ cp src/squidGuard "$(INSTDIR)"/$(bindir) || exit 1 ; \ + echo Done. ; + + clean:: +diff -Nru squidGuard-1.4.orig/src/Makefile.in squidGuard-1.4/src/Makefile.in +--- squidGuard-1.4.orig/src/Makefile.in 2009-01-03 20:05:39.000000000 +0000 ++++ squidGuard-1.4/src/Makefile.in 2009-01-10 13:02:14.000000000 +0000 +@@ -110,6 +110,8 @@ + mv -f y.tab.c y.tab.c.bison + mv -f y.tab.h y.tab.h.bison + ++sg.y sg.l: ++ + # + # Dependencies for installing + # +@@ -122,8 +124,8 @@ + + install.bin:: squidGuard + @echo making $@ in `basename \`pwd\`` +- @$(MKDIR) $(bindir) $(logdir) $(cfgdir) +- $(INSTALL_PROGRAM) squidGuard $(bindir)/squidGuard ++ @$(MKDIR) "$(INSTDIR)"/$(bindir) "$(INSTDIR)"/$(logdir) "$(INSTDIR)"/$(cfgdir) ++ $(INSTALL_PROGRAM) squidGuard "$(INSTDIR)"/$(bindir)/squidGuard + + uninstall.bin:: + @echo making $@ in `basename \`pwd\`` +diff -Nru squidGuard-1.4.orig/src/sgDb.c squidGuard-1.4/src/sgDb.c +--- squidGuard-1.4.orig/src/sgDb.c 2008-07-14 18:29:41.000000000 +0000 ++++ squidGuard-1.4/src/sgDb.c 2009-01-10 13:02:14.000000000 +0000 +@@ -103,13 +103,21 @@ + if(createdb) + flag = flag | DB_TRUNCATE; + if ((ret = ++#if DB_VERSION_MAJOR > 4 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) ++ Db->dbp->open(Db->dbp, NULL, dbfile, NULL, DB_BTREE, flag, 0664)) != 0) { ++#else + Db->dbp->open(Db->dbp, dbfile, NULL, DB_BTREE, flag, 0664)) != 0) { ++#endif + (void) Db->dbp->close(Db->dbp, 0); + sgLogFatalError("Error db_open: %s", strerror(ret)); + } + } else { + if ((ret = ++#if DB_VERSION_MAJOR > 4 || (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) ++ Db->dbp->open(Db->dbp, NULL, dbfile, NULL, DB_BTREE, DB_CREATE, 0664)) != 0) { ++#else + Db->dbp->open(Db->dbp, dbfile, NULL, DB_BTREE, DB_CREATE, 0664)) != 0) { ++#endif + sgLogFatalError("Error db_open: %s", strerror(ret)); + } + } diff --git a/net-proxy/squidguard/files/squidguard-1.4-upstream-fixes.patch b/net-proxy/squidguard/files/squidguard-1.4-upstream-fixes.patch new file mode 100644 index 000000000000..007e6b4c36fb --- /dev/null +++ b/net-proxy/squidguard/files/squidguard-1.4-upstream-fixes.patch @@ -0,0 +1,24 @@ +diff -Nru squidGuard-1.4.orig/src/sgDiv.c.in squidGuard-1.4/src/sgDiv.c.in +--- squidGuard-1.4.orig/src/sgDiv.c.in 2008-07-14 18:02:43.000000000 +0200 ++++ squidGuard-1.4/src/sgDiv.c.in 2009-11-28 09:33:05.000000000 +0100 +@@ -745,7 +745,7 @@ + p++; + break; + case 'u': /* Requested URL */ +- strcat(buf, req->orig); ++ strncat(buf, req->orig, 2048); + p++; + break; + default: +diff -Nru squidGuard-1.4.orig/src/sg.h.in squidGuard-1.4/src/sg.h.in +--- squidGuard-1.4.orig/src/sg.h.in 2007-11-16 17:58:32.000000000 +0100 ++++ squidGuard-1.4/src/sg.h.in 2009-11-28 09:33:37.000000000 +0100 +@@ -73,7 +73,7 @@ + #define REQUEST_TYPE_REDIRECT 2 + #define REQUEST_TYPE_PASS 3 + +-#define MAX_BUF 4096 ++#define MAX_BUF 12288 + + #define DEFAULT_LOGFILE "squidGuard.log" + #define WARNING_LOGFILE "squidGuard.log" diff --git a/net-proxy/squidguard/files/squidguard-1.4-vsnprintf.patch b/net-proxy/squidguard/files/squidguard-1.4-vsnprintf.patch new file mode 100644 index 000000000000..bf4efec6042f --- /dev/null +++ b/net-proxy/squidguard/files/squidguard-1.4-vsnprintf.patch @@ -0,0 +1,44 @@ +diff -Nru squidGuard-1.4.orig/configure.in squidGuard-1.4/configure.in +--- squidGuard-1.4.orig/configure.in 2009-04-26 12:28:49.000000000 +0000 ++++ squidGuard-1.4/configure.in 2009-04-26 12:29:35.000000000 +0000 +@@ -421,7 +421,7 @@ + AC_CHECK_FUNCS(regexec, , AC_MSG_ERROR([No regexec library function.])) + AC_CHECK_FUNCS(strdup, , AC_MSG_ERROR([No strdup library function.])) + AC_CHECK_FUNCS(strerror, , AC_MSG_ERROR([No strerror library function.])) +-AC_CHECK_FUNCS(vsprintf, , AC_MSG_ERROR([No vsprintf library function.])) ++AC_CHECK_FUNCS(vsnprintf, , AC_MSG_ERROR([No vsnprintf library function.])) + AC_CHECK_FUNCS(sigaction) + AC_CHECK_FUNCS(signal) + +diff -Nru squidGuard-1.4.orig/src/sgLog.c squidGuard-1.4/src/sgLog.c +--- squidGuard-1.4.orig/src/sgLog.c 2007-11-16 16:58:32.000000000 +0000 ++++ squidGuard-1.4/src/sgLog.c 2009-04-26 12:31:40.000000000 +0000 +@@ -55,7 +55,7 @@ + char msg[MAX_BUF]; + va_list ap; + VA_START(ap, format); +- if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) ++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) + fprintf(stderr,"overflow in vsprintf (sgLog): %s",strerror(errno)); + va_end(ap); + date = niso(0); +@@ -87,8 +87,8 @@ + char msg[MAX_BUF]; + va_list ap; + VA_START(ap, format); +- if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) +- sgLogFatalError("overflow in vsprintf (sgLogError): %s",strerror(errno)); ++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) ++ fprintf(stderr,"overflow in vsprintf (sgLogError): %s",strerror(errno)); + va_end(ap); + sgLog(globalErrorLog,"%s",msg); + } +@@ -104,7 +104,7 @@ + char msg[MAX_BUF]; + va_list ap; + VA_START(ap, format); +- if(vsprintf(msg, format, ap) > (MAX_BUF - 1)) ++ if(vsnprintf(msg, MAX_BUF, format, ap) > (MAX_BUF - 1)) + return; + va_end(ap); + sgLog(globalErrorLog,"%s",msg); diff --git a/net-proxy/squidguard/files/squidguard-1.5_beta-gentoo.patch b/net-proxy/squidguard/files/squidguard-1.5_beta-gentoo.patch new file mode 100644 index 000000000000..814079764a3f --- /dev/null +++ b/net-proxy/squidguard/files/squidguard-1.5_beta-gentoo.patch @@ -0,0 +1,50 @@ +diff -Nru squidGuard-1.4.orig/Makefile.in squidGuard-1.4/Makefile.in +--- squidGuard-1.4.orig/Makefile.in 2008-05-17 18:36:44.000000000 +0000 ++++ squidGuard-1.4/Makefile.in 2009-01-10 13:02:14.000000000 +0000 +@@ -43,7 +43,7 @@ + # Dependencies for installing + # + +-install: install-build install-conf ++install: install-build + + install-conf: + @echo Installing configuration file ; +@@ -85,10 +85,10 @@ + + install-build: + @echo Installing squidGuard +- @if [ ! -d $(bindir) ]; then \ +- $(MKINSTALLDIRS) $(bindir) ; \ ++ @if [ ! -d "$(INSTDIR)"/$(bindir) ]; then \ ++ $(MKINSTALLDIRS) "$(INSTDIR)"/$(bindir) ; \ + fi ; \ +- cp src/squidGuard $(bindir) || exit 1 ; \ ++ cp src/squidGuard "$(INSTDIR)"/$(bindir) || exit 1 ; \ + echo Done. ; + + clean:: +diff -Nru squidGuard-1.4.orig/src/Makefile.in squidGuard-1.4/src/Makefile.in +--- squidGuard-1.4.orig/src/Makefile.in 2009-01-03 20:05:39.000000000 +0000 ++++ squidGuard-1.4/src/Makefile.in 2009-01-10 13:02:14.000000000 +0000 +@@ -110,6 +110,8 @@ + mv -f y.tab.c y.tab.c.bison + mv -f y.tab.h y.tab.h.bison + ++sg.y sg.l: ++ + # + # Dependencies for installing + # +@@ -122,8 +124,8 @@ + + install.bin:: squidGuard + @echo making $@ in `basename \`pwd\`` +- @$(MKDIR) $(bindir) $(logdir) $(cfgdir) +- $(INSTALL_PROGRAM) squidGuard $(bindir)/squidGuard ++ @$(MKDIR) "$(INSTDIR)"/$(bindir) "$(INSTDIR)"/$(logdir) "$(INSTDIR)"/$(cfgdir) ++ $(INSTALL_PROGRAM) squidGuard "$(INSTDIR)"/$(bindir)/squidGuard + + uninstall.bin:: + @echo making $@ in `basename \`pwd\`` +diff -Nru squidGuard-1.4.orig/src/sgDb.c squidGuard-1.4/src/sgDb.c diff --git a/net-proxy/squidguard/metadata.xml b/net-proxy/squidguard/metadata.xml new file mode 100644 index 000000000000..19dd2fb3c842 --- /dev/null +++ b/net-proxy/squidguard/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>Combined filter, redirector and access controller plugin for Squid</longdescription> +</pkgmetadata> diff --git a/net-proxy/squidguard/squidguard-1.4-r4.ebuild b/net-proxy/squidguard/squidguard-1.4-r4.ebuild new file mode 100644 index 000000000000..64bd3b9b4f88 --- /dev/null +++ b/net-proxy/squidguard/squidguard-1.4-r4.ebuild @@ -0,0 +1,73 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=2 +WANT_AUTOMAKE=none + +inherit eutils autotools user + +DESCRIPTION="Combined filter, redirector and access controller plugin for Squid" +HOMEPAGE="http://www.squidguard.org" +SRC_URI="http://www.squidguard.org/Downloads/squidGuard-${PV}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~arm ppc ppc64 sparc x86" +IUSE="ldap" + +RDEPEND=">=sys-libs/db-2 + ldap? ( net-nds/openldap )" +DEPEND="${RDEPEND} + sys-devel/bison + sys-devel/flex" + +S="${WORKDIR}/squidGuard-${PV}" + +pkg_setup() { + enewgroup squid + enewuser squid -1 -1 /var/cache/squid squid +} + +src_prepare() { + epatch "${FILESDIR}/${P}-gentoo.patch" + epatch "${FILESDIR}/${P}-autoheader.patch" + epatch "${FILESDIR}/${P}-vsnprintf.patch" + epatch "${FILESDIR}/${P}-cross-compile.patch" + epatch "${FILESDIR}/${P}-upstream-fixes.patch" + eautoreconf +} + +src_configure() { + econf \ + $(use_with ldap) \ + --with-sg-config=/etc/squidGuard/squidGuard.conf \ + --with-sg-logdir=/var/log/squidGuard \ + || die "configure has failed" +} + +src_install() { + emake prefix="/usr" INSTDIR="${D}" install || die "emake install has failed" + + keepdir /var/log/squidGuard + fowners squid:squid /var/log/squidGuard + + insinto /etc/squidGuard/sample + doins "${FILESDIR}"/squidGuard.conf.* + insinto /etc/squidGuard/sample/db + doins "${FILESDIR}"/blockedsites + + dodoc ANNOUNCE CHANGELOG README + dohtml doc/*.html + docinto text + dodoc doc/*.txt +} + +pkg_postinst() { + einfo "To enable squidGuard, add the following lines to /etc/squid/squid.conf:" + einfo " url_rewrite_program /usr/bin/squidGuard" + einfo " url_rewrite_children 10" + einfo "" + einfo "Remember to edit /etc/squidGuard/squidGuard.conf first!" + einfo "Examples can be found in /etc/squidGuard/sample/" +} diff --git a/net-proxy/squidguard/squidguard-1.5_beta.ebuild b/net-proxy/squidguard/squidguard-1.5_beta.ebuild new file mode 100644 index 000000000000..1e6d39109877 --- /dev/null +++ b/net-proxy/squidguard/squidguard-1.5_beta.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +WANT_AUTOMAKE=none + +inherit eutils autotools user + +MY_P="squidGuard-${PV/_/-}" + +DESCRIPTION="Combined filter, redirector and access controller plugin for Squid" +HOMEPAGE="http://www.squidguard.org" +SRC_URI="http://www.squidguard.org/Downloads/Devel/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86" + +IUSE="ldap" + +RDEPEND=">=sys-libs/db-2 + ldap? ( net-nds/openldap:0 )" + +DEPEND="${RDEPEND} + sys-devel/bison:0 + sys-devel/flex:0" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + enewgroup squid + enewuser squid -1 -1 /var/cache/squid squid +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch + + eautoreconf +} + +src_configure() { + econf \ + $(use_with ldap) \ + --with-sg-config=/etc/squidGuard/squidGuard.conf \ + --with-sg-logdir=/var/log/squidGuard +} + +src_install() { + emake prefix="/usr" INSTDIR="${D}" install + + keepdir /var/log/squidGuard + fowners squid:squid /var/log/squidGuard + + insinto /etc/squidGuard/sample + doins "${FILESDIR}"/squidGuard.conf.* + insinto /etc/squidGuard/sample/db + doins "${FILESDIR}"/blockedsites + + dodoc ANNOUNCE CHANGELOG README + dohtml doc/*.html + docinto text + dodoc doc/*.txt +} + +pkg_postinst() { + einfo "To enable squidGuard, add the following lines to /etc/squid/squid.conf:" + einfo " url_rewrite_program /usr/bin/squidGuard" + einfo " url_rewrite_children 10" + einfo "" + einfo "Remember to edit /etc/squidGuard/squidGuard.conf first!" + einfo "Examples can be found in /etc/squidGuard/sample/" +} diff --git a/net-proxy/squirm/Manifest b/net-proxy/squirm/Manifest new file mode 100644 index 000000000000..23da2e4fad74 --- /dev/null +++ b/net-proxy/squirm/Manifest @@ -0,0 +1 @@ +DIST squirm-1.26.tgz 24151 SHA256 0ff1521b8070f0e8e376d9857a34eb38953992a1f90e25769a5d7c7fe66cff88 SHA512 f6d0ec06d796b053cbe77e3099aa15665dc42a0e48e7c5b48c25c35a02677152bbb868ed822460cd52a1e898ec0ad605c43fe408c19e85e473e04257c8ffd9be WHIRLPOOL f150811ebcc859889b1ea1e8459ad4a16c07ae72c5bb6e9a94049687ab2033303b5cf0ecbba01c543df18a5af97574e53c34a5e3e7f75ae81e7a2e9548d511ca diff --git a/net-proxy/squirm/files/squirm-1.26-gentoo.patch b/net-proxy/squirm/files/squirm-1.26-gentoo.patch new file mode 100644 index 000000000000..16b6e21c7aa2 --- /dev/null +++ b/net-proxy/squirm/files/squirm-1.26-gentoo.patch @@ -0,0 +1,34 @@ +diff -Nru squirm-1.26.orig/Makefile squirm-1.26/Makefile +--- squirm-1.26.orig/Makefile 2005-08-19 09:31:06.000000000 +0200 ++++ squirm-1.26/Makefile 2009-06-20 14:58:18.000000000 +0200 +@@ -1,7 +1,7 @@ + # $Id$ + + # The path to install squirm under +-PREFIX=/usr/local/squirm ++PREFIX=/opt/squirm + + # The username that squid runs as (see cache_effective_user in squid.conf) + USER=squid +@@ -29,10 +29,10 @@ + CC=gcc + + +-OPTIMISATION=-O3 ++OPTIMISATION= + BINARIES = squirm + +-CFLAGS = -O3 -Wall -funroll-loops -DPREFIX=\"$(PREFIX)\" ++CFLAGS += -DPREFIX=\"$(PREFIX)\" + #CFLAGS = -Wall -g -DPREFIX=\"$(PREFIX)\" + #CFLAGS = -Wall -g -DDEBUG + +@@ -45,7 +45,7 @@ + install -m 750 -o $(USER) -g $(GROUP) -d $(PREFIX)/logs + install -m 660 -c -o root -g $(GROUP) squirm.conf.dist squirm.patterns.dist \ + $(PREFIX)/etc +- install -m 755 -o root -g $(ROOT_GROUP) --strip squirm $(PREFIX)/bin ++ install -m 755 -o root -g $(ROOT_GROUP) squirm $(PREFIX)/bin + + squirm.o: squirm.c $(HFILES) + $(CC) -c squirm.c $(CFLAGS) diff --git a/net-proxy/squirm/metadata.xml b/net-proxy/squirm/metadata.xml new file mode 100644 index 000000000000..09a762bf49e3 --- /dev/null +++ b/net-proxy/squirm/metadata.xml @@ -0,0 +1,6 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>A redirector for Squid</longdescription> +</pkgmetadata> diff --git a/net-proxy/squirm/squirm-1.26-r1.ebuild b/net-proxy/squirm/squirm-1.26-r1.ebuild new file mode 100644 index 000000000000..e098e3060f5e --- /dev/null +++ b/net-proxy/squirm/squirm-1.26-r1.ebuild @@ -0,0 +1,36 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils toolchain-funcs + +DESCRIPTION="A redirector for Squid" +HOMEPAGE="http://squirm.foote.com.au" +SRC_URI="http://squirm.foote.com.au/${P}.tgz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ppc x86" +IUSE="" + +RDEPEND="net-proxy/squid" + +src_prepare() { + epatch "${FILESDIR}"/${P}-gentoo.patch +} + +src_compile() { + emake CC="$(tc-getCC)" LDOPTS="${LDFLAGS}" +} + +src_install() { + emake PREFIX="${ED}/opt/squirm" install +} + +pkg_postinst() { + einfo "To enable squirm, add the following lines to /etc/squid/squid.conf:" + einfo " url_rewrite_program /opt/squirm/bin/squirm" + einfo " url_rewrite_children 10" +} diff --git a/net-proxy/sshproxy/Manifest b/net-proxy/sshproxy/Manifest new file mode 100644 index 000000000000..9033dc555390 --- /dev/null +++ b/net-proxy/sshproxy/Manifest @@ -0,0 +1 @@ +DIST sshproxy-0.6.0_beta2.tar.gz 131958 SHA256 c36fbd22d1315f290a9bfefa176bc29c82e0bf450a75a1bd0a09cfa54b08363c SHA512 74e3de94c7fa6fc0b1202e0fc98b4ada150864c8a8c2cac6148c58db82a670680036055717a27ca291d4e8eb7c76929c4ac27b88f905ce624e01e58f257e1ffd WHIRLPOOL 8a8e13c585d3c34fb8e2f5244e6f03fe8485975fa36d9d2c2978655b11a9dd318c05bd9bb3a38130f997d527decbfc47fae067bef4076f1875307e516f603569 diff --git a/net-proxy/sshproxy/files/sshproxy-0.6.0_beta2-rename-wrappers.patch b/net-proxy/sshproxy/files/sshproxy-0.6.0_beta2-rename-wrappers.patch new file mode 100644 index 000000000000..765bd9d5bdf9 --- /dev/null +++ b/net-proxy/sshproxy/files/sshproxy-0.6.0_beta2-rename-wrappers.patch @@ -0,0 +1,159 @@ +diff -Nru sshproxy-0.6.0_beta2.orig/lib/get_client_scripts/getscript.py sshproxy-0.6.0_beta2/lib/get_client_scripts/getscript.py +--- sshproxy-0.6.0_beta2.orig/lib/get_client_scripts/getscript.py 2008-01-28 01:44:29.000000000 +0200 ++++ sshproxy-0.6.0_beta2/lib/get_client_scripts/getscript.py 2009-07-23 10:34:01.000000000 +0300 +@@ -22,7 +22,7 @@ + from sshproxy import get_class + from sshproxy.util import chanfmt + +-pssh = """#!/bin/bash ++spssh = """#!/bin/bash + + PROXY_PORT=${SSHPROXY_PORT:-%(port)d} + PROXY_HOST=${SSHPROXY_HOST:-%(ip_addr)s} +@@ -32,7 +32,7 @@ + exec ssh -tp $PROXY_PORT $PROXY_USER@$PROXY_HOST -- "$@" + """ + +-pscp = """#!/bin/bash ++spscp = """#!/bin/bash + + PROXY_PORT=${SSHPROXY_PORT:-%(port)s} + PROXY_HOST=${SSHPROXY_HOST:-%(ip_addr)s} +@@ -79,26 +79,26 @@ + class Server(base_class): + def add_cmdline_options(self, parser): + base_class.add_cmdline_options(self, parser) +- parser.add_option("", "--get-pssh", dest="action", +- help="display pssh client script.", ++ parser.add_option("", "--get-spssh", dest="action", ++ help="display spssh client script.", + action="store_const", +- const="get_pssh", ++ const="get_spssh", + ) +- parser.add_option("", "--get-pscp", dest="action", +- help="display pscp client script.", ++ parser.add_option("", "--get-spscp", dest="action", ++ help="display spscp client script.", + action="store_const", +- const="get_pscp", ++ const="get_spscp", + ) + +- def opt_get_pssh(self, options, *args): ++ def opt_get_spssh(self, options, *args): + user = self.pwdb.get_client().username + ip_addr, port = self.ip_addr, self.port +- self.chan.send(pssh % locals()) ++ self.chan.send(spssh % locals()) + +- def opt_get_pscp(self, options, *args): ++ def opt_get_spscp(self, options, *args): + user = self.pwdb.get_client().username + ip_addr, port = self.ip_addr, self.port +- self.chan.send(pscp % locals()) ++ self.chan.send(spscp % locals()) + + + +diff -Nru sshproxy-0.6.0_beta2.orig/lib/get_client_scripts/__init__.py sshproxy-0.6.0_beta2/lib/get_client_scripts/__init__.py +--- sshproxy-0.6.0_beta2.orig/lib/get_client_scripts/__init__.py 2008-01-28 01:44:29.000000000 +0200 ++++ sshproxy-0.6.0_beta2/lib/get_client_scripts/__init__.py 2009-07-23 10:32:34.000000000 +0300 +@@ -21,11 +21,11 @@ + + __plugin_name__ = "Get Client Scripts" + __description__ = """ +- This plugin allows clients to download the pssh and +- pscp wrapper scripts with special options on the ssh ++ This plugin allows clients to download the spssh and ++ spscp wrapper scripts with special options on the ssh + command line: +- ssh -tp 2242 user@sshproxy -- --get-pssh +- ssh -tp 2242 user@sshproxy -- --get-pscp ++ ssh -tp 2242 user@sshproxy -- --get-spssh ++ ssh -tp 2242 user@sshproxy -- --get-spscp + """ + + def __init_plugin__(): +diff -Nru sshproxy-0.6.0_beta2.orig/misc/acl.db sshproxy-0.6.0_beta2/misc/acl.db +--- sshproxy-0.6.0_beta2.orig/misc/acl.db 2008-01-28 01:44:29.000000000 +0200 ++++ sshproxy-0.6.0_beta2/misc/acl.db 2009-07-23 10:30:30.000000000 +0300 +@@ -78,13 +78,13 @@ + # options ###################################################### + + # opt_list_sites is to allow or deny the use of the --list-sites option: +-# $ pssh --list-sites ++# $ spssh --list-sites + opt_list_sites: + # guests group members can't see the list of allowed sites (they're blind) + client.group != "guests" + +-# opt_get_pkey controls the option --get-pkey of pssh: +-# $ pssh --get-pkey root@host ++# opt_get_pkey controls the option --get-pkey of spssh: ++# $ spssh --get-pkey root@host + opt_get_pkey: + # only admins can get the public key of a site login + "admin" in split(client.groups) +diff -Nru sshproxy-0.6.0_beta2.orig/README sshproxy-0.6.0_beta2/README +--- sshproxy-0.6.0_beta2.orig/README 2008-01-28 01:44:29.000000000 +0200 ++++ sshproxy-0.6.0_beta2/README 2009-07-23 10:23:21.000000000 +0300 +@@ -95,9 +95,9 @@ + root@remote-site # exit + me@myhost $ + +-Here is the same with the pssh shell wrapper:: ++Here is the same with the spssh shell wrapper:: + +- me@myhost $ pssh remote-site ++ me@myhost $ spssh remote-site + root@remote-site # + ... doing some administration commands ... + root@remote-site # exit +@@ -105,7 +105,7 @@ + + You can also execute remote commands:: + +- me@myhost $ pssh remote-site uname -a ++ me@myhost $ spssh remote-site uname -a + nova.wallix.com + me@myhost $ + +@@ -114,9 +114,9 @@ + me@myhost $ scp /etc/issue me@proxy:root@remote-site:/etc/issue.new + me@myhost $ + +-And the same with the pscp shell wrapper:: ++And the same with the spscp shell wrapper:: + +- me@myhost $ pscp /etc/issue remote-site:/etc/issue.new ++ me@myhost $ spscp /etc/issue remote-site:/etc/issue.new + me@myhost $ + + +diff -Nru sshproxy-0.6.0_beta2.orig/setup.py sshproxy-0.6.0_beta2/setup.py +--- sshproxy-0.6.0_beta2.orig/setup.py 2008-01-28 01:44:29.000000000 +0200 ++++ sshproxy-0.6.0_beta2/setup.py 2009-07-23 10:22:31.000000000 +0300 +@@ -74,7 +74,7 @@ + url=url, + download_url='%sdownload/sshproxy-%s.tar.gz' % (url, version), + packages=['sshproxy'], +- scripts=['bin/sshproxyd', 'bin/sshproxy-setup', 'bin/pssh', 'bin/pscp'], ++ scripts=['bin/sshproxyd', 'bin/sshproxy-setup', 'bin/spssh', 'bin/spscp'], + long_description=long_description, + data_files=data_files, + classifiers=classifiers, +diff -Nru sshproxy-0.6.0_beta2.orig/sshproxy/server.py sshproxy-0.6.0_beta2/sshproxy/server.py +--- sshproxy-0.6.0_beta2.orig/sshproxy/server.py 2008-01-28 01:44:29.000000000 +0200 ++++ sshproxy-0.6.0_beta2/sshproxy/server.py 2009-07-23 10:30:44.000000000 +0300 +@@ -308,8 +308,8 @@ + + def parse_cmdline(self, args): + usage = u""" +- pssh [options] +- pssh [user@site [cmd]] ++ spssh [options] ++ spssh [user@site [cmd]] + """ + parser = OptionParser(self.chan, usage=usage) + # add options from a mapping or a Registry callback diff --git a/net-proxy/sshproxy/files/sshproxy.ini b/net-proxy/sshproxy/files/sshproxy.ini new file mode 100644 index 000000000000..c37cb374b3d2 --- /dev/null +++ b/net-proxy/sshproxy/files/sshproxy.ini @@ -0,0 +1,26 @@ +[sshproxy] +max_connections = 0 +client_db = ini_db +pkey_id = sshproxy@%HOSTNAME% +plugin_dir = /usr/lib/sshproxy +plugin_list = ini_db +port = 2242 +logger_conf = /usr/share/sshproxy/logger.conf +cipher_type = blowfish +log_dir = /var/log/sshproxy +acl_db = ini_db +site_db = ini_db +listen_on = +auto_add_key = no + +[blowfish] +secret = %BLOWFISH_SECRET% + +[client_db.ini] +file = /var/lib/sshproxy/client.db + +[acl_db.ini] +file = /var/lib/sshproxy/acl.db + +[site_db.ini] +db_path = /var/lib/sshproxy/site.db diff --git a/net-proxy/sshproxy/files/sshproxyd.confd b/net-proxy/sshproxy/files/sshproxyd.confd new file mode 100644 index 000000000000..a6f715df09d4 --- /dev/null +++ b/net-proxy/sshproxy/files/sshproxyd.confd @@ -0,0 +1,7 @@ +# /etc/conf.d/sshproxyd: config file for /etc/init.d/sshproxyd + +# Where is your sshproxy.ini file stored? +SSHPROXYD_CONFDIR="/etc/sshproxy" + +# What user runs the proxy? +SSHPROXYD_USER="sshproxy" diff --git a/net-proxy/sshproxy/files/sshproxyd.initd b/net-proxy/sshproxy/files/sshproxyd.initd new file mode 100644 index 000000000000..52dd72a771ee --- /dev/null +++ b/net-proxy/sshproxy/files/sshproxyd.initd @@ -0,0 +1,22 @@ +#!/sbin/runscript + +depend() { + need net + use logger mysql +} + +start() { + ebegin "Starting SSH Proxy daemon" + start-stop-daemon --start --background \ + --pidfile /var/run/sshproxyd.pid --exec /usr/bin/sshproxyd -- \ + --daemon --user ${SSHPROXYD_USER:-sshproxy} \ + --config-dir ${SSHPROXYD_CONFDIR:-/etc/sshproxy} \ + --pid /var/run/sshproxyd.pid + eend $? +} + +stop() { + ebegin "Stopping SSH Proxy daemon" + start-stop-daemon --quiet --stop --pidfile /var/run/sshproxyd.pid + eend $? +} diff --git a/net-proxy/sshproxy/metadata.xml b/net-proxy/sshproxy/metadata.xml new file mode 100644 index 000000000000..c9fdb780528b --- /dev/null +++ b/net-proxy/sshproxy/metadata.xml @@ -0,0 +1,22 @@ +<?xml version = '1.0' encoding = 'UTF-8'?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> + <longdescription> +sshproxy is a pure python implementation of an ssh proxy. It allows users to connect to remote sites without having to remember +or even know the password or key of the remote sites. There are 2 possible scenarios which could possibly interest you. + + Scenario 1: Team mode +If you're in charge of a lot of remote sites, and your company has several administrators to do some remote administration tasks, +then no user will ever need to know the password or key of the servers he administrates. When an employee quits your company, +you just have to delete his entry in the proxy database, and he will never be able to connect to the remote site. + + Scenario 2: Forwarding mode +You want to allow some people to connect through your firewall to a range of server inside your DMZ or LAN, but you don't want to +open one port for each server. What you can do is open the sshproxy port and setup the password database to proxy each +external user to it's own desktop, or create groups of users allowed to connect to your DMZ servers. +</longdescription> +<use> + <flag name='client-only'>Install only the client wrappers</flag> +</use> +</pkgmetadata> diff --git a/net-proxy/sshproxy/sshproxy-0.6.0_beta2-r2.ebuild b/net-proxy/sshproxy/sshproxy-0.6.0_beta2-r2.ebuild new file mode 100644 index 000000000000..9a1feec905b8 --- /dev/null +++ b/net-proxy/sshproxy/sshproxy-0.6.0_beta2-r2.ebuild @@ -0,0 +1,197 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" +PYTHON_COMPAT=( python2_7 ) +DISTUTILS_SINGLE_IMPL=1 + +inherit distutils-r1 eutils user + +DESCRIPTION="sshproxy is an ssh gateway to apply ACLs on ssh connections" +HOMEPAGE="http://sshproxy-project.org/" +SRC_URI="http://sshproxy-project.org/download/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +IUSE="client-only mysql minimal" +# mysql: install the mysql_db backend driver +# minimal: do not install extra plugins +# client-only: install only the client wrappers + +DEPEND="!client-only? ( + >=dev-python/paramiko-1.6.3[${PYTHON_USEDEP}] + mysql? ( >=dev-python/mysql-python-1.2.0[${PYTHON_USEDEP}] ) + )" +RDEPEND="${DEPEND} + net-misc/openssh" + +pkg_setup() { + python-single-r1_pkg_setup + enewgroup sshproxy + enewuser sshproxy -1 -1 /var/lib/sshproxy sshproxy +} + +src_prepare() { + # avoid conflicts with net-misc/putty and net-misc/pssh + # by renaming pscp and pssh scripts (#248193 and #278794) + epatch "${FILESDIR}"/${P}-rename-wrappers.patch + sed -i -e 's/pscp/spscp/g;s/pssh/spssh/g' doc/* && \ + mv bin/pssh bin/spssh && \ + mv bin/pscp bin/spscp && \ + mv doc/pscp.1 doc/spscp.1 && \ + mv doc/pssh.1 doc/spssh.1 || die "failed to rename pscp or pssh files" + ewarn "For avoiding conflicts with net-misc/putty and net-misc/pssh," + ewarn "pscp and pssh scripts have been renamed as spscp respectively spssh." + + sed -i -e 's/if paramiko.__version_info__ < (1, 6, 3):/if False:/g' "${S}"/sshproxy/__init__.py || die 'Sed failed.' +} + +src_install () { + dobin bin/spscp + dobin bin/spssh + + if ! use client-only; then + distutils-r1_src_install + + diropts -o sshproxy -g sshproxy -m0750 + keepdir /var/lib/sshproxy + keepdir /var/log/sshproxy + + # Create a default sshproxy.ini + dodir /etc/sshproxy + insopts -o root -g sshproxy -m0600 + insinto /etc/sshproxy + doins "${FILESDIR}/sshproxy.ini" + local BLOWFISH_SECRET=$(printf "%04hX%04hX%04hX%04hX\n" ${RANDOM} ${RANDOM} ${RANDOM} ${RANDOM}) + sed -i -e "s/%BLOWFISH_SECRET%/${BLOWFISH_SECRET}/" \ + -e "s/%HOSTNAME%/${HOSTNAME}/" \ + "${D}/etc/sshproxy/sshproxy.ini" + + insopts -o sshproxy -g sshproxy -m0600 + rm -rf "${D}/usr/lib/sshproxy/spexpect" + if use minimal; then + local p + for p in acl_funcs console_extra logusers; do + rm -rf "${D}/usr/lib/sshproxy/${p}" + done + else + keepdir /var/log/sshproxy/logusers + { # initialize a reasonable value for the logusers plugin + echo + echo "[logusers]" + echo "logdir = /var/log/sshproxy/logusers" + echo + } >> "${D}/etc/sshproxy/sshproxy.ini" + fi + + # init/conf files for sshproxy daemon + newinitd "${FILESDIR}/sshproxyd.initd" sshproxyd + newconfd "${FILESDIR}/sshproxyd.confd" sshproxyd + + # install manpages + doman doc/spscp.1 + doman doc/spssh.1 + if ! use client-only; then + doman doc/sshproxy.ini.5 + doman doc/sshproxy-setup.8 + doman doc/sshproxyd.8 + fi + + if use mysql; then + insinto /usr/share/sshproxy/mysql_db + doins misc/mysql_db.sql + doins misc/sshproxy-mysql-user.sql + else + rm -rf "${D}/usr/lib/sshproxy/mysql_db" + sed -i -e 's/[ \t]\+mysql//' \ + "${D}/etc/init.d/sshproxyd" || die 'Sed failed.' + fi + fi +} + +pkg_postinst () { + echo + einfo "Don't forget to set the following environment variables" + einfo " SSHPROXY_HOST (default to localhost)" + einfo " SSHPROXY_PORT (default to 2242)" + einfo " SSHPROXY_USER (default to \$USER)" + einfo "for each sshproxy user." + if ! use client-only; then + distutils_pkg_postinst + + echo + einfo "If this is your first installation, run" + einfo " emerge --config =${CATEGORY}/${PF}" + einfo "to initialize the backend and configure sshproxy." + echo + einfo "There is no need to install sshproxy on a client machine." + einfo "You can connect to a SSH server using this proxy by running" + einfo " ssh -tp PROXY_PORT PROXY_USER@PROXY_HOST -- REMOTE_USER@REMOTE_HOST" + fi +} + +pkg_config() { + if [[ -d "${ROOT}/usr/lib/sshproxy/mysql_db" ]]; then + local PASSWD=$(printf "%04hX%04hX%04hX%04hX\n" ${RANDOM} ${RANDOM} ${RANDOM} ${RANDOM}) + local SHARE="${ROOT}/usr/share/sshproxy/mysql_db" + local DB_HOST DB_PORT + read -p "Enter the MySQL host (default localhost): " DB_HOST + [[ -n "${DB_HOST}" ]] || DB_HOST=localhost + read -p "Enter the MySQL port (default 3306): " DB_PORT + [[ -n "${DB_PORT}" ]] || DB_PORT=3306 + + ewarn "When prompted for a password, enter your MySQL root password" + ewarn + + if mysql -h ${DB_HOST} -P ${DB_PORT} -u root -p <<EOF ; then +CREATE DATABASE sshproxy; +USE sshproxy; +$(sed -e "s/sshproxypw/${PASSWD}/g" "${SHARE}/sshproxy-mysql-user.sql") +$(<"${SHARE}/mysql_db.sql") +EOF + + { + echo + echo "[client_db.mysql]" + echo "host = ${DB_HOST}" + echo "password = ${PASSWD}" + echo "db = sshproxy" + echo "user = sshproxy" + echo "port = ${DB_PORT}" + echo + echo "[acl_db.mysql]" + echo "host = ${DB_HOST}" + echo "password = ${PASSWD}" + echo "db = sshproxy" + echo "user = sshproxy" + echo "port = ${DB_PORT}" + echo + echo "[site_db.mysql]" + echo "host = ${DB_HOST}" + echo "password = ${PASSWD}" + echo "db = sshproxy" + echo "user = sshproxy" + echo "port = ${DB_PORT}" + } >> "${ROOT}/etc/sshproxy/sshproxy.ini" + + sed -i -e 's/^\(\(acl\|client\|site\)_db = \)ini_db/\1mysql_db/g' \ + "${ROOT}/etc/sshproxy/sshproxy.ini" + grep -q "^plugin_list .* mysql_db" \ + "${ROOT}/etc/sshproxy/sshproxy.ini" || \ + sed -i -e 's/^\(plugin_list = .*\)$/\1 mysql_db/g' \ + "${ROOT}/etc/sshproxy/sshproxy.ini" + else + ewarn "Failed to create MySQL database!" + ewarn "If the database already existed and you want to replace it," + ewarn "hit Ctrl-C now and drop the old database by running the command:" + ewarn " /usr/bin/mysqladmin -h ${DB_HOST} -P ${DB_PORT} -u root -p drop sshproxy" + read -p "Hit Ctrl-C to stop the procedure or Enter to continue " key + fi + fi + + INITD_STARTUP="/etc/init.d/sshproxyd start" chroot "${ROOT}" \ + sshproxy-setup -u sshproxy -c /etc/sshproxy +} diff --git a/net-proxy/sshuttle/Manifest b/net-proxy/sshuttle/Manifest new file mode 100644 index 000000000000..79dba7b4164d --- /dev/null +++ b/net-proxy/sshuttle/Manifest @@ -0,0 +1 @@ +DIST sshuttle-0.61.tar.xz 181528 SHA256 78cea312c4bab6f6baa459131cb7739d9fae7d0df9e54efd48fc4ddd852042f5 SHA512 39687ecf0a9b78cc0f7dc576c3c036f5afb52050f17d793602e50c8a9ab8bb0f9eb3277cb2fffb1e9c0f5f652d96c6915aecf8a8da93697172d8cbef1161a986 WHIRLPOOL 9c8597d98306730fcab750094588310c03bafea473b54a2758e055a7bb4bb851b3edad4d2cf2995893a30ed4148b7fd8437820099042ff6c7c52a0dc279d6ebc diff --git a/net-proxy/sshuttle/metadata.xml b/net-proxy/sshuttle/metadata.xml new file mode 100644 index 000000000000..be10143d3fe7 --- /dev/null +++ b/net-proxy/sshuttle/metadata.xml @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>radhermit@gentoo.org</email> + <name>Tim Harder</name> + </maintainer> + <upstream> + <remote-id type="github">apenwarr/sshuttle</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/sshuttle/sshuttle-0.61-r3.ebuild b/net-proxy/sshuttle/sshuttle-0.61-r3.ebuild new file mode 100644 index 000000000000..249fe78233e6 --- /dev/null +++ b/net-proxy/sshuttle/sshuttle-0.61-r3.ebuild @@ -0,0 +1,40 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +PYTHON_COMPAT=( python2_7 ) + +inherit eutils linux-info python-single-r1 + +DESCRIPTION="Transparent proxy server that works as a poor man's VPN using ssh" +HOMEPAGE="https://github.com/apenwarr/sshuttle/" +SRC_URI="http://dev.gentoo.org/~radhermit/dist/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" + +DEPEND="app-arch/xz-utils" +RDEPEND="net-firewall/iptables" + +CONFIG_CHECK="~NETFILTER_XT_TARGET_HL ~IP_NF_TARGET_REDIRECT ~NF_NAT" + +pkg_setup() { + linux-info_pkg_setup + python-single-r1_pkg_setup +} + +src_compile() { :; } + +src_install() { + rm stresstest.py || die + python_moduleinto ${PN} + python_domodule *.py compat + python_optimize + + make_wrapper ${PN} "${EPYTHON} $(python_get_sitedir)/${PN}/main.py ${EPYTHON}" + + dodoc README.md + doman Documentation/${PN}.8 +} diff --git a/net-proxy/tayga/Manifest b/net-proxy/tayga/Manifest new file mode 100644 index 000000000000..edf4e64b0473 --- /dev/null +++ b/net-proxy/tayga/Manifest @@ -0,0 +1 @@ +DIST tayga-0.9.2.tar.bz2 86022 RMD160 fac5ee9e226f6ff5b46f2f7480b5b2b173bd9eca SHA1 9e3b13d60c2d3b47904718843a43b99e1889602d SHA256 2b1f7927a9d2dcff9095aff3c271924b052ccfd2faca9588b277431a44f0009c diff --git a/net-proxy/tayga/metadata.xml b/net-proxy/tayga/metadata.xml new file mode 100644 index 000000000000..59acc2cc580e --- /dev/null +++ b/net-proxy/tayga/metadata.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer> +<email>xmw@gentoo.org</email> +<name>Michael Weber</name> +</maintainer> +</pkgmetadata> + diff --git a/net-proxy/tayga/tayga-0.9.2.ebuild b/net-proxy/tayga/tayga-0.9.2.ebuild new file mode 100644 index 000000000000..fd6b4b645a82 --- /dev/null +++ b/net-proxy/tayga/tayga-0.9.2.ebuild @@ -0,0 +1,30 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=3 + +inherit autotools + +DESCRIPTION="out-of-kernel stateless NAT64 implementation based on TUN" +HOMEPAGE="http://www.litech.org/tayga/" +SRC_URI="http://www.litech.org/${PN}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64" +IUSE="" + +DEPEND="" +RDEPEND="${DEPEND}" + +src_prepare() { + sed -e '/^CFLAGS/d' \ + -i configure.ac + eautoreconf +} + +src_install() { + emake DESTDIR="${D}" install || die + dodoc README || die +} diff --git a/net-proxy/tinyproxy/Manifest b/net-proxy/tinyproxy/Manifest new file mode 100644 index 000000000000..dd9d4489eb1f --- /dev/null +++ b/net-proxy/tinyproxy/Manifest @@ -0,0 +1 @@ +DIST tinyproxy-1.8.3.tar.bz2 202430 SHA256 be559b54eb4772a703ad35239d1cb59d32f7cf8a739966742622d57df88b896e SHA512 69f1262b39d37f44a42621a0d25985632cdb790c8d9b49335a49a68c0f5237b97b111252856cba119895ac066770645560d2d7cd2de31f02103fa55fb4b3290c WHIRLPOOL f423b49e7cef6c98f69070e0598f4447cf8333cfc9e253dd6c459541922e5b2ed5c7604dc2e3f3de61a616d6381ff83df1625a8ad40a83d32d44f633ac98447c diff --git a/net-proxy/tinyproxy/files/tinyproxy-1.8.1-ldflags.patch b/net-proxy/tinyproxy/files/tinyproxy-1.8.1-ldflags.patch new file mode 100644 index 000000000000..bd40ec33e31a --- /dev/null +++ b/net-proxy/tinyproxy/files/tinyproxy-1.8.1-ldflags.patch @@ -0,0 +1,11 @@ +--- a/configure.ac 2010-03-09 12:41:45.000000000 +0100 ++++ b/configure.ac 2010-05-17 23:07:39.000000000 +0200 +@@ -222,7 +222,7 @@ + CFLAGS="-DNDEBUG $CFLAGS" + fi + +-LDFLAGS="-Wl,-z,defs" ++LDFLAGS="$LDFLAGS -Wl,-z,defs" + + dnl + dnl Make sure we can actually handle the "--with-*" and "--enable-*" stuff. diff --git a/net-proxy/tinyproxy/files/tinyproxy-1.8.1-minimal.patch b/net-proxy/tinyproxy/files/tinyproxy-1.8.1-minimal.patch new file mode 100644 index 000000000000..82793a8894d0 --- /dev/null +++ b/net-proxy/tinyproxy/files/tinyproxy-1.8.1-minimal.patch @@ -0,0 +1,10 @@ +--- a/Makefile.am ++++ b/Makefile.am +@@ -2,7 +2,6 @@ + src \ + data \ + etc \ +- docs \ + m4macros \ + tests + diff --git a/net-proxy/tinyproxy/files/tinyproxy-1.8.2.initd b/net-proxy/tinyproxy/files/tinyproxy-1.8.2.initd new file mode 100644 index 000000000000..d55aaaea5154 --- /dev/null +++ b/net-proxy/tinyproxy/files/tinyproxy-1.8.2.initd @@ -0,0 +1,45 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +CONFFILE="/etc/${SVCNAME}.conf" + +depend() { + use logger dns + need net +} + +checkconfig() { + if [ ! -f "${CONFFILE}" ]; then + eerror "Configuration file ${CONFFILE} not found!" + return 1 + fi + + PIDFILE=$(sed -n -e 's/^[[:space:]]*PidFile[[:space:]]\+"\(.*\)"[[:space:]]*$/\1/p' "${CONFFILE}") + return 0 +} + +start() { + checkconfig || return 1 + + ebegin "Starting tinyproxy" + if [ -n "${PIDFILE}" ]; then + start-stop-daemon --start --pidfile "${PIDFILE}" --startas /usr/sbin/tinyproxy -- -c "${CONFFILE}" + else + start-stop-daemon --start --exec /usr/sbin/tinyproxy -- -c "${CONFFILE}" + fi + eend $? +} + +stop() { + checkconfig || return 1 + + ebegin "Stopping tinyproxy" + if [ -n "${PIDFILE}" ]; then + start-stop-daemon --stop --pidfile "${PIDFILE}" + else + start-stop-daemon --stop --exec /usr/sbin/tinyproxy + fi + eend $? +} diff --git a/net-proxy/tinyproxy/files/tinyproxy-1.8.3-r2-DoS-Prevention.patch b/net-proxy/tinyproxy/files/tinyproxy-1.8.3-r2-DoS-Prevention.patch new file mode 100644 index 000000000000..059f178c1ee2 --- /dev/null +++ b/net-proxy/tinyproxy/files/tinyproxy-1.8.3-r2-DoS-Prevention.patch @@ -0,0 +1,183 @@ +https://banu.com/bugzilla/show_bug.cgi?id=110#c4 + +From 526215dbb4abb1cff9a170343fa50dbda9492eb1 Mon Sep 17 00:00:00 2001 +From: Michael Adam <obnox@samba.org> +Date: Fri, 15 Mar 2013 12:34:01 +0100 +Subject: [PATCH 1/2] [BB#110] secure the hashmaps by adding a seed + +Based on patch provided by gpernot@praksys.org on bugzilla. + +Signed-off-by: Michael Adam <obnox@samba.org> +--- + configure.ac | 2 ++ + src/child.c | 1 + + src/hashmap.c | 14 ++++++++------ + 3 files changed, 11 insertions(+), 6 deletions(-) + +diff --git a/configure.ac b/configure.ac +index ecbcba0..cc40e85 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -205,6 +205,8 @@ AC_CHECK_FUNCS([gethostname inet_ntoa memchr memset select socket strcasecmp \ + AC_CHECK_FUNCS([isascii memcpy setrlimit ftruncate regcomp regexec]) + AC_CHECK_FUNCS([strlcpy strlcat]) + ++AC_CHECK_FUNCS([time rand srand]) ++ + + dnl Enable extra warnings + DESIRED_FLAGS="-fdiagnostics-show-option -Wall -Wextra -Wno-unused-parameter -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -Wfloat-equal -Wundef -Wformat=2 -Wlogical-op -Wmissing-include-dirs -Wformat-nonliteral -Wold-style-definition -Wpointer-arith -Waggregate-return -Winit-self -Wpacked --std=c89 -ansi -pedantic -Wno-overlength-strings -Wc++-compat -Wno-long-long -Wno-overlength-strings -Wdeclaration-after-statement -Wredundant-decls -Wmissing-noreturn -Wshadow -Wendif-labels -Wcast-qual -Wcast-align -Wwrite-strings -Wp,-D_FORTIFY_SOURCE=2 -fno-common" +diff --git a/src/child.c b/src/child.c +index 34e20e0..0d778d9 100644 +--- a/src/child.c ++++ b/src/child.c +@@ -196,6 +196,7 @@ static void child_main (struct child_s *ptr) + } + + ptr->connects = 0; ++ srand(time(NULL)); + + while (!config.quit) { + ptr->status = T_WAITING; +diff --git a/src/hashmap.c b/src/hashmap.c +index f46fdcb..8cf7c6b 100644 +--- a/src/hashmap.c ++++ b/src/hashmap.c +@@ -50,6 +50,7 @@ struct hashbucket_s { + }; + + struct hashmap_s { ++ uint32_t seed; + unsigned int size; + hashmap_iter end_iterator; + +@@ -65,7 +66,7 @@ struct hashmap_s { + * + * If any of the arguments are invalid a negative number is returned. + */ +-static int hashfunc (const char *key, unsigned int size) ++static int hashfunc (const char *key, unsigned int size, uint32_t seed) + { + uint32_t hash; + +@@ -74,7 +75,7 @@ static int hashfunc (const char *key, unsigned int size) + if (size == 0) + return -ERANGE; + +- for (hash = tolower (*key++); *key != '\0'; key++) { ++ for (hash = seed; *key != '\0'; key++) { + uint32_t bit = (hash & 1) ? (1 << (sizeof (uint32_t) - 1)) : 0; + + hash >>= 1; +@@ -104,6 +105,7 @@ hashmap_t hashmap_create (unsigned int nbuckets) + if (!ptr) + return NULL; + ++ ptr->seed = (uint32_t)rand(); + ptr->size = nbuckets; + ptr->buckets = (struct hashbucket_s *) safecalloc (nbuckets, + sizeof (struct +@@ -201,7 +203,7 @@ hashmap_insert (hashmap_t map, const char *key, const void *data, size_t len) + if (!data || len < 1) + return -ERANGE; + +- hash = hashfunc (key, map->size); ++ hash = hashfunc (key, map->size, map->seed); + if (hash < 0) + return hash; + +@@ -382,7 +384,7 @@ ssize_t hashmap_search (hashmap_t map, const char *key) + if (map == NULL || key == NULL) + return -EINVAL; + +- hash = hashfunc (key, map->size); ++ hash = hashfunc (key, map->size, map->seed); + if (hash < 0) + return hash; + +@@ -416,7 +418,7 @@ ssize_t hashmap_entry_by_key (hashmap_t map, const char *key, void **data) + if (!map || !key || !data) + return -EINVAL; + +- hash = hashfunc (key, map->size); ++ hash = hashfunc (key, map->size, map->seed); + if (hash < 0) + return hash; + +@@ -451,7 +453,7 @@ ssize_t hashmap_remove (hashmap_t map, const char *key) + if (map == NULL || key == NULL) + return -EINVAL; + +- hash = hashfunc (key, map->size); ++ hash = hashfunc (key, map->size, map->seed); + if (hash < 0) + return hash; + +-- +1.7.9.5 + +https://banu.com/bugzilla/show_bug.cgi?id=110#c5 + +From f1189daec6866efeb44f24073cd19d7ece86e537 Mon Sep 17 00:00:00 2001 +From: Michael Adam <obnox@samba.org> +Date: Fri, 15 Mar 2013 13:10:01 +0100 +Subject: [PATCH 2/2] [BB#110] limit the number of headers per request to + prevent DoS + +Based on patch provided by gpernot@praksys.org on bugzilla. + +Signed-off-by: Michael Adam <obnox@samba.org> +--- + src/reqs.c | 17 ++++++++++++++++- + 1 file changed, 16 insertions(+), 1 deletion(-) + +diff --git a/src/reqs.c b/src/reqs.c +index 2de43a8..af014ba 100644 +--- a/src/reqs.c ++++ b/src/reqs.c +@@ -611,12 +611,19 @@ add_header_to_connection (hashmap_t hashofheaders, char *header, size_t len) + } + + /* ++ * define max number of headers. ++ * big enough to handle legitimate cases, but limited to avoid DoS ++ */ ++#define MAX_HEADERS 10000 ++ ++/* + * Read all the headers from the stream + */ + static int get_all_headers (int fd, hashmap_t hashofheaders) + { + char *line = NULL; + char *header = NULL; ++ int count; + char *tmp; + ssize_t linelen; + ssize_t len = 0; +@@ -625,7 +632,7 @@ static int get_all_headers (int fd, hashmap_t hashofheaders) + assert (fd >= 0); + assert (hashofheaders != NULL); + +- for (;;) { ++ for (count = 0; count < MAX_HEADERS; count++) { + if ((linelen = readline (fd, &line)) <= 0) { + safefree (header); + safefree (line); +@@ -691,6 +698,14 @@ static int get_all_headers (int fd, hashmap_t hashofheaders) + + safefree (line); + } ++ ++ /* ++ * if we get there, this is we reached MAX_HEADERS count ++ * bail out with error ++ */ ++ safefree (header); ++ safefree (line); ++ return -1; + } + + /* +-- +1.7.9.5 diff --git a/net-proxy/tinyproxy/files/tinyproxy-1.8.3-r2.initd b/net-proxy/tinyproxy/files/tinyproxy-1.8.3-r2.initd new file mode 100644 index 000000000000..6342a5dce18e --- /dev/null +++ b/net-proxy/tinyproxy/files/tinyproxy-1.8.3-r2.initd @@ -0,0 +1,41 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +get_config() { + res=$(awk '$1 == "'$1'" { s=$2 } END { print s }' "$CONFFILE") + + if [ "x$res" = "x" ]; then + echo "$2" + else + eval echo "$res" + fi +} + +: ${CONFFILE:="/etc/${SVCNAME}.conf"} + +command=/usr/sbin/tinyproxy +command_args="-c ${CONFFILE}" +pidfile=$(get_config PidFile /run/tinyproxy/${SVCNAME}.pid) + +depend() { + config "$CONFFILE" + + use dns + + [ "$(get_config Syslog Off)" = "On" ] && \ + use logger +} + +start_pre() { + piddir=$(dirname ${pidfile}) + + if [ "${piddir}" = "/run" ]; then + eerror "Please change your PidFile settings to be within the" + eerror "/run/tinyproxy directory" + eend 1 + else + checkpath -d -o $(get_config User tinyproxy):$(get_config Group tinyproxy) ${piddir} + fi +} diff --git a/net-proxy/tinyproxy/files/tinyproxy-1.8.3.initd b/net-proxy/tinyproxy/files/tinyproxy-1.8.3.initd new file mode 100644 index 000000000000..0539996033eb --- /dev/null +++ b/net-proxy/tinyproxy/files/tinyproxy-1.8.3.initd @@ -0,0 +1,41 @@ +#!/sbin/runscript +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +get_config() { + res=$(awk '$1 == "'$1'" { s=$2 } END { print s }' "$CONFFILE") + + if [ "x$res" = "x" ]; then + echo "$2" + else + eval echo "$res" + fi +} + +: ${CONFFILE:="/etc/${SVCNAME}.conf"} + +command=/usr/sbin/tinyproxy +command_args="-c ${CONFFILE}" +pidfile=$(get_config PidFile /var/run/tinyproxy/${SVCNAME}.pid) + +depend() { + config "$CONFFILE" + + use dns + + [ "$(get_config Syslog Off)" = "On" ] && \ + use logger +} + +start_pre() { + piddir=$(dirname ${pidfile}) + + if [ "${piddir}" = "/var/run" ]; then + eerror "Please change your PidFile settings to be within the" + eerror "/var/run/tinyproxy directory" + eend 1 + else + checkpath -d -o $(get_config User tinyproxy):$(get_config Group tinyproxy) ${piddir} + fi +} diff --git a/net-proxy/tinyproxy/files/tinyproxy.service b/net-proxy/tinyproxy/files/tinyproxy.service new file mode 100644 index 000000000000..4d860df76938 --- /dev/null +++ b/net-proxy/tinyproxy/files/tinyproxy.service @@ -0,0 +1,9 @@ +[Unit] +Description=Tinyproxy Web Proxy Server +After=network.target + +[Service] +ExecStart=/usr/sbin/tinyproxy -d -c /etc/tinyproxy.conf + +[Install] +WantedBy=multi-user.target diff --git a/net-proxy/tinyproxy/files/tinyproxy.tmpfiles.conf b/net-proxy/tinyproxy/files/tinyproxy.tmpfiles.conf new file mode 100644 index 000000000000..80251df0d20c --- /dev/null +++ b/net-proxy/tinyproxy/files/tinyproxy.tmpfiles.conf @@ -0,0 +1 @@ +d /var/run/tinyproxy 0770 tinyproxy tinyproxy - diff --git a/net-proxy/tinyproxy/metadata.xml b/net-proxy/tinyproxy/metadata.xml new file mode 100644 index 000000000000..32a47aa24c86 --- /dev/null +++ b/net-proxy/tinyproxy/metadata.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>A lightweight HTTP/SSL proxy</longdescription> +<use> + <flag name='filter-proxy'>Enable filtering of domains/URLS</flag> + <flag name='reverse-proxy'>Enable reverse proxying</flag> + <flag name='transparent-proxy'>Enable transparent proxying</flag> + <flag name='upstream-proxy'>Enable upstream proxying</flag> + <flag name='xtinyproxy-header'>Include the X-Tinyproxy header</flag> +</use> +</pkgmetadata> diff --git a/net-proxy/tinyproxy/tinyproxy-1.8.3-r3.ebuild b/net-proxy/tinyproxy/tinyproxy-1.8.3-r3.ebuild new file mode 100644 index 000000000000..f31cf7d3f297 --- /dev/null +++ b/net-proxy/tinyproxy/tinyproxy-1.8.3-r3.ebuild @@ -0,0 +1,85 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit autotools eutils systemd user + +DESCRIPTION="A lightweight HTTP/SSL proxy" +HOMEPAGE="http://www.banu.com/tinyproxy/" +SRC_URI="http://www.banu.com/pub/${PN}/1.8/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 ~arm ia64 ppc sparc x86" + +IUSE="test debug +filter-proxy minimal reverse-proxy + transparent-proxy +upstream-proxy +xtinyproxy-header" + +REQUIRED_USE="test? ( xtinyproxy-header )" + +DEPEND="!minimal? ( app-text/asciidoc )" + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} "" "" "" ${PN} +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-1.8.1-ldflags.patch + epatch "${FILESDIR}"/${P}-r2-DoS-Prevention.patch + + use minimal && epatch "${FILESDIR}/${PN}-1.8.1-minimal.patch" + + sed -i \ + -e "s|nobody|${PN}|g" \ + -e 's|/var/run/|/run/|g' \ + etc/${PN}.conf.in || die "sed failed" + + sed -i \ + -e 's|AM_CONFIG_HEADER|AC_CONFIG_HEADERS|g' \ + configure.ac || die + + eautoreconf +} + +src_configure() { + if use minimal; then + ln -s /bin/true "${T}"/a2x + export PATH="${T}:${PATH}" + fi + + econf \ + $(use_enable debug) \ + $(use_enable filter-proxy filter) \ + $(use_enable reverse-proxy reverse) \ + $(use_enable transparent-proxy transparent) \ + $(use_enable upstream-proxy upstream) \ + $(use_enable xtinyproxy-header xtinyproxy) \ + --disable-silent-rules \ + --localstatedir=/var +} + +src_test() { + # The make check target does not run the test suite + emake test +} + +src_install() { + default + + dodoc AUTHORS ChangeLog NEWS README TODO + + diropts -m0775 -o ${PN} -g ${PN} + keepdir /var/log/${PN} + + newinitd "${FILESDIR}"/${PN}-1.8.3-r2.initd tinyproxy + systemd_dounit "${FILESDIR}"/${PN}.service + systemd_dotmpfilesd "${FILESDIR}"/${PN}.tmpfiles.conf +} + +pkg_postinst() { + elog "For filtering domains and URLs, enable filter option in the configuration" + elog "file and add them to the filter file (one domain or URL per line)." +} diff --git a/net-proxy/torsocks/Manifest b/net-proxy/torsocks/Manifest new file mode 100644 index 000000000000..2d5c11425c2c --- /dev/null +++ b/net-proxy/torsocks/Manifest @@ -0,0 +1,2 @@ +DIST torsocks-1.2.tar.gz 456453 SHA256 bea57d3624d723724fd1e260f0e6b2a354c0da742c023aa994c7692270d111d4 SHA512 c48cf466c1d4f6204c90ccb5f741d14304b24651d18d080a73952b9a06bbe146e3f6e6c4343ed06ed7a73714d86561cde3eba369e17fc4e155f3553a8d0f3890 WHIRLPOOL af892c2a6f8070308f6867154c50ee8ce6fd20c761dbd6466ea1ae3b46730452ce0757e9de8bf698f8bd455649f3f76a4e9a0bd883408f464c619c1d41e937cf +DIST torsocks-2.0.0.tar.gz 96281 SHA256 a01f9e5ccc8a6e1d4e13704581ec9675129c147d10d08f86635f7bceb8001f48 SHA512 fa30244a5a06c6371a86090088b3abe9f4513eefce90580e7c7899843887b8a1eac641500dee81e576f27fa0f1b447b34f7b8300a889bcda2119779deb69d77d WHIRLPOOL 41ea31225866c50153dd0d46bc0659311835c5617f42a3c8275d5046cc0019fc4caa0ab9ef06d1b3552c1f082cb01a2036fc14c61a061378d01f988ff586a9c5 diff --git a/net-proxy/torsocks/files/avoid-pie-static.patch b/net-proxy/torsocks/files/avoid-pie-static.patch new file mode 100644 index 000000000000..75565569b6e9 --- /dev/null +++ b/net-proxy/torsocks/files/avoid-pie-static.patch @@ -0,0 +1,67 @@ +We need to avoid tests which have -static and -pie together. + +See https://bugs.gentoo.org/show_bug.cgi?id=533862 + +diff -Naur torsocks-2.0.0.orig/configure.ac torsocks-2.0.0/configure.ac +--- torsocks-2.0.0.orig/configure.ac 2014-08-11 12:44:46.000000000 -0400 ++++ torsocks-2.0.0/configure.ac 2015-01-11 12:00:21.174826622 -0500 +@@ -144,24 +144,6 @@ + # Version information for libtorsocks + TORSOCKSLDFLAGS="$LDFLAGS -version-info 1:0:0" + +-# Check for the gcc hardening flags. +-AX_CHECK_COMPILE_FLAG([-fPIE],[CFLAGS="$CFLAGS -fPIE"],[],[]) +-AX_CHECK_COMPILE_FLAG([-fwrapv],[CFLAGS="$CFLAGS -fwrapv"],[],[]) +-AX_CHECK_COMPILE_FLAG([--param ssp-buffer-size=1], +- [CFLAGS="$CFLAGS --param ssp-buffer-size=1"],[],[]) +-AX_CHECK_COMPILE_FLAG([-fstack-protector-all], +- [CFLAGS="$CFLAGS -fstack-protector-all"],[],[] +-) +-AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], +- [CFLAGS="$CFLAGS -fno-strict-overflow"],[],[] +-) +- +-dnl Add hardening linker flags +-AX_CHECK_LINK_FLAG([-pie],[LDFLAGS="$LDFLAGS -pie"],[],[]) +-AX_CHECK_LINK_FLAG([-z relro],[LDFLAGS="$LDFLAGS -z relro"],[],[]) +-AX_CHECK_LINK_FLAG([-z now],[LDFLAGS="$LDFLAGS -z now"],[],[]) +-LDFLAGS="$LDFLAGS -D_FORTIFY_SOURCE=2" +- + dnl Linker checks for Mac OSX, which uses DYLD_INSERT_LIBRARIES + dnl instead of LD_PRELOAD + case "$host_os" in +@@ -255,6 +237,34 @@ + DEFAULT_INCLUDES="-I\$(top_srcdir) -I\$(top_builddir) -I\$(top_builddir)/src -I\$(top_builddir)/include -include config.h" + AC_SUBST(DEFAULT_INCLUDES) + ++############################################################################## ++# 9. Test and add hardening flags ++############################################################################## ++ ++# Check for the gcc hardening flags. ++AX_CHECK_COMPILE_FLAG([-fPIE],[CFLAGS="$CFLAGS -fPIE"],[],[]) ++AX_CHECK_COMPILE_FLAG([-fwrapv],[CFLAGS="$CFLAGS -fwrapv"],[],[]) ++AX_CHECK_COMPILE_FLAG([--param ssp-buffer-size=1], ++ [CFLAGS="$CFLAGS --param ssp-buffer-size=1"],[],[]) ++AX_CHECK_COMPILE_FLAG([-fstack-protector-all], ++ [CFLAGS="$CFLAGS -fstack-protector-all"],[],[] ++) ++AX_CHECK_COMPILE_FLAG([-fno-strict-overflow], ++ [CFLAGS="$CFLAGS -fno-strict-overflow"],[],[] ++) ++ ++dnl Add hardening linker flags ++AX_CHECK_LINK_FLAG([-pie],[LDFLAGS="$LDFLAGS -pie"],[],[]) ++AX_CHECK_LINK_FLAG([-z relro],[LDFLAGS="$LDFLAGS -z relro"],[],[]) ++AX_CHECK_LINK_FLAG([-z now],[LDFLAGS="$LDFLAGS -z now"],[],[]) ++ ++dnl Add glibc hardening ++CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2" ++ ++############################################################################## ++# 10. Finish up ++############################################################################## ++ + AC_CONFIG_FILES([ + Makefile + extras/Makefile diff --git a/net-proxy/torsocks/files/fix-docdir-r2.patch b/net-proxy/torsocks/files/fix-docdir-r2.patch new file mode 100644 index 000000000000..05986ece2d0f --- /dev/null +++ b/net-proxy/torsocks/files/fix-docdir-r2.patch @@ -0,0 +1,21 @@ +diff -Naur torsocks-2.0.0-rc2.orig/doc/Makefile.am torsocks-2.0.0-rc2/doc/Makefile.am +--- torsocks-2.0.0-rc2.orig/doc/Makefile.am 2013-09-02 14:06:44.000000000 -0400 ++++ torsocks-2.0.0-rc2/doc/Makefile.am 2013-09-17 14:19:37.769272561 -0400 +@@ -6,5 +6,5 @@ + dist_man5_MANS = torsocks.conf.5 + dist_man8_MANS = torsocks.8 + +-dist_data_DATA = socks/SOCKS5 socks/socks-extensions.txt notes/DEBUG ++#dist_data_DATA = socks/SOCKS5 socks/socks-extensions.txt notes/DEBUG + +diff -Naur torsocks-2.0.0-rc2.orig/Makefile.am torsocks-2.0.0-rc2/Makefile.am +--- torsocks-2.0.0-rc2.orig/Makefile.am 2013-09-02 14:06:44.000000000 -0400 ++++ torsocks-2.0.0-rc2/Makefile.am 2013-09-17 14:20:07.945273935 -0400 +@@ -2,6 +2,6 @@ + + SUBDIRS = src doc tests + +-dist_doc_DATA = ChangeLog ++#dist_doc_DATA = ChangeLog + + EXTRA_DIST = gpl-2.0.txt diff --git a/net-proxy/torsocks/files/fix-docdir.patch b/net-proxy/torsocks/files/fix-docdir.patch new file mode 100644 index 000000000000..899c15b16721 --- /dev/null +++ b/net-proxy/torsocks/files/fix-docdir.patch @@ -0,0 +1,24 @@ +diff -Naur torsocks-1.2.orig/doc/Makefile.am torsocks-1.2/doc/Makefile.am +--- torsocks-1.2.orig/doc/Makefile.am 2011-10-26 14:30:26.000000000 -0400 ++++ torsocks-1.2/doc/Makefile.am 2011-12-26 20:05:40.000000000 -0500 +@@ -7,8 +7,6 @@ + # Install man pages + dist_man_MANS = torsocks.1 torsocks.8 usewithtor.1 torsocks.conf.5 + +-dist_data_DATA = socks/SOCKS5 socks/SOCKS4.protocol socks/socks-extensions.txt \ +- patches/compilewarnings.patch patches/conffile.patch patches/getaddrbyhost.patch \ +- patches/getpeername.patch patches/infiniteloop.patch patches/localaddresses.patch \ +- patches/README patches/README.TORDNS patches/tordns.patch notes/DEBUG ++dist_doc_DATA = socks/SOCKS5 socks/SOCKS4.protocol socks/socks-extensions.txt \ ++ notes/DEBUG + +diff -Naur torsocks-1.2.orig/test/Makefile.am torsocks-1.2/test/Makefile.am +--- torsocks-1.2.orig/test/Makefile.am 2011-10-26 14:21:57.000000000 -0400 ++++ torsocks-1.2/test/Makefile.am 2011-12-26 20:04:34.000000000 -0500 +@@ -4,4 +4,4 @@ + test_torsocks_LDFLAGS= $(TESTLDFLAGS) + CLEANFILES= test_torsocks + +-dist_data_DATA = run_tests.sh expectedresults.txt +\ No newline at end of file ++dist_doc_DATA = run_tests.sh expectedresults.txt diff --git a/net-proxy/torsocks/files/fix-find-libc.so.patch b/net-proxy/torsocks/files/fix-find-libc.so.patch new file mode 100644 index 000000000000..0fb1949116e1 --- /dev/null +++ b/net-proxy/torsocks/files/fix-find-libc.so.patch @@ -0,0 +1,12 @@ +diff -Nuar torsocks-2.0.0-rc3.orig/configure.ac torsocks-2.0.0-rc3/configure.ac +--- torsocks-2.0.0-rc3.orig/configure.ac 2013-11-03 13:24:51.000000000 -0500 ++++ torsocks-2.0.0-rc3/configure.ac 2014-01-26 12:49:55.157606016 -0500 +@@ -132,7 +132,7 @@ + dnl Get libc full system path. Use prefix or some hardcoded standard + dnl location on Unixish system. + AC_MSG_CHECKING(location of libc.so) +-for DIR in "$prefix/lib" "$prefix/usr/lib" '/lib' '/usr/lib'; do ++for DIR in "$prefix/lib*" "$prefix/usr/lib*" '/lib*' '/usr/lib*'; do + if test "${LIBC_PATH}" = ""; then + LIBC_PATH=`$FIND $DIR -name "libc.so.?" 2>/dev/null | $TAIL -1` + fi diff --git a/net-proxy/torsocks/files/suppress-warning-msgs.patch b/net-proxy/torsocks/files/suppress-warning-msgs.patch new file mode 100644 index 000000000000..7470b9fa7f4b --- /dev/null +++ b/net-proxy/torsocks/files/suppress-warning-msgs.patch @@ -0,0 +1,15 @@ +--- torsocks-1.2.orig/src/torsocks.c 2011-10-25 17:49:50.000000000 -0400 ++++ torsocks-1.2/src/torsocks.c 2012-02-21 11:09:20.000000000 -0500 +@@ -124,9 +124,9 @@ + #define LOAD_ERROR(s,l) { \ + const char *error; \ + error = dlerror(); \ +- show_msg(l, "The symbol %s() was not found in any shared " \ +- "library. The error reported was: %s!\n", s, \ +- (error)?error:"not found"); \ ++ if (error) \ ++ show_msg(l, "The symbol %s() was not found in any shared " \ ++ "library. The error reported was: %s!\n", s, error); \ + dlerror(); \ + } + pthread_mutex_lock(&torsocks_init_mutex); diff --git a/net-proxy/torsocks/metadata.xml b/net-proxy/torsocks/metadata.xml new file mode 100644 index 000000000000..0cc1d997959b --- /dev/null +++ b/net-proxy/torsocks/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>blueness@gentoo.org</email> + <name>Anthony G. Basile</name> + </maintainer> + <upstream> + <remote-id type="google-code">torsocks</remote-id> + <remote-id type="github">dgoulet/torsocks</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/torsocks/torsocks-1.2-r2.ebuild b/net-proxy/torsocks/torsocks-1.2-r2.ebuild new file mode 100644 index 000000000000..9540b8e18cf3 --- /dev/null +++ b/net-proxy/torsocks/torsocks-1.2-r2.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +inherit autotools eutils multilib + +DESCRIPTION="Use most socks-friendly applications with Tor" +HOMEPAGE="http://code.google.com/p/torsocks" +SRC_URI="http://${PN}.googlecode.com/files/${PN}-1.2.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="static-libs" + +# We do not depend on tor which might be running on a different box +DEPEND="" +RDEPEND="${DEPEND}" + +src_prepare() { + epatch "${FILESDIR}"/suppress-warning-msgs.patch + epatch "${FILESDIR}"/fix-docdir.patch + eautoreconf +} + +src_configure() { + econf --docdir=/usr/share/doc/${PF} \ + $(use_enable static-libs static) +} + +src_install() { + emake DESTDIR="${D}" install + + dodoc README TODO INSTALL ChangeLog + + #Remove libtool .la files + cd "${D}"/usr/$(get_libdir)/torsocks + rm -f *.la +} diff --git a/net-proxy/torsocks/torsocks-1.2.ebuild b/net-proxy/torsocks/torsocks-1.2.ebuild new file mode 100644 index 000000000000..3558eca822bf --- /dev/null +++ b/net-proxy/torsocks/torsocks-1.2.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 + +inherit multilib + +DESCRIPTION="Use most socks-friendly applications with Tor" +HOMEPAGE="http://code.google.com/p/torsocks" +SRC_URI="http://${PN}.googlecode.com/files/${PN}-1.2.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~x86" +IUSE="static-libs" + +# We do not depend on tor which might be running on a different box +DEPEND="" +RDEPEND="${DEPEND}" + +src_configure() { + econf $(use_enable static-libs static) +} + +src_install() { + emake DESTDIR="${D}" install + + #Remove libtool .la files + cd "${D}"/usr/$(get_libdir)/torsocks + rm -f *.la +} diff --git a/net-proxy/torsocks/torsocks-2.0.0-r1.ebuild b/net-proxy/torsocks/torsocks-2.0.0-r1.ebuild new file mode 100644 index 000000000000..fd649a2a70de --- /dev/null +++ b/net-proxy/torsocks/torsocks-2.0.0-r1.ebuild @@ -0,0 +1,51 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 + +inherit autotools eutils multilib versionator + +MY_PV="$(replace_version_separator 3 -)" +MY_PF="${PN}-${MY_PV}" +S=${WORKDIR}/${MY_PF} + +DESCRIPTION="Use most socks-friendly applications with Tor" +HOMEPAGE="http://github.com/dgoulet/torsocks" +SRC_URI="https://github.com/dgoulet/torsocks/archive/v${MY_PV}.tar.gz -> ${MY_PF}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~x86" +IUSE="static-libs" + +# We do not depend on tor which might be running on a different box +DEPEND="" +RDEPEND="${DEPEND}" + +src_prepare() { + sed -i -e "/dist_doc_DATA/s/^/#/" Makefile.am doc/Makefile.am || die + + # Disable tests requiring network access. + sed -i -e '/^\.\/test_dns$/d' tests/test_list || \ + die "failed to disable network tests" + + # Bug #533862 + epatch "${FILESDIR}"/avoid-pie-static.patch + + eautoreconf +} + +src_configure() { + econf $(use_enable static-libs static) +} + +src_install() { + default + + dodoc ChangeLog README.md TODO doc/notes/DEBUG doc/socks/{SOCKS5,socks-extensions.txt} + + #Remove libtool .la files + cd "${D}"/usr/$(get_libdir)/torsocks + rm -f *.la +} diff --git a/net-proxy/tsocks/Manifest b/net-proxy/tsocks/Manifest new file mode 100644 index 000000000000..40018b2c2b48 --- /dev/null +++ b/net-proxy/tsocks/Manifest @@ -0,0 +1,3 @@ +DIST tsocks-1.8b5-tordns1-gentoo-r1.patch.gz 20060 SHA256 d49f0eede6cf59a2e911ddf3ec14e880626369e94037c9ad853cf530ce5971dd +DIST tsocks-1.8b5-tordns1-gentoo-r3.patch.xz 18468 SHA256 4b25f473ef08ce698bd12a92d65b3e6dffb706ec76289db8d5b75fac0bca16f8 SHA512 86cbc7a8733e9f9e19e0924d2a2b8481a66eb67a8d548b90c7bd02cc6ae42064a295ee6a002cf19a7b3d7d811388db2a34b641d9dbe239f4c0bc8a1f78c90682 WHIRLPOOL 5a4228be84b4797121b8deaf52c1030ea2d6716694f14602a473deca4919753abe5df9608e28056dcaecb8e57bbb0b5a290b7bcdacbda17fdc12df08a0f29fcb +DIST tsocks-1.8beta5.tar.gz 83928 SHA256 849d7ef5af80d03e76cc05ed9fb8fa2bcc2b724b51ebfd1b6be11c7863f5b347 SHA512 b41636ea6b77abf0d1e3cda7bbca4e7ee96f3cdb1843f3a2c530650931e5567f67921de67b28ba9bab0f51df39770a3f7fb458cf7ac78aad7aa861923df2c4a9 WHIRLPOOL 9b50f66d63c870a37111450d76ea027fab79ecc4f62be8d6fab380f9fbfa6d1573f8bad5afe284571de3ee557460454826967449518d7665a80f563a2cfe5151 diff --git a/net-proxy/tsocks/files/tsocks-1.8_beta5-bsd.patch b/net-proxy/tsocks/files/tsocks-1.8_beta5-bsd.patch new file mode 100644 index 000000000000..e003475da5a3 --- /dev/null +++ b/net-proxy/tsocks/files/tsocks-1.8_beta5-bsd.patch @@ -0,0 +1,22 @@ +Index: tsocks-1.8/configure.in +=================================================================== +--- tsocks-1.8.orig/configure.in ++++ tsocks-1.8/configure.in +@@ -122,7 +122,7 @@ LIBS= + + dnl Checks for libraries. + dnl Replace `main' with a function in -ldl: +-AC_CHECK_LIB(dl, dlsym,,AC_MSG_ERROR("libdl is required")) ++AC_CHECK_FUNC([dlsym], [], [AC_CHECK_LIB(dl, dlsym,,AC_MSG_ERROR("libdl is required"))]) + + dnl If we're using gcc here define _GNU_SOURCE + AC_MSG_CHECKING("for RTLD_NEXT from dlfcn.h") +@@ -312,7 +312,7 @@ AC_DEFINE_UNQUOTED(CLOSE_SIGNATURE, [${P + dnl Find the correct poll prototype on this machine + AC_MSG_CHECKING(for correct poll prototype) + PROTO= +-for testproto in 'struct pollfd *ufds, unsigned long nfds, int timeout' ++for testproto in 'struct pollfd *ufds, unsigned long nfds, int timeout' 'struct pollfd ufds[[]], nfds_t nfds, int timeout' + do + if test "${PROTO}" = ""; then + AC_TRY_COMPILE([ diff --git a/net-proxy/tsocks/files/tsocks-1.8_beta5-flags.patch b/net-proxy/tsocks/files/tsocks-1.8_beta5-flags.patch new file mode 100644 index 000000000000..70d8786c196b --- /dev/null +++ b/net-proxy/tsocks/files/tsocks-1.8_beta5-flags.patch @@ -0,0 +1,31 @@ +--- tsocks-1.8.orig/Makefile.in 2002-03-16 11:12:40.000000000 +0100 ++++ tsocks-1.8/Makefile.in 2009-06-20 13:56:56.000000000 +0200 +@@ -28,6 +28,7 @@ + INSTALL = @INSTALL@ + INSTALL_DATA = @INSTALL_DATA@ + CFLAGS = @CFLAGS@ ++LDFLAGS = @LDFLAGS@ + INCLUDES = -I. + LIBS = @LIBS@ + SPECIALLIBS = @SPECIALLIBS@ +@@ -41,16 +42,16 @@ + all: ${TARGETS} + + ${VALIDATECONF}: ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o +- ${SHCC} ${CFLAGS} ${INCLUDES} -o ${VALIDATECONF} ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o ${LIBS} ++ ${SHCC} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -o ${VALIDATECONF} ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o ${LIBS} + + ${INSPECT}: ${INSPECT}.c ${COMMON}.o +- ${SHCC} ${CFLAGS} ${INCLUDES} -o ${INSPECT} ${INSPECT}.c ${COMMON}.o ${LIBS} ++ ${SHCC} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -o ${INSPECT} ${INSPECT}.c ${COMMON}.o ${LIBS} + + ${SAVE}: ${SAVE}.c +- ${SHCC} ${CFLAGS} ${INCLUDES} -static -o ${SAVE} ${SAVE}.c ++ ${SHCC} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -o ${SAVE} ${SAVE}.c + + ${SHLIB}: ${OBJS} ${COMMON}.o ${PARSER}.o +- ${SHCC} ${CFLAGS} ${INCLUDES} -nostdlib -shared -o ${SHLIB} ${OBJS} ${COMMON}.o ${PARSER}.o ${DYNLIB_FLAGS} ${SPECIALLIBS} ${LIBS} ++ ${SHCC} ${CFLAGS} ${LDFLAGS} ${INCLUDES} -nostdlib -shared -o ${SHLIB} ${OBJS} ${COMMON}.o ${PARSER}.o ${DYNLIB_FLAGS} ${SPECIALLIBS} ${LIBS} + ln -sf ${SHLIB} ${LIB_NAME}.so + + %.so: %.c diff --git a/net-proxy/tsocks/files/tsocks-1.8_beta5-gentoo-r3.patch b/net-proxy/tsocks/files/tsocks-1.8_beta5-gentoo-r3.patch new file mode 100644 index 000000000000..1c9dd18cd59d --- /dev/null +++ b/net-proxy/tsocks/files/tsocks-1.8_beta5-gentoo-r3.patch @@ -0,0 +1,133 @@ +diff -Nru tsocks-1.8.orig/Makefile.in tsocks-1.8/Makefile.in +--- tsocks-1.8.orig/Makefile.in 2002-03-16 11:12:40.000000000 +0100 ++++ tsocks-1.8/Makefile.in 2009-06-20 13:56:56.000000000 +0200 +@@ -28,6 +28,7 @@ + INSTALL = @INSTALL@ + INSTALL_DATA = @INSTALL_DATA@ + CFLAGS = @CFLAGS@ ++LDFLAGS = @LDFLAGS@ + INCLUDES = -I. + LIBS = @LIBS@ + SPECIALLIBS = @SPECIALLIBS@ +@@ -41,16 +42,16 @@ + all: ${TARGETS} + + ${VALIDATECONF}: ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o +- ${SHCC} ${CFLAGS} ${INCLUDES} -o ${VALIDATECONF} ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o ${LIBS} ++ ${SHCC} ${LDFLAGS} ${INCLUDES} -o ${VALIDATECONF} ${VALIDATECONF}.c ${COMMON}.o ${PARSER}.o ${LIBS} + + ${INSPECT}: ${INSPECT}.c ${COMMON}.o +- ${SHCC} ${CFLAGS} ${INCLUDES} -o ${INSPECT} ${INSPECT}.c ${COMMON}.o ${LIBS} ++ ${SHCC} ${LDFLAGS} ${INCLUDES} -o ${INSPECT} ${INSPECT}.c ${COMMON}.o ${LIBS} + + ${SAVE}: ${SAVE}.c +- ${SHCC} ${CFLAGS} ${INCLUDES} -static -o ${SAVE} ${SAVE}.c ++ ${SHCC} ${LDFLAGS} ${INCLUDES} -o ${SAVE} ${SAVE}.c + + ${SHLIB}: ${OBJS} ${COMMON}.o ${PARSER}.o +- ${SHCC} ${CFLAGS} ${INCLUDES} -nostdlib -shared -o ${SHLIB} ${OBJS} ${COMMON}.o ${PARSER}.o ${DYNLIB_FLAGS} ${SPECIALLIBS} ${LIBS} ++ ${SHCC} ${LDFLAGS} ${INCLUDES} -nostdlib -shared -o ${SHLIB} ${OBJS} ${COMMON}.o ${PARSER}.o ${DYNLIB_FLAGS} ${SPECIALLIBS} ${LIBS} + ln -sf ${SHLIB} ${LIB_NAME}.so + + %.so: %.c +diff -Nru tsocks-1.8.orig/tsocks tsocks-1.8/tsocks +--- tsocks-1.8.orig/tsocks 2002-03-16 11:27:18.000000000 +0100 ++++ tsocks-1.8/tsocks 2009-06-20 13:56:38.000000000 +0200 +@@ -46,14 +46,14 @@ + on) + if [ -z "$LD_PRELOAD" ] + then +- export LD_PRELOAD="/usr/lib/libtsocks.so" ++ export LD_PRELOAD="/lib/libtsocks.so" + else +- echo $LD_PRELOAD | grep -q "/usr/lib/libtsocks\.so" || \ +- export LD_PRELOAD="/usr/lib/libtsocks.so $LD_PRELOAD" ++ echo $LD_PRELOAD | grep -q "/lib/libtsocks\.so" || \ ++ export LD_PRELOAD="/lib/libtsocks.so $LD_PRELOAD" + fi + ;; + off) +- export LD_PRELOAD=`echo -n $LD_PRELOAD | sed 's/\/usr\/lib\/libtsocks.so \?//'` ++ export LD_PRELOAD=`echo -n $LD_PRELOAD | sed 's/\/lib\/libtsocks.so \?//'` + if [ -z "$LD_PRELOAD" ] + then + unset LD_PRELOAD +@@ -68,10 +68,10 @@ + *) + if [ -z "$LD_PRELOAD" ] + then +- export LD_PRELOAD="/usr/lib/libtsocks.so" ++ export LD_PRELOAD="/lib/libtsocks.so" + else +- echo $LD_PRELOAD | grep -q "/usr/lib/libtsocks\.so" || \ +- export LD_PRELOAD="/usr/lib/libtsocks.so $LD_PRELOAD" ++ echo $LD_PRELOAD | grep -q "/lib/libtsocks\.so" || \ ++ export LD_PRELOAD="/lib/libtsocks.so $LD_PRELOAD" + fi + + if [ $# = 0 ] +diff -Nru tsocks-1.8.orig/tsocks.8 tsocks-1.8/tsocks.8 +--- tsocks-1.8.orig/tsocks.8 2002-03-16 11:20:51.000000000 +0100 ++++ tsocks-1.8/tsocks.8 2009-06-20 13:56:38.000000000 +0200 +@@ -127,8 +127,8 @@ + libtsocks in /etc/ld.so.preload. Please make sure you correctly enter the + full path to the library in this file if you do this. If you get it wrong, + you will be UNABLE TO DO ANYTHING with the machine and will have to boot +-it with a rescue disk and remove the file (or try the saveme program, see +-the INSTALL file for more info). THIS IS A ***WARNING***, please be ++it with a rescue disk and remove the file (or try the tsocks-saveme program, ++simply unlinks /etc/ld.so.preload ). THIS IS A ***WARNING***, please be + careful. Also be sure the library is in the root filesystem as all hell + will break loose if the directory it is in is not available at boot time. + +diff -Nru tsocks-1.8.orig/tsocks.conf.5 tsocks-1.8/tsocks.conf.5 +--- tsocks-1.8.orig/tsocks.conf.5 2002-05-18 04:13:08.000000000 +0200 ++++ tsocks-1.8/tsocks.conf.5 2009-06-20 13:56:38.000000000 +0200 +@@ -139,21 +139,20 @@ + the version that server supports. + + .TP +-validateconf +-validateconf can be used to verify the configuration file. It checks the format +-of the file and also the contents for errors. Having read the file it dumps +-the configuration to the screen in a formatted, readable manner. This can be +-extremely useful in debugging problems. +- +-validateconf can read a configuration file from a location other than the +-location specified at compile time with the -f <filename> command line +-option. +- +-Normally validateconf simply dumps the configuration read to the screen (in +-a nicely readable format), however it also has a useful 'test' mode. When +-passed a hostname/ip on the command line like -t <hostname/ip>, validateconf +-determines which of the SOCKS servers specified in the configuration file +-would be used by tsocks to access the specified host. ++tsocks-validateconf ++tsocks-validateconf can be used to verify the configuration file. It checks ++the format of the file and also the contents for errors. Having read the file ++it dumps the configuration to the screen in a formatted, readable manner. ++This can be extremely useful in debugging problems. ++ ++tsocks-validateconf can read a configuration file from a location other than the ++location specified at compile time with the -f <filename> command line option. ++ ++Normally tsocks-validateconf simply dumps the configuration read to the screen ++(in a nicely readable format), however it also has a useful 'test' mode. When ++passed a hostname/ip on the command line like -t <hostname/ip>, ++tsocks-validateconf determines which of the SOCKS servers specified in the ++configuration file would be used by tsocks to access the specified host. + + .SH SEE ALSO + tsocks(8) +diff -Nru tsocks-1.8.orig/validateconf.c tsocks-1.8/validateconf.c +--- tsocks-1.8.orig/validateconf.c 2002-02-07 11:49:59.000000000 +0100 ++++ tsocks-1.8/validateconf.c 2009-06-20 13:56:38.000000000 +0200 +@@ -23,7 +23,7 @@ + */ + + /* Global configuration variables */ +-char *progname = "validateconf"; /* Name for error msgs */ ++char *progname = "tsocks-validateconf"; /* Name for error msgs */ + + /* Header Files */ + #include <config.h> diff --git a/net-proxy/tsocks/files/tsocks-1.8_beta5-ld_preload.patch b/net-proxy/tsocks/files/tsocks-1.8_beta5-ld_preload.patch new file mode 100644 index 000000000000..360e5b297fb6 --- /dev/null +++ b/net-proxy/tsocks/files/tsocks-1.8_beta5-ld_preload.patch @@ -0,0 +1,35 @@ +--- tsocks-1.8.orig/tsocks 2002-03-16 11:27:18.000000000 +0100 ++++ tsocks-1.8/tsocks 2009-06-20 13:56:38.000000000 +0200 +@@ -46,14 +46,14 @@ + on) + if [ -z "$LD_PRELOAD" ] + then +- export LD_PRELOAD="/usr/lib/libtsocks.so" ++ export LD_PRELOAD="libtsocks.so" + else +- echo $LD_PRELOAD | grep -q "/usr/lib/libtsocks\.so" || \ +- export LD_PRELOAD="/usr/lib/libtsocks.so $LD_PRELOAD" ++ echo $LD_PRELOAD | grep -q "libtsocks\.so" || \ ++ export LD_PRELOAD="libtsocks.so $LD_PRELOAD" + fi + ;; + off) +- export LD_PRELOAD=`echo -n $LD_PRELOAD | sed 's/\/usr\/lib\/libtsocks.so \?//'` ++ export LD_PRELOAD=`echo -n $LD_PRELOAD | sed 's/libtsocks.so \?//'` + if [ -z "$LD_PRELOAD" ] + then + unset LD_PRELOAD +@@ -68,10 +68,10 @@ + *) + if [ -z "$LD_PRELOAD" ] + then +- export LD_PRELOAD="/usr/lib/libtsocks.so" ++ export LD_PRELOAD="libtsocks.so" + else +- echo $LD_PRELOAD | grep -q "/usr/lib/libtsocks\.so" || \ +- export LD_PRELOAD="/usr/lib/libtsocks.so $LD_PRELOAD" ++ echo $LD_PRELOAD | grep -q "libtsocks\.so" || \ ++ export LD_PRELOAD="libtsocks.so $LD_PRELOAD" + fi + + if [ $# = 0 ] diff --git a/net-proxy/tsocks/files/tsocks-1.8_beta5-poll.patch b/net-proxy/tsocks/files/tsocks-1.8_beta5-poll.patch new file mode 100644 index 000000000000..233539564c61 --- /dev/null +++ b/net-proxy/tsocks/files/tsocks-1.8_beta5-poll.patch @@ -0,0 +1,16 @@ +--- a/tsocks.c ++++ b/tsocks.c +@@ -659,10 +659,11 @@ + * be ready for writing), otherwise we'll just let the select loop + * come around again (since we can't flag it for read, we don't know + * if there is any data to be read and can't be bothered checking) */ +- if (conn->selectevents & WRITE) { +- setevents |= POLLOUT; ++ if (conn->selectevents & POLLOUT) { ++ ufds[i].revents |= POLLOUT; + nevents++; + } ++ ufds[i].events = conn->selectevents; + } + } + } while (nevents == 0); diff --git a/net-proxy/tsocks/files/tsocks-1.8_beta5-rename.patch b/net-proxy/tsocks/files/tsocks-1.8_beta5-rename.patch new file mode 100644 index 000000000000..4962aacd6801 --- /dev/null +++ b/net-proxy/tsocks/files/tsocks-1.8_beta5-rename.patch @@ -0,0 +1,62 @@ +--- tsocks-1.8.orig/validateconf.c 2002-02-07 11:49:59.000000000 +0100 ++++ tsocks-1.8/validateconf.c 2009-06-20 13:56:38.000000000 +0200 +@@ -23,7 +23,7 @@ + */ + + /* Global configuration variables */ +-char *progname = "validateconf"; /* Name for error msgs */ ++char *progname = "tsocks-validateconf"; /* Name for error msgs */ + + /* Header Files */ + #include <config.h> +--- tsocks-1.8.orig/tsocks.8 2002-03-16 11:20:51.000000000 +0100 ++++ tsocks-1.8/tsocks.8 2009-06-20 13:56:38.000000000 +0200 +@@ -127,8 +127,8 @@ + libtsocks in /etc/ld.so.preload. Please make sure you correctly enter the + full path to the library in this file if you do this. If you get it wrong, + you will be UNABLE TO DO ANYTHING with the machine and will have to boot +-it with a rescue disk and remove the file (or try the saveme program, see +-the INSTALL file for more info). THIS IS A ***WARNING***, please be ++it with a rescue disk and remove the file (or try the tsocks-saveme program, ++simply unlinks /etc/ld.so.preload ). THIS IS A ***WARNING***, please be + careful. Also be sure the library is in the root filesystem as all hell + will break loose if the directory it is in is not available at boot time. + +--- tsocks-1.8.orig/tsocks.conf.5 2002-05-18 04:13:08.000000000 +0200 ++++ tsocks-1.8/tsocks.conf.5 2009-06-20 13:56:38.000000000 +0200 +@@ -139,21 +139,20 @@ + the version that server supports. + + .TP +-validateconf +-validateconf can be used to verify the configuration file. It checks the format +-of the file and also the contents for errors. Having read the file it dumps +-the configuration to the screen in a formatted, readable manner. This can be +-extremely useful in debugging problems. +- +-validateconf can read a configuration file from a location other than the +-location specified at compile time with the -f <filename> command line +-option. +- +-Normally validateconf simply dumps the configuration read to the screen (in +-a nicely readable format), however it also has a useful 'test' mode. When +-passed a hostname/ip on the command line like -t <hostname/ip>, validateconf +-determines which of the SOCKS servers specified in the configuration file +-would be used by tsocks to access the specified host. ++tsocks-validateconf ++tsocks-validateconf can be used to verify the configuration file. It checks ++the format of the file and also the contents for errors. Having read the file ++it dumps the configuration to the screen in a formatted, readable manner. ++This can be extremely useful in debugging problems. ++ ++tsocks-validateconf can read a configuration file from a location other than the ++location specified at compile time with the -f <filename> command line option. ++ ++Normally tsocks-validateconf simply dumps the configuration read to the screen ++(in a nicely readable format), however it also has a useful 'test' mode. When ++passed a hostname/ip on the command line like -t <hostname/ip>, ++tsocks-validateconf determines which of the SOCKS servers specified in the ++configuration file would be used by tsocks to access the specified host. + + .SH SEE ALSO + tsocks(8) diff --git a/net-proxy/tsocks/metadata.xml b/net-proxy/tsocks/metadata.xml new file mode 100644 index 000000000000..9c37fc85760d --- /dev/null +++ b/net-proxy/tsocks/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>bircoph@gentoo.org</email> + </maintainer> + <longdescription>tsocks' role is to allow non SOCKS aware applications (e.g telnet, ssh, ftp etc) to use SOCKS +without any modification. It does this by intercepting the calls that applications make to establish network connections +and negotating them through a SOCKS server as necessary.</longdescription> + <use> + <flag name="dns">Force DNS queries to use SOCKS server via tcp</flag> + <flag name="envconf">Allow TSOCKS_CONF_FILE to specify configuration file</flag> + <flag name="server-lookups">Allow hostname resolution _for_ SOCKS servers</flag> + <flag name="tordns">Apply tordns patch which allows transparent TORification of the DNS queries</flag> + </use> + <upstream> + <remote-id type="sourceforge">tsocks</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/tsocks/tsocks-1.8_beta5-r5.ebuild b/net-proxy/tsocks/tsocks-1.8_beta5-r5.ebuild new file mode 100644 index 000000000000..99f72976b173 --- /dev/null +++ b/net-proxy/tsocks/tsocks-1.8_beta5-r5.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit multilib eutils autotools toolchain-funcs + +DESCRIPTION="Transparent SOCKS v4 proxying library" +HOMEPAGE="http://tsocks.sourceforge.net/" +SRC_URI="mirror://sourceforge/tsocks/${PN}-${PV/_}.tar.gz + tordns? ( mirror://gentoo/${PN}-${PV/_beta/b}-tordns1-gentoo-r1.patch.gz )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm ppc ppc64 sparc x86 ~x86-fbsd" +IUSE="tordns" + +S="${WORKDIR}/${P%%_*}" + +src_prepare() { + epatch "${FILESDIR}/${P}-gentoo-r3.patch" + epatch "${FILESDIR}/${P}-bsd.patch" + use tordns && epatch "../${PN}-${PV/_beta/b}-tordns1-gentoo-r1.patch" + eautoreconf +} + +src_configure() { + tc-export CC + + # NOTE: the docs say to install it into /lib. If you put it into + # /usr/lib and add it to /etc/ld.so.preload on many systems /usr isn't + # mounted in time :-( (Ben Lutgens) <lamer@gentoo.org> + econf \ + --with-conf=/etc/socks/tsocks.conf \ + --libdir=/$(get_libdir) +} + +src_compile() { + # Fix QA notice lack of SONAME + emake DYNLIB_FLAGS=-Wl,--soname,libtsocks.so.${PV/_beta*} +} + +src_install() { + emake DESTDIR="${D}" install + newbin validateconf tsocks-validateconf + newbin saveme tsocks-saveme + dobin inspectsocks + insinto /etc/socks + doins tsocks.conf.*.example + dodoc FAQ + use tordns && dodoc README* +} + +pkg_postinst() { + einfo "Make sure you create /etc/socks/tsocks.conf from one of the examples in that directory" + einfo "The following executables have been renamed:" + einfo " /usr/bin/saveme renamed to tsocks-saveme" + einfo " /usr/bin/validateconf renamed to tsocks-validateconf" +} diff --git a/net-proxy/tsocks/tsocks-1.8_beta5-r8.ebuild b/net-proxy/tsocks/tsocks-1.8_beta5-r8.ebuild new file mode 100644 index 000000000000..3ca9b4f92f0b --- /dev/null +++ b/net-proxy/tsocks/tsocks-1.8_beta5-r8.ebuild @@ -0,0 +1,79 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit autotools eutils multilib multilib-minimal toolchain-funcs + +DESCRIPTION="Transparent SOCKS v4 proxying library" +HOMEPAGE="http://tsocks.sourceforge.net/" +SRC_URI="mirror://sourceforge/tsocks/${PN}-${PV/_}.tar.gz + tordns? ( http://dev.gentoo.org/~bircoph/patches/${PN}-${PV/_beta/b}-tordns1-gentoo-r3.patch.xz )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="dns envconf tordns server-lookups" + +REQUIRED_USE=" + dns? ( !tordns !server-lookups ) + tordns? ( !dns !server-lookups ) +" + +S="${WORKDIR}/${P%%_*}" + +src_prepare() { + epatch \ + "${FILESDIR}/${P}-flags.patch" \ + "${FILESDIR}/${P}-ld_preload.patch" \ + "${FILESDIR}/${P}-rename.patch" \ + "${FILESDIR}/${P}-bsd.patch" \ + "${FILESDIR}/${P}-poll.patch" + use tordns && epatch "../${PN}-${PV/_beta/b}-tordns1-gentoo-r3.patch" + + sed -i 's/TSOCKS_CONFFILE/TSOCKS_CONF_FILE/' tsocks.8 || die "sed tsocks.8 failed" + + mv configure.in configure.ac || die + eautoreconf + multilib_copy_sources +} + +multilib_src_configure() { + tc-export CC + + # NOTE: the docs say to install it into /lib. If you put it into + # /usr/lib and add it to /etc/ld.so.preload on many systems /usr isn't + # mounted in time :-( (Ben Lutgens) <lamer@gentoo.org> + econf \ + $(use_enable dns socksdns) \ + $(use_enable envconf) \ + $(use_enable server-lookups hostnames) \ + --with-conf=/etc/socks/tsocks.conf \ + --libdir=/$(get_libdir) +} + +multilib_src_compile() { + # Fix QA notice lack of SONAME + emake DYNLIB_FLAGS=-Wl,--soname,libtsocks.so.${PV/_beta*} +} + +multilib_src_install() { + emake DESTDIR="${D}" install + if multilib_is_native_abi; then + newbin validateconf tsocks-validateconf + newbin saveme tsocks-saveme + dobin inspectsocks + insinto /etc/socks + doins tsocks.conf.*.example + dodoc FAQ + use tordns && dodoc README* + fi +} + +pkg_postinst() { + einfo "Make sure you create /etc/socks/tsocks.conf from one of the examples in that directory" + einfo "The following executables have been renamed:" + einfo " /usr/bin/saveme renamed to tsocks-saveme" + einfo " /usr/bin/validateconf renamed to tsocks-validateconf" +} diff --git a/net-proxy/ufdbguard/Manifest b/net-proxy/ufdbguard/Manifest new file mode 100644 index 000000000000..45c80c87e20d --- /dev/null +++ b/net-proxy/ufdbguard/Manifest @@ -0,0 +1,4 @@ +DIST ufdbGuard-1.24.tar.gz 747635 SHA256 6e5df4ef7f5d13d1ad2a0902449c9909cc013242f3783925800df5011bd3446c +DIST ufdbGuard-1.29.tar.gz 948006 SHA256 f97a683fba5e1867b9bde16d0ec118651b93ae419037d3fad0144c95add8bed6 SHA512 06e286508eba8081aecaa31021f18385f163f87edae90a4b399e0f3ca0d06165f5ac11baa5b615bdaaf9bbc03c107c69103f05761904fc06a0715c8f44abdc58 WHIRLPOOL 84d43ba2b5108acb9fc4ac0013d27c7f47dbb9ad6b7b6277853278b32a9040e0865e897b8bf5a3963216d3303506f90fe0844d9f5b49614154087eb0339f300d +DIST ufdbguard-1.24-manual.pdf 491034 SHA256 7185161d912202510ec1767fc0239f48c2a98f948afb3a207ea55c341e03e459 +DIST ufdbguard-1.29-manual.pdf 513184 SHA256 00b75668ca82037c9be6eab3a83755189890b2a3bb239409db765195f26c2f8b SHA512 9b321202a60428e7962087b19b7e0b72241fdb99d5068e68dceadf3087b85d56e11c80e3a410b101aae35f9f5f179ee0e13053024c29ff0868c39ed645edcbb2 WHIRLPOOL cd1573102abe6b4d359520930491b6a2fbef0601bcdccaaf78adf79bbf570c48bbfa1f0bb5e5e0b9ab9360cc9ca41643e2cbed2140414603bdca7bca32bbecf9 diff --git a/net-proxy/ufdbguard/files/ufdb.confd b/net-proxy/ufdbguard/files/ufdb.confd new file mode 100644 index 000000000000..76f4648948b5 --- /dev/null +++ b/net-proxy/ufdbguard/files/ufdb.confd @@ -0,0 +1,21 @@ +# -*- sh -*- +# $Id$ + +# Tables to re-generate when starting or reloading ufdbguard +UFDB_GT="alwaysallow alwaysdeny" + +# Options passed to ufdbGenTable when generating the tables listed in +# UFDB_GT +GENTABLE_OPTIONS="-W" + +# User under which to run ufdbguard; it should be the same as the +# proxy server you're using, so by default it is squid. +UFDB_USER="squid" + +# Options to pass to ufdbguardd; see /usr/libexec/ufdbguard/ufdbguardd +# -h for a brief list. +UFDB_OPTS="" + +# Options used by the modified ufdbUpdate script in Gentoo +DOWNLOAD_USER="" +DOWNLOAD_PASSWORD="" diff --git a/net-proxy/ufdbguard/files/ufdb.initd b/net-proxy/ufdbguard/files/ufdb.initd new file mode 100644 index 000000000000..88da66136aab --- /dev/null +++ b/net-proxy/ufdbguard/files/ufdb.initd @@ -0,0 +1,83 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +# reconfig is what the upstream documentation suggests, so let's +# provide it for compatibility. +extra_started_commands="reload reconfig" + +depend() { + need net + before squid + use logger +} + +get_config() { + awk '$1 == "'$1'" { print $2 }' "/etc/ufdbGuard.conf" +} + +gentables() { + local dbhome=$(get_config dbhome) + + for gt in ${UFDB_GT} ; do + [ -f "${dbhome}/${gt}/domains" ] || continue + + urls= + [ -f "${dbhome}/${gt}/urls" ] && urls="${dbhome}/${gt}/urls" + + ebegin "Generating domainlist ${gt}" + ufdbGenTable ${GENTABLE_OPTIONS} -t "${gt}" -d "${dbhome}/${gt}/domains" ${urls:+-u "${urls}"} + eend $? + done +} + +start() { + gentables + + local logdir=$(get_config logdir) + + if [ ! -d "${logdir}" ] ; then + mkdir -p ${logdir} + chown -R ${UFDB_USER} ${logdir} + fi + + if [ ! -d /var/run/ufdbguardd ] ; then + mkdir -p /var/run/ufdbguard + chown -R ${UFDB_USER} /var/run/ufdbguard + fi + + ebegin "Starting ufdbGuard" + start-stop-daemon --start \ + --user ${UFDB_USER} \ + --wait 1500 \ + --exec /usr/libexec/ufdbguard/ufdbguardd \ + --pidfile /var/run/ufdbguard/ufdbguardd.pid -- \ + -c /etc/ufdbGuard.conf ${UFDB_OPTS} + eend $? "Failed to start ufdbGuard" +} + +stop() { + ebegin "Stopping ufdbGuard" + start-stop-daemon --stop \ + --exec /usr/libexec/ufdbguard/ufdbguardd \ + --pidfile /var/run/ufdbguard/ufdbguardd.pid + eend $? "Failed to stop ufdbGuard" +} + +reload() { + if ! [ -f /var/run/ufdbguard/ufdbguardd.pid ]; then + eerror "Unable to find PID file for ufdbguardd, was it just started?" + return 1 + fi + + gentables + + ebegin "Reloading ufdbGuard" + kill -HUP "$(cat /var/run/ufdbguard/ufdbguardd.pid)" + eend $? "Failed to reload ufdbGuard" +} + +reconfig() { + reload +} diff --git a/net-proxy/ufdbguard/files/ufdb.initd.2 b/net-proxy/ufdbguard/files/ufdb.initd.2 new file mode 100644 index 000000000000..35bb8cd3d52f --- /dev/null +++ b/net-proxy/ufdbguard/files/ufdb.initd.2 @@ -0,0 +1,68 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +# reconfig is what the upstream documentation suggests, so let's +# provide it for compatibility. +extra_started_commands="reload reconfig" + +: ${configfile:=/etc/ufdbGuard.conf} + +pidfile=/var/run/ufdbguard/ufdbguardd.pid +command=/usr/libexec/ufdbguard/ufdbguardd +command_arguments="-c ${configfile} ${FUDB_OPTS}" + +start_stop_daemon_args="--user ${UFDB_USER} --wait 1500" + +name="ufdbGuard Daemon" + +depend() { + need localmount + before squid + use logger +} + +get_config() { + # Okay this sounds silly, but it is important because the settings + # in ufdbGuard are quoted, so this unquotes them. + eval echo $(awk '$1 == "'$1'" { print $2 }' "${configfile}") +} + +gentables() { + local dbhome=$(get_config dbhome) + + for gt in ${UFDB_GT} ; do + [ -f "${dbhome}/${gt}/domains" ] || continue + + urls= + [ -f "${dbhome}/${gt}/urls" ] && urls="${dbhome}/${gt}/urls" + + ebegin "Generating domainlist ${gt}" + ufdbGenTable ${GENTABLE_OPTIONS} -t "${gt}" -d "${dbhome}/${gt}/domains" ${urls:+-u "${urls}"} + eend $? + done +} + +start_pre() { + gentables + + checkpath -d -m 0755 -o ${UFDB_USER} $(get_config logdir) "$(dirname "${pidfile}")" +} + +reload() { + if ! [ -f ${pidfile} ]; then + eerror "Unable to find PID file for ufdbguardd, was it just started?" + return 1 + fi + + gentables + + ebegin "Reloading ufdbGuard" + kill -HUP "$(cat ${pidfile})" + eend $? "Failed to reload ufdbGuard" +} + +reconfig() { + reload +} diff --git a/net-proxy/ufdbguard/files/ufdbUpdate.cron b/net-proxy/ufdbguard/files/ufdbUpdate.cron new file mode 100644 index 000000000000..3f12de4ef667 --- /dev/null +++ b/net-proxy/ufdbguard/files/ufdbUpdate.cron @@ -0,0 +1,14 @@ +#!/bin/sh +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +# cron.daily file to update the ufdb database + +# Avoid doing anything if no download user is set in the configuration +# file +( . /etc/conf.d/ufdb ; [ -z "${DOWNLOAD_USER}" ]; ) && exit + +/usr/sbin/ufdbUpdate + +/etc/init.d/squid rotate diff --git a/net-proxy/ufdbguard/files/ufdbguard-1.23-parallel-make.patch b/net-proxy/ufdbguard/files/ufdbguard-1.23-parallel-make.patch new file mode 100644 index 000000000000..3f95f2cbb3fa --- /dev/null +++ b/net-proxy/ufdbguard/files/ufdbguard-1.23-parallel-make.patch @@ -0,0 +1,133 @@ +--- a/src/Makefile.in 2010-04-12 04:39:43.000000000 +0200 +--- b/src/Makefile.in 2010-05-07 05:26:03.000000000 +0200 +@@ -135,8 +135,8 @@ + # Dependencies for installing + # + +-daemon: +- cd mtserver; make ++daemon: $(UFDBOBJS) ++ cd mtserver; $(MAKE) + + ufdbhttpd: ufdbhttpd.o httpserver.o ufdbbase.o ufdblib.o sgLog.o crypt.o + $(LINK) ufdbhttpd.o httpserver.o ufdbbase.o ufdblib.o sgLog.o crypt.o $(LIBS) +@@ -235,7 +235,7 @@ + $(RM) $(bindir)/ufdbhttpd + + install.mt:: +- cd mtserver ; make ++ cd mtserver ; $(MAKE) + $(INSTALL_PROGRAM) mtserver/ufdbguardd $(bindir)/ufdbguardd + $(INSTALL_PROGRAM) mtserver/ufdbgclient $(bindir)/ufdbgclient + +@@ -272,8 +272,8 @@ + $(RM) *~ *.bak core core.* *.log *.log.[0-9] *.error + $(RM) *.o y.tab.c y.tab.h ufdbGuard ufdbGenTable ufdbAnalyse ufdbPrintTable ufdbhttpd + $(RM) ipv6 iptst rwtest lex.yy.c +- -@cd mtserver && make clean +- -@cd api 2>/dev/null && make clean ++ -@cd mtserver && $(MAKE) clean ++ -@cd api 2>/dev/null && $(MAKE) clean + + realclean:: clean + @echo making $@ in `basename \`pwd\`` +@@ -286,11 +286,11 @@ + distclean:: realclean + @echo making $@ in `basename \`pwd\`` + $(RM) Makefile sg.h config.h ufdbUpdate ufdbConvertDB ufdbGuard.conf +- -cd mtserver ; make distclean ++ -cd mtserver ; $(MAKE) distclean + + apidistclean: distclean + @echo making $@ in `basename \`pwd\`` +- -cd api ; make distclean ++ -cd api ; $(MAKE) distclean + + grab: ufdbGrab + ./ufdbGrab $(cfgdir) $(logdir) +@@ -532,25 +532,25 @@ + $(CC) --version + + g2953: +- make clean +- CC=/usr/local/gcc/2.95.3/bin/gcc make -e $(MAKEFLAGS) ccversion all ufdbPrintTable ++ $(MAKE) clean ++ CC=/usr/local/gcc/2.95.3/bin/gcc $(MAKE) -e $(MAKEFLAGS) ccversion all ufdbPrintTable + + g344: +- make clean +- CC=/usr/local/gcc/3.4.4/bin/gcc make -e $(MAKEFLAGS) ccversion all ufdbPrintTable ++ $(MAKE) clean ++ CC=/usr/local/gcc/3.4.4/bin/gcc $(MAKE) -e $(MAKEFLAGS) ccversion all ufdbPrintTable + + g401: +- make clean +- CC=/usr/local/gcc/4.0.1/bin/gcc make -e $(MAKEFLAGS) ccversion all ufdbPrintTable ++ $(MAKE) clean ++ CC=/usr/local/gcc/4.0.1/bin/gcc $(MAKE) -e $(MAKEFLAGS) ccversion all ufdbPrintTable + + g411: +- make clean +- CC=/usr/local/gcc/4.1.1/bin/gcc make -e $(MAKEFLAGS) ccversion all ufdbPrintTable ++ $(MAKE) clean ++ CC=/usr/local/gcc/4.1.1/bin/gcc $(MAKE) -e $(MAKEFLAGS) ccversion all ufdbPrintTable + + qinst: + /etc/init.d/squid stop + /etc/init.d/ufdb stop +- make install ++ $(MAKE) install + /etc/init.d/ufdb start + /etc/init.d/squid start + +--- a/src/mtserver/Makefile.in 2010-04-12 02:56:20.000000000 +0200 +--- b/src/mtserver/Makefile.in 2010-05-07 05:26:03.000000000 +0200 +@@ -48,10 +48,10 @@ + $(LINK) ufdbgclient.o -L. -lufdbd $(SOLARIS_LIBS) + + ../lex.yy.o: +- cd .. ; make lex.yy.o ++ cd .. ; $(MAKE) lex.yy.o + + ../y.tab.o: +- cd .. ; make y.tab.o ++ cd .. ; $(MAKE) y.tab.o + + $(MYLIB): ../crypt.o ../lex.yy.o ../sgDiv.o ../sgLog.o ../ufdbLookup.o \ + ../ufdblib.o ../y.tab.o ../ufdbbase.o +@@ -60,7 +60,7 @@ + ../ufdblib.o ../y.tab.o ../ufdbbase.o + + ptmalloc3/libptmalloc3.a: +- cd ptmalloc3 ; make linux-pthread ++ cd ptmalloc3 ; $(MAKE) linux-pthread + + $(MYLIBSSL): ../ufdbchkport.o ../httpsQueue.o ../ufdbHashtable.o + -@rm -f $(MYLIBSSL) +@@ -102,7 +102,7 @@ + ./ufdbgclient -p $(PORT) -l . -d "www.sex.com" 10.1.1.1 kees + + ../../test/blacklist/domains.ufdb: ../../test/blacklist/domains +- cd ../../test ; make blacklist/domains.ufdb ++ cd ../../test ; $(MAKE) blacklist/domains.ufdb + + LEAKOPTS= --leak-check=full --show-reachable=yes + LEAKOPTS= +@@ -382,7 +382,7 @@ + time ./ufdbgclient -p $(PORT) -l . < ../100000 > /dev/null 2>&1 + + tt: +- make tp3 ++ $(MAKE) tp3 + sleep 3 + kill -HUP `ps -ef | grep ufdbguardd | grep -v grep | head -1 | awk '{ print $$2 }'` + +@@ -455,6 +455,6 @@ + + + g411: +- make clean +- CC=/usr/local/gcc/4.1.1/bin/gcc make -e $(MAKEFLAGS) all ++ $(MAKE) clean ++ CC=/usr/local/gcc/4.1.1/bin/gcc $(MAKE) -e $(MAKEFLAGS) all + diff --git a/net-proxy/ufdbguard/files/ufdbguard-1.24-gentoo.patch b/net-proxy/ufdbguard/files/ufdbguard-1.24-gentoo.patch new file mode 100644 index 000000000000..63da98175a0e --- /dev/null +++ b/net-proxy/ufdbguard/files/ufdbguard-1.24-gentoo.patch @@ -0,0 +1,13 @@ +Index: ufdbGuard-1.24/src/ufdbUpdate.in +=================================================================== +--- ufdbGuard-1.24.orig/src/ufdbUpdate.in ++++ ufdbGuard-1.24/src/ufdbUpdate.in +@@ -39,6 +39,8 @@ WGET_COMMAND="@WGET@" + NOTIFY_UFDBGUARDD="yes" # send HUP signal to ufdbguardd + SYSLOG_FACILITY="local6" # errors/warnings in system log have this facility name + ++source /etc/conf.d/ufdb ++ + # end of user settings. + # DO NOT EDIT ANYTHING BELOW THIS LINE. ######################################## + diff --git a/net-proxy/ufdbguard/files/ufdbguard-1.29-parallel-make.patch b/net-proxy/ufdbguard/files/ufdbguard-1.29-parallel-make.patch new file mode 100644 index 000000000000..61ef58030dab --- /dev/null +++ b/net-proxy/ufdbguard/files/ufdbguard-1.29-parallel-make.patch @@ -0,0 +1,132 @@ +--- a/src/Makefile.in 2010-04-12 04:39:43.000000000 +0200 +--- b/src/Makefile.in 2010-05-07 05:26:03.000000000 +0200 +@@ -135,8 +135,8 @@ + # Dependencies for installing + # + +-daemon: +- cd mtserver; make ++daemon: $(UFDBOBJS) ++ cd mtserver; $(MAKE) + + ufdbhttpd: ufdbhttpd.o httpserver.o ufdbbase.o ufdblib.o sgLog.o crypt.o + $(LINK) ufdbhttpd.o httpserver.o ufdbbase.o ufdblib.o sgLog.o crypt.o $(LIBS) +@@ -235,6 +235,6 @@ + $(RM) $(bindir)/ufdbhttpd + + install.mt:: +- cd mtserver ; make ++ cd mtserver ; $(MAKE) + $(INSTALL_PROGRAM) mtserver/ufdbguardd $(bindir)/ufdbguardd + $(INSTALL_PROGRAM) mtserver/ufdbgclient $(bindir)/ufdbgclient +@@ -272,8 +272,8 @@ + $(RM) *~ *.bak core core.* *.log *.log.[0-9] *.error + $(RM) *.o y.tab.c y.tab.h ufdbGuard ufdbGenTable ufdbAnalyse ufdbPrintTable ufdbhttpd + $(RM) ipv6 iptst rwtest lex.yy.c +- -@cd mtserver && make clean +- -@cd api 2>/dev/null && make clean ++ -@cd mtserver && $(MAKE) clean ++ -@cd api 2>/dev/null && $(MAKE) clean + + realclean:: clean + @echo making $@ in `basename \`pwd\`` +@@ -286,11 +286,11 @@ + distclean:: realclean + @echo making $@ in `basename \`pwd\`` + $(RM) Makefile sg.h config.h ufdbUpdate ufdbConvertDB ufdbGuard.conf +- -cd mtserver ; make distclean ++ -cd mtserver ; $(MAKE) distclean + + apidistclean: distclean + @echo making $@ in `basename \`pwd\`` +- -cd api ; make distclean ++ -cd api ; $(MAKE) distclean + + grab: ufdbGrab + ./ufdbGrab $(cfgdir) $(logdir) +@@ -532,25 +532,25 @@ + $(CC) --version + + g2953: +- make clean +- CC=/usr/local/gcc/2.95.3/bin/gcc make -e $(MAKEFLAGS) ccversion all ufdbPrintTable ++ $(MAKE) clean ++ CC=/usr/local/gcc/2.95.3/bin/gcc $(MAKE) -e $(MAKEFLAGS) ccversion all ufdbPrintTable + + g344: +- make clean +- CC=/usr/local/gcc/3.4.4/bin/gcc make -e $(MAKEFLAGS) ccversion all ufdbPrintTable ++ $(MAKE) clean ++ CC=/usr/local/gcc/3.4.4/bin/gcc $(MAKE) -e $(MAKEFLAGS) ccversion all ufdbPrintTable + + g401: +- make clean +- CC=/usr/local/gcc/4.0.1/bin/gcc make -e $(MAKEFLAGS) ccversion all ufdbPrintTable ++ $(MAKE) clean ++ CC=/usr/local/gcc/4.0.1/bin/gcc $(MAKE) -e $(MAKEFLAGS) ccversion all ufdbPrintTable + + g411: +- make clean +- CC=/usr/local/gcc/4.1.1/bin/gcc make -e $(MAKEFLAGS) ccversion all ufdbPrintTable ++ $(MAKE) clean ++ CC=/usr/local/gcc/4.1.1/bin/gcc $(MAKE) -e $(MAKEFLAGS) ccversion all ufdbPrintTable + + qinst: + /etc/init.d/squid stop + /etc/init.d/ufdb stop +- make install ++ $(MAKE) install + /etc/init.d/ufdb start + /etc/init.d/squid start + +--- a/src/mtserver/Makefile.in 2010-04-12 02:56:20.000000000 +0200 +--- b/src/mtserver/Makefile.in 2010-05-07 05:26:03.000000000 +0200 +@@ -48,10 +48,10 @@ + $(LINK) ufdbgclient.o -L. -lufdbd $(SOLARIS_LIBS) + + ../lex.yy.o: +- cd .. ; make lex.yy.o ++ cd .. ; $(MAKE) lex.yy.o + + ../y.tab.o: +- cd .. ; make y.tab.o ++ cd .. ; $(MAKE) y.tab.o + + $(MYLIB): ../crypt.o ../lex.yy.o ../sgDiv.o ../sgLog.o ../ufdbLookup.o \ + ../ufdblib.o ../y.tab.o ../ufdbbase.o +@@ -60,7 +60,7 @@ + ../ufdblib.o ../y.tab.o ../ufdbbase.o + + ptmalloc3/libptmalloc3.a: +- cd ptmalloc3 ; make linux-pthread ++ cd ptmalloc3 ; $(MAKE) linux-pthread + + $(MYLIBSSL): ../ufdbchkport.o ../httpsQueue.o ../ufdbHashtable.o + -@rm -f $(MYLIBSSL) +@@ -102,7 +102,7 @@ + ./ufdbgclient -p $(PORT) -l . -d "www.sex.com" 10.1.1.1 kees + + ../../test/blacklist/domains.ufdb: ../../test/blacklist/domains +- cd ../../test ; make blacklist/domains.ufdb ++ cd ../../test ; $(MAKE) blacklist/domains.ufdb + + LEAKOPTS= --leak-check=full --show-reachable=yes + LEAKOPTS= +@@ -382,7 +382,7 @@ + time ./ufdbgclient -p $(PORT) -l . < ../100000 > /dev/null 2>&1 + + tt: +- make tp3 ++ $(MAKE) tp3 + sleep 3 + kill -HUP `ps -ef | grep ufdbguardd | grep -v grep | head -1 | awk '{ print $$2 }'` + +@@ -455,6 +455,6 @@ + + + g411: +- make clean +- CC=/usr/local/gcc/4.1.1/bin/gcc make -e $(MAKEFLAGS) all ++ $(MAKE) clean ++ CC=/usr/local/gcc/4.1.1/bin/gcc $(MAKE) -e $(MAKEFLAGS) all + diff --git a/net-proxy/ufdbguard/metadata.xml b/net-proxy/ufdbguard/metadata.xml new file mode 100644 index 000000000000..b560f890b75d --- /dev/null +++ b/net-proxy/ufdbguard/metadata.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>flameeyes@gentoo.org</email> + </maintainer> + <longdescription> + The fastest URL filter with 25,000 URL verifications/sec to filter + unwanted web content. ufdbGuard is a redirector for the Squid + internet proxy. + </longdescription> + <use> + <flag name="httpd"> + Build, install and start the provided mini-http daemon with the + redirect CGI integrated. Since there is no way to tell ufdbguard + to not start it, this is a build-time option. + </flag> + <flag name="doc"> + Download and install the ufdbguard reference manual in PDF. + </flag> + </use> + <upstream> + <remote-id type="sourceforge">ufdbguard</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/ufdbguard/ufdbguard-1.24-r1.ebuild b/net-proxy/ufdbguard/ufdbguard-1.24-r1.ebuild new file mode 100644 index 000000000000..483d900f449b --- /dev/null +++ b/net-proxy/ufdbguard/ufdbguard-1.24-r1.ebuild @@ -0,0 +1,132 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="2" + +inherit eutils user + +MY_P="ufdbGuard-${PV}" + +DESCRIPTION="ufdbGuard is a redirector for the Squid internet proxy" +HOMEPAGE="http://www.urlfilterdb.com/en/products/ufdbguard.html" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz + doc? ( mirror://sourceforge/${PN}/ReferenceManual_v${PV/\./_}.pdf -> ${P}-manual.pdf )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 x86" +IUSE="+httpd doc" + +RDEPEND="dev-libs/openssl + app-arch/bzip2 + net-misc/wget" + +DEPEND="${RDEPEND} + sys-devel/bison + sys-devel/flex" + +RDEPEND="${RDEPEND} + sys-apps/openrc" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + enewgroup squid + enewuser squid -1 -1 /var/cache/squid squid +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-1.23-parallel-make.patch + epatch "${FILESDIR}"/${P}-gentoo.patch + + egrep -r -e '/var/tmp/ufdb(guard|http)d.pid' "${S}" -lZ | xargs -0 \ + sed -i -e 's:/var/tmp/ufdb\(guard\|http\)d.pid:/var/run/ufdbguard/ufdb\1d.pid:' \ + || die + + # directory where ufdbhttpd is to be found + sed -i -e 's:DEFAULT_BINDIR.*:DEFAULT_BINDIR "/usr/libexec/ufdbguard":' \ + src/ufdb.h.in || die +} + +src_configure() { + econf \ + --with-ufdb-user=squid \ + --with-ufdb-config=/etc \ + --with-ufdb-logdir=/var/log/ufdbguard \ + --with-ufdb-dbhome=/usr/share/ufdbguard/blacklists \ + --with-ufdb-images_dir=/usr/share/ufdbguard/images +} + +src_install() { + dodoc CHANGELOG INSTALL README src/sampleufdbGuard.conf || die + doman doc/*.1 || die + + dobin src/ufdbAnalyse src/ufdbGenTable src/ufdbGrab \ + src/ufdbConvertDB || die + dosbin src/ufdbUpdate || die + + exeinto /usr/libexec/ufdbguard + doexe src/mtserver/ufdbguardd src/mtserver/ufdbgclient || die + + if use httpd; then + exeinto /usr/libexec/ufdbguard + doexe src/ufdbhttpd || die + fi + + keepdir /usr/share/ufdbguard/blacklists + + insinto /etc + doins src/ufdbGuard.conf || die + + insinto /usr/share/ufdbguard/images + doins src/images/* || die + + newconfd "${FILESDIR}"/ufdb.confd ufdb || die + newinitd "${FILESDIR}"/ufdb.initd ufdb || die + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/ufdbUpdate.cron ufdbUpdate || die + + if use doc; then + insinto /usr/share/doc/${PF} + newins "${DISTDIR}"/${P}-manual.pdf ReferenceManual.pdf || die + fi +} + +pkg_postinst() { + elog "The default location for the blacklist database has been" + elog "moved to /usr/share/ufdbguard/blacklists." + elog "" + elog "The configuration file is no longer configurable in the" + elog "service file, and now resides at /etc/ufdbGuard.conf ." + elog "" + elog "The service script has been renamed from ufdbguad to simply" + elog "/etc/init.d/ufdb, to follow the official documentation, and" + elog "it gained a reload option with a reconfig alias." + elog "" + elog "You can configure the username and password parameters for" + elog "ufdbUpdate, to fetch the blacklist database provided by" + elog "URLfilterDB, directly in /etc/conf.d/ufdb without touching" + elog "the script itself." + elog "" + elog "To enable ufdbguard in squid, you should add this to your" + elog "squid.conf:" + elog "" + elog " url_rewrite_program /usr/libexec/ufdbguard/ufdbgclient -l /var/log/ufdbguard" + elog " url_rewrite_children 64" + elog "" + if ! use httpd; then + elog "You chose to not install the lightweight http daemon that" + elog "comes with ufdbguard." + else + elog "The ufdb service will start both the ufdbguardd daemon and" + elog "the ufdbhttpd http daemon to provide a local redirect CGI." + elog "If you don't want this to happen, disable the httpd USE flag." + fi + if use doc; then + elog "" + elog "The reference manual has been installed as" + elog " /usr/share/doc/${PF}/ReferenceManual.pdf" + fi +} diff --git a/net-proxy/ufdbguard/ufdbguard-1.29.ebuild b/net-proxy/ufdbguard/ufdbguard-1.29.ebuild new file mode 100644 index 000000000000..4b553452454d --- /dev/null +++ b/net-proxy/ufdbguard/ufdbguard-1.29.ebuild @@ -0,0 +1,136 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="4" + +inherit eutils flag-o-matic user + +MY_P="ufdbGuard-${PV}" + +DESCRIPTION="ufdbGuard is a redirector for the Squid internet proxy" +HOMEPAGE="http://www.urlfilterdb.com/en/products/ufdbguard.html" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz + doc? ( mirror://sourceforge/${PN}/ReferenceManual_v${PV/\./_}.pdf -> ${P}-manual.pdf )" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+httpd doc" + +RDEPEND="dev-libs/openssl + app-arch/bzip2 + net-misc/wget" + +DEPEND="${RDEPEND} + sys-devel/bison + sys-devel/flex" + +RDEPEND="${RDEPEND} + sys-apps/openrc" + +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + enewgroup squid + enewuser squid -1 -1 /var/cache/squid squid +} + +src_prepare() { + epatch "${FILESDIR}"/${PN}-1.29-parallel-make.patch + epatch "${FILESDIR}"/${PN}-1.24-gentoo.patch + + egrep -r -e '/var/tmp/ufdb(guard|http)d.pid' "${S}" -lZ | xargs -0 \ + sed -i -e 's:/var/tmp/ufdb\(guard\|http\)d.pid:/var/run/ufdbguard/ufdb\1d.pid:' \ + || die + + # directory where ufdbhttpd is to be found + sed -i -e 's:DEFAULT_BINDIR.*:DEFAULT_BINDIR "/usr/libexec/ufdbguard":' \ + src/ufdb.h.in || die +} + +src_configure() { + # better safe than sorry, the code has a number of possible + # breakage, and at least one certain breakage. + append-flags -fno-strict-aliasing + + econf \ + --with-ufdb-user=squid \ + --with-ufdb-config=/etc \ + --with-ufdb-logdir=/var/log/ufdbguard \ + --with-ufdb-dbhome=/usr/share/ufdbguard/blacklists \ + --with-ufdb-images_dir=/usr/share/ufdbguard/images +} + +src_install() { + dodoc CHANGELOG INSTALL README src/sampleufdbGuard.conf + doman doc/*.1 + + dobin src/ufdbAnalyse src/ufdbGenTable src/ufdbGrab \ + src/ufdbConvertDB + dosbin src/ufdbUpdate + + exeinto /usr/libexec/ufdbguard + doexe src/mtserver/ufdbguardd src/mtserver/ufdbgclient + + if use httpd; then + exeinto /usr/libexec/ufdbguard + doexe src/ufdbhttpd + fi + + keepdir /usr/share/ufdbguard/blacklists + + insinto /etc + doins src/ufdbGuard.conf + + insinto /usr/share/ufdbguard/images + doins src/images/* + + newconfd "${FILESDIR}"/ufdb.confd ufdb + newinitd "${FILESDIR}"/ufdb.initd.2 ufdb + + exeinto /etc/cron.daily + newexe "${FILESDIR}"/ufdbUpdate.cron ufdbUpdate + + if use doc; then + insinto /usr/share/doc/${PF} + newins "${DISTDIR}"/${P}-manual.pdf ReferenceManual.pdf + fi +} + +pkg_postinst() { + elog "The default location for the blacklist database has been" + elog "moved to /usr/share/ufdbguard/blacklists." + elog "" + elog "The configuration file is no longer configurable in the" + elog "service file, and now resides at /etc/ufdbGuard.conf ." + elog "" + elog "The service script has been renamed from ufdbguad to simply" + elog "/etc/init.d/ufdb, to follow the official documentation, and" + elog "it gained a reload option with a reconfig alias." + elog "" + elog "You can configure the username and password parameters for" + elog "ufdbUpdate, to fetch the blacklist database provided by" + elog "URLfilterDB, directly in /etc/conf.d/ufdb without touching" + elog "the script itself." + elog "" + elog "To enable ufdbguard in squid, you should add this to your" + elog "squid.conf:" + elog "" + elog " url_rewrite_program /usr/libexec/ufdbguard/ufdbgclient -l /var/log/ufdbguard" + elog " url_rewrite_children 64" + elog "" + if ! use httpd; then + elog "You chose to not install the lightweight http daemon that" + elog "comes with ufdbguard." + else + elog "The ufdb service will start both the ufdbguardd daemon and" + elog "the ufdbhttpd http daemon to provide a local redirect CGI." + elog "If you don't want this to happen, disable the httpd USE flag." + fi + if use doc; then + elog "" + elog "The reference manual has been installed as" + elog " /usr/share/doc/${PF}/ReferenceManual.pdf" + fi +} diff --git a/net-proxy/webscarab/Manifest b/net-proxy/webscarab/Manifest new file mode 100644 index 000000000000..0046b0db706e --- /dev/null +++ b/net-proxy/webscarab/Manifest @@ -0,0 +1 @@ +DIST webscarab-selfcontained-20070504-1631.jar 3024410 SHA256 dd76a05452e5b8d2b78500715851610ae5f320724cc41f79e28f1808e19df509 diff --git a/net-proxy/webscarab/files/webscarab.sh b/net-proxy/webscarab/files/webscarab.sh new file mode 100644 index 000000000000..f056097623f9 --- /dev/null +++ b/net-proxy/webscarab/files/webscarab.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +exec java -jar /usr/lib/webscarab.jar diff --git a/net-proxy/webscarab/metadata.xml b/net-proxy/webscarab/metadata.xml new file mode 100644 index 000000000000..062081473866 --- /dev/null +++ b/net-proxy/webscarab/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription>WebScarab is designed to be a tool for anyone who needs to expose the workings +of an HTTP(S) based application, whether to allow the developer to debug otherwise difficult problems +or to allow a security specialist to identify vulnerabilities in the way that the application has been +designed or implemented.</longdescription> + <upstream> + <remote-id type="sourceforge">owasp</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/webscarab/webscarab-20070504.ebuild b/net-proxy/webscarab/webscarab-20070504.ebuild new file mode 100644 index 000000000000..9b94106f456b --- /dev/null +++ b/net-proxy/webscarab/webscarab-20070504.ebuild @@ -0,0 +1,26 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +inherit multilib + +DESCRIPTION="A framework for analysing applications that communicate using the HTTP and HTTPS protocols" +HOMEPAGE="https://www.owasp.org/index.php/Webscarab" +SRC_URI="mirror://sourceforge/owasp/${PN}-selfcontained-${PV}-1631.jar" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~ppc x86" +IUSE="" + +RDEPEND=">=virtual/jre-1.5" + +src_unpack() { + : # Nothing to unpack +} + +src_install() { + newbin "${FILESDIR}/${PN}.sh" "${PN}" || die "dobin failed" + insinto /usr/$(get_libdir) + newins "${DISTDIR}/${A}" "${PN}.jar" || die "failed to install jar archive" +} diff --git a/net-proxy/wwwoffle/Manifest b/net-proxy/wwwoffle/Manifest new file mode 100644 index 000000000000..ef4f69ade2fe --- /dev/null +++ b/net-proxy/wwwoffle/Manifest @@ -0,0 +1 @@ +DIST wwwoffle-2.9i.tgz 1113771 SHA256 e6341a4ec2631dc22fd5209c7e5ffe628a5832ad191d444c56aebc3837eed2ae SHA512 c9e9d67df9a0e40b584916857221a9a728f36a677cba28527f8c2febea1a23379d3b112d96723bf01ec1718a0897d8980715864ac7ef898b2585dd3f01d9a456 WHIRLPOOL 21e66a08e4da68e612a6cde4c1355cef46d2dfdce5cb8d0e3170709ee5abc2d5b3fb91d89581185f131995c38591cf98b25dfb2075f36099b6b2f183358d42e1 diff --git a/net-proxy/wwwoffle/files/wwwoffle-2.9i-define.patch b/net-proxy/wwwoffle/files/wwwoffle-2.9i-define.patch new file mode 100644 index 000000000000..3bcc10d761e6 --- /dev/null +++ b/net-proxy/wwwoffle/files/wwwoffle-2.9i-define.patch @@ -0,0 +1,20 @@ +--- a/src/wwwoffled.c ++++ b/src/wwwoffled.c +@@ -15,6 +15,7 @@ + + #include "autoconfig.h" + ++#define _GNU_SOURCE + #include <stdio.h> + #include <stdlib.h> + #include <string.h> +--- a/src/cgi.c ++++ b/src/cgi.c +@@ -16,6 +16,7 @@ + + #include "autoconfig.h" + ++#define _GNU_SOURCE + #include <stdio.h> + #include <stdlib.h> + #include <string.h> diff --git a/net-proxy/wwwoffle/files/wwwoffle-online.confd b/net-proxy/wwwoffle/files/wwwoffle-online.confd new file mode 100644 index 000000000000..db8979c209c2 --- /dev/null +++ b/net-proxy/wwwoffle/files/wwwoffle-online.confd @@ -0,0 +1,10 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +# Enter the interface that connects you to the outside world +# This will correspond to /etc/wwwoffle/init.d/net.${IFACE} + +# IMPORTANT: Be sure to run depscan.sh after modifiying IFACE + +#IFACE=ppp0 diff --git a/net-proxy/wwwoffle/files/wwwoffle-online.initd b/net-proxy/wwwoffle/files/wwwoffle-online.initd new file mode 100644 index 000000000000..780708a5ea6a --- /dev/null +++ b/net-proxy/wwwoffle/files/wwwoffle-online.initd @@ -0,0 +1,30 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need wwwoffled + use dns + + if [ -n ${IFACE} ]; + then + need net.${IFACE} + else + ewarn "No IFACE is defined in /etc/conf.d/wwwoffle-online" + need net + fi +} + +start() { + ebegin "Starting wwwoffled-online" + wwwoffle -online -c /etc/wwwoffle/wwwoffle.conf + wwwoffle -fetch -c /etc/wwwoffle/wwwoffle.conf & > /dev/null 2>&1 + eend $? +} + +stop() { + ebegin "Stopping wwwoffled-online" + wwwoffle -offline -c /etc/wwwoffle/wwwoffle.conf + eend $? +} diff --git a/net-proxy/wwwoffle/files/wwwoffle.initd b/net-proxy/wwwoffle/files/wwwoffle.initd new file mode 100644 index 000000000000..8aa6e104036d --- /dev/null +++ b/net-proxy/wwwoffle/files/wwwoffle.initd @@ -0,0 +1,21 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need localmount +} + +start() { + ebegin "Starting wwwoffled" + start-stop-daemon --start --quiet --exec /usr/sbin/wwwoffled \ + -u wwwoffle -- -c /etc/wwwoffle/wwwoffle.conf 2>&1 + eend $? +} + +stop() { + ebegin "Stopping wwwoffled" + start-stop-daemon --stop --quiet --name wwwoffled + eend $? +} diff --git a/net-proxy/wwwoffle/metadata.xml b/net-proxy/wwwoffle/metadata.xml new file mode 100644 index 000000000000..a4e7c219354f --- /dev/null +++ b/net-proxy/wwwoffle/metadata.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<maintainer><email>maintainer-needed@gentoo.org</email></maintainer> +<longdescription>The wwwoffled program is a simple proxy server with special features for use +with dial-up internet links. This means that it is possible to browse web pages and read them +without having to remain connected. +</longdescription> +</pkgmetadata> diff --git a/net-proxy/wwwoffle/wwwoffle-2.9i.ebuild b/net-proxy/wwwoffle/wwwoffle-2.9i.ebuild new file mode 100644 index 000000000000..18b187a62da7 --- /dev/null +++ b/net-proxy/wwwoffle/wwwoffle-2.9i.ebuild @@ -0,0 +1,107 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=4 +inherit eutils user + +DESCRIPTION="Web caching proxy suitable for non-permanent Internet connections" +HOMEPAGE="http://www.gedanken.org.uk/software/wwwoffle/" +SRC_URI="http://www.gedanken.org.uk/software/${PN}/download/${P}.tgz" + +KEYWORDS="amd64 ppc ppc64 sparc x86" +SLOT="0" +LICENSE="GPL-2" +IUSE="gnutls ipv6 zlib" + +RDEPEND="gnutls? ( net-libs/gnutls ) + zlib? ( sys-libs/zlib )" +DEPEND="dev-lang/perl + sys-devel/flex + ${RDEPEND}" + +# Unsure whether to depend on >=www-misc/htdig-3.1.6-r4 or not + +src_prepare() { + epatch "${FILESDIR}"/${PN}-2.9i-define.patch + sed -i cache/Makefile.in \ + -e 's#$(TAR) xpf #$(TAR) --no-same-owner -xpf #' \ + || die +} + +src_configure() { + econf \ + $(use_with gnutls) \ + $(use_with ipv6) \ + $(use_with zlib) +} + +src_install() { + default + + # documentation fix + # del empty doc dirs + rmdir "${D}/usr/doc/${PN}"/{it,nl,ru} || die + dodir /usr/share/doc + mv "${D}/usr/doc/${PN}" "${D}/usr/share/doc/${PF}" || die + rmdir "${D}/usr/doc" || die + + # install the wwwoffled init script + newinitd "${FILESDIR}/${PN}.initd" wwwoffled + newinitd "${FILESDIR}/${PN}-online.initd" wwwoffled-online + newconfd "${FILESDIR}/${PN}-online.confd" wwwoffled-online + + keepdir /var/spool/wwwoffle/{http,outgoing,monitor,lasttime,lastout,local} + for number in 1 2 3 4 5 6 7 8 9; do + keepdir "/var/spool/wwwoffle/prevtime${number}" "/var/spool/wwwoffle/prevout${number}" + done + + # empty dirs are removed during update + keepdir \ + /var/spool/wwwoffle/search/{mnogosearch/db,htdig/tmp,htdig/db-lasttime,htdig/db,namazu/db} + + touch \ + "${D}/var/spool/wwwoffle/search/htdig/wwwoffle-htdig.log" \ + "${D}/var/spool/wwwoffle/search/mnogosearch/wwwoffle-mnogosearch.log" \ + "${D}/var/spool/wwwoffle/search/namazu/wwwoffle-namazu.log" + + # TODO htdig indexing as part of initscripts + + # robots.txt modification - /var/spool/wwwoffle/html/en + # - remove Disallow: /index + sed -i -e "s|Disallow:.*/index|#Disallow: /index|" "${D}/var/spool/wwwoffle/html/en/robots.txt" +} + +pkg_preinst() { + # Add a wwwoffle user + enewgroup wwwoffle + enewuser wwwoffle -1 -1 /var/spool/wwwoffle wwwoffle + + # Changing the user:group to wwwoffle:woffle + fowners -R wwwoffle:wwwoffle /var/spool/wwwoffle /etc/wwwoffle + sed -i -e 's/^[# \t]\(run-[gu]id[ \t]*=[ \t]*\)[a-zA-Z0-9]*[ \t]*$/ \1wwwoffle/g' \ + "${D}/etc/wwwoffle/wwwoffle.conf" + +} + +pkg_postinst() { + # fix permissions for those upgrading + for number in 1 2 3 4 5 6 7 8 9; + do + [ ! -d "${ROOT}/var/spool/wwwoffle/prevtime${number}" ] && \ + keepdir "${ROOT}/var/spool/wwwoffle/prevtime${number}" + [ ! -d "${ROOT}/var/spool/wwwoffle/prevout${number}" ] && \ + keepdir "${ROOT}/var/spool/wwwoffle/prevout${number}" + done + chown -R wwwoffle:wwwoffle "${ROOT}/var/spool/wwwoffle" "${ROOT}/etc/wwwoffle" + + [ -f "${T}/stopped" ] && \ + ewarn "wwwoffled was stopped. /etc/init.d/wwwoffled start to restart AFTER etc-update" + + einfo "wwwoffled should run as an ordinary user now. The run-uid and run-gid should be set" + einfo "to \"wwwoffle\" in your /etc/wwwoffle/wwwoffle.conf. Please uncomment this if it hasn't been already" + + einfo "This is for your own security. Otherwise wwwoffle is run as root which is relay bad if" + einfo "there is an exploit in this program that allows remote/local users to execute arbitary" + einfo "commands as the root user." +} diff --git a/net-proxy/ziproxy/Manifest b/net-proxy/ziproxy/Manifest new file mode 100644 index 000000000000..51d1a3bf0b72 --- /dev/null +++ b/net-proxy/ziproxy/Manifest @@ -0,0 +1 @@ +DIST ziproxy-3.3.1.tar.xz 205972 SHA256 358396f5b5c469be15b0c43cae9d40a183072d0b9a35621ed8ff22a0bedb2206 SHA512 bff87a63320e721091ccdcdbe409f59db7f7f681ee8b7f093f18f3c0391579a25b9a8daf6ccfea4d94384142247ce36cfaec68d294b2a23caa56ede436da2d87 WHIRLPOOL b57da63dd76fb39461c1ed9959fe022c662c2309a1735ac0e0bb517420c93682fcb7a72a7c1507c1cf689d051a2fd89748c776ae45a476b25dfa93c5e755c93e diff --git a/net-proxy/ziproxy/files/ziproxy-3.1.3-libpng15.patch b/net-proxy/ziproxy/files/ziproxy-3.1.3-libpng15.patch new file mode 100644 index 000000000000..148a513e6f7d --- /dev/null +++ b/net-proxy/ziproxy/files/ziproxy-3.1.3-libpng15.patch @@ -0,0 +1,20 @@ +--- src/image.c ++++ src/image.c +@@ -17,6 +17,8 @@ + #include <stdlib.h> + #include <assert.h> + ++#include <zlib.h> ++ + #include <gif_lib.h> + + #include <jpeglib.h> +@@ -515,7 +517,7 @@ + bmp = new_raw_bitmap(); + *out = bmp; + +- png_set_read_fn (png_ptr, (voidp) &desc, mem_to_png); ++ png_set_read_fn (png_ptr, (png_voidp) &desc, mem_to_png); + + png_read_info (png_ptr,info_ptr); + png_get_IHDR (png_ptr, info_ptr, &width_png_uint_32, &height_png_uint_32, diff --git a/net-proxy/ziproxy/files/ziproxy.confd b/net-proxy/ziproxy/files/ziproxy.confd new file mode 100644 index 000000000000..9a4a12137c6a --- /dev/null +++ b/net-proxy/ziproxy/files/ziproxy.confd @@ -0,0 +1,18 @@ +# configuraton file for /etc/init.d/ziproxy +# +# you can symlink /etc/init.d/ziproxy to a different name +# and then copy this config to a new file with the same name +# as the symlinked init-script to run multiple instances of +# ziproxy. You have to change the location for CONFIG then +# of course... ;-) + +# Full path to ziproxy.conf file (instead of default one). +# +#CONFIG="/etc/ziproxy/ziproxy.conf" + +# Limit incoming connections only from the specified address(es). +# This option has the same meaning, but higher precedence as +# "OnlyFrom=" option in configuration file. Uncomment it +# if you want to set it. +# +#ONLYFROM="<IP.address or hostname>" diff --git a/net-proxy/ziproxy/files/ziproxy.initd b/net-proxy/ziproxy/files/ziproxy.initd new file mode 100644 index 000000000000..6b0cb89bce32 --- /dev/null +++ b/net-proxy/ziproxy/files/ziproxy.initd @@ -0,0 +1,26 @@ +#!/sbin/runscript +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +start() { + local OPT="-d" + ebegin "Starting ${SVCNAME}" + + [ -n "${CONFIG}" ] && OPT="${OPT} -c ${CONFIG}" + [ -n "${ONLYFROM}" ] && OPT="${OPT} -f ${ONLYFROM}" + + start-stop-daemon --start --pidfile /var/run/${SVCNAME}.pid \ + --chuid ziproxy:ziproxy --exec /usr/sbin/ziproxy -- ${OPT} > /var/run/${SVCNAME}.pid + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --quiet --pidfile /var/run/${SVCNAME}.pid + eend $? +} diff --git a/net-proxy/ziproxy/files/ziproxy.initd-r1 b/net-proxy/ziproxy/files/ziproxy.initd-r1 new file mode 100644 index 000000000000..dae95513ea70 --- /dev/null +++ b/net-proxy/ziproxy/files/ziproxy.initd-r1 @@ -0,0 +1,26 @@ +#!/sbin/runscript +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need net +} + +start() { + local OPT="-d" + ebegin "Starting ${SVCNAME}" + + [ -n "${CONFIG}" ] && OPT="${OPT} -c ${CONFIG}" + [ -n "${ONLYFROM}" ] && OPT="${OPT} -f ${ONLYFROM}" + + start-stop-daemon --start \ + --exec /usr/sbin/ziproxy -- ${OPT} -u ziproxy -g ziproxy -p /var/run/${SVCNAME}.pid + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --quiet --pidfile /var/run/${SVCNAME}.pid + eend $? +} diff --git a/net-proxy/ziproxy/metadata.xml b/net-proxy/ziproxy/metadata.xml new file mode 100644 index 000000000000..5f2f1284808a --- /dev/null +++ b/net-proxy/ziproxy/metadata.xml @@ -0,0 +1,15 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>maintainer-needed@gentoo.org</email> + </maintainer> + <longdescription lang="en"> + Ziproxy is a http compression and optimizer, non-caching, fully configurable + proxy. Ziproxy features JPEG, GIF, PNG, JPEG2k and GZIP recompression for + lower HTTP traffic through low speed links, among other features. + </longdescription> + <upstream> + <remote-id type="sourceforge">ziproxy</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-proxy/ziproxy/ziproxy-3.3.1.ebuild b/net-proxy/ziproxy/ziproxy-3.3.1.ebuild new file mode 100644 index 000000000000..56c5c78c93a3 --- /dev/null +++ b/net-proxy/ziproxy/ziproxy-3.3.1.ebuild @@ -0,0 +1,84 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit user + +DESCRIPTION="A forwarding, non-caching, compressing web proxy server" +HOMEPAGE="http://ziproxy.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" +IUSE="jpeg2k sasl xinetd" + +RDEPEND=" + media-libs/giflib + media-libs/libpng:0= + virtual/jpeg + sys-libs/zlib + jpeg2k? ( media-libs/jasper ) + sasl? ( dev-libs/cyrus-sasl ) + xinetd? ( virtual/inetd ) +" +DEPEND="${RDEPEND} + app-arch/xz-utils +" + +pkg_setup() { + enewgroup ziproxy + enewuser ziproxy -1 -1 -1 ziproxy +} + +src_prepare() { + # fix sample config file + sed -i \ + -e "s:/var/ziproxy/:/var/lib/ziproxy/:g" \ + -e "s:%j-%Y.log:/var/log/ziproxy/%j-%Y.log:g" \ + etc/ziproxy/ziproxy.conf || die + + # fix sample xinetd config + sed -i \ + -e "s:/usr/bin/:/usr/sbin/:g" \ + -e "s:\(.*port.*\):\1\n\ttype\t\t\t= UNLISTED:g" \ + -e "s:root:ziproxy:g" \ + etc/xinetd.d/ziproxy || die +} + +src_configure() { + econf \ + $(use_with jpeg2k jasper) \ + $(use_with sasl sasl2) \ + --with-cfgfile=/etc/ziproxy/ziproxy.conf +} + +src_install() { + emake DESTDIR="${D}" install + + dodir /usr/sbin + mv -vf "${D}"usr/{,s}bin/ziproxy || die + + dobin src/tools/ziproxy_genhtml_stats.sh + + newinitd "${FILESDIR}"/${PN}.initd-r1 ${PN} + newconfd "${FILESDIR}"/${PN}.confd ${PN} + + dodoc ChangeLog CREDITS README README.tools + use jpeg2k && dodoc JPEG2000.txt + + insinto /etc + doins -r etc/ziproxy + + insinto /var/lib/ziproxy/error + doins var/ziproxy/error/*.html + + if use xinetd; then + insinto /etc/xinetd.d + doins etc/xinetd.d/ziproxy + fi + + diropts -m0750 -o ziproxy -g ziproxy + keepdir /var/log/ziproxy +} |