diff options
-rw-r--r-- | www-proxy/squid/ChangeLog | 8 | ||||
-rw-r--r-- | www-proxy/squid/Manifest | 31 | ||||
-rw-r--r-- | www-proxy/squid/files/digest-squid-2.5.8 | 2 | ||||
-rw-r--r-- | www-proxy/squid/files/squid-2.5.8-gentoo.diff | 453 | ||||
-rw-r--r-- | www-proxy/squid/metadata.xml | 4 | ||||
-rw-r--r-- | www-proxy/squid/squid-2.5.8.ebuild | 187 |
6 files changed, 675 insertions, 10 deletions
diff --git a/www-proxy/squid/ChangeLog b/www-proxy/squid/ChangeLog index 3dcd83dbbff3..88fdab7939cb 100644 --- a/www-proxy/squid/ChangeLog +++ b/www-proxy/squid/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for www-proxy/squid # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/ChangeLog,v 1.30 2005/02/09 12:55:38 cyfred Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/ChangeLog,v 1.31 2005/02/15 21:13:52 mrness Exp $ + +*squid-2.5.8 (15 Feb 2005) + + 15 Feb 2005; Alin Nastac <mrness@gentoo.org> metadata.xml, + +files/squid-2.5.8-gentoo.diff, +squid-2.5.8.ebuild: + Security bump for bug #81997. *squid-2.5.7-r6 (09 Feb 2005) diff --git a/www-proxy/squid/Manifest b/www-proxy/squid/Manifest index ecb2ac260ab2..92fa61b79603 100644 --- a/www-proxy/squid/Manifest +++ b/www-proxy/squid/Manifest @@ -1,20 +1,33 @@ -MD5 b825fdf022d114e512592d4c3120728d ChangeLog 13181 -MD5 d7dd06078d4f3a44b46709294cc7bc21 metadata.xml 249 -MD5 09369b2d9c6744fe160586802c49a8f7 squid-2.4.7.ebuild 4000 +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + MD5 4d6e594d3261b3e09b9db1fab876f19c squid-2.5.5-r3.ebuild 5383 -MD5 b46ea7149fc841baaf04b3ce91859024 squid-2.5.6-r3.ebuild 5805 MD5 f0556ae57a1b49d2c59645362ea9412e squid-2.5.7-r6.ebuild 5822 +MD5 86fd385bcb143cf17596a8377efc84ce squid-2.5.8.ebuild 5899 +MD5 09369b2d9c6744fe160586802c49a8f7 squid-2.4.7.ebuild 4000 +MD5 b46ea7149fc841baaf04b3ce91859024 squid-2.5.6-r3.ebuild 5805 +MD5 b7a76d2ef375990dbb2bd1290b6cfb34 ChangeLog 13358 +MD5 015856500e29bd67a96d4e264e3ac29f metadata.xml 336 +MD5 60b9ab4d53c4485a214baa7c8f9a2cc0 files/squid-2.4.7-gentoo.diff 1828 +MD5 a188814c2113dcd28c55672dbe58df8c files/squid-2.5.5-ntml-auth-fix.patch 2354 MD5 45bf3c4b37515fe4da4ed6d39904132d files/digest-squid-2.5.5-r3 147 MD5 c3cb57db464a884a63d0c53ceb38331b files/digest-squid-2.5.6-r3 156 MD5 5c71681960446a71b628cf4c4c6cd195 files/digest-squid-2.5.7-r6 156 -MD5 626914d5b07105602773bf8a1534a3ae files/squid-2.4.7-debian.diff 12078 -MD5 60b9ab4d53c4485a214baa7c8f9a2cc0 files/squid-2.4.7-gentoo.diff 1828 -MD5 0c7867dce4b8bef078a93bf717196b0e files/squid-2.5.3-gentoo.diff 11534 +MD5 e4e44e57aa7d93849649c3ceb67a3a65 files/squid.confd 437 MD5 77aec5b95dd4600de8621d925d2997e4 files/squid-2.5.7-gentoo.diff 16834 +MD5 0c7867dce4b8bef078a93bf717196b0e files/squid-2.5.3-gentoo.diff 11534 +MD5 626914d5b07105602773bf8a1534a3ae files/squid-2.4.7-debian.diff 12078 MD5 6f30a7f5c48ec35a7044acb189c858c5 files/squid-r1.cron 133 -MD5 e4e44e57aa7d93849649c3ceb67a3a65 files/squid.confd 437 +MD5 c3048f19a1c725e2c53f86640b752382 files/squid-2.5.8-gentoo.diff 17233 MD5 bea1d2ef8cb2f1590f89bf37f28b9268 files/squid.pam 505 MD5 20bbd41f88ddbcbe57380697c2675862 files/squid.rc6 1980 -MD5 a188814c2113dcd28c55672dbe58df8c files/squid-2.5.5-ntml-auth-fix.patch 2354 MD5 26a4ab522a2469f805f746bcdbe0109c files/squid-2.5.6-ufs-no-valid-dir.patch 566 MD5 4995c4c8c3365f121620ea78d6ca8794 files/digest-squid-2.4.7 222 +MD5 b1028824f46381ebe326b5faf0e06d35 files/digest-squid-2.5.8 155 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.2.6 (GNU/Linux) + +iD8DBQFCEmYbjiC39V7gKu0RAsYKAJwO2kgD5eaA9VxGb6kkRtP0viTBoACeNtSy +zHcdl4mk+B8xBDt5VV5L6N4= +=T908 +-----END PGP SIGNATURE----- diff --git a/www-proxy/squid/files/digest-squid-2.5.8 b/www-proxy/squid/files/digest-squid-2.5.8 new file mode 100644 index 000000000000..ba76ca7b4637 --- /dev/null +++ b/www-proxy/squid/files/digest-squid-2.5.8 @@ -0,0 +1,2 @@ +MD5 687db8c5f0fec3798dbc77f94340b185 squid-2.5.STABLE8.tar.bz2 1057299 +MD5 0b89a0dc22c34350fd2349f580433b53 squid-2.5.STABLE8-patches-20050215.tar.gz 4222 diff --git a/www-proxy/squid/files/squid-2.5.8-gentoo.diff b/www-proxy/squid/files/squid-2.5.8-gentoo.diff new file mode 100644 index 000000000000..38baf525a555 --- /dev/null +++ b/www-proxy/squid/files/squid-2.5.8-gentoo.diff @@ -0,0 +1,453 @@ +diff -uNr squid-2.5.STABLE8.orig/errors/Makefile.in squid-2.5.STABLE8/errors/Makefile.in +--- squid-2.5.STABLE8.orig/errors/Makefile.in 2004-07-10 15:11:41.000000000 +0300 ++++ squid-2.5.STABLE8/errors/Makefile.in 2005-02-15 22:52:28.576794400 +0200 +@@ -118,7 +118,7 @@ + install_sh = @install_sh@ + makesnmplib = @makesnmplib@ + +-errordir = $(datadir)/errors ++errordir = $(libexecdir)/errors + + DEFAULT_ERROR_DIR = $(errordir) + +diff -uNr squid-2.5.STABLE8.orig/helpers/basic_auth/SMB/Makefile.in squid-2.5.STABLE8/helpers/basic_auth/SMB/Makefile.in +--- squid-2.5.STABLE8.orig/helpers/basic_auth/SMB/Makefile.in 2004-07-10 15:11:41.000000000 +0300 ++++ squid-2.5.STABLE8/helpers/basic_auth/SMB/Makefile.in 2005-02-15 22:52:28.576794400 +0200 +@@ -128,7 +128,7 @@ + makesnmplib = @makesnmplib@ + + SMB_AUTH_HELPER = smb_auth.sh +-SAMBAPREFIX = /usr/local/samba ++SAMBAPREFIX = /usr + SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) + + libexec_SCRIPTS = $(SMB_AUTH_HELPER) +diff -uNr squid-2.5.STABLE8.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.5.STABLE8/helpers/basic_auth/SMB/smb_auth.sh +--- squid-2.5.STABLE8.orig/helpers/basic_auth/SMB/smb_auth.sh 2001-01-08 01:36:46.000000000 +0200 ++++ squid-2.5.STABLE8/helpers/basic_auth/SMB/smb_auth.sh 2005-02-15 22:52:28.577794248 +0200 +@@ -24,7 +24,7 @@ + read AUTHSHARE + read AUTHFILE + read SMBUSER +-read SMBPASS ++read -r SMBPASS + + # Find domain controller + echo "Domain name: $DOMAINNAME" +@@ -47,7 +47,7 @@ + addropt="" + fi + echo "Query address options: $addropt" +-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` ++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` + echo "Domain controller IP address: $dcip" + [ -n "$dcip" ] || exit 1 + +diff -uNr squid-2.5.STABLE8.orig/icons/Makefile.in squid-2.5.STABLE8/icons/Makefile.in +--- squid-2.5.STABLE8.orig/icons/Makefile.in 2004-07-10 15:11:47.000000000 +0300 ++++ squid-2.5.STABLE8/icons/Makefile.in 2005-02-15 22:52:28.577794248 +0200 +@@ -146,7 +146,7 @@ + anthony-xpm.gif + + +-icondir = $(datadir)/icons ++icondir = $(libexecdir)/icons + icon_DATA = $(ICON1) $(ICON2) + EXTRA_DIST = $(ICON1) $(ICON2) icons.shar + DISTCLEANFILES = +diff -uNr squid-2.5.STABLE8.orig/snmplib/snmp_api.c squid-2.5.STABLE8/snmplib/snmp_api.c +--- squid-2.5.STABLE8.orig/snmplib/snmp_api.c 2002-02-13 03:43:43.000000000 +0200 ++++ squid-2.5.STABLE8/snmplib/snmp_api.c 2005-02-15 22:52:28.617788168 +0200 +@@ -121,7 +121,7 @@ + } + + /* +- * Parses the packet recieved on the input session, and places the data into ++ * Parses the packet received on the input session, and places the data into + * the input pdu. length is the length of the input packet. If any errors + * are encountered, NULL is returned. If not, the community is. + */ +diff -uNr squid-2.5.STABLE8.orig/src/Makefile.in squid-2.5.STABLE8/src/Makefile.in +--- squid-2.5.STABLE8.orig/src/Makefile.in 2004-09-26 00:37:59.000000000 +0300 ++++ squid-2.5.STABLE8/src/Makefile.in 2005-02-15 22:52:28.579793944 +0200 +@@ -376,18 +376,18 @@ + DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf + DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf + DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'` +-DEFAULT_LOG_PREFIX = $(localstatedir)/logs +-DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log +-DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log +-DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log +-DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid +-DEFAULT_SWAP_DIR = $(localstatedir)/cache ++DEFAULT_LOG_PREFIX = $(localstatedir)/log ++DEFAULT_CACHE_LOG = $(localstatedir)/log/squid/cache.log ++DEFAULT_ACCESS_LOG = $(localstatedir)/log/squid/access.log ++DEFAULT_STORE_LOG = $(localstatedir)/log/squid/store.log ++DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid ++DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid + DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'` +-DEFAULT_ICON_DIR = $(datadir)/icons +-DEFAULT_ERROR_DIR = $(datadir)/errors/@ERR_DEFAULT_LANGUAGE@ +-DEFAULT_MIB_PATH = $(datadir)/mib.txt ++DEFAULT_ICON_DIR = $(libexecdir)/icons ++DEFAULT_ERROR_DIR = $(sysconfdir)/errors ++DEFAULT_MIB_PATH = $(libexecdir)/mib.txt + + DEFS = @DEFS@ -DDEFAULT_CONFIG_FILE=\"$(DEFAULT_CONFIG_FILE)\" + +@@ -838,12 +838,12 @@ + uninstall-info-am: + install-dataDATA: $(data_DATA) + @$(NORMAL_INSTALL) +- $(mkinstalldirs) $(DESTDIR)$(datadir) ++ $(mkinstalldirs) $(DESTDIR)$(libexecdir) + @list='$(data_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f="`echo $$p | sed -e 's|^.*/||'`"; \ +- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(datadir)/$$f"; \ +- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(datadir)/$$f; \ ++ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(libexecdir)/$$f"; \ ++ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(libexecdir)/$$f; \ + done + + uninstall-dataDATA: +diff -uNr squid-2.5.STABLE8.orig/src/auth/digest/auth_digest.c squid-2.5.STABLE8/src/auth/digest/auth_digest.c +--- squid-2.5.STABLE8.orig/src/auth/digest/auth_digest.c 2004-08-29 01:31:15.000000000 +0300 ++++ squid-2.5.STABLE8/src/auth/digest/auth_digest.c 2005-02-15 22:52:28.618788016 +0200 +@@ -1252,7 +1252,7 @@ + nonce = authenticateDigestNonceFindNonce(digest_request->nonceb64); + if (!nonce) { + /* we couldn't find a matching nonce! */ +- debug(29, 4) ("authenticateDigestDecode: Unexpected or invalid nonce recieved\n"); ++ debug(29, 4) ("authenticateDigestDecode: Unexpected or invalid nonce received\n"); + authDigestLogUsername(auth_user_request, username); + + /* we don't need the scheme specific data anymore */ +@@ -1266,8 +1266,8 @@ + /* check the qop is what we expected. Note that for compatability with + * RFC 2069 we should support a missing qop. Tough. */ + if (!digest_request->qop || strcmp(digest_request->qop, QOP_AUTH)) { +- /* we recieved a qop option we didn't send */ +- debug(29, 4) ("authenticateDigestDecode: Invalid qop option recieved\n"); ++ /* we received a qop option we didn't send */ ++ debug(29, 4) ("authenticateDigestDecode: Invalid qop option received\n"); + authDigestLogUsername(auth_user_request, username); + + /* we don't need the scheme specific data anymore */ +diff -uNr squid-2.5.STABLE8.orig/src/auth/ntlm/auth_ntlm.c squid-2.5.STABLE8/src/auth/ntlm/auth_ntlm.c +--- squid-2.5.STABLE8.orig/src/auth/ntlm/auth_ntlm.c 2005-02-04 01:22:12.000000000 +0200 ++++ squid-2.5.STABLE8/src/auth/ntlm/auth_ntlm.c 2005-02-15 22:52:28.620787712 +0200 +@@ -950,7 +950,7 @@ + } + switch (ntlm_request->auth_state) { + case AUTHENTICATE_STATE_NONE: +- /* we've recieved a negotiate request. pass to a helper */ ++ /* we've received a negotiate request. pass to a helper */ + debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm none. %s\n", proxy_auth); + ntlm_request->auth_state = AUTHENTICATE_STATE_NEGOTIATE; + ntlm_request->ntlmnegotiate = xstrdup(proxy_auth); +@@ -969,7 +969,7 @@ + return; + break; + case AUTHENTICATE_STATE_CHALLENGE: +- /* we should have recieved a NTLM challenge. pass it to the same ++ /* we should have received a NTLM challenge. pass it to the same + * helper process */ + debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state challenge with header %s.\n", proxy_auth); + /* do a cache lookup here. If it matches it's a successful ntlm +diff -uNr squid-2.5.STABLE8.orig/src/cf.data.pre squid-2.5.STABLE8/src/cf.data.pre +--- squid-2.5.STABLE8.orig/src/cf.data.pre 2005-02-10 12:07:05.000000000 +0200 ++++ squid-2.5.STABLE8/src/cf.data.pre 2005-02-15 22:52:28.622787408 +0200 +@@ -156,12 +156,12 @@ + NAME: htcp_port + IFDEF: USE_HTCP + TYPE: ushort +-DEFAULT: 4827 ++DEFAULT: 0 + LOC: Config.Port.htcp + DOC_START + The port number where Squid sends and receives HTCP queries to +- and from neighbor caches. Default is 4827. To disable use +- "0". ++ and from neighbor caches. To turn it on you want to set it to ++ 4827. By default it is set to "0" (disabled). + DOC_END + + +@@ -2100,7 +2100,7 @@ + # acls. + + acl aclname rep_mime_type mime-type1 ... +- # regex match against the mime type of the reply recieved by ++ # regex match against the mime type of the reply received by + # squid. Can be used to detect file download or some + # types HTTP tunelling requests. + # NOTE: This has no effect in http_access rules. It only has +@@ -2140,6 +2140,8 @@ + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT ++acl purge method PURGE + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -2173,6 +2175,9 @@ + # Only allow cachemgr access from localhost + http_access allow manager localhost + http_access deny manager ++# Only allow purge requests from localhost ++http_access allow purge localhost ++http_access deny purge + # Deny requests to unknown ports + http_access deny !Safe_ports + # Deny CONNECT to other than SSL ports +@@ -2191,6 +2196,9 @@ + #acl our_networks src 192.168.1.0/24 192.168.2.0/24 + #http_access allow our_networks + ++# Allow the localhost to have access by default ++http_access allow localhost ++ + # And finally deny all other access to this proxy + http_access deny all + NOCOMMENT_END +@@ -2388,7 +2396,7 @@ + DOC_START + This option specifies the maximum size of a reply body in bytes. + It can be used to prevent users from downloading very large files, +- such as MP3's and movies. When the reply headers are recieved, ++ such as MP3's and movies. When the reply headers are received, + the reply_body_max_size lines are processed, and the first line with + a result of "allow" is used as the maximum body size for this reply. + This size is checked twice. First when we get the reply headers, +@@ -2415,7 +2423,7 @@ + + NAME: cache_mgr + TYPE: string +-DEFAULT: webmaster ++DEFAULT: root + LOC: Config.adminEmail + DOC_START + Email-address of local cache manager who will receive +@@ -2425,7 +2433,7 @@ + + NAME: cache_effective_user + TYPE: string +-DEFAULT: nobody ++DEFAULT: squid + LOC: Config.effectiveUser + DOC_START + If you start Squid as root, it will change its effective/real +@@ -2440,7 +2448,7 @@ + + NAME: cache_effective_group + TYPE: string +-DEFAULT: none ++DEFAULT: squid + LOC: Config.effectiveGroup + DOC_START + If you want Squid to run with a specific GID regardless of +@@ -2592,7 +2600,7 @@ + DOC_START + If you are running Squid as an accelerator and have a single backend + server set this to on. This causes Squid to forward the request +- to this server, regardles of what any redirectors or Host headers ++ to this server, regardless of what any redirectors or Host headers + say. + + Leave this at off if you have multiple backend servers, and use a +@@ -3229,7 +3237,11 @@ + If you wish to create your own versions of the default + (English) error files, either to customize them to suit your + language or company copy the template English files to another +- directory and point this tag at them. ++ directory where the error files are read from. ++ /usr/lib/squid/errors contains sets of error files ++ in different languages. The default error directory ++ is /etc/squid/errors, which is a link to one of these ++ error sets. + DOC_END + + NAME: maximum_single_addr_tries +@@ -3252,12 +3264,15 @@ + NAME: snmp_port + TYPE: ushort + LOC: Config.Port.snmp +-DEFAULT: 3401 ++DEFAULT: 0 + IFDEF: SQUID_SNMP + DOC_START + Squid can now serve statistics and status information via SNMP. + By default it listens to port 3401 on the machine. If you don't + wish to use SNMP, set this to "0". ++ ++ Note: on Gentoo Linux, the default is zero - you need to ++ set it to 3401 to enable it. + DOC_END + + NAME: snmp_access +diff -uNr squid-2.5.STABLE8.orig/src/debug.c squid-2.5.STABLE8/src/debug.c +--- squid-2.5.STABLE8.orig/src/debug.c 2001-12-17 20:01:54.000000000 +0200 ++++ squid-2.5.STABLE8/src/debug.c 2005-02-15 22:52:28.580793792 +0200 +@@ -200,9 +200,9 @@ + } + debugOpenLog(logfile); + +-#if HAVE_SYSLOG && defined(LOG_LOCAL4) ++#if HAVE_SYSLOG + if (opt_syslog_enable) +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + #endif /* HAVE_SYSLOG */ + + } +diff -uNr squid-2.5.STABLE8.orig/src/defines.h squid-2.5.STABLE8/src/defines.h +--- squid-2.5.STABLE8.orig/src/defines.h 2002-08-08 23:17:39.000000000 +0300 ++++ squid-2.5.STABLE8/src/defines.h 2005-02-15 22:52:28.580793792 +0200 +@@ -219,7 +219,7 @@ + + /* were to look for errors if config path fails */ + #ifndef DEFAULT_SQUID_ERROR_DIR +-#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors" ++#define DEFAULT_SQUID_ERROR_DIR "/usr/lib/squid/errors/English" + #endif + + /* gb_type operations */ +diff -uNr squid-2.5.STABLE8.orig/src/delay_pools.c squid-2.5.STABLE8/src/delay_pools.c +--- squid-2.5.STABLE8.orig/src/delay_pools.c 2003-06-19 02:53:35.000000000 +0300 ++++ squid-2.5.STABLE8/src/delay_pools.c 2005-02-15 22:52:28.624787104 +0200 +@@ -609,7 +609,7 @@ + } + + /* +- * this records actual bytes recieved. always recorded, even if the ++ * this records actual bytes received. always recorded, even if the + * class is disabled - it's more efficient to just do it than to do all + * the checks. + */ +diff -uNr squid-2.5.STABLE8.orig/src/main.c squid-2.5.STABLE8/src/main.c +--- squid-2.5.STABLE8.orig/src/main.c 2004-12-28 14:54:35.000000000 +0200 ++++ squid-2.5.STABLE8/src/main.c 2005-02-15 22:52:28.613788776 +0200 +@@ -326,6 +326,21 @@ + asnFreeMemory(); + } + ++#if USE_UNLINKD ++static int ++needUnlinkd(void) ++{ ++ int i; ++ int r = 0; ++ for (i = 0; i < Config.cacheSwap.n_configured; i++) { ++ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 || ++ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0) ++ r++; ++ } ++ return r; ++} ++#endif ++ + static void + mainReconfigure(void) + { +@@ -351,6 +366,7 @@ + redirectShutdown(); + authenticateShutdown(); + externalAclShutdown(); ++ unlinkdClose(); + storeDirCloseSwapLogs(); + storeLogClose(); + accessLogClose(); +@@ -381,6 +397,9 @@ + #if USE_WCCP + wccpInit(); + #endif ++#if USE_UNLINKD ++ if (needUnlinkd()) unlinkdInit(); ++#endif + serverConnectionsOpen(); + if (theOutIcpConnection >= 0) { + if (!Config2.Accel.on || Config.onoff.accel_with_proxy) +@@ -524,7 +543,7 @@ + + if (!configured_once) { + #if USE_UNLINKD +- unlinkdInit(); ++ if (needUnlinkd()) unlinkdInit(); + #endif + urlInitialize(); + cachemgrInit(); +@@ -857,7 +876,7 @@ + int nullfd; + if (*(argv[0]) == '(') + return; +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); + else if (pid > 0) +@@ -891,14 +910,14 @@ + mainStartScript(argv[0]); + if ((pid = fork()) == 0) { + /* child */ +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + prog = xstrdup(argv[0]); + argv[0] = xstrdup("(squid)"); + execvp(prog, argv); + syslog(LOG_ALERT, "execvp failed: %s", xstrerror()); + } + /* parent */ +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid); + time(&start); + squid_signal(SIGINT, SIG_IGN, SA_RESTART); +diff -uNr squid-2.5.STABLE8.orig/src/mib.txt squid-2.5.STABLE8/src/mib.txt +--- squid-2.5.STABLE8.orig/src/mib.txt 2004-06-01 01:39:00.000000000 +0300 ++++ squid-2.5.STABLE8/src/mib.txt 2005-02-15 22:52:28.623787256 +0200 +@@ -290,7 +290,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " Number of HTTP KB's recieved " ++ " Number of HTTP KB's received " + ::= { cacheProtoAggregateStats 4 } + + cacheHttpOutKb OBJECT-TYPE +@@ -330,7 +330,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " Number of ICP KB's recieved " ++ " Number of ICP KB's received " + ::= { cacheProtoAggregateStats 9 } + + cacheServerRequests OBJECT-TYPE +@@ -354,7 +354,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " KB's of traffic recieved from servers " ++ " KB's of traffic received from servers " + ::= { cacheProtoAggregateStats 12 } + + cacheServerOutKb OBJECT-TYPE +diff -uNr squid-2.5.STABLE8.orig/src/url.c squid-2.5.STABLE8/src/url.c +--- squid-2.5.STABLE8.orig/src/url.c 2003-01-18 16:16:49.000000000 +0200 ++++ squid-2.5.STABLE8/src/url.c 2005-02-15 22:52:28.614788624 +0200 +@@ -312,8 +312,8 @@ + return NULL; + } + #endif +- if (Config.appendDomain && !strchr(host, '.')) +- strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN); ++ if (Config.appendDomain && !strchr(host, '.') && strcasecmp(host, "localhost") != 0) ++ strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN); + /* remove trailing dots from hostnames */ + while ((l = strlen(host)) > 0 && host[--l] == '.') + host[l] = '\0'; diff --git a/www-proxy/squid/metadata.xml b/www-proxy/squid/metadata.xml index 3dec35759a0d..503c533b840a 100644 --- a/www-proxy/squid/metadata.xml +++ b/www-proxy/squid/metadata.xml @@ -6,4 +6,8 @@ <email>cyfred@gentoo.org</email> <name>Andrew Bevitt</name> </maintainer> +<maintainer> + <email>mrness@gentoo.org</email> + <name>Alin Nastac</name> +</maintainer> </pkgmetadata> diff --git a/www-proxy/squid/squid-2.5.8.ebuild b/www-proxy/squid/squid-2.5.8.ebuild new file mode 100644 index 000000000000..30ce39152c8c --- /dev/null +++ b/www-proxy/squid/squid-2.5.8.ebuild @@ -0,0 +1,187 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/squid-2.5.8.ebuild,v 1.1 2005/02/15 21:13:52 mrness Exp $ + +inherit eutils + +#lame archive versioning scheme.. +S_PV=${PV%.*} +S_PL=${PV##*.} +S_PP=${PN}-${S_PV}.STABLE${S_PL} +PATCH_VERSION="20050215" + +DESCRIPTION="A caching web proxy, with advanced features" +HOMEPAGE="http://www.squid-cache.org/" + +S=${WORKDIR}/${S_PP} +SRC_URI="ftp://ftp.squid-cache.org/pub/squid-2/STABLE/${S_PP}.tar.bz2 + mirror://gentoo/squid-2.5.STABLE8-patches-${PATCH_VERSION}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc x86 ~mips" +IUSE="pam ldap ssl sasl snmp debug uclibc selinux underscores" + +RDEPEND="virtual/libc + pam? ( >=sys-libs/pam-0.75 ) + ldap? ( >=net-nds/openldap-2.1.26 ) + ssl? ( >=dev-libs/openssl-0.9.6m ) + sasl? ( >=dev-libs/cyrus-sasl-1.5.27 ) + selinux? ( sec-policy/selinux-squid )" +DEPEND="${RDEPEND} dev-lang/perl" + +src_unpack() { + unpack ${A} || die "unpack failed" + cd ${S} || die "dir ${S} not found" + + #do NOT just remove this patch. yes, it's here for a reason. + #woodchip@gentoo.org (07 Nov 2002) + patch -p1 <${FILESDIR}/squid-${PV}-gentoo.diff || die "failed to apply squid-{PV}-gentoo.diff" + + # Do bulk patching from squids bug fix list for stable 6 see #57081 + EPATCH_SUFFIX="patch" epatch ${WORKDIR}/patch + + #hmm #10865 + cd helpers/external_acl/ldap_group + cp Makefile.in Makefile.in.orig + sed -e 's%^\(LINK =.*\)\(-o.*\)%\1\$(XTRA_LIBS) \2%' \ + Makefile.in.orig > Makefile.in + + if ! use debug + then + cd ${S} + mv configure.in configure.in.orig + sed -e 's%LDFLAGS="-g"%LDFLAGS=""%' configure.in.orig > configure.in + export WANT_AUTOCONF=2.1 + autoconf || die "autoconf failed" + fi +} + +src_compile() { + # Support for uclibc #61175 + if use uclibc; then + local basic_modules="getpwnam,NCSA,SMB,MSNT,multi-domain-NTLM,winbind" + else + local basic_modules="getpwnam,YP,NCSA,SMB,MSNT,multi-domain-NTLM,winbind" + fi + + use ldap && basic_modules="LDAP,${basic_modules}" + use pam && basic_modules="PAM,${basic_modules}" + use sasl && basic_modules="SASL,${basic_modules}" + # SASL 1 / 2 Supported Natively + + local ext_helpers="ip_user,unix_group,wbinfo_group,winbind_group" + use ldap && ext_helpers="ldap_group,${ext_helpers}" + + local myconf="" + use snmp && myconf="${myconf} --enable-snmp" || myconf="${myconf} --disable-snmp" + use ssl && myconf="${myconf} --enable-ssl" || myconf="${myconf} --disable-ssl" + + use amd64 && myconf="${myconf} --disable-internal-dns " + + if use underscores; then + ewarn "Enabling underscores in domain names will result in dns resolution" + ewarn "failure if your local DNS client (probably bind) is not compatible." + myconf="${myconf} --enable-underscores" + fi + + # Support for uclibc #61175 + if use uclibc; then + myconf="${myconf} --enable-storeio='ufs,diskd,aufs,null' " + myconf="${myconf} --disable-async-io " + else + myconf="${myconf} --enable-storeio='ufs,diskd,coss,aufs,null' " + myconf="${myconf} --enable-async-io " + fi + + ./configure \ + --prefix=/usr \ + --bindir=/usr/bin \ + --exec-prefix=/usr \ + --sbindir=/usr/sbin \ + --localstatedir=/var \ + --mandir=/usr/share/man \ + --sysconfdir=/etc/squid \ + --libexecdir=/usr/lib/squid \ + \ + --enable-auth="basic,digest,ntlm" \ + --enable-removal-policies="lru,heap" \ + --enable-digest-auth-helpers="password" \ + --enable-basic-auth-helpers=${basic_modules} \ + --enable-external-acl-helpers=${ext_helpers} \ + --enable-ntlm-auth-helpers="SMB,fakeauth,no_check,winbind" \ + --enable-linux-netfilter \ + --enable-ident-lookups \ + --enable-useragent-log \ + --enable-cache-digests \ + --enable-delay-pools \ + --enable-referer-log \ + --enable-truncate \ + --enable-arp-acl \ + --with-pthreads \ + --enable-htcp \ + --enable-carp \ + --enable-poll \ + --host=${CHOST} ${myconf} || die "bad ./configure" + #--enable-icmp + + mv include/autoconf.h include/autoconf.h.orig + sed -e "s:^#define SQUID_MAXFD.*:#define SQUID_MAXFD 8192:" \ + include/autoconf.h.orig > include/autoconf.h + +# if [ "${ARCH}" = "hppa" ] +# then +# mv include/autoconf.h include/autoconf.h.orig +# sed -e "s:^#define HAVE_MALLOPT 1:#undef HAVE_MALLOPT:" \ +# include/autoconf.h.orig > include/autoconf.h +# fi + + emake || die "compile problem" +} + +src_install() { + make DESTDIR=${D} install || die + + #--enable-icmp + #make -C src install-pinger libexecdir=${D}/usr/lib/squid || die + #chown root:squid ${D}/usr/lib/squid/pinger + #chmod 4750 ${D}/usr/lib/squid/pinger + + #need suid root for looking into /etc/shadow + chown root:squid ${D}/usr/lib/squid/ncsa_auth + chown root:squid ${D}/usr/lib/squid/pam_auth + chmod 4750 ${D}/usr/lib/squid/ncsa_auth + chmod 4750 ${D}/usr/lib/squid/pam_auth + + #some clean ups + rm -rf ${D}/var + mv ${D}/usr/bin/Run* ${D}/usr/lib/squid + + #simply switch this symlink to choose the desired language.. + dosym /usr/lib/squid/errors/English /etc/squid/errors + + dodoc CONTRIBUTORS COPYING COPYRIGHT CREDITS \ + ChangeLog QUICKSTART SPONSORS doc/*.txt \ + helpers/ntlm_auth/no_check/README.no_check_ntlm_auth + newdoc helpers/basic_auth/SMB/README README.auth_smb + dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html + newdoc helpers/basic_auth/LDAP/README README.auth_ldap + doman helpers/basic_auth/LDAP/*.8 + dodoc helpers/basic_auth/SASL/squid_sasl_auth* + + insinto /etc/pam.d ; newins ${FILESDIR}/squid.pam squid + exeinto /etc/init.d ; newexe ${FILESDIR}/squid.rc6 squid + insinto /etc/conf.d ; newins ${FILESDIR}/squid.confd squid + exeinto /etc/cron.weekly ; newexe ${FILESDIR}/squid-r1.cron squid.cron +} + +pkg_postinst() { + # empty dirs.. + install -m0755 -o squid -g squid -d ${ROOT}/var/cache/squid + install -m0755 -o squid -g squid -d ${ROOT}/var/log/squid + + echo + ewarn "Squid authentication helpers have been installed suid root" + ewarn "This allows shadow based authentication, see bug #52977 for more" + echo +} |