From: Alin Năstac Date: Sat, 27 Jan 2007 09:17:35 +0000 (+0000) Subject: Remove obsolete versions. Version bump (#163630). X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=8b47c627e9ab03dcc1fa63132aab8c43438e86d8;p=gentoo.git Remove obsolete versions. Version bump (#163630). Package-Manager: portage-2.1.1-r2 --- diff --git a/net-proxy/squid/ChangeLog b/net-proxy/squid/ChangeLog index 6118099bcb53..f0f2f4dc5d7e 100644 --- a/net-proxy/squid/ChangeLog +++ b/net-proxy/squid/ChangeLog @@ -1,6 +1,16 @@ # ChangeLog for net-proxy/squid # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.122 2007/01/21 07:32:42 mrness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.123 2007/01/27 09:17:35 mrness Exp $ + +*squid-2.6.9 (27 Jan 2007) + + 27 Jan 2007; Alin Năstac + +files/squid-2.6.9-ToS_Hit_ToS_Preserve.patch, + +files/squid-2.6.9-gentoo.patch, -squid-2.5.12.ebuild, + -squid-2.5.12-r1.ebuild, -squid-2.5.13.ebuild, -squid-2.5.14.ebuild, + -squid-2.6.4-r2.ebuild, -squid-2.6.5.ebuild, -squid-2.6.6-r2.ebuild, + +squid-2.6.9.ebuild: + Remove obsolete versions. Version bump (#163630). 21 Jan 2007; Alin Năstac squid-2.6.7.ebuild: Stable on amd64 (#162364). diff --git a/net-proxy/squid/files/digest-squid-2.6.9 b/net-proxy/squid/files/digest-squid-2.6.9 new file mode 100644 index 000000000000..2f5006a40c5e --- /dev/null +++ b/net-proxy/squid/files/digest-squid-2.6.9 @@ -0,0 +1,3 @@ +MD5 c8580e473e894b531e9b5ae97144fda7 squid-2.6.STABLE9.tar.gz 1625942 +RMD160 293ac5ad2d40f50c42fbee64576f12b72d493c8e squid-2.6.STABLE9.tar.gz 1625942 +SHA256 8d68c61eb07c2cdaf82d9b6a4babff3eade3ae864cb1f094b7115086b20d070e squid-2.6.STABLE9.tar.gz 1625942 diff --git a/net-proxy/squid/files/squid-2.6.9-ToS_Hit_ToS_Preserve.patch b/net-proxy/squid/files/squid-2.6.9-ToS_Hit_ToS_Preserve.patch new file mode 100644 index 000000000000..4cba6882845a --- /dev/null +++ b/net-proxy/squid/files/squid-2.6.9-ToS_Hit_ToS_Preserve.patch @@ -0,0 +1,216 @@ +diff -Nru squid-2.6.STABLE9.orig/src/cf.data.pre squid-2.6.STABLE9/src/cf.data.pre +--- squid-2.6.STABLE9.orig/src/cf.data.pre 2007-01-27 08:18:53.000000000 +0200 ++++ squid-2.6.STABLE9/src/cf.data.pre 2007-01-27 08:19:12.000000000 +0200 +@@ -3191,6 +3191,64 @@ + to off when using this directive in such configurations. + DOC_END + ++NAME: zph_tos_local ++TYPE: int ++DEFAULT: 0 ++LOC: Config.zph_tos_local ++DOC_START ++ Allows you to select a TOS/Diffserv value to mark local hits. Read above ++ (tcp_outgoing_tos) for details/requirements about TOS. ++ Default: 0 (disabled). ++DOC_END ++ ++NAME: zph_tos_peer ++TYPE: int ++DEFAULT: 0 ++LOC: Config.zph_tos_peer ++DOC_START ++ Allows you to select a TOS/Diffserv value to mark peer hits. Read above ++ (tcp_outgoing_tos) for details/requirements about TOS. ++ Default: 0 (disabled). ++DOC_END ++ ++NAME: zph_tos_parent ++COMMENT: on|off ++TYPE: onoff ++LOC: Config.onoff.zph_tos_parent ++DEFAULT: on ++DOC_START ++ Set this to off if you want only sibling hits to be marked. ++ If set to on (default), parent hits are being marked too. ++DOC_END ++ ++NAME: zph_preserve_miss_tos ++COMMENT: on|off ++TYPE: onoff ++LOC: Config.onoff.zph_preserve_miss_tos ++DEFAULT: on ++DOC_START ++ If set to on (default), any HTTP response towards clients will ++ have the TOS value of the response comming from the remote ++ server masked with the value of zph_preserve_miss_tos_mask. ++ For this to work correctly, you will need to patch your linux ++ kernel with the TOS preserving ZPH patch. ++ Has no effect under FreeBSD, works only under linux ZPH patched ++ kernels. ++DOC_END ++ ++NAME: zph_preserve_miss_tos_mask ++TYPE: int ++DEFAULT: 255 ++LOC: Config.zph_preserve_miss_tos_mask ++DOC_START ++ Allows you to mask certain bits in the TOS received from the ++ remote server, before copying the value to the TOS send towards ++ clients. ++ See zph_preserve_miss_tos for details. ++ ++ Default: 255 (TOS from server is not changed). ++DOC_END ++ + NAME: tcp_outgoing_address + TYPE: acl_address + DEFAULT: none +diff -Nru squid-2.6.STABLE9.orig/src/client_side.c squid-2.6.STABLE9/src/client_side.c +--- squid-2.6.STABLE9.orig/src/client_side.c 2007-01-27 08:18:53.000000000 +0200 ++++ squid-2.6.STABLE9/src/client_side.c 2007-01-27 08:19:12.000000000 +0200 +@@ -2629,6 +2629,55 @@ + return; + } + assert(http->out.offset == 0); ++ ++ if ( Config.zph_tos_local || Config.zph_tos_peer || ++ (Config.onoff.zph_preserve_miss_tos && Config.zph_preserve_miss_tos_mask) ) ++ { ++ int need_change = 0; ++ int hit = 0; ++ int tos = 0; ++ int tos_old = 0; ++ int tos_len = sizeof(tos_old); ++ int res; ++ ++ if (Config.zph_tos_local && isTcpHit(http->log_type)) { /* local hit */ ++ hit = 1; ++ tos = Config.zph_tos_local; ++ } else if (Config.zph_tos_peer && ++ (http->request->hier.code == SIBLING_HIT || /* sibling hit */ ++ (Config.onoff.zph_tos_parent && ++ http->request->hier.code == PARENT_HIT))) { /* parent hit */ ++ hit = 1; ++ tos = Config.zph_tos_peer; ++ } ++ if (http->request->flags.proxy_keepalive) { ++ if (getsockopt(fd, IPPROTO_IP, IP_TOS, &tos_old, &tos_len) < 0) { ++ debug(33, 1) ("ZPH: getsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror()); ++ } else if (hit && tos_old != tos) { /* HIT: 1-st request, or previous was MISS, */ ++ need_change = 1; /* or local/parent hit change */ ++ } else if (!hit && (tos_old || /* MISS: previous was HIT */ ++ Config.onoff.zph_preserve_miss_tos)) { /* TOS copying is on */ ++#if defined(_SQUID_LINUX_) ++ if ( Config.onoff.zph_preserve_miss_tos ) { ++ tos = (entry->mem_obj != NULL) ? ++ (entry->mem_obj->recvTOS & Config.zph_preserve_miss_tos_mask):0; ++ } else tos = 0; ++#else ++ tos = 0; ++#endif ++ need_change = 1; ++ } ++ } else if (hit) { /* no keepalive */ ++ need_change = 1; ++ } ++ if (need_change) { ++ if (!hit) enter_suid(); /* Setting TOS bit6-7 is privilleged */ ++ res = setsockopt(fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); ++ if (!hit) leave_suid(); /* Setting bit5-7 is privilleged */ ++ if ( res < 0) ++ debug(33, 1) ("ZPH: setsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror()); ++ } ++ } + rep = http->reply = clientBuildReply(http, buf, size); + if (!rep) { + /* Forward as HTTP/0.9 body with no reply */ +diff -Nru squid-2.6.STABLE9.orig/src/http.c squid-2.6.STABLE9/src/http.c +--- squid-2.6.STABLE9.orig/src/http.c 2007-01-21 12:26:44.000000000 +0200 ++++ squid-2.6.STABLE9/src/http.c 2007-01-27 08:19:12.000000000 +0200 +@@ -1263,6 +1263,53 @@ + peer *p = httpState->peer; + CWCB *sendHeaderDone; + int fd = httpState->fd; ++ ++#if defined(_SQUID_LINUX_) ++/* ZPH patch starts here (M.Stavrev 25-05-2005) ++ * Retrieve connection peer's TOS value (which its SYN_ACK TCP segment ++ * was encapsulated into an IP packet) ++ */ ++ int tos, tos_len; ++ if ( entry && entry->mem_obj ) { // Is this check necessary ? Seems not, but ++ // have no time to investigate further. ++ entry->mem_obj->recvTOS = 0; ++ tos = 1; ++ tos_len = sizeof(tos); ++ if ( setsockopt(fd,SOL_IP, IP_RECVTOS, &tos, tos_len) == 0 ) { ++ unsigned char buf[128]; ++ int len = 128; ++ if (getsockopt(fd, SOL_IP, IP_PKTOPTIONS, buf, &len) == 0) ++ { ++ /* Parse the PKTOPTIONS structure to locate the TOS data message ++ * prepared in the kernel by the ZPH incoming TCP TOS preserving ++ * patch. In 99,99% the TOS should be located at buf[12], but ++ * let's do it the right way. ++ */ ++ unsigned char * p = buf; ++ while ( p-buf < len ) { ++ struct cmsghdr * o = (struct cmsghdr*)p; ++ if ( o->cmsg_len <= 0 || o->cmsg_len > 52 ) ++ break; ++ if ( o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS ) { ++ entry->mem_obj->recvTOS = (unsigned char)(*(int*) ++ (p + sizeof(struct cmsghdr))); ++ debug(11, 5) ("ZPH: Incomming TOS=%d on FD %d\n", ++ entry->mem_obj->recvTOS, fd ); ++ break; ++ } ++ p += o->cmsg_len; ++ } ++ } else { ++ debug(11, 5) ("ZPH: getsockopt(IP_PKTOPTIONS) on FD %d: %s\n", ++ fd, xstrerror()); ++ } ++ } else { ++ debug(11, 5) ("ZPH: setsockopt(IP_RECVTOS) on FD %d: %s\n", ++ fd, xstrerror()); ++ } ++ } ++/* ZPH patch ends here */ ++#endif + + debug(11, 5) ("httpSendRequest: FD %d: httpState %p.\n", fd, httpState); + +diff -Nru squid-2.6.STABLE9.orig/src/structs.h squid-2.6.STABLE9/src/structs.h +--- squid-2.6.STABLE9.orig/src/structs.h 2007-01-21 12:26:44.000000000 +0200 ++++ squid-2.6.STABLE9/src/structs.h 2007-01-27 08:19:12.000000000 +0200 +@@ -669,6 +669,8 @@ + int relaxed_header_parser; + int accel_no_pmtu_disc; + int global_internal_static; ++ int zph_tos_parent; ++ int zph_preserve_miss_tos; + int httpd_suppress_version_string; + int via; + int check_hostnames; +@@ -793,6 +795,9 @@ + int sleep_after_fork; /* microseconds */ + time_t minimum_expiry_time; /* seconds */ + external_acl *externalAclHelperList; ++ int zph_tos_local; ++ int zph_tos_peer; ++ int zph_preserve_miss_tos_mask; + errormap *errorMapList; + #if USE_SSL + struct { +@@ -1719,6 +1724,9 @@ + const char *vary_encoding; + StoreEntry *ims_entry; + time_t refresh_timestamp; ++#if defined(_SQUID_LINUX_) ++ unsigned char recvTOS; /* ZPH patch - stores remote server's TOS */ ++#endif + }; + + struct _StoreEntry { diff --git a/net-proxy/squid/files/squid-2.6.9-gentoo.patch b/net-proxy/squid/files/squid-2.6.9-gentoo.patch new file mode 100644 index 000000000000..948f5c110426 --- /dev/null +++ b/net-proxy/squid/files/squid-2.6.9-gentoo.patch @@ -0,0 +1,353 @@ +diff -Nru squid-2.6.STABLE9.orig/helpers/basic_auth/SMB/Makefile.am squid-2.6.STABLE9/helpers/basic_auth/SMB/Makefile.am +--- squid-2.6.STABLE9.orig/helpers/basic_auth/SMB/Makefile.am 2005-05-17 19:56:26.000000000 +0300 ++++ squid-2.6.STABLE9/helpers/basic_auth/SMB/Makefile.am 2007-01-27 08:17:28.000000000 +0200 +@@ -14,7 +14,7 @@ + ## FIXME: autoconf should test for the samba path. + + SMB_AUTH_HELPER = smb_auth.sh +-SAMBAPREFIX=/usr/local/samba ++SAMBAPREFIX=/usr + SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) + + libexec_SCRIPTS = $(SMB_AUTH_HELPER) +diff -Nru squid-2.6.STABLE9.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.6.STABLE9/helpers/basic_auth/SMB/smb_auth.sh +--- squid-2.6.STABLE9.orig/helpers/basic_auth/SMB/smb_auth.sh 2001-01-08 01:36:46.000000000 +0200 ++++ squid-2.6.STABLE9/helpers/basic_auth/SMB/smb_auth.sh 2007-01-27 08:17:28.000000000 +0200 +@@ -24,7 +24,7 @@ + read AUTHSHARE + read AUTHFILE + read SMBUSER +-read SMBPASS ++read -r SMBPASS + + # Find domain controller + echo "Domain name: $DOMAINNAME" +@@ -47,7 +47,7 @@ + addropt="" + fi + echo "Query address options: $addropt" +-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` ++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` + echo "Domain controller IP address: $dcip" + [ -n "$dcip" ] || exit 1 + +diff -Nru squid-2.6.STABLE9.orig/snmplib/snmp_api.c squid-2.6.STABLE9/snmplib/snmp_api.c +--- squid-2.6.STABLE9.orig/snmplib/snmp_api.c 2006-06-02 20:32:44.000000000 +0300 ++++ squid-2.6.STABLE9/snmplib/snmp_api.c 2007-01-27 08:17:28.000000000 +0200 +@@ -121,7 +121,7 @@ + } + + /* +- * Parses the packet recieved on the input session, and places the data into ++ * Parses the packet received on the input session, and places the data into + * the input pdu. length is the length of the input packet. If any errors + * are encountered, NULL is returned. If not, the community is. + */ +diff -Nru squid-2.6.STABLE9.orig/src/auth/digest/auth_digest.c squid-2.6.STABLE9/src/auth/digest/auth_digest.c +--- squid-2.6.STABLE9.orig/src/auth/digest/auth_digest.c 2006-07-31 02:27:04.000000000 +0300 ++++ squid-2.6.STABLE9/src/auth/digest/auth_digest.c 2007-01-27 08:17:28.000000000 +0200 +@@ -1271,7 +1271,7 @@ + nonce = authenticateDigestNonceFindNonce(digest_request->nonceb64); + if (!nonce) { + /* we couldn't find a matching nonce! */ +- debug(29, 4) ("authenticateDigestDecode: Unexpected or invalid nonce recieved\n"); ++ debug(29, 4) ("authenticateDigestDecode: Unexpected or invalid nonce received\n"); + authDigestLogUsername(auth_user_request, username); + + /* we don't need the scheme specific data anymore */ +@@ -1285,8 +1285,8 @@ + /* check the qop is what we expected. Note that for compatability with + * RFC 2069 we should support a missing qop. Tough. */ + if (!digest_request->qop || strcmp(digest_request->qop, QOP_AUTH)) { +- /* we recieved a qop option we didn't send */ +- debug(29, 4) ("authenticateDigestDecode: Invalid qop option recieved\n"); ++ /* we received a qop option we didn't send */ ++ debug(29, 4) ("authenticateDigestDecode: Invalid qop option received\n"); + authDigestLogUsername(auth_user_request, username); + + /* we don't need the scheme specific data anymore */ +diff -Nru squid-2.6.STABLE9.orig/src/cf.data.pre squid-2.6.STABLE9/src/cf.data.pre +--- squid-2.6.STABLE9.orig/src/cf.data.pre 2007-01-20 00:03:03.000000000 +0200 ++++ squid-2.6.STABLE9/src/cf.data.pre 2007-01-27 08:17:28.000000000 +0200 +@@ -344,12 +344,12 @@ + NAME: htcp_port + IFDEF: USE_HTCP + TYPE: ushort +-DEFAULT: 4827 ++DEFAULT: 0 + LOC: Config.Port.htcp + DOC_START + The port number where Squid sends and receives HTCP queries to +- and from neighbor caches. Default is 4827. To disable use +- "0". ++ and from neighbor caches. To turn it on you want to set it to ++ 4827. By default it is set to "0" (disabled). + DOC_END + + +@@ -2841,6 +2841,8 @@ + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT ++acl purge method PURGE + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -2960,6 +2962,9 @@ + # Only allow cachemgr access from localhost + http_access allow manager localhost + http_access deny manager ++# Only allow purge requests from localhost ++http_access allow purge localhost ++http_access deny purge + # Deny requests to unknown ports + http_access deny !Safe_ports + # Deny CONNECT to other than SSL ports +@@ -2978,6 +2983,9 @@ + #acl our_networks src 192.168.1.0/24 192.168.2.0/24 + #http_access allow our_networks + ++# Allow the localhost to have access by default ++http_access allow localhost ++ + # And finally deny all other access to this proxy + http_access deny all + NOCOMMENT_END +@@ -3274,7 +3282,7 @@ + + NAME: cache_mgr + TYPE: string +-DEFAULT: webmaster ++DEFAULT: root + LOC: Config.adminEmail + DOC_START + Email-address of local cache manager who will receive +@@ -3309,7 +3317,7 @@ + + NAME: cache_effective_user + TYPE: string +-DEFAULT: nobody ++DEFAULT: squid + LOC: Config.effectiveUser + DOC_START + If you start Squid as root, it will change its effective/real +@@ -3324,7 +3332,7 @@ + + NAME: cache_effective_group + TYPE: string +-DEFAULT: none ++DEFAULT: squid + LOC: Config.effectiveGroup + DOC_START + If you want Squid to run with a specific GID regardless of +@@ -3693,6 +3701,9 @@ + If you disable this, it will appear as + + X-Forwarded-For: unknown ++NOCOMMENT_START ++forwarded_for off ++NOCOMMENT_END + DOC_END + + +@@ -4127,7 +4138,11 @@ + If you wish to create your own versions of the default + (English) error files, either to customize them to suit your + language or company copy the template English files to another +- directory and point this tag at them. ++ directory where the error files are read from. ++ /usr/share/squid/errors contains sets of error files ++ in different languages. The default error directory ++ is /etc/squid/errors, which is a link to one of these ++ error sets. + DOC_END + + NAME: maximum_single_addr_tries +@@ -4161,12 +4176,15 @@ + NAME: snmp_port + TYPE: ushort + LOC: Config.Port.snmp +-DEFAULT: 3401 ++DEFAULT: 0 + IFDEF: SQUID_SNMP + DOC_START + Squid can now serve statistics and status information via SNMP. + By default it listens to port 3401 on the machine. If you don't + wish to use SNMP, set this to "0". ++ ++ Note: on Gentoo Linux, the default is zero - you need to ++ set it to 3401 to enable it. + DOC_END + + NAME: snmp_access +diff -Nru squid-2.6.STABLE9.orig/src/client_side.c squid-2.6.STABLE9/src/client_side.c +--- squid-2.6.STABLE9.orig/src/client_side.c 2007-01-24 03:38:16.000000000 +0200 ++++ squid-2.6.STABLE9/src/client_side.c 2007-01-27 08:17:38.000000000 +0200 +@@ -4599,14 +4599,7 @@ + debug(83, 2) ("clientNegotiateSSL: Session %p reused on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port); + } else { + if (do_debug(83, 4)) { +- /* Write out the SSL session details.. actually the call below, but +- * OpenSSL headers do strange typecasts confusing GCC.. */ +- /* PEM_write_SSL_SESSION(debug_log, SSL_get_session(ssl)); */ +-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00908000L +- PEM_ASN1_write((i2d_of_void *) i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL); +-#else + PEM_ASN1_write(i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL); +-#endif + /* Note: This does not automatically fflush the log file.. */ + } + debug(83, 2) ("clientNegotiateSSL: New session %p on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port); +diff -Nru squid-2.6.STABLE9.orig/src/defines.h squid-2.6.STABLE9/src/defines.h +--- squid-2.6.STABLE9.orig/src/defines.h 2006-11-29 17:58:52.000000000 +0200 ++++ squid-2.6.STABLE9/src/defines.h 2007-01-27 08:17:28.000000000 +0200 +@@ -249,7 +249,7 @@ + + /* were to look for errors if config path fails */ + #ifndef DEFAULT_SQUID_ERROR_DIR +-#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors" ++#define DEFAULT_SQUID_ERROR_DIR "/usr/share/squid/errors/English" + #endif + + /* gb_type operations */ +diff -Nru squid-2.6.STABLE9.orig/src/delay_pools.c squid-2.6.STABLE9/src/delay_pools.c +--- squid-2.6.STABLE9.orig/src/delay_pools.c 2006-10-23 14:22:21.000000000 +0300 ++++ squid-2.6.STABLE9/src/delay_pools.c 2007-01-27 08:17:28.000000000 +0200 +@@ -613,7 +613,7 @@ + } + + /* +- * this records actual bytes recieved. always recorded, even if the ++ * this records actual bytes received. always recorded, even if the + * class is disabled - it's more efficient to just do it than to do all + * the checks. + */ +diff -Nru squid-2.6.STABLE9.orig/src/main.c squid-2.6.STABLE9/src/main.c +--- squid-2.6.STABLE9.orig/src/main.c 2007-01-13 18:10:14.000000000 +0200 ++++ squid-2.6.STABLE9/src/main.c 2007-01-27 08:17:28.000000000 +0200 +@@ -372,6 +372,22 @@ + asnFreeMemory(); + } + ++#if USE_UNLINKD ++static int ++needUnlinkd(void) ++{ ++ int i; ++ int r = 0; ++ for (i = 0; i < Config.cacheSwap.n_configured; i++) { ++ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 || ++ strcmp(Config.cacheSwap.swapDirs[i].type, "aufs") == 0 || ++ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0) ++ r++; ++ } ++ return r; ++} ++#endif ++ + static void + mainReconfigure(void) + { +@@ -395,6 +411,7 @@ + locationRewriteShutdown(); + authenticateShutdown(); + externalAclShutdown(); ++ unlinkdClose(); + storeDirCloseSwapLogs(); + storeLogClose(); + accessLogClose(); +@@ -430,6 +447,9 @@ + #if USE_WCCPv2 + wccp2Init(); + #endif ++#if USE_UNLINKD ++ if (needUnlinkd()) unlinkdInit(); ++#endif + serverConnectionsOpen(); + neighbors_init(); + storeDirOpenSwapLogs(); +@@ -593,7 +613,7 @@ + + if (!configured_once) { + #if USE_UNLINKD +- unlinkdInit(); ++ if (needUnlinkd()) unlinkdInit(); + #endif + urlInitialize(); + cachemgrInit(); +@@ -972,7 +992,7 @@ + int nullfd; + if (*(argv[0]) == '(') + return; +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); + else if (pid > 0) +@@ -1008,14 +1028,14 @@ + mainStartScript(argv[0]); + if ((pid = fork()) == 0) { + /* child */ +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + prog = xstrdup(argv[0]); + argv[0] = xstrdup("(squid)"); + execvp(prog, argv); + syslog(LOG_ALERT, "execvp failed: %s", xstrerror()); + } + /* parent */ +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid); + time(&start); + squid_signal(SIGINT, SIG_IGN, SA_RESTART); +diff -Nru squid-2.6.STABLE9.orig/src/Makefile.am squid-2.6.STABLE9/src/Makefile.am +--- squid-2.6.STABLE9.orig/src/Makefile.am 2006-10-30 02:07:33.000000000 +0200 ++++ squid-2.6.STABLE9/src/Makefile.am 2007-01-27 08:17:28.000000000 +0200 +@@ -314,12 +314,12 @@ + DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf + DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf + DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'` +-DEFAULT_LOG_PREFIX = $(localstatedir)/logs ++DEFAULT_LOG_PREFIX = $(localstatedir)/log/squid + DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log + DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log + DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log +-DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid +-DEFAULT_SWAP_DIR = $(localstatedir)/cache ++DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid ++DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid + DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_DISKD = $(libexecdir)/`echo diskd-daemon | sed '$(transform);s/$$/$(EXEEXT)/'` +diff -Nru squid-2.6.STABLE9.orig/src/mib.txt squid-2.6.STABLE9/src/mib.txt +--- squid-2.6.STABLE9.orig/src/mib.txt 2006-09-22 05:49:24.000000000 +0300 ++++ squid-2.6.STABLE9/src/mib.txt 2007-01-27 08:17:28.000000000 +0200 +@@ -314,7 +314,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " Number of HTTP KB's recieved " ++ " Number of HTTP KB's received " + ::= { cacheProtoAggregateStats 4 } + + cacheHttpOutKb OBJECT-TYPE +@@ -354,7 +354,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " Number of ICP KB's recieved " ++ " Number of ICP KB's received " + ::= { cacheProtoAggregateStats 9 } + + cacheServerRequests OBJECT-TYPE +@@ -378,7 +378,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " KB's of traffic recieved from servers " ++ " KB's of traffic received from servers " + ::= { cacheProtoAggregateStats 12 } + + cacheServerOutKb OBJECT-TYPE diff --git a/net-proxy/squid/squid-2.6.9.ebuild b/net-proxy/squid/squid-2.6.9.ebuild new file mode 100644 index 000000000000..13540a74bcc0 --- /dev/null +++ b/net-proxy/squid/squid-2.6.9.ebuild @@ -0,0 +1,190 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.6.9.ebuild,v 1.1 2007/01/27 09:17:35 mrness Exp $ + +WANT_AUTOCONF="latest" +WANT_AUTOMAKE="latest" + +inherit eutils pam toolchain-funcs flag-o-matic autotools linux-info + +#lame archive versioning scheme.. +S_PV="${PV%.*}" +S_PL="${PV##*.}" +S_PL="${S_PL/_rc/-RC}" +S_PP="${PN}-${S_PV}.STABLE${S_PL}" + +DESCRIPTION="A full-featured web proxy cache" +HOMEPAGE="http://www.squid-cache.org/" +SRC_URI="http://www.squid-cache.org/Versions/v2/${S_PV}/${S_PP}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="pam ldap sasl nis ssl snmp selinux logrotate zero-penalty-hit \ + pf-transparent ipf-transparent \ + elibc_uclibc kernel_linux" + +RDEPEND="pam? ( virtual/pam ) + ldap? ( >=net-nds/openldap-2.1.26 ) + ssl? ( >=dev-libs/openssl-0.9.7j ) + sasl? ( >=dev-libs/cyrus-sasl-2.1.21 ) + selinux? ( sec-policy/selinux-squid ) + !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) + >=sys-libs/db-4" +DEPEND="${RDEPEND} dev-lang/perl" + +S="${WORKDIR}/${S_PP}" + +pkg_setup() { + enewgroup squid 31 + enewuser squid 31 -1 /var/cache/squid squid +} + +src_unpack() { + unpack ${A} || die "unpack failed" + cd "${S}" || die "dir ${S} not found" + + epatch "${FILESDIR}"/${P}-gentoo.patch + use zero-penalty-hit && epatch "${FILESDIR}"/${P}-ToS_Hit_ToS_Preserve.patch + + sed -i -e 's%LDFLAGS="-g"%LDFLAGS=""%' configure.in + + #disable lazy bindings on (some at least) suided basic auth programs + sed -i -e '$aAM_LDFLAGS = '$(bindnow-flags) \ + helpers/basic_auth/*/Makefile.am + + eautoreconf +} + +src_compile() { + local basic_modules="getpwnam,NCSA,SMB,MSNT,multi-domain-NTLM" + use ldap && basic_modules="LDAP,${basic_modules}" + use pam && basic_modules="PAM,${basic_modules}" + use sasl && basic_modules="SASL,${basic_modules}" + use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}" + + local ext_helpers="ip_user,session,unix_group,wbinfo_group" + use ldap && ext_helpers="ldap_group,${ext_helpers}" + + local myconf="" + + # Support for uclibc #61175 + if use elibc_uclibc; then + myconf="${myconf} --enable-storeio=ufs,diskd,aufs,null" + myconf="${myconf} --disable-async-io" + else + myconf="${myconf} --enable-storeio=ufs,diskd,coss,aufs,null" + myconf="${myconf} --enable-async-io" + fi + + if use kernel_linux; then + myconf="${myconf} --enable-linux-netfilter" + if kernel_is ge 2 6 && linux_chkconfig_present EPOLL ; then + myconf="${myconf} --enable-epoll" + fi + elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then + myconf="${myconf} --enable-kqueue" + if use pf-transparent; then + myconf="${myconf} --enable-pf-transparent" + elif use ipf-transparent; then + myconf="${myconf} --enable-ipf-transparent" + fi + fi + + export CC=$(tc-getCC) + + econf \ + --sysconfdir=/etc/squid \ + --libexecdir=/usr/libexec/squid \ + --localstatedir=/var \ + --datadir=/usr/share/squid \ + --enable-auth="basic,digest,ntlm" \ + --enable-removal-policies="lru,heap" \ + --enable-digest-auth-helpers="password" \ + --enable-basic-auth-helpers="${basic_modules}" \ + --enable-external-acl-helpers="${ext_helpers}" \ + --enable-ntlm-auth-helpers="SMB,fakeauth" \ + --enable-ident-lookups \ + --enable-useragent-log \ + --enable-cache-digests \ + --enable-delay-pools \ + --enable-referer-log \ + --enable-arp-acl \ + --with-pthreads \ + --with-large-files \ + --enable-htcp \ + --enable-carp \ + --enable-follow-x-forwarded-for \ + $(use_enable snmp) \ + $(use_enable ssl) \ + ${myconf} || die "econf failed" + + sed -i -e "s:^#define SQUID_MAXFD.*:#define SQUID_MAXFD 8192:" \ + include/autoconf.h + + emake || die "emake failed" +} + +src_install() { + make DESTDIR="${D}" install || die "make install failed" + + #need suid root for looking into /etc/shadow + fowners root:squid /usr/libexec/squid/ncsa_auth + fowners root:squid /usr/libexec/squid/pam_auth + fperms 4750 /usr/libexec/squid/ncsa_auth + fperms 4750 /usr/libexec/squid/pam_auth + + #some clean ups + rm -f "${D}"/usr/bin/Run* + + dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \ + helpers/ntlm_auth/no_check/README.no_check_ntlm_auth + newdoc helpers/basic_auth/SMB/README README.auth_smb + dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html + newdoc helpers/basic_auth/LDAP/README README.auth_ldap + doman helpers/basic_auth/LDAP/*.8 + dodoc helpers/basic_auth/SASL/squid_sasl_auth* + + newpamd "${FILESDIR}/squid.pam" squid + newconfd "${FILESDIR}/squid.confd" squid + if use logrotate; then + newinitd "${FILESDIR}/squid.initd-logrotate" squid + insinto /etc/logrotate.d + newins "${FILESDIR}/squid.logrotate" squid + else + newinitd "${FILESDIR}/squid.initd" squid + exeinto /etc/cron.weekly + newexe "${FILESDIR}/squid.cron" squid.cron + fi + + rm -rf "${D}"/var + diropts -m0755 -o squid -g squid + keepdir /var/cache/squid /var/log/squid +} + +pkg_preinst() { + enewgroup squid 31 + enewuser squid 31 -1 /var/cache/squid squid + + #Remove this after all versions prior to 2.6.4 has been removed from the tree + if [[ -L "${ROOT}/etc/squid/errors" ]]; then + rm "${ROOT}/etc/squid/errors" + fi +} + +pkg_postinst() { + echo + ewarn "Squid authentication helpers have been installed suid root." + ewarn "This allows shadow based authentication (see bug #52977 for more)." + echo + ewarn "Be careful what type of cache_dir you select!" + ewarn " 'diskd' is optimized for high levels of traffic, but it might seem slow" + ewarn "when there isn't sufficient traffic to keep squid reasonably busy." + ewarn " If your traffic level is low to moderate, use 'aufs' or 'ufs'." + echo + ewarn "/etc/squid/errors symlink has been removed from your system." + ewarn "Error templates can be customized through ${HILITE}error_directory${NORMAL} directive." + echo + ewarn "Squid can be configured to run in transparent mode like this:" + ewarn " ${HILITE}http_port internal-addr:3128 transparent${NORMAL}" +}