summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlin Năstac <mrness@gentoo.org>2005-04-24 09:35:13 +0000
committerAlin Năstac <mrness@gentoo.org>2005-04-24 09:35:13 +0000
commitb7458e2b081c1f5e25fc1eb5383fe1e31544c4ec (patch)
tree422c2ea5f32082b5069eaf03cfecaea113b4ff81 /net-proxy/squid
parentamd64/arm/hppa/ia64/s390 love #88697 (diff)
downloadgentoo-2-b7458e2b081c1f5e25fc1eb5383fe1e31544c4ec.tar.gz
gentoo-2-b7458e2b081c1f5e25fc1eb5383fe1e31544c4ec.tar.bz2
gentoo-2-b7458e2b081c1f5e25fc1eb5383fe1e31544c4ec.zip
official patches; disable lazy bindings on suided programs; add Zero Penalty Hit patch
(Portage version: 2.0.51.19)
Diffstat (limited to 'net-proxy/squid')
-rw-r--r--net-proxy/squid/ChangeLog8
-rw-r--r--net-proxy/squid/files/digest-squid-2.5.9-r42
-rw-r--r--net-proxy/squid/squid-2.5.9-r4.ebuild198
3 files changed, 207 insertions, 1 deletions
diff --git a/net-proxy/squid/ChangeLog b/net-proxy/squid/ChangeLog
index a33440443a75..f35758fe5813 100644
--- a/net-proxy/squid/ChangeLog
+++ b/net-proxy/squid/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-proxy/squid
# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.2 2005/04/23 13:08:40 swegener Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.3 2005/04/24 09:35:13 mrness Exp $
+
+*squid-2.5.9-r4 (24 Apr 2005)
+
+ 24 Apr 2005; Alin Nastac <mrness@gentoo.org> +squid-2.5.9-r4.ebuild:
+ Add current official patches. Disable lazy bindings on basic auth programs.
+ Add zero-penalty-hit flag (#89769).
22 Apr 2005; Alin Nastac <mrness@gentoo.org> :
Rename category & herd www-proxy to net-proxy
diff --git a/net-proxy/squid/files/digest-squid-2.5.9-r4 b/net-proxy/squid/files/digest-squid-2.5.9-r4
new file mode 100644
index 000000000000..a1ceaa85561f
--- /dev/null
+++ b/net-proxy/squid/files/digest-squid-2.5.9-r4
@@ -0,0 +1,2 @@
+MD5 5a34a303dcab8851c7ab20e24af69b61 squid-2.5.STABLE9.tar.bz2 1057776
+MD5 374be69a629ebe5892fabdb3be607cf6 squid-2.5.STABLE9-patches-20050423.tar.gz 96982
diff --git a/net-proxy/squid/squid-2.5.9-r4.ebuild b/net-proxy/squid/squid-2.5.9-r4.ebuild
new file mode 100644
index 000000000000..85e01324a777
--- /dev/null
+++ b/net-proxy/squid/squid-2.5.9-r4.ebuild
@@ -0,0 +1,198 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.5.9-r4.ebuild,v 1.1 2005/04/24 09:35:13 mrness Exp $
+
+inherit eutils toolchain-funcs
+
+#lame archive versioning scheme..
+S_PV=${PV%.*}
+S_PL=${PV##*.}
+S_PP=${PN}-${S_PV}.STABLE${S_PL}
+PATCH_VERSION="20050423"
+
+DESCRIPTION="A caching web proxy, with advanced features"
+HOMEPAGE="http://www.squid-cache.org/"
+
+S=${WORKDIR}/${S_PP}
+SRC_URI="ftp://ftp.squid-cache.org/pub/squid-2/STABLE/${S_PP}.tar.bz2
+ mirror://gentoo/${S_PP}-patches-${PATCH_VERSION}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~mips"
+IUSE="pam ldap ssl sasl snmp debug uclibc selinux underscores logrotate customlog zero-penalty-hit"
+
+RDEPEND="virtual/libc
+ pam? ( >=sys-libs/pam-0.75 )
+ ldap? ( >=net-nds/openldap-2.1.26 )
+ ssl? ( >=dev-libs/openssl-0.9.6m )
+ sasl? ( >=dev-libs/cyrus-sasl-1.5.27 )
+ selinux? ( sec-policy/selinux-squid )
+ !mips? ( logrotate? ( app-admin/logrotate ) )"
+DEPEND="${RDEPEND} dev-lang/perl"
+
+src_unpack() {
+ unpack ${A} || die "unpack failed"
+ cd ${S} || die "dir ${S} not found"
+
+ # Do bulk patching from squids bug fix list as well as our patches
+ use customlog || rm ${WORKDIR}/patch/9*customlog*
+ use zero-penalty-hit || rm ${WORKDIR}/patch/9*ToS_Hit*
+ EPATCH_SUFFIX="patch"
+ epatch ${WORKDIR}/patch
+
+ #hmm #10865
+ sed -i -e 's%^\(LINK =.*\)\(-o.*\)%\1\$(XTRA_LIBS) \2%' \
+ helpers/external_acl/ldap_group/Makefile.in
+
+ #disable lazy bindings on (some at least) suided basic auth programs
+ sed -i -e 's:_LDFLAGS[ ]*=:_LDFLAGS = -Wl,-z,now:' \
+ helpers/basic_auth/*/Makefile.in
+
+ if ! use debug ; then
+ mv configure.in configure.in.orig
+ sed -e 's%LDFLAGS="-g"%LDFLAGS=""%' configure.in.orig > configure.in
+ export WANT_AUTOCONF=2.1
+ autoconf || die "autoconf failed"
+ fi
+}
+
+src_compile() {
+ # Support for uclibc #61175
+ if use uclibc; then
+ local basic_modules="getpwnam,NCSA,SMB,MSNT,multi-domain-NTLM,winbind"
+ else
+ local basic_modules="getpwnam,YP,NCSA,SMB,MSNT,multi-domain-NTLM,winbind"
+ fi
+
+ use ldap && basic_modules="LDAP,${basic_modules}"
+ use pam && basic_modules="PAM,${basic_modules}"
+ use sasl && basic_modules="SASL,${basic_modules}"
+ # SASL 1 / 2 Supported Natively
+
+ local ext_helpers="ip_user,unix_group,wbinfo_group,winbind_group"
+ use ldap && ext_helpers="ldap_group,${ext_helpers}"
+
+ local myconf=""
+ use snmp && myconf="${myconf} --enable-snmp" || myconf="${myconf} --disable-snmp"
+ use ssl && myconf="${myconf} --enable-ssl" || myconf="${myconf} --disable-ssl"
+
+ use amd64 && myconf="${myconf} --disable-internal-dns "
+
+ if use underscores; then
+ ewarn "Enabling underscores in domain names will result in dns resolution"
+ ewarn "failure if your local DNS client (probably bind) is not compatible."
+ myconf="${myconf} --enable-underscores"
+ fi
+
+ # Support for uclibc #61175
+ if use uclibc; then
+ myconf="${myconf} --enable-storeio='ufs,diskd,aufs,null' "
+ myconf="${myconf} --disable-async-io "
+ else
+ myconf="${myconf} --enable-storeio='ufs,diskd,coss,aufs,null' "
+ myconf="${myconf} --enable-async-io "
+ fi
+
+ export CC=$(tc-getCC)
+
+ ./configure \
+ --prefix=/usr \
+ --bindir=/usr/bin \
+ --exec-prefix=/usr \
+ --sbindir=/usr/sbin \
+ --localstatedir=/var \
+ --mandir=/usr/share/man \
+ --sysconfdir=/etc/squid \
+ --libexecdir=/usr/lib/squid \
+ \
+ --enable-auth="basic,digest,ntlm" \
+ --enable-removal-policies="lru,heap" \
+ --enable-digest-auth-helpers="password" \
+ --enable-basic-auth-helpers=${basic_modules} \
+ --enable-external-acl-helpers=${ext_helpers} \
+ --enable-ntlm-auth-helpers="SMB,fakeauth,no_check,winbind" \
+ --enable-linux-netfilter \
+ --enable-ident-lookups \
+ --enable-useragent-log \
+ --enable-cache-digests \
+ --enable-delay-pools \
+ --enable-referer-log \
+ --enable-truncate \
+ --enable-arp-acl \
+ --with-pthreads \
+ --with-large-files \
+ --enable-htcp \
+ --enable-carp \
+ --enable-poll \
+ --host=${CHOST} ${myconf} || die "bad ./configure"
+ #--enable-icmp
+
+ mv include/autoconf.h include/autoconf.h.orig
+ sed -e "s:^#define SQUID_MAXFD.*:#define SQUID_MAXFD 8192:" \
+ include/autoconf.h.orig > include/autoconf.h
+
+# if [ "${ARCH}" = "hppa" ]
+# then
+# mv include/autoconf.h include/autoconf.h.orig
+# sed -e "s:^#define HAVE_MALLOPT 1:#undef HAVE_MALLOPT:" \
+# include/autoconf.h.orig > include/autoconf.h
+# fi
+
+ emake || die "compile problem"
+}
+
+src_install() {
+ make DESTDIR=${D} install || die
+
+ #--enable-icmp
+ #make -C src install-pinger libexecdir=${D}/usr/lib/squid || die
+ #chown root:squid ${D}/usr/lib/squid/pinger
+ #chmod 4750 ${D}/usr/lib/squid/pinger
+
+ #need suid root for looking into /etc/shadow
+ chown root:squid ${D}/usr/lib/squid/ncsa_auth
+ chown root:squid ${D}/usr/lib/squid/pam_auth
+ chmod 4750 ${D}/usr/lib/squid/ncsa_auth
+ chmod 4750 ${D}/usr/lib/squid/pam_auth
+
+ #some clean ups
+ rm -rf ${D}/var
+ mv ${D}/usr/bin/Run* ${D}/usr/lib/squid
+
+ #simply switch this symlink to choose the desired language..
+ dosym /usr/lib/squid/errors/English /etc/squid/errors
+
+ dodoc CONTRIBUTORS COPYING COPYRIGHT CREDITS \
+ ChangeLog QUICKSTART SPONSORS doc/*.txt \
+ helpers/ntlm_auth/no_check/README.no_check_ntlm_auth
+ newdoc helpers/basic_auth/SMB/README README.auth_smb
+ dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html
+ newdoc helpers/basic_auth/LDAP/README README.auth_ldap
+ doman helpers/basic_auth/LDAP/*.8
+ dodoc helpers/basic_auth/SASL/squid_sasl_auth*
+
+ insinto /etc/pam.d
+ newins ${FILESDIR}/squid.pam squid
+ exeinto /etc/init.d
+ newexe ${FILESDIR}/squid.rc6 squid
+ insinto /etc/conf.d
+ newins ${FILESDIR}/squid.confd squid
+ if use logrotate; then
+ insinto /etc/logrotate.d
+ newins ${FILESDIR}/squid-logrotate squid
+ else
+ exeinto /etc/cron.weekly
+ newexe ${FILESDIR}/squid-r1.cron squid.cron
+ fi
+
+ diropts -m0755 -o squid -g squid
+ dodir /var/cache/squid /var/log/squid
+}
+
+pkg_postinst() {
+ echo
+ ewarn "Squid authentication helpers have been installed suid root"
+ ewarn "This allows shadow based authentication, see bug #52977 for more"
+ echo
+}