diff options
author | Alin Năstac <mrness@gentoo.org> | 2007-03-10 09:39:42 +0000 |
---|---|---|
committer | Alin Năstac <mrness@gentoo.org> | 2007-03-10 09:39:42 +0000 |
commit | 4eabef32af454d428074076b417d920d207aa966 (patch) | |
tree | 5fc5c40a338fe9d4266eaf8bb148fe74f24abed1 /net-proxy | |
parent | Stable on amd64 wrt bug 169987 (diff) | |
download | gentoo-2-4eabef32af454d428074076b417d920d207aa966.tar.gz gentoo-2-4eabef32af454d428074076b417d920d207aa966.tar.bz2 gentoo-2-4eabef32af454d428074076b417d920d207aa966.zip |
Version bump (#169947). Remove bash-specific code from init script (#170093).
Diffstat (limited to 'net-proxy')
-rw-r--r-- | net-proxy/squid/ChangeLog | 10 | ||||
-rw-r--r-- | net-proxy/squid/Manifest | 50 | ||||
-rw-r--r-- | net-proxy/squid/files/digest-squid-2.6.10 | 3 | ||||
-rw-r--r-- | net-proxy/squid/files/squid-2.6.10-ToS_Hit_ToS_Preserve.patch | 216 | ||||
-rw-r--r-- | net-proxy/squid/files/squid-2.6.10-gentoo.patch | 344 | ||||
-rw-r--r-- | net-proxy/squid/files/squid.initd | 10 | ||||
-rw-r--r-- | net-proxy/squid/files/squid.initd-logrotate | 10 | ||||
-rw-r--r-- | net-proxy/squid/squid-2.6.10.ebuild | 197 |
8 files changed, 807 insertions, 33 deletions
diff --git a/net-proxy/squid/ChangeLog b/net-proxy/squid/ChangeLog index 11ec9cbd9699..c80a69a69b18 100644 --- a/net-proxy/squid/ChangeLog +++ b/net-proxy/squid/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-proxy/squid # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.125 2007/02/25 20:32:41 mrness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.126 2007/03/10 09:39:42 mrness Exp $ + +*squid-2.6.10 (10 Mar 2007) + + 10 Mar 2007; Alin Năstac <mrness@gentoo.org> + +files/squid-2.6.10-ToS_Hit_ToS_Preserve.patch, + +files/squid-2.6.10-gentoo.patch, files/squid.initd, + files/squid.initd-logrotate, +squid-2.6.10.ebuild: + Version bump (#169947). Remove bash-specific code from init script (#170093). *squid-2.6.9-r1 (25 Feb 2007) diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest index a6b32c476f70..402e2eac3559 100644 --- a/net-proxy/squid/Manifest +++ b/net-proxy/squid/Manifest @@ -1,6 +1,11 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - +AUX squid-2.6.10-ToS_Hit_ToS_Preserve.patch 7810 RMD160 45479e58ed0b67a2b52fe34dfa1995ac24ed6279 SHA1 7911b167d79e07e1892b0fdce342482bfdb35c47 SHA256 9b542ce11aecbb8f4d322dbb840793bb9195dc21c358f343300b2a1c9344f06c +MD5 769f1e0a72be23004d4a292cd88d5c8c files/squid-2.6.10-ToS_Hit_ToS_Preserve.patch 7810 +RMD160 45479e58ed0b67a2b52fe34dfa1995ac24ed6279 files/squid-2.6.10-ToS_Hit_ToS_Preserve.patch 7810 +SHA256 9b542ce11aecbb8f4d322dbb840793bb9195dc21c358f343300b2a1c9344f06c files/squid-2.6.10-ToS_Hit_ToS_Preserve.patch 7810 +AUX squid-2.6.10-gentoo.patch 13128 RMD160 08b3b0d13151bf46b4037c0fe8cc8a9d0a91a8b7 SHA1 b2f498997943910b9a232b57dda98ca99c00ca32 SHA256 dc46d7933e7e145b85bde70b0ac394ade8965f450ff9d37160425501aa6ef375 +MD5 d25035c85129f8f083c2d6ada254d41f files/squid-2.6.10-gentoo.patch 13128 +RMD160 08b3b0d13151bf46b4037c0fe8cc8a9d0a91a8b7 files/squid-2.6.10-gentoo.patch 13128 +SHA256 dc46d7933e7e145b85bde70b0ac394ade8965f450ff9d37160425501aa6ef375 files/squid-2.6.10-gentoo.patch 13128 AUX squid-2.6.9-ToS_Hit_ToS_Preserve.patch 7794 RMD160 768c087050681d20d8fa680c1d3e1264ac1863fb SHA1 7e270c59eb25145add5f112a174978cd669419ec SHA256 0ab6611c2cd6fe5f7b57385d7b86b58c6b6aa7158de007d8d56d0546a49892dc MD5 e310b7604b6d8da5fa03f4ad4973d2a5 files/squid-2.6.9-ToS_Hit_ToS_Preserve.patch 7794 RMD160 768c087050681d20d8fa680c1d3e1264ac1863fb files/squid-2.6.9-ToS_Hit_ToS_Preserve.patch 7794 @@ -17,14 +22,14 @@ AUX squid.cron 143 RMD160 0706a7ad04691b9a93a2897c319008440483ba11 SHA1 6138db0e MD5 ed6522652e94a0fe875adaa0c396d539 files/squid.cron 143 RMD160 0706a7ad04691b9a93a2897c319008440483ba11 files/squid.cron 143 SHA256 4c9e2afe5b0bba583ce896233ea1f9262beeb1b6cf51b4adb48d5f5c03933b2f files/squid.cron 143 -AUX squid.initd 2037 RMD160 c39b6a35ba5fba6a0a967c5bb0ad8ac7d3952fa6 SHA1 9c88e297d0c7e86ec61a078dd33cb8ba3d95069b SHA256 c5ab9064323d751755e2879f7c485182612d95d05e239b913b6283b56674df61 -MD5 0f5091218dbf9023c09781b0fa8436f8 files/squid.initd 2037 -RMD160 c39b6a35ba5fba6a0a967c5bb0ad8ac7d3952fa6 files/squid.initd 2037 -SHA256 c5ab9064323d751755e2879f7c485182612d95d05e239b913b6283b56674df61 files/squid.initd 2037 -AUX squid.initd-logrotate 1931 RMD160 1f97920e77166a60a516fcd61924bfb2256e3c72 SHA1 6eaa258757ec4089003de69a3df1ba7ea010124e SHA256 3c8e474b78000563fe904e25520bafe67280dabb05c2ca647148a87b39e95062 -MD5 7c57574bac4ccbd73c1a1a305070e9de files/squid.initd-logrotate 1931 -RMD160 1f97920e77166a60a516fcd61924bfb2256e3c72 files/squid.initd-logrotate 1931 -SHA256 3c8e474b78000563fe904e25520bafe67280dabb05c2ca647148a87b39e95062 files/squid.initd-logrotate 1931 +AUX squid.initd 2028 RMD160 bcfe470a9d2d701ba2cce183aa7a05411fe5114d SHA1 0e5cacaac5bd6e901c2b7a8deac324cf3d4ebeb2 SHA256 8d571dc5c3ce1c85377740a316668d99ed720cdf38bf992fd4a1cb3d8f510933 +MD5 b3bb6c72b41ca513fd011eab08204bd6 files/squid.initd 2028 +RMD160 bcfe470a9d2d701ba2cce183aa7a05411fe5114d files/squid.initd 2028 +SHA256 8d571dc5c3ce1c85377740a316668d99ed720cdf38bf992fd4a1cb3d8f510933 files/squid.initd 2028 +AUX squid.initd-logrotate 1922 RMD160 a8fc50a6583ddf3caba9655ea5350baec2e950e4 SHA1 84a91edb3d2121890802acd1c5243e8c5b5fa0eb SHA256 1692927b4b3ed56dc657d3855a9b0cf07ff00d1e287294816212d71348add73b +MD5 4abd00af1de1ae9585f5e2adcac7c566 files/squid.initd-logrotate 1922 +RMD160 a8fc50a6583ddf3caba9655ea5350baec2e950e4 files/squid.initd-logrotate 1922 +SHA256 1692927b4b3ed56dc657d3855a9b0cf07ff00d1e287294816212d71348add73b files/squid.initd-logrotate 1922 AUX squid.logrotate 101 RMD160 57f6c2461bd8948524dc08c2665593234380891e SHA1 fe8b3c43c0d327150069a65aa473302ae6c423ff SHA256 29e97214612a8656d2d2d60e20451f9e23a9550e58a7af2050bf83fb7af485f6 MD5 5286e7e73ca5687381fa09ff41dccbd1 files/squid.logrotate 101 RMD160 57f6c2461bd8948524dc08c2665593234380891e files/squid.logrotate 101 @@ -33,9 +38,14 @@ AUX squid.pam 315 RMD160 ff8a56fd5e8d4e0fde70853162a757476f3b7893 SHA1 f694dbc62 MD5 2957ca0ec8bf84e4af8ed5adef7acb90 files/squid.pam 315 RMD160 ff8a56fd5e8d4e0fde70853162a757476f3b7893 files/squid.pam 315 SHA256 dec9bd5ea16977fa334db04eb657e0598af411dad7ff279acf86beddcd22a8fd files/squid.pam 315 +DIST squid-2.6.STABLE10.tar.gz 1626611 RMD160 470ce18f02a4628f021924fb0bc79a8e600284c5 SHA1 dbc0e816283ed740083e648e9ef679acca5c8be0 SHA256 29b2700786c0e92cfdb733d30edcfa23c600657d8f6dff59f2e7cb77168606a8 DIST squid-2.6.STABLE7-patches-20070116.tar.gz 7165 RMD160 4df56f7a82d0462537ed0a9c16943c99df5d3f4b SHA1 3ce0fff6708c2bdec0d286568f4cd279611a1350 SHA256 2ef51e75fc6c01d2613e6db7a2ecc4661718d8239a6d80ff42a510757ef90d1d DIST squid-2.6.STABLE7.tar.gz 1624607 RMD160 78715604c7dff188f0ee957e97c983ed90a770e6 SHA1 a84d80bc12d812503254f99dc969c6886c0584a0 SHA256 c4e2cdc1c01b33e1c25db01e09e12193f91fc47f74553ef89c369374c2699c61 DIST squid-2.6.STABLE9.tar.gz 1625942 RMD160 293ac5ad2d40f50c42fbee64576f12b72d493c8e SHA1 ba09f5cb4aadc535d63bb0fda564fcacb67b2e4c SHA256 8d68c61eb07c2cdaf82d9b6a4babff3eade3ae864cb1f094b7115086b20d070e +EBUILD squid-2.6.10.ebuild 6146 RMD160 50a61da6d730b1957698594a8f665efe709706d0 SHA1 b8d042aa49a11b09fcf08d8d224c4986d8e3bf3a SHA256 af3437302a20971112487bf2a7c6b6f6df80cdbdfedebeff8005639682c66f5f +MD5 99774bf2027e55bd250ba2718db71633 squid-2.6.10.ebuild 6146 +RMD160 50a61da6d730b1957698594a8f665efe709706d0 squid-2.6.10.ebuild 6146 +SHA256 af3437302a20971112487bf2a7c6b6f6df80cdbdfedebeff8005639682c66f5f squid-2.6.10.ebuild 6146 EBUILD squid-2.6.7.ebuild 6071 RMD160 1c91ed9abdea7f1f06b0211635d4ced136ef7835 SHA1 6cb3c7cfa4775812e3be59bc63ca77a4faa878c4 SHA256 cca9c9eb4a52f5600210198ff6250751de65334e19b17d5fa5c1bf677e008579 MD5 9821afa2318f7a6d9195a6c2e4c92048 squid-2.6.7.ebuild 6071 RMD160 1c91ed9abdea7f1f06b0211635d4ced136ef7835 squid-2.6.7.ebuild 6071 @@ -44,24 +54,20 @@ EBUILD squid-2.6.9-r1.ebuild 6146 RMD160 50a61da6d730b1957698594a8f665efe709706d MD5 99774bf2027e55bd250ba2718db71633 squid-2.6.9-r1.ebuild 6146 RMD160 50a61da6d730b1957698594a8f665efe709706d0 squid-2.6.9-r1.ebuild 6146 SHA256 af3437302a20971112487bf2a7c6b6f6df80cdbdfedebeff8005639682c66f5f squid-2.6.9-r1.ebuild 6146 -MISC ChangeLog 32774 RMD160 a65982d5925d4edf1eab997299ef465e1f60cb93 SHA1 f86739337eee16d06f83b379a87fa0bf512985e9 SHA256 500d17d6f6c2e27a11e418a306b0761f3395267ce3a69c2ac790e741ae6c3f31 -MD5 16c527f0cf3a4432e2a25e39862ebb0d ChangeLog 32774 -RMD160 a65982d5925d4edf1eab997299ef465e1f60cb93 ChangeLog 32774 -SHA256 500d17d6f6c2e27a11e418a306b0761f3395267ce3a69c2ac790e741ae6c3f31 ChangeLog 32774 +MISC ChangeLog 33090 RMD160 b319fb7cc880ca86bea836e4cc79d78b0c4d8071 SHA1 bb55f3d5382466c1d3b514627ab99589e19e3f37 SHA256 734f72be8851318b31fa02a21bf2893b536c87b855c3c3c268d7d82f41bc8170 +MD5 b4a8bbf1464714dcd5cf3f5ca55c4338 ChangeLog 33090 +RMD160 b319fb7cc880ca86bea836e4cc79d78b0c4d8071 ChangeLog 33090 +SHA256 734f72be8851318b31fa02a21bf2893b536c87b855c3c3c268d7d82f41bc8170 ChangeLog 33090 MISC metadata.xml 229 RMD160 3017fab68c82b875738f1df5bb414f46480f142f SHA1 975a764b9c2b956a744795d61a702bd3545bbfb9 SHA256 b986c2ccab6337ef434285c558ed764218d7ca79a82cb5ee3d2615cd03360e87 MD5 24a10e76803f4cc98cdc979586096c6f metadata.xml 229 RMD160 3017fab68c82b875738f1df5bb414f46480f142f metadata.xml 229 SHA256 b986c2ccab6337ef434285c558ed764218d7ca79a82cb5ee3d2615cd03360e87 metadata.xml 229 +MD5 944329597da4181599efc6f43877d2f9 files/digest-squid-2.6.10 259 +RMD160 7a7bbe1c0453d92362749b89bded87157489747d files/digest-squid-2.6.10 259 +SHA256 26b19e1f953b9cab2fab9662e4035adbd8a530babe7f59a984310206e55b878a files/digest-squid-2.6.10 259 MD5 5a1e44725f0f6da3a63f95721a3fe4e0 files/digest-squid-2.6.7 554 RMD160 be687a353ce0c44ae93e2c4a986af23f0dda7e12 files/digest-squid-2.6.7 554 SHA256 dbfcd684010150818fae13125c64f85b792786a412ac4d58703b8a437468b689 files/digest-squid-2.6.7 554 MD5 abce45f2679e15f9efb147ed7492b6bd files/digest-squid-2.6.9-r1 256 RMD160 d75f3cc9f3a1889d5d91ce2cc41e9a983955f9e8 files/digest-squid-2.6.9-r1 256 SHA256 9ed721fecb9f6488cf0dc959522f0f515f315e7c1641bd164917cfea2e75d58f files/digest-squid-2.6.9-r1 256 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.2 (GNU/Linux) - -iD8DBQFF4fJwJnxX6mF440QRAkPaAKC3+jTLq0r44cJl6mBa7oXF7CUuMgCfX0Rg -GmdzmRcdGxJnsYAefPkfTmY= -=rZ3g ------END PGP SIGNATURE----- diff --git a/net-proxy/squid/files/digest-squid-2.6.10 b/net-proxy/squid/files/digest-squid-2.6.10 new file mode 100644 index 000000000000..8803fc85ecd7 --- /dev/null +++ b/net-proxy/squid/files/digest-squid-2.6.10 @@ -0,0 +1,3 @@ +MD5 b2b5efbaf6f95f94ab4a71914a86ace0 squid-2.6.STABLE10.tar.gz 1626611 +RMD160 470ce18f02a4628f021924fb0bc79a8e600284c5 squid-2.6.STABLE10.tar.gz 1626611 +SHA256 29b2700786c0e92cfdb733d30edcfa23c600657d8f6dff59f2e7cb77168606a8 squid-2.6.STABLE10.tar.gz 1626611 diff --git a/net-proxy/squid/files/squid-2.6.10-ToS_Hit_ToS_Preserve.patch b/net-proxy/squid/files/squid-2.6.10-ToS_Hit_ToS_Preserve.patch new file mode 100644 index 000000000000..36d2ec5b4c7a --- /dev/null +++ b/net-proxy/squid/files/squid-2.6.10-ToS_Hit_ToS_Preserve.patch @@ -0,0 +1,216 @@ +diff -Nru squid-2.6.STABLE10.orig/src/cf.data.pre squid-2.6.STABLE10/src/cf.data.pre +--- squid-2.6.STABLE10.orig/src/cf.data.pre 2007-03-10 10:16:19.000000000 +0200 ++++ squid-2.6.STABLE10/src/cf.data.pre 2007-03-10 10:16:55.000000000 +0200 +@@ -3193,6 +3193,64 @@ + to off when using this directive in such configurations. + DOC_END + ++NAME: zph_tos_local ++TYPE: int ++DEFAULT: 0 ++LOC: Config.zph_tos_local ++DOC_START ++ Allows you to select a TOS/Diffserv value to mark local hits. Read above ++ (tcp_outgoing_tos) for details/requirements about TOS. ++ Default: 0 (disabled). ++DOC_END ++ ++NAME: zph_tos_peer ++TYPE: int ++DEFAULT: 0 ++LOC: Config.zph_tos_peer ++DOC_START ++ Allows you to select a TOS/Diffserv value to mark peer hits. Read above ++ (tcp_outgoing_tos) for details/requirements about TOS. ++ Default: 0 (disabled). ++DOC_END ++ ++NAME: zph_tos_parent ++COMMENT: on|off ++TYPE: onoff ++LOC: Config.onoff.zph_tos_parent ++DEFAULT: on ++DOC_START ++ Set this to off if you want only sibling hits to be marked. ++ If set to on (default), parent hits are being marked too. ++DOC_END ++ ++NAME: zph_preserve_miss_tos ++COMMENT: on|off ++TYPE: onoff ++LOC: Config.onoff.zph_preserve_miss_tos ++DEFAULT: on ++DOC_START ++ If set to on (default), any HTTP response towards clients will ++ have the TOS value of the response comming from the remote ++ server masked with the value of zph_preserve_miss_tos_mask. ++ For this to work correctly, you will need to patch your linux ++ kernel with the TOS preserving ZPH patch. ++ Has no effect under FreeBSD, works only under linux ZPH patched ++ kernels. ++DOC_END ++ ++NAME: zph_preserve_miss_tos_mask ++TYPE: int ++DEFAULT: 255 ++LOC: Config.zph_preserve_miss_tos_mask ++DOC_START ++ Allows you to mask certain bits in the TOS received from the ++ remote server, before copying the value to the TOS send towards ++ clients. ++ See zph_preserve_miss_tos for details. ++ ++ Default: 255 (TOS from server is not changed). ++DOC_END ++ + NAME: tcp_outgoing_address + TYPE: acl_address + DEFAULT: none +diff -Nru squid-2.6.STABLE10.orig/src/client_side.c squid-2.6.STABLE10/src/client_side.c +--- squid-2.6.STABLE10.orig/src/client_side.c 2007-03-10 10:16:19.000000000 +0200 ++++ squid-2.6.STABLE10/src/client_side.c 2007-03-10 10:16:55.000000000 +0200 +@@ -2621,6 +2621,55 @@ + return; + } + assert(http->out.offset == 0); ++ ++ if ( Config.zph_tos_local || Config.zph_tos_peer || ++ (Config.onoff.zph_preserve_miss_tos && Config.zph_preserve_miss_tos_mask) ) ++ { ++ int need_change = 0; ++ int hit = 0; ++ int tos = 0; ++ int tos_old = 0; ++ int tos_len = sizeof(tos_old); ++ int res; ++ ++ if (Config.zph_tos_local && isTcpHit(http->log_type)) { /* local hit */ ++ hit = 1; ++ tos = Config.zph_tos_local; ++ } else if (Config.zph_tos_peer && ++ (http->request->hier.code == SIBLING_HIT || /* sibling hit */ ++ (Config.onoff.zph_tos_parent && ++ http->request->hier.code == PARENT_HIT))) { /* parent hit */ ++ hit = 1; ++ tos = Config.zph_tos_peer; ++ } ++ if (http->request->flags.proxy_keepalive) { ++ if (getsockopt(fd, IPPROTO_IP, IP_TOS, &tos_old, &tos_len) < 0) { ++ debug(33, 1) ("ZPH: getsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror()); ++ } else if (hit && tos_old != tos) { /* HIT: 1-st request, or previous was MISS, */ ++ need_change = 1; /* or local/parent hit change */ ++ } else if (!hit && (tos_old || /* MISS: previous was HIT */ ++ Config.onoff.zph_preserve_miss_tos)) { /* TOS copying is on */ ++#if defined(_SQUID_LINUX_) ++ if ( Config.onoff.zph_preserve_miss_tos ) { ++ tos = (entry->mem_obj != NULL) ? ++ (entry->mem_obj->recvTOS & Config.zph_preserve_miss_tos_mask):0; ++ } else tos = 0; ++#else ++ tos = 0; ++#endif ++ need_change = 1; ++ } ++ } else if (hit) { /* no keepalive */ ++ need_change = 1; ++ } ++ if (need_change) { ++ if (!hit) enter_suid(); /* Setting TOS bit6-7 is privilleged */ ++ res = setsockopt(fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); ++ if (!hit) leave_suid(); /* Setting bit5-7 is privilleged */ ++ if ( res < 0) ++ debug(33, 1) ("ZPH: setsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror()); ++ } ++ } + rep = http->reply = clientBuildReply(http, buf, size); + if (!rep) { + /* Forward as HTTP/0.9 body with no reply */ +diff -Nru squid-2.6.STABLE10.orig/src/http.c squid-2.6.STABLE10/src/http.c +--- squid-2.6.STABLE10.orig/src/http.c 2007-02-27 00:41:46.000000000 +0200 ++++ squid-2.6.STABLE10/src/http.c 2007-03-10 10:16:55.000000000 +0200 +@@ -1373,6 +1373,53 @@ + peer *p = httpState->peer; + CWCB *sendHeaderDone; + int fd = httpState->fd; ++ ++#if defined(_SQUID_LINUX_) ++/* ZPH patch starts here (M.Stavrev 25-05-2005) ++ * Retrieve connection peer's TOS value (which its SYN_ACK TCP segment ++ * was encapsulated into an IP packet) ++ */ ++ int tos, tos_len; ++ if ( entry && entry->mem_obj ) { // Is this check necessary ? Seems not, but ++ // have no time to investigate further. ++ entry->mem_obj->recvTOS = 0; ++ tos = 1; ++ tos_len = sizeof(tos); ++ if ( setsockopt(fd,SOL_IP, IP_RECVTOS, &tos, tos_len) == 0 ) { ++ unsigned char buf[128]; ++ int len = 128; ++ if (getsockopt(fd, SOL_IP, IP_PKTOPTIONS, buf, &len) == 0) ++ { ++ /* Parse the PKTOPTIONS structure to locate the TOS data message ++ * prepared in the kernel by the ZPH incoming TCP TOS preserving ++ * patch. In 99,99% the TOS should be located at buf[12], but ++ * let's do it the right way. ++ */ ++ unsigned char * p = buf; ++ while ( p-buf < len ) { ++ struct cmsghdr * o = (struct cmsghdr*)p; ++ if ( o->cmsg_len <= 0 || o->cmsg_len > 52 ) ++ break; ++ if ( o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS ) { ++ entry->mem_obj->recvTOS = (unsigned char)(*(int*) ++ (p + sizeof(struct cmsghdr))); ++ debug(11, 5) ("ZPH: Incomming TOS=%d on FD %d\n", ++ entry->mem_obj->recvTOS, fd ); ++ break; ++ } ++ p += o->cmsg_len; ++ } ++ } else { ++ debug(11, 5) ("ZPH: getsockopt(IP_PKTOPTIONS) on FD %d: %s\n", ++ fd, xstrerror()); ++ } ++ } else { ++ debug(11, 5) ("ZPH: setsockopt(IP_RECVTOS) on FD %d: %s\n", ++ fd, xstrerror()); ++ } ++ } ++/* ZPH patch ends here */ ++#endif + + debug(11, 5) ("httpSendRequest: FD %d: httpState %p.\n", fd, httpState); + +diff -Nru squid-2.6.STABLE10.orig/src/structs.h squid-2.6.STABLE10/src/structs.h +--- squid-2.6.STABLE10.orig/src/structs.h 2007-02-27 03:20:01.000000000 +0200 ++++ squid-2.6.STABLE10/src/structs.h 2007-03-10 10:16:55.000000000 +0200 +@@ -669,6 +669,8 @@ + int relaxed_header_parser; + int accel_no_pmtu_disc; + int global_internal_static; ++ int zph_tos_parent; ++ int zph_preserve_miss_tos; + int httpd_suppress_version_string; + int via; + int check_hostnames; +@@ -793,6 +795,9 @@ + int sleep_after_fork; /* microseconds */ + time_t minimum_expiry_time; /* seconds */ + external_acl *externalAclHelperList; ++ int zph_tos_local; ++ int zph_tos_peer; ++ int zph_preserve_miss_tos_mask; + errormap *errorMapList; + #if USE_SSL + struct { +@@ -1724,6 +1729,9 @@ + const char *vary_encoding; + StoreEntry *ims_entry; + time_t refresh_timestamp; ++#if defined(_SQUID_LINUX_) ++ unsigned char recvTOS; /* ZPH patch - stores remote server's TOS */ ++#endif + }; + + struct _StoreEntry { diff --git a/net-proxy/squid/files/squid-2.6.10-gentoo.patch b/net-proxy/squid/files/squid-2.6.10-gentoo.patch new file mode 100644 index 000000000000..72bcb9e65fef --- /dev/null +++ b/net-proxy/squid/files/squid-2.6.10-gentoo.patch @@ -0,0 +1,344 @@ +diff -Nru squid-2.6.STABLE10.orig/helpers/basic_auth/SMB/Makefile.am squid-2.6.STABLE10/helpers/basic_auth/SMB/Makefile.am +--- squid-2.6.STABLE10.orig/helpers/basic_auth/SMB/Makefile.am 2005-05-17 19:56:26.000000000 +0300 ++++ squid-2.6.STABLE10/helpers/basic_auth/SMB/Makefile.am 2007-03-10 10:15:12.000000000 +0200 +@@ -14,7 +14,7 @@ + ## FIXME: autoconf should test for the samba path. + + SMB_AUTH_HELPER = smb_auth.sh +-SAMBAPREFIX=/usr/local/samba ++SAMBAPREFIX=/usr + SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) + + libexec_SCRIPTS = $(SMB_AUTH_HELPER) +diff -Nru squid-2.6.STABLE10.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.6.STABLE10/helpers/basic_auth/SMB/smb_auth.sh +--- squid-2.6.STABLE10.orig/helpers/basic_auth/SMB/smb_auth.sh 2001-01-08 01:36:46.000000000 +0200 ++++ squid-2.6.STABLE10/helpers/basic_auth/SMB/smb_auth.sh 2007-03-10 10:15:12.000000000 +0200 +@@ -24,7 +24,7 @@ + read AUTHSHARE + read AUTHFILE + read SMBUSER +-read SMBPASS ++read -r SMBPASS + + # Find domain controller + echo "Domain name: $DOMAINNAME" +@@ -47,7 +47,7 @@ + addropt="" + fi + echo "Query address options: $addropt" +-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` ++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` + echo "Domain controller IP address: $dcip" + [ -n "$dcip" ] || exit 1 + +diff -Nru squid-2.6.STABLE10.orig/snmplib/snmp_api.c squid-2.6.STABLE10/snmplib/snmp_api.c +--- squid-2.6.STABLE10.orig/snmplib/snmp_api.c 2006-06-02 20:32:44.000000000 +0300 ++++ squid-2.6.STABLE10/snmplib/snmp_api.c 2007-03-10 10:15:12.000000000 +0200 +@@ -121,7 +121,7 @@ + } + + /* +- * Parses the packet recieved on the input session, and places the data into ++ * Parses the packet received on the input session, and places the data into + * the input pdu. length is the length of the input packet. If any errors + * are encountered, NULL is returned. If not, the community is. + */ +diff -Nru squid-2.6.STABLE10.orig/src/auth/digest/auth_digest.c squid-2.6.STABLE10/src/auth/digest/auth_digest.c +--- squid-2.6.STABLE10.orig/src/auth/digest/auth_digest.c 2006-07-31 02:27:04.000000000 +0300 ++++ squid-2.6.STABLE10/src/auth/digest/auth_digest.c 2007-03-10 10:15:12.000000000 +0200 +@@ -1271,7 +1271,7 @@ + nonce = authenticateDigestNonceFindNonce(digest_request->nonceb64); + if (!nonce) { + /* we couldn't find a matching nonce! */ +- debug(29, 4) ("authenticateDigestDecode: Unexpected or invalid nonce recieved\n"); ++ debug(29, 4) ("authenticateDigestDecode: Unexpected or invalid nonce received\n"); + authDigestLogUsername(auth_user_request, username); + + /* we don't need the scheme specific data anymore */ +@@ -1285,8 +1285,8 @@ + /* check the qop is what we expected. Note that for compatability with + * RFC 2069 we should support a missing qop. Tough. */ + if (!digest_request->qop || strcmp(digest_request->qop, QOP_AUTH)) { +- /* we recieved a qop option we didn't send */ +- debug(29, 4) ("authenticateDigestDecode: Invalid qop option recieved\n"); ++ /* we received a qop option we didn't send */ ++ debug(29, 4) ("authenticateDigestDecode: Invalid qop option received\n"); + authDigestLogUsername(auth_user_request, username); + + /* we don't need the scheme specific data anymore */ +diff -Nru squid-2.6.STABLE10.orig/src/cf.data.pre squid-2.6.STABLE10/src/cf.data.pre +--- squid-2.6.STABLE10.orig/src/cf.data.pre 2007-02-03 23:59:24.000000000 +0200 ++++ squid-2.6.STABLE10/src/cf.data.pre 2007-03-10 10:15:12.000000000 +0200 +@@ -344,12 +344,12 @@ + NAME: htcp_port + IFDEF: USE_HTCP + TYPE: ushort +-DEFAULT: 4827 ++DEFAULT: 0 + LOC: Config.Port.htcp + DOC_START + The port number where Squid sends and receives HTCP queries to +- and from neighbor caches. Default is 4827. To disable use +- "0". ++ and from neighbor caches. To turn it on you want to set it to ++ 4827. By default it is set to "0" (disabled). + DOC_END + + +@@ -2843,6 +2843,8 @@ + acl Safe_ports port 488 # gss-http + acl Safe_ports port 591 # filemaker + acl Safe_ports port 777 # multiling http ++acl Safe_ports port 901 # SWAT ++acl purge method PURGE + acl CONNECT method CONNECT + NOCOMMENT_END + DOC_END +@@ -2962,6 +2964,9 @@ + # Only allow cachemgr access from localhost + http_access allow manager localhost + http_access deny manager ++# Only allow purge requests from localhost ++http_access allow purge localhost ++http_access deny purge + # Deny requests to unknown ports + http_access deny !Safe_ports + # Deny CONNECT to other than SSL ports +@@ -2980,6 +2985,9 @@ + #acl our_networks src 192.168.1.0/24 192.168.2.0/24 + #http_access allow our_networks + ++# Allow the localhost to have access by default ++http_access allow localhost ++ + # And finally deny all other access to this proxy + http_access deny all + NOCOMMENT_END +@@ -3276,7 +3284,7 @@ + + NAME: cache_mgr + TYPE: string +-DEFAULT: webmaster ++DEFAULT: root + LOC: Config.adminEmail + DOC_START + Email-address of local cache manager who will receive +@@ -3311,7 +3319,7 @@ + + NAME: cache_effective_user + TYPE: string +-DEFAULT: nobody ++DEFAULT: squid + LOC: Config.effectiveUser + DOC_START + If you start Squid as root, it will change its effective/real +@@ -3695,6 +3703,9 @@ + If you disable this, it will appear as + + X-Forwarded-For: unknown ++NOCOMMENT_START ++forwarded_for off ++NOCOMMENT_END + DOC_END + + +@@ -4129,7 +4140,11 @@ + If you wish to create your own versions of the default + (English) error files, either to customize them to suit your + language or company copy the template English files to another +- directory and point this tag at them. ++ directory where the error files are read from. ++ /usr/share/squid/errors contains sets of error files ++ in different languages. The default error directory ++ is /etc/squid/errors, which is a link to one of these ++ error sets. + DOC_END + + NAME: maximum_single_addr_tries +@@ -4163,12 +4178,15 @@ + NAME: snmp_port + TYPE: ushort + LOC: Config.Port.snmp +-DEFAULT: 3401 ++DEFAULT: 0 + IFDEF: SQUID_SNMP + DOC_START + Squid can now serve statistics and status information via SNMP. + By default it listens to port 3401 on the machine. If you don't + wish to use SNMP, set this to "0". ++ ++ Note: on Gentoo Linux, the default is zero - you need to ++ set it to 3401 to enable it. + DOC_END + + NAME: snmp_access +diff -Nru squid-2.6.STABLE10.orig/src/client_side.c squid-2.6.STABLE10/src/client_side.c +--- squid-2.6.STABLE10.orig/src/client_side.c 2007-02-27 04:08:10.000000000 +0200 ++++ squid-2.6.STABLE10/src/client_side.c 2007-03-10 10:15:12.000000000 +0200 +@@ -4589,14 +4589,7 @@ + debug(83, 2) ("clientNegotiateSSL: Session %p reused on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port); + } else { + if (do_debug(83, 4)) { +- /* Write out the SSL session details.. actually the call below, but +- * OpenSSL headers do strange typecasts confusing GCC.. */ +- /* PEM_write_SSL_SESSION(debug_log, SSL_get_session(ssl)); */ +-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00908000L +- PEM_ASN1_write((i2d_of_void *) i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL); +-#else + PEM_ASN1_write(i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL); +-#endif + /* Note: This does not automatically fflush the log file.. */ + } + debug(83, 2) ("clientNegotiateSSL: New session %p on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port); +diff -Nru squid-2.6.STABLE10.orig/src/defines.h squid-2.6.STABLE10/src/defines.h +--- squid-2.6.STABLE10.orig/src/defines.h 2007-02-04 00:58:20.000000000 +0200 ++++ squid-2.6.STABLE10/src/defines.h 2007-03-10 10:15:12.000000000 +0200 +@@ -259,7 +259,7 @@ + + /* were to look for errors if config path fails */ + #ifndef DEFAULT_SQUID_ERROR_DIR +-#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors" ++#define DEFAULT_SQUID_ERROR_DIR "/usr/share/squid/errors/English" + #endif + + /* gb_type operations */ +diff -Nru squid-2.6.STABLE10.orig/src/delay_pools.c squid-2.6.STABLE10/src/delay_pools.c +--- squid-2.6.STABLE10.orig/src/delay_pools.c 2006-10-23 14:22:21.000000000 +0300 ++++ squid-2.6.STABLE10/src/delay_pools.c 2007-03-10 10:15:12.000000000 +0200 +@@ -613,7 +613,7 @@ + } + + /* +- * this records actual bytes recieved. always recorded, even if the ++ * this records actual bytes received. always recorded, even if the + * class is disabled - it's more efficient to just do it than to do all + * the checks. + */ +diff -Nru squid-2.6.STABLE10.orig/src/main.c squid-2.6.STABLE10/src/main.c +--- squid-2.6.STABLE10.orig/src/main.c 2007-02-03 23:55:42.000000000 +0200 ++++ squid-2.6.STABLE10/src/main.c 2007-03-10 10:15:12.000000000 +0200 +@@ -372,6 +372,22 @@ + asnFreeMemory(); + } + ++#if USE_UNLINKD ++static int ++needUnlinkd(void) ++{ ++ int i; ++ int r = 0; ++ for (i = 0; i < Config.cacheSwap.n_configured; i++) { ++ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 || ++ strcmp(Config.cacheSwap.swapDirs[i].type, "aufs") == 0 || ++ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0) ++ r++; ++ } ++ return r; ++} ++#endif ++ + static void + mainReconfigure(void) + { +@@ -395,6 +411,7 @@ + locationRewriteShutdown(); + authenticateShutdown(); + externalAclShutdown(); ++ unlinkdClose(); + storeDirCloseSwapLogs(); + storeLogClose(); + accessLogClose(); +@@ -430,6 +447,9 @@ + #if USE_WCCPv2 + wccp2Init(); + #endif ++#if USE_UNLINKD ++ if (needUnlinkd()) unlinkdInit(); ++#endif + serverConnectionsOpen(); + neighbors_init(); + storeDirOpenSwapLogs(); +@@ -593,7 +613,7 @@ + + if (!configured_once) { + #if USE_UNLINKD +- unlinkdInit(); ++ if (needUnlinkd()) unlinkdInit(); + #endif + urlInitialize(); + cachemgrInit(); +@@ -972,7 +992,7 @@ + int nullfd; + if (*(argv[0]) == '(') + return; +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + if ((pid = fork()) < 0) + syslog(LOG_ALERT, "fork failed: %s", xstrerror()); + else if (pid > 0) +@@ -1008,14 +1028,14 @@ + mainStartScript(argv[0]); + if ((pid = fork()) == 0) { + /* child */ +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + prog = xstrdup(argv[0]); + argv[0] = xstrdup("(squid)"); + execvp(prog, argv); + syslog(LOG_ALERT, "execvp failed: %s", xstrerror()); + } + /* parent */ +- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4); ++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON); + syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid); + time(&start); + squid_signal(SIGINT, SIG_IGN, SA_RESTART); +diff -Nru squid-2.6.STABLE10.orig/src/Makefile.am squid-2.6.STABLE10/src/Makefile.am +--- squid-2.6.STABLE10.orig/src/Makefile.am 2006-10-30 02:07:33.000000000 +0200 ++++ squid-2.6.STABLE10/src/Makefile.am 2007-03-10 10:15:12.000000000 +0200 +@@ -314,12 +314,12 @@ + DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf + DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf + DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'` +-DEFAULT_LOG_PREFIX = $(localstatedir)/logs ++DEFAULT_LOG_PREFIX = $(localstatedir)/log/squid + DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log + DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log + DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log +-DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid +-DEFAULT_SWAP_DIR = $(localstatedir)/cache ++DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid ++DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid + DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` + DEFAULT_DISKD = $(libexecdir)/`echo diskd-daemon | sed '$(transform);s/$$/$(EXEEXT)/'` +diff -Nru squid-2.6.STABLE10.orig/src/mib.txt squid-2.6.STABLE10/src/mib.txt +--- squid-2.6.STABLE10.orig/src/mib.txt 2006-09-22 05:49:24.000000000 +0300 ++++ squid-2.6.STABLE10/src/mib.txt 2007-03-10 10:15:12.000000000 +0200 +@@ -314,7 +314,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " Number of HTTP KB's recieved " ++ " Number of HTTP KB's received " + ::= { cacheProtoAggregateStats 4 } + + cacheHttpOutKb OBJECT-TYPE +@@ -354,7 +354,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " Number of ICP KB's recieved " ++ " Number of ICP KB's received " + ::= { cacheProtoAggregateStats 9 } + + cacheServerRequests OBJECT-TYPE +@@ -378,7 +378,7 @@ + MAX-ACCESS read-only + STATUS current + DESCRIPTION +- " KB's of traffic recieved from servers " ++ " KB's of traffic received from servers " + ::= { cacheProtoAggregateStats 12 } + + cacheServerOutKb OBJECT-TYPE diff --git a/net-proxy/squid/files/squid.initd b/net-proxy/squid/files/squid.initd index 29fda35bf202..6e798c5915d1 100644 --- a/net-proxy/squid/files/squid.initd +++ b/net-proxy/squid/files/squid.initd @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2006 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd,v 1.6 2006/09/20 08:59:55 mrness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd,v 1.7 2007/03/10 09:39:42 mrness Exp $ opts="${opts} reload rotate" @@ -24,14 +24,14 @@ maxfds() { checkconfig() { maxfds - local CACHE_SWAP=`awk '/^[ \t]*cache_dir[ \t]+/ { printf "%s ", $3 ; }' < /etc/squid/squid.conf` + local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { printf "%s ", $3 ; }' < /etc/squid/squid.conf) [ -z "$CACHE_SWAP" ] && CACHE_SWAP=/var/cache/squid umask 027 for x in $CACHE_SWAP ; do if [ ! -d $x/00 ] ; then ebegin "Initializing cache directories" - local INIT_CACHE_RESPONSE=`/usr/sbin/squid -z -N -D 2>&1` - if [ $? != 0 ] || [ "$INIT_CACHE_RESPONSE" != "${INIT_CACHE_RESPONSE/erminated abnormally}" ]; then + local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -D 2>&1)" + if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then eend 1 echo "$INIT_CACHE_RESPONSE" return 1 @@ -59,7 +59,7 @@ stop() { einfon "Waiting for squid to shutdown ." cnt=0 while [ -f /var/run/squid.pid ] ; do - cnt=`expr $cnt + 1` + cnt=$(expr $cnt + 1) if [ $cnt -gt 60 ] ; then # Waited 120 seconds now. Fail. echo diff --git a/net-proxy/squid/files/squid.initd-logrotate b/net-proxy/squid/files/squid.initd-logrotate index 5fda1fe35876..7f684bcec0ac 100644 --- a/net-proxy/squid/files/squid.initd-logrotate +++ b/net-proxy/squid/files/squid.initd-logrotate @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2006 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd-logrotate,v 1.4 2006/09/20 08:59:55 mrness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd-logrotate,v 1.5 2007/03/10 09:39:42 mrness Exp $ opts="${opts} reload" @@ -24,14 +24,14 @@ maxfds() { checkconfig() { maxfds - local CACHE_SWAP=`awk '/^[ \t]*cache_dir[ \t]+/ { printf "%s ", $3 ; }' < /etc/squid/squid.conf` + local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { printf "%s ", $3 ; }' < /etc/squid/squid.conf) [ -z "$CACHE_SWAP" ] && CACHE_SWAP=/var/cache/squid umask 027 for x in $CACHE_SWAP ; do if [ ! -d $x/00 ] ; then ebegin "Initializing cache directories" - local INIT_CACHE_RESPONSE=`/usr/sbin/squid -z -N -D 2>&1` - if [ $? != 0 ] || [ "$INIT_CACHE_RESPONSE" != "${INIT_CACHE_RESPONSE/erminated abnormally}" ]; then + local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -D 2>&1)" + if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then eend 1 echo "$INIT_CACHE_RESPONSE" return 1 @@ -59,7 +59,7 @@ stop() { einfon "Waiting for squid to shutdown ." cnt=0 while [ -f /var/run/squid.pid ] ; do - cnt=`expr $cnt + 1` + cnt=$(expr $cnt + 1) if [ $cnt -gt 60 ] ; then # Waited 120 seconds now. Fail. echo diff --git a/net-proxy/squid/squid-2.6.10.ebuild b/net-proxy/squid/squid-2.6.10.ebuild new file mode 100644 index 000000000000..43060233a7e9 --- /dev/null +++ b/net-proxy/squid/squid-2.6.10.ebuild @@ -0,0 +1,197 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.6.10.ebuild,v 1.1 2007/03/10 09:39:42 mrness Exp $ + +WANT_AUTOCONF="latest" +WANT_AUTOMAKE="latest" + +inherit eutils pam toolchain-funcs flag-o-matic autotools linux-info + +#lame archive versioning scheme.. +S_PV="${PV%.*}" +S_PL="${PV##*.}" +S_PL="${S_PL/_rc/-RC}" +S_PP="${PN}-${S_PV}.STABLE${S_PL}" + +DESCRIPTION="A full-featured web proxy cache" +HOMEPAGE="http://www.squid-cache.org/" +SRC_URI="http://www.squid-cache.org/Versions/v2/${S_PV}/${S_PP}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="pam ldap samba sasl nis ssl snmp selinux logrotate zero-penalty-hit \ + pf-transparent ipf-transparent \ + elibc_uclibc kernel_linux" + +DEPEND="pam? ( virtual/pam ) + ldap? ( >=net-nds/openldap-2.1.26 ) + ssl? ( >=dev-libs/openssl-0.9.7j ) + sasl? ( >=dev-libs/cyrus-sasl-2.1.21 ) + selinux? ( sec-policy/selinux-squid ) + !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) + >=sys-libs/db-4 + dev-lang/perl" +RDEPEND="${DEPEND} + samba? ( net-fs/samba )" + +S="${WORKDIR}/${S_PP}" + +pkg_setup() { + enewgroup squid 31 + enewuser squid 31 -1 /var/cache/squid squid +} + +src_unpack() { + unpack ${A} || die "unpack failed" + cd "${S}" || die "dir ${S} not found" + + epatch "${FILESDIR}"/${P}-gentoo.patch + use zero-penalty-hit && epatch "${FILESDIR}"/${P}-ToS_Hit_ToS_Preserve.patch + + sed -i -e 's%LDFLAGS="-g"%LDFLAGS=""%' configure.in + + #disable lazy bindings on (some at least) suided basic auth programs + sed -i -e '$aAM_LDFLAGS = '$(bindnow-flags) \ + helpers/basic_auth/*/Makefile.am + + eautoreconf +} + +src_compile() { + local basic_modules="getpwnam,NCSA,MSNT" + use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}" + use ldap && basic_modules="LDAP,${basic_modules}" + use pam && basic_modules="PAM,${basic_modules}" + use sasl && basic_modules="SASL,${basic_modules}" + use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}" + + local ext_helpers="ip_user,session,unix_group" + use samba && ext_helpers="wbinfo_group,${ext_helpers}" + use ldap && ext_helpers="ldap_group,${ext_helpers}" + + local ntlm_helpers="fakeauth" + use samba && ntlm_helpers="SMB,${ntlm_helpers}" + + local myconf="" + + # Support for uclibc #61175 + if use elibc_uclibc; then + myconf="${myconf} --enable-storeio=ufs,diskd,aufs,null" + myconf="${myconf} --disable-async-io" + else + myconf="${myconf} --enable-storeio=ufs,diskd,coss,aufs,null" + myconf="${myconf} --enable-async-io" + fi + + if use kernel_linux; then + myconf="${myconf} --enable-linux-netfilter" + if kernel_is ge 2 6 && linux_chkconfig_present EPOLL ; then + myconf="${myconf} --enable-epoll" + fi + elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then + myconf="${myconf} --enable-kqueue" + if use pf-transparent; then + myconf="${myconf} --enable-pf-transparent" + elif use ipf-transparent; then + myconf="${myconf} --enable-ipf-transparent" + fi + fi + + export CC=$(tc-getCC) + + econf \ + --sysconfdir=/etc/squid \ + --libexecdir=/usr/libexec/squid \ + --localstatedir=/var \ + --datadir=/usr/share/squid \ + --enable-auth="basic,digest,ntlm" \ + --enable-removal-policies="lru,heap" \ + --enable-digest-auth-helpers="password" \ + --enable-basic-auth-helpers="${basic_modules}" \ + --enable-external-acl-helpers="${ext_helpers}" \ + --enable-ntlm-auth-helpers="${ntlm_helpers}" \ + --enable-ident-lookups \ + --enable-useragent-log \ + --enable-cache-digests \ + --enable-delay-pools \ + --enable-referer-log \ + --enable-arp-acl \ + --with-pthreads \ + --with-large-files \ + --enable-htcp \ + --enable-carp \ + --enable-follow-x-forwarded-for \ + $(use_enable snmp) \ + $(use_enable ssl) \ + ${myconf} || die "econf failed" + + sed -i -e "s:^#define SQUID_MAXFD.*:#define SQUID_MAXFD 8192:" \ + include/autoconf.h + + emake || die "emake failed" +} + +src_install() { + make DESTDIR="${D}" install || die "make install failed" + + #need suid root for looking into /etc/shadow + fowners root:squid /usr/libexec/squid/ncsa_auth + fowners root:squid /usr/libexec/squid/pam_auth + fperms 4750 /usr/libexec/squid/ncsa_auth + fperms 4750 /usr/libexec/squid/pam_auth + + #some cleanups + rm -f "${D}"/usr/bin/Run* + + dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \ + helpers/ntlm_auth/no_check/README.no_check_ntlm_auth + newdoc helpers/basic_auth/SMB/README README.auth_smb + dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html + newdoc helpers/basic_auth/LDAP/README README.auth_ldap + doman helpers/basic_auth/LDAP/*.8 + dodoc helpers/basic_auth/SASL/squid_sasl_auth* + + newpamd "${FILESDIR}/squid.pam" squid + newconfd "${FILESDIR}/squid.confd" squid + if use logrotate; then + newinitd "${FILESDIR}/squid.initd-logrotate" squid + insinto /etc/logrotate.d + newins "${FILESDIR}/squid.logrotate" squid + else + newinitd "${FILESDIR}/squid.initd" squid + exeinto /etc/cron.weekly + newexe "${FILESDIR}/squid.cron" squid.cron + fi + + rm -rf "${D}"/var + diropts -m0755 -o squid -g squid + keepdir /var/cache/squid /var/log/squid +} + +pkg_preinst() { + enewgroup squid 31 + enewuser squid 31 -1 /var/cache/squid squid + + #Remove this after all versions prior to 2.6.4 has been removed from the tree + if [[ -L "${ROOT}/etc/squid/errors" ]]; then + rm "${ROOT}/etc/squid/errors" + fi +} + +pkg_postinst() { + echo + ewarn "Squid authentication helpers have been installed suid root." + ewarn "This allows shadow based authentication (see bug #52977 for more)." + echo + ewarn "Be careful what type of cache_dir you select!" + ewarn " 'diskd' is optimized for high levels of traffic, but it might seem slow" + ewarn "when there isn't sufficient traffic to keep squid reasonably busy." + ewarn " If your traffic level is low to moderate, use 'aufs' or 'ufs'." + echo + ewarn "/etc/squid/errors symlink has been removed from your system." + ewarn "Error templates can be customized through ${HILITE}error_directory${NORMAL} directive." + echo + ewarn "Squid can be configured to run in transparent mode like this:" + ewarn " ${HILITE}http_port internal-addr:3128 transparent${NORMAL}" +} |