Rename
www/squid -> www/squid25 www/squid26 -> www/squid thus effectively updating www/squid to 2.6.STABLE9 PR: ports/108562 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de> (maintainer) Repocopies by: marcus
This commit is contained in:
parent
04627d16d3
commit
ef5d6a8edb
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=184474
1
MOVED
1
MOVED
@ -2799,3 +2799,4 @@ sysutils/pkg_replace|ports-mgmt/pkg_replace|2007-02-05|Moved to a new category
|
||||
archivers/py-bzip2||2007-02-05|Included with all current python versions in ports tree
|
||||
devel/py-logging||2007-02-05|Included with all current python versions in ports tree
|
||||
misc/qt4-codecs-tw|chinese/qt4-codecs-tw|2007-02-06|Accidentally added to wrong category
|
||||
www/squid26|www/squid|2007-02-07|Squid 2.6 is now mainstream version
|
||||
|
13
UPDATING
13
UPDATING
@ -6,6 +6,19 @@ You should get into the habit of checking this file for changes each
|
||||
time you update your ports collection, before attempting any port
|
||||
upgrades.
|
||||
|
||||
20070207:
|
||||
AFFECTS: users of www/squid*
|
||||
AUTHOR: tmseck@netcologne.de
|
||||
|
||||
The www/squid port has been updated to 2.6. If you are updating from Squid
|
||||
2.5, please read the Squid release notes at
|
||||
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE9-RELEASENOTES.html
|
||||
and see whether you need to adapt your squid.conf to the changes described
|
||||
there.
|
||||
|
||||
Squid 2.5 will be available as www/squid25 for next few months. But note
|
||||
it's no longer being maintained by the Squid developers.
|
||||
|
||||
20070206:
|
||||
AFFECTS: users of emulators/qemu
|
||||
AUTHOR: nox@FreeBSD.org
|
||||
|
@ -1041,7 +1041,7 @@
|
||||
SUBDIR += spreadlogd
|
||||
SUBDIR += sqstat
|
||||
SUBDIR += squid
|
||||
SUBDIR += squid26
|
||||
SUBDIR += squid25
|
||||
SUBDIR += squid_radius_auth
|
||||
SUBDIR += squidclients
|
||||
SUBDIR += squidguard
|
||||
|
@ -9,15 +9,11 @@
|
||||
# Which user/group Squid should run as (default: squid/squid).
|
||||
# The user and group will be created if they do not already exist using
|
||||
# a uid:gid of 100:100.
|
||||
# NOTE: before version 2.5.4_6, these settings defaulted to
|
||||
# nobody/nogroup.
|
||||
# If you wish to keep these settings, please define SQUID_UID=nobody and
|
||||
# SQUID_GID=nogroup in your make environment before you start the update.
|
||||
# NOTE2:
|
||||
# Before version 2.5.4_11 the numerical id chosen for SQUID_UID (and
|
||||
# SQUID_GID respectively) was the first free id greater than or equal 3128.
|
||||
# If you wish to move your squid user to id 100:100, run "make changeuser",
|
||||
# please see the changeuser target's definition for further information.
|
||||
# NOTE: older versions of Squid defaulted to nobody/nogroup.
|
||||
# If you wish to run Squid as "nobody" (which is not recommended), please
|
||||
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
|
||||
# before you start the update or installation of this port.
|
||||
#
|
||||
# SQUID_LANGUAGES
|
||||
# A list of languages for which error page files should be installed
|
||||
# (default: all)
|
||||
@ -39,7 +35,7 @@
|
||||
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
|
||||
#
|
||||
# The list below may be incomplete, please see the configure script
|
||||
# in the squid source distribution for the complete list of additional
|
||||
# in the Squid source distribution for the complete list of additional
|
||||
# options.
|
||||
# Note that you probably do not need to worry about these options in most
|
||||
# cases, they are included in case you want to experiment with them.
|
||||
@ -47,11 +43,10 @@
|
||||
# --enable-dlmalloc
|
||||
# Compile and use the malloc package from Doug Lea
|
||||
# --enable-gnuregex
|
||||
# Compile and use the supplied GNUregex routines instead of BSD regex.
|
||||
# Compile and use the supplied GNUregex routines instead of BSD regex
|
||||
# (not recommended).
|
||||
# --enable-xmalloc-statistics
|
||||
# Show malloc statistics in status page
|
||||
# --enable-time-hack
|
||||
# Optimize time updates to one per second rather than calling gettimeofday()
|
||||
# --enable-cachemgr-hostname=some.hostname
|
||||
# Set an explicit hostname in cachemgr.cgi
|
||||
# --enable-truncate
|
||||
@ -69,39 +64,53 @@
|
||||
# --enable-ntlm-fail-open
|
||||
# Enable NTLM fail open, where a helper that fails one of the
|
||||
# Authentication steps can allow Squid to still authenticate the user
|
||||
#
|
||||
# --enable-x-accelerator-vary
|
||||
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
|
||||
# to indicate variance within an accelerator setup. Typically used
|
||||
# together with other code that adds custom HTTP headers to the
|
||||
# requests.
|
||||
# --enable-forward-log
|
||||
# Enable experimental forward_log directive.
|
||||
# --enable-multicast-miss
|
||||
# Enable experimental multicast notification of cachemisses.
|
||||
|
||||
PORTNAME= squid
|
||||
PORTVERSION= 2.5.14
|
||||
PORTREVISION= 4
|
||||
PORTVERSION= 2.6.9
|
||||
CATEGORIES= www
|
||||
MASTER_SITES= http://www.squid-cache.org/%SUBDIR%/ \
|
||||
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
|
||||
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
|
||||
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
|
||||
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
|
||||
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
|
||||
MASTER_SITE_SUBDIR= squid-2/STABLE
|
||||
DISTNAME= squid-2.6.STABLE9
|
||||
DIST_SUBDIR= squid2.6
|
||||
|
||||
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www3.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.at.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.nl.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.ru.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.uk.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.gr.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.jp.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.tw.squid-cache.org/%SUBDIR%/
|
||||
MASTER_SITE_SUBDIR= Versions/v2/2.5
|
||||
DISTNAME= squid-2.5.STABLE14
|
||||
DIST_SUBDIR= squid2.5
|
||||
|
||||
PATCH_SITES= ${MASTER_SITES}
|
||||
PATCH_SITE_SUBDIR= Versions/v2/2.5/bugs
|
||||
PATCHFILES= squid-2.5.STABLE14-httpReplyDestroy.patch \
|
||||
squid-2.5.STABLE14-hierarchy_tag.patch
|
||||
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
|
||||
PATCHFILES=
|
||||
PATCH_DIST_STRIP= -p1
|
||||
|
||||
MAINTAINER= tmseck@netcologne.de
|
||||
COMMENT= HTTP Caching Proxy
|
||||
|
||||
CONFLICTS= squid-2.[^5]*
|
||||
CONFLICTS= squid-2.[^6]*
|
||||
GNU_CONFIGURE= yes
|
||||
USE_BZIP2= yes
|
||||
USE_PERL5= yes
|
||||
USE_RC_SUBR= squid
|
||||
|
||||
SQUID_UID?= squid
|
||||
SQUID_GID?= squid
|
||||
@ -116,20 +125,19 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
|
||||
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
|
||||
SQUID_DELAY_POOLS "Enable delay pools" off \
|
||||
SQUID_SNMP "Enable SNMP support" off \
|
||||
SQUID_CARP "Enable CARP support" off \
|
||||
SQUID_CARP "Enable CARP support" on \
|
||||
SQUID_SSL "Enable SSL support for reverse proxies" off \
|
||||
SQUID_PINGER "Install the icmp helper" off \
|
||||
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
|
||||
SQUID_HTCP "Enable HTCP support" off \
|
||||
SQUID_VIA_DB "Enable forward/via database" off \
|
||||
SQUID_CACHE_DIGESTS "Enable cache digests" off \
|
||||
SQUID_WCCP "Enable Web Cache Coordination Protocol" on \
|
||||
SQUID_UNDERSCORES "Allow underscores in hostnames" on \
|
||||
SQUID_CHECK_HOSTNAME "Do hostname checking" on \
|
||||
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
|
||||
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
|
||||
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
|
||||
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
|
||||
SQUID_REFERER_LOG "Enable Referer-header logging" off \
|
||||
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
|
||||
SQUID_CUSTOM_LOG "Enable custom log format" off \
|
||||
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
|
||||
SQUID_PF "Enable transparent proxying with PF" off \
|
||||
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
|
||||
@ -137,9 +145,9 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
|
||||
SQUID_ICAP "Enable ICAP client functionality" off \
|
||||
SQUID_AUFS "Enable the aufs storage scheme" off \
|
||||
SQUID_COSS "Enable the COSS storage scheme" off \
|
||||
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
|
||||
SQUID_LARGEFILE "Support log and cache files >2GB" off \
|
||||
SQUID_STACKTRACES "Create backtraces on fatal errors" off \
|
||||
SQUID_RCNG "Install an rc.d style startup script" on
|
||||
SQUID_STACKTRACES "Create backtraces on fatal errors" off
|
||||
|
||||
etc_files= squid/cachemgr.conf.default \
|
||||
squid/mib.txt squid/mime.conf.default \
|
||||
@ -167,37 +175,44 @@ error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
|
||||
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
|
||||
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
|
||||
|
||||
libexec= cachemgr.cgi digest_pw_auth diskd ip_user_check \
|
||||
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
|
||||
msnt_auth ncsa_auth ntlm_auth \
|
||||
pam_auth smb_auth smb_auth.sh squid_unix_group \
|
||||
wb_auth wb_group wb_ntlmauth wbinfo_group.pl
|
||||
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
|
||||
wbinfo_group.pl
|
||||
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
|
||||
libexec+= unlinkd
|
||||
.endif
|
||||
|
||||
sbin= RunAccel RunCache squidclient squid
|
||||
sbin= RunCache squidclient squid
|
||||
|
||||
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \
|
||||
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
|
||||
--sbindir=${PREFIX}/sbin \
|
||||
--datadir=${PREFIX}/etc/squid \
|
||||
--libexecdir=${PREFIX}/libexec/squid \
|
||||
--localstatedir=${PREFIX}/squid \
|
||||
--enable-removal-policies="lru heap"
|
||||
--sysconfdir=${PREFIX}/etc/squid \
|
||||
--enable-removal-policies="lru heap" \
|
||||
--disable-linux-netfilter \
|
||||
--disable-linux-tproxy \
|
||||
--disable-epoll
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
# Authentication methods and modules:
|
||||
|
||||
basic_auth= NCSA PAM MSNT SMB winbind
|
||||
external_acl= ip_user unix_group wbinfo_group winbind_group
|
||||
MAN8+= pam_auth.8 squid_unix_group.8
|
||||
basic_auth= NCSA PAM MSNT SMB
|
||||
digest_auth= password
|
||||
external_acl= ip_user session unix_group wbinfo_group
|
||||
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
|
||||
.if defined(WITH_SQUID_LDAP_AUTH)
|
||||
USE_OPENLDAP= yes
|
||||
CFLAGS+= -I${LOCALBASE}/include
|
||||
LDFLAGS+= -L${LOCALBASE}/lib
|
||||
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
|
||||
basic_auth+= LDAP
|
||||
digest_auth+= ldap
|
||||
external_acl+= ldap_group
|
||||
libexec+= squid_ldap_auth squid_ldap_group
|
||||
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SASL_AUTH)
|
||||
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
|
||||
@ -213,23 +228,33 @@ libexec+= yp_auth
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
|
||||
--enable-basic-auth-helpers="${basic_auth}" \
|
||||
--enable-digest-auth-helpers="password" \
|
||||
--enable-digest-auth-helpers="${digest_auth}" \
|
||||
--enable-external-acl-helpers="${external_acl}" \
|
||||
--enable-ntlm-auth-helpers="SMB winbind"
|
||||
--enable-ntlm-auth-helpers="SMB"
|
||||
|
||||
# Selection of storage schemes:
|
||||
# Storage schemes:
|
||||
|
||||
storage_schemes= ufs diskd null
|
||||
.if defined(WITH_SQUID_AUFS)
|
||||
storage_schemes+= aufs
|
||||
.if ${OSVERSION}>=501000
|
||||
# Only document libmap.conf where it is available:
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
|
||||
.endif
|
||||
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
|
||||
CONFIGURE_ARGS+= --enable-async-io \
|
||||
--with-pthreads
|
||||
CONFIGURE_ARGS+= --with-pthreads
|
||||
CFLAGS+= ${PTHREAD_CFLAGS}
|
||||
.endif
|
||||
.if defined(WITH_SQUID_COSS)
|
||||
storage_schemes+= coss
|
||||
CONFIGURE_ARGS+= --with-aio
|
||||
.if !defined(WITH_SQUID_AUFS)
|
||||
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
|
||||
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
|
||||
# adding the option VFS_AIO to your kernel configuration if you want to
|
||||
# actually use COSS storage:
|
||||
CONFIGURE_ARGS+= --enable-coss-aio-ops
|
||||
.endif
|
||||
sbin+= cossdump
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
|
||||
|
||||
@ -241,13 +266,14 @@ CONFIGURE_ARGS+= --enable-delay-pools
|
||||
.if defined(WITH_SQUID_SNMP)
|
||||
CONFIGURE_ARGS+= --enable-snmp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_CARP)
|
||||
CONFIGURE_ARGS+= --enable-carp
|
||||
.if defined(WITHOUT_SQUID_CARP)
|
||||
CONFIGURE_ARGS+= --disable-carp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SSL)
|
||||
# we need to .include bsd.openssl.mk manually here because USE_OPENSSL only
|
||||
# works when it is defined before bsd.port{.pre}.mk is .included and this is
|
||||
# not possible when using OPTIONS
|
||||
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
|
||||
# works when it is defined before bsd.port{.pre}.mk is .included.
|
||||
# This makes it currently impossible to combine this macro with OPTIONS to
|
||||
# conditionally include OpenSSL support.
|
||||
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
|
||||
CONFIGURE_ARGS+= --enable-ssl \
|
||||
--with-openssl="${OPENSSLBASE}"
|
||||
@ -274,11 +300,8 @@ CONFIGURE_ARGS+= --enable-cache-digests
|
||||
.if defined(WITHOUT_SQUID_WCCP)
|
||||
CONFIGURE_ARGS+= --disable-wccp
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_UNDERSCORES)
|
||||
CONFIGURE_ARGS+= --enable-underscores
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_CHECK_HOSTNAME)
|
||||
CONFIGURE_ARGS+= --disable-hostname-checks
|
||||
.if defined(WITH_SQUID_WCCPV2)
|
||||
CONFIGURE_ARGS+= --enable-wccpv2
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STRICT_HTTP)
|
||||
CONFIGURE_ARGS+= --disable-http-violations
|
||||
@ -286,12 +309,12 @@ CONFIGURE_ARGS+= --disable-http-violations
|
||||
.if defined(WITHOUT_SQUID_IDENT)
|
||||
CONFIGURE_ARGS+= --disable-ident-lookups
|
||||
.endif
|
||||
.if defined(WITH_SQUID_REFERER_LOG)
|
||||
CONFIGURE_ARGS+= --enable-referer-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_USERAGENT_LOG)
|
||||
CONFIGURE_ARGS+= --enable-useragent-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_CUSTOM_LOG)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/customlog-2.5.patch
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ARP_ACL)
|
||||
CONFIGURE_ARGS+= --enable-arp-acl
|
||||
.endif
|
||||
@ -315,45 +338,39 @@ CONFIGURE_ARGS+= --enable-ipf-transparent
|
||||
.endif
|
||||
.endif
|
||||
.if defined(WITH_SQUID_FOLLOW_XFF)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/follow_xff-2.5.patch \
|
||||
${PATCHDIR}/follow_xff-configure.patch
|
||||
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ICAP)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.5-core.patch \
|
||||
${PATCHDIR}/icap-2.5-bootstrap.patch
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
|
||||
${PATCHDIR}/icap-2.6-core.patch
|
||||
CONFIGURE_ARGS+= --enable-icap-support
|
||||
error_files+= ERR_ICAP_FAILURE
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_KQUEUE)
|
||||
CONFIGURE_ARGS+= --enable-kqueue
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-kqueue
|
||||
.endif
|
||||
.if defined(WITH_SQUID_LARGEFILE)
|
||||
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STACKTRACES)
|
||||
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
|
||||
CONFIGURE_ARGS+= --enable-stacktraces
|
||||
CFLAGS+= -g
|
||||
STRIP= ""
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_RCNG)
|
||||
USE_RC_SUBR= squid.sh
|
||||
rc_del= rcold
|
||||
rc_state= rcng
|
||||
.else
|
||||
SUB_FILES+= squid.sh
|
||||
etc_files+= rc.d/squid.sh
|
||||
rc_del= rcng
|
||||
rc_state= rcold
|
||||
.endif
|
||||
|
||||
# Languages:
|
||||
#
|
||||
# If you do not define SQUID_LANGUAGES yourself, all available language files
|
||||
# will be installed; the default language will be English.
|
||||
|
||||
SQUID_LANGUAGES?= \
|
||||
Azerbaijani Bulgarian Catalan Czech Danish Dutch English Estonian Finnish \
|
||||
French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian \
|
||||
Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian \
|
||||
Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish
|
||||
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
|
||||
English Estonian Finnish French German Greek Hebrew \
|
||||
Hungarian Italian Japanese Korean Lithuanian \
|
||||
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
|
||||
Serbian Simplify_Chinese Slovak Spanish Swedish \
|
||||
Traditional_Chinese Turkish
|
||||
SQUID_DEFAULT_LANG?= English
|
||||
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
|
||||
--enable-default-err-language=${SQUID_DEFAULT_LANG}
|
||||
@ -378,7 +395,8 @@ PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
|
||||
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
|
||||
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre
|
||||
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
|
||||
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
|
||||
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
|
||||
@ -387,31 +405,16 @@ pre-install:
|
||||
# Prevent installation of .orig files by deleting them.
|
||||
@${FIND} ${WRKSRC} -name '*.bak' -delete
|
||||
@${FIND} ${WRKSRC} -name '*.orig' -delete
|
||||
# create the start script:
|
||||
@${REINPLACE_CMD} \
|
||||
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
|
||||
-e '/--.*${rc_state}/d' ${WRKDIR}/squid.sh
|
||||
# create variable information in pkg-message:
|
||||
@${REINPLACE_CMD} \
|
||||
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
|
||||
-e '/--.*${rc_state}/d' ${PKGMESSAGE}
|
||||
|
||||
pre-su-install:
|
||||
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
|
||||
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
|
||||
|
||||
post-install:
|
||||
# Create cachemgr.conf.default manually since squid's install routine
|
||||
# unfortunately fails to do so:
|
||||
${INSTALL_DATA} ${WRKSRC}/src/cachemgr.conf \
|
||||
${PREFIX}/etc/squid/cachemgr.conf.default
|
||||
.if defined(WITH_SQUID_PINGER)
|
||||
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
|
||||
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_RCNG)
|
||||
${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/
|
||||
.endif
|
||||
.if !defined(NOPORTDOCS)
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
|
||||
@ -423,50 +426,5 @@ post-install:
|
||||
@${ECHO_CMD} ""
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
@${ECHO_CMD} ""
|
||||
changeuser:
|
||||
# Recover from the problem that earlier versions of this port created the
|
||||
# squid pseudo-user with an id greater than 999 which is not allowed in
|
||||
# FreeBSD's ports system. The port now uses id 100:100.
|
||||
# NOTE:
|
||||
# This target assumes that SQUID_GID is the primary group of SQUID_UID. If you
|
||||
# have a different setup, do not run this target!
|
||||
.if ${SQUID_UID:L} == nobody
|
||||
@${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \
|
||||
${ECHO_CMD} "this target!"
|
||||
${FALSE}
|
||||
.endif
|
||||
@if [ `${ID} -u` -ne 0 ]; \
|
||||
then ${ECHO_CMD} "Sorry, you must be root to use this target."; ${FALSE}; fi; \
|
||||
current_uid=`id -u ${SQUID_UID}`; \
|
||||
current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \
|
||||
${ECHO_CMD} "I will remove this user:"; \
|
||||
${ID} -P $${current_uid}; \
|
||||
${ECHO_CMD} "and this group:"; \
|
||||
pw groupshow ${SQUID_GID}; \
|
||||
${ECHO_CMD} "I will then re-create them with a user and group id of 100."; \
|
||||
${ECHO_CMD} "Then all files and directories under ${PREFIX} and /var that"; \
|
||||
${ECHO_CMD} "are owned by uid $${current_uid} will be chown(1)'ed."; \
|
||||
${ECHO_CMD} "After that, all files and directories that were accessible"; \
|
||||
${ECHO_CMD} "by group $${current_gid} will chgrp(1)'ed respectively."; \
|
||||
${ECHO_CMD} "Note that this assumes group '${SQUID_GID}' to be the primary"; \
|
||||
${ECHO_CMD} "group of user '${SQUID_UID}'. If you have a different setup"; \
|
||||
${ECHO_CMD} "please abort this target now."; \
|
||||
read -p "Press RETURN to continue or CTRL-C to abort:" dummy ; \
|
||||
${ECHO_CMD} "OK, here we go:"; \
|
||||
${ECHO_CMD} "deleting user $${current_uid} and his primary group..."; \
|
||||
pw userdel -u $${current_uid}; \
|
||||
${ECHO_CMD} "adding user ${SQUID_UID} with id 100..."; \
|
||||
pw groupadd -n ${SQUID_GID} -g 100; \
|
||||
pw useradd -n ${SQUID_UID} -u 100 -c "squid caching-proxy pseudo user" \
|
||||
-d ${PREFIX}/squid -s /sbin/nologin -h - ; \
|
||||
${ECHO_CMD} "chown(1)'ing everything under ${PREFIX} from $${current_uid} to 100..."; \
|
||||
${FIND} -H ${PREFIX} -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
|
||||
${ECHO_CMD} "chgrp(1)'ing everything under ${PREFIX} from $${current_gid} to 100..."; \
|
||||
${FIND} -H ${PREFIX} -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
|
||||
${ECHO_CMD} "chown(1)'ing everything under /var from $${current_uid} to 100..."; \
|
||||
${FIND} -H /var -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
|
||||
${ECHO_CMD} "chgrp(1)'ing everything under /var from $${current_gid} to 100..."; \
|
||||
${FIND} -H /var -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
|
||||
${ECHO_CMD} "Finished."
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
|
@ -1,9 +1,3 @@
|
||||
MD5 (squid2.5/squid-2.5.STABLE14.tar.bz2) = f413e0b887a5f9b2a75350243ed5564c
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14.tar.bz2) = c4eaee0e5ee42f46060217df9a88d628d244c0a543feab8296e44269e57ec7bd
|
||||
SIZE (squid2.5/squid-2.5.STABLE14.tar.bz2) = 1073745
|
||||
MD5 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1529f8b0170e24b26353578778435bd4
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 9e99132b8efb07e3465d5e33749aa450daecfa3acde73755b6a3589d09d19285
|
||||
SIZE (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1277
|
||||
MD5 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 9abe563ca3d01dc58502737edc6f3c60
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 6c98f1f2351b79cfc3f956ed1c46d86c7a53aac0ba28203a33f2dadc7d1e96fe
|
||||
SIZE (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 1319
|
||||
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
|
||||
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
|
||||
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,411 +0,0 @@
|
||||
! This is a reduced part of the original follow-XFF patchset from
|
||||
! devel.squid-cache.org for use with the FreeBSD squid-2.5 port.
|
||||
Index: src/acl.c
|
||||
--- src/acl.c 13 May 2003 02:14:12 -0000 1.43.2.16
|
||||
+++ src/acl.c 23 Nov 2003 14:20:12 -0000
|
||||
@@ -2001,6 +2001,11 @@
|
||||
cbdataLock(A);
|
||||
if (request != NULL) {
|
||||
checklist->request = requestLink(request);
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (Config.onoff.acl_uses_indirect_client) {
|
||||
+ checklist->src_addr = request->indirect_client_addr;
|
||||
+ } else
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
checklist->src_addr = request->client_addr;
|
||||
checklist->my_addr = request->my_addr;
|
||||
checklist->my_port = request->my_port;
|
||||
Index: src/cf.data.pre
|
||||
--- src/cf.data.pre 7 Nov 2003 03:14:30 -0000 1.49.2.46
|
||||
+++ src/cf.data.pre 23 Nov 2003 14:20:17 -0000
|
||||
@@ -2065,6 +2065,92 @@
|
||||
NOCOMMENT_END
|
||||
DOC_END
|
||||
|
||||
+NAME: follow_x_forwarded_for
|
||||
+TYPE: acl_access
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+LOC: Config.accessList.followXFF
|
||||
+DEFAULT: none
|
||||
+DEFAULT_IF_NONE: deny all
|
||||
+DOC_START
|
||||
+ Allowing or Denying the X-Forwarded-For header to be followed to
|
||||
+ find the original source of a request.
|
||||
+
|
||||
+ Requests may pass through a chain of several other proxies
|
||||
+ before reaching us. The X-Forwarded-For header will contain a
|
||||
+ comma-separated list of the IP addresses in the chain, with the
|
||||
+ rightmost address being the most recent.
|
||||
+
|
||||
+ If a request reaches us from a source that is allowed by this
|
||||
+ configuration item, then we consult the X-Forwarded-For header
|
||||
+ to see where that host received the request from. If the
|
||||
+ X-Forwarded-For header contains multiple addresses, and if
|
||||
+ acl_uses_indirect_client is on, then we continue backtracking
|
||||
+ until we reach an address for which we are not allowed to
|
||||
+ follow the X-Forwarded-For header, or until we reach the first
|
||||
+ address in the list. (If acl_uses_indirect_client is off, then
|
||||
+ it's impossible to backtrack through more than one level of
|
||||
+ X-Forwarded-For addresses.)
|
||||
+
|
||||
+ The end result of this process is an IP address that we will
|
||||
+ refer to as the indirect client address. This address may
|
||||
+ be treated as the client address for access control, delay
|
||||
+ pools and logging, depending on the acl_uses_indirect_client,
|
||||
+ delay_pool_uses_indirect_client and log_uses_indirect_client
|
||||
+ options.
|
||||
+
|
||||
+ SECURITY CONSIDERATIONS:
|
||||
+
|
||||
+ Any host for which we follow the X-Forwarded-For header
|
||||
+ can place incorrect information in the header, and Squid
|
||||
+ will use the incorrect information as if it were the
|
||||
+ source address of the request. This may enable remote
|
||||
+ hosts to bypass any access control restrictions that are
|
||||
+ based on the client's source addresses.
|
||||
+
|
||||
+ For example:
|
||||
+
|
||||
+ acl localhost src 127.0.0.1
|
||||
+ acl my_other_proxy srcdomain .proxy.example.com
|
||||
+ follow_x_forwarded_for allow localhost
|
||||
+ follow_x_forwarded_for allow my_other_proxy
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: acl_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.acl_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in acl matching.
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: delay_pool_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR && DELAY_POOLS
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.delay_pool_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in delay pools.
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: log_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.log_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in the access log.
|
||||
+DOC_END
|
||||
+
|
||||
NAME: http_access
|
||||
TYPE: acl_access
|
||||
LOC: Config.accessList.http
|
||||
Index: src/client_side.c
|
||||
--- src/client_side.c 2 Sep 2003 02:13:45 -0000 1.47.2.39
|
||||
+++ src/client_side.c 23 Nov 2003 14:20:22 -0000
|
||||
@@ -109,6 +109,11 @@
|
||||
#if USE_IDENT
|
||||
static IDCB clientIdentDone;
|
||||
#endif
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+static void clientFollowXForwardedForStart(void *data);
|
||||
+static void clientFollowXForwardedForNext(void *data);
|
||||
+static void clientFollowXForwardedForDone(int answer, void *data);
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
static int clientOnlyIfCached(clientHttpRequest * http);
|
||||
static STCB clientSendMoreData;
|
||||
static STCB clientCacheHit;
|
||||
@@ -177,10 +182,179 @@
|
||||
return ch;
|
||||
}
|
||||
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+/*
|
||||
+ * clientFollowXForwardedForStart() copies the X-Forwarded-For
|
||||
+ * header into x_forwarded_for_iterator and passes control to
|
||||
+ * clientFollowXForwardedForNext().
|
||||
+ *
|
||||
+ * clientFollowXForwardedForNext() checks the indirect_client_addr
|
||||
+ * against the followXFF ACL and passes the result to
|
||||
+ * clientFollowXForwardedForDone().
|
||||
+ *
|
||||
+ * clientFollowXForwardedForDone() either grabs the next address
|
||||
+ * from the tail of x_forwarded_for_iterator and loops back to
|
||||
+ * clientFollowXForwardedForNext(), or cleans up and passes control to
|
||||
+ * clientAccessCheck().
|
||||
+ */
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForStart(void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ if (Config.accessList.followXFF
|
||||
+ && httpHeaderHas(&request->header, HDR_X_FORWARDED_FOR))
|
||||
+ {
|
||||
+ request->x_forwarded_for_iterator = httpHeaderGetList(
|
||||
+ &request->header, HDR_X_FORWARDED_FOR);
|
||||
+ debug(33, 5) ("clientFollowXForwardedForStart: indirect_client_addr=%s XFF='%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ strBuf(request->x_forwarded_for_iterator));
|
||||
+ clientFollowXForwardedForNext(http);
|
||||
+ } else {
|
||||
+ /* not configured to follow X-Forwarded-For, or nothing to follow */
|
||||
+ debug(33, 5) ("clientFollowXForwardedForStart: nothing to do\n");
|
||||
+ clientFollowXForwardedForDone(-1, http);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForNext(void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ debug(33, 5) ("clientFollowXForwardedForNext: indirect_client_addr=%s XFF='%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ strBuf(request->x_forwarded_for_iterator));
|
||||
+ if (strLen(request->x_forwarded_for_iterator) != 0) {
|
||||
+ /* check the acl to see whether to believe the X-Forwarded-For header */
|
||||
+ http->acl_checklist = clientAclChecklistCreate(
|
||||
+ Config.accessList.followXFF, http);
|
||||
+ aclNBCheck(http->acl_checklist, clientFollowXForwardedForDone, http);
|
||||
+ } else {
|
||||
+ /* nothing left to follow */
|
||||
+ debug(33, 5) ("clientFollowXForwardedForNext: nothing more to do\n");
|
||||
+ clientFollowXForwardedForDone(-1, http);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForDone(int answer, void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ /*
|
||||
+ * answer should be be ACCESS_ALLOWED or ACCESS_DENIED if we are
|
||||
+ * called as a result of ACL checks, or -1 if we are called when
|
||||
+ * there's nothing left to do.
|
||||
+ */
|
||||
+ if (answer == ACCESS_ALLOWED) {
|
||||
+ /*
|
||||
+ * The IP address currently in request->indirect_client_addr
|
||||
+ * is trusted to use X-Forwarded-For. Remove the last
|
||||
+ * comma-delimited element from x_forwarded_for_iterator and use
|
||||
+ * it to to replace indirect_client_addr, then repeat the cycle.
|
||||
+ */
|
||||
+ const char *p;
|
||||
+ const char *asciiaddr;
|
||||
+ int l;
|
||||
+ struct in_addr addr;
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s is trusted\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ p = strBuf(request->x_forwarded_for_iterator);
|
||||
+ l = strLen(request->x_forwarded_for_iterator);
|
||||
+
|
||||
+ /*
|
||||
+ * XXX x_forwarded_for_iterator should really be a list of
|
||||
+ * IP addresses, but it's a String instead. We have to
|
||||
+ * walk backwards through the String, biting off the last
|
||||
+ * comma-delimited part each time. As long as the data is in
|
||||
+ * a String, we should probably implement and use a variant of
|
||||
+ * strListGetItem() that walks backwards instead of forwards
|
||||
+ * through a comma-separated list. But we don't even do that;
|
||||
+ * we just do the work in-line here.
|
||||
+ */
|
||||
+ /* skip trailing space and commas */
|
||||
+ while (l > 0 && (p[l-1] == ',' || xisspace(p[l-1])))
|
||||
+ l--;
|
||||
+ strCut(request->x_forwarded_for_iterator, l);
|
||||
+ /* look for start of last item in list */
|
||||
+ while (l > 0 && ! (p[l-1] == ',' || xisspace(p[l-1])))
|
||||
+ l--;
|
||||
+ asciiaddr = p+l;
|
||||
+ if (inet_aton(asciiaddr, &addr) == 0) {
|
||||
+ /* the address is not well formed; do not use it */
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: malformed address '%s'\n",
|
||||
+ asciiaddr);
|
||||
+ goto done;
|
||||
+ }
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: changing indirect_client_addr from %s to '%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ asciiaddr);
|
||||
+ request->indirect_client_addr = addr;
|
||||
+ strCut(request->x_forwarded_for_iterator, l);
|
||||
+ if (! Config.onoff.acl_uses_indirect_client) {
|
||||
+ /*
|
||||
+ * If acl_uses_indirect_client is off, then it's impossible
|
||||
+ * to follow more than one level of X-Forwarded-For.
|
||||
+ */
|
||||
+ goto done;
|
||||
+ }
|
||||
+ clientFollowXForwardedForNext(http);
|
||||
+ return;
|
||||
+ } else if (answer == ACCESS_DENIED) {
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s not trusted\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ } else {
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s nothing more to do\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ }
|
||||
+done:
|
||||
+ /* clean up, and pass control to clientAccessCheck */
|
||||
+ debug(33, 6) ("clientFollowXForwardedForDone: cleanup\n");
|
||||
+ if (Config.onoff.log_uses_indirect_client) {
|
||||
+ /*
|
||||
+ * Ensure that the access log shows the indirect client
|
||||
+ * instead of the direct client.
|
||||
+ */
|
||||
+ ConnStateData *conn = http->conn;
|
||||
+ conn->log_addr = request->indirect_client_addr;
|
||||
+ conn->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr;
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: setting log_addr=%s\n",
|
||||
+ inet_ntoa(conn->log_addr));
|
||||
+ }
|
||||
+ stringClean(&request->x_forwarded_for_iterator);
|
||||
+ request->flags.done_follow_x_forwarded_for = 1;
|
||||
+ http->acl_checklist = NULL; /* XXX do we need to aclChecklistFree() ? */
|
||||
+ clientAccessCheck(http);
|
||||
+}
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
+
|
||||
void
|
||||
clientAccessCheck(void *data)
|
||||
{
|
||||
clientHttpRequest *http = data;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (! http->request->flags.done_follow_x_forwarded_for
|
||||
+ && httpHeaderHas(&http->request->header, HDR_X_FORWARDED_FOR))
|
||||
+ {
|
||||
+ /*
|
||||
+ * There's an X-ForwardedFor header and we haven't yet tried
|
||||
+ * to follow it to find the indirect_client_addr. Follow it now.
|
||||
+ * clientFollowXForwardedForDone() will eventually pass control
|
||||
+ * back to us.
|
||||
+ *
|
||||
+ * XXX perhaps our caller should have called
|
||||
+ * clientFollowXForwardedForStart instead. Then we wouldn't
|
||||
+ * need to do this little dance transferring control over
|
||||
+ * there and then back here, and we wouldn't need the
|
||||
+ * done_follow_x_forwarded_for flag.
|
||||
+ */
|
||||
+ clientFollowXForwardedForStart(data);
|
||||
+ return;
|
||||
+ }
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
if (checkAccelOnly(http)) {
|
||||
/* deny proxy requests in accel_only mode */
|
||||
debug(33, 1) ("clientAccessCheck: proxy request denied in accel_only mode\n");
|
||||
@@ -325,6 +499,9 @@
|
||||
new_request->http_ver = old_request->http_ver;
|
||||
httpHeaderAppend(&new_request->header, &old_request->header);
|
||||
new_request->client_addr = old_request->client_addr;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ new_request->indirect_client_addr = old_request->indirect_client_addr;
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
new_request->my_addr = old_request->my_addr;
|
||||
new_request->my_port = old_request->my_port;
|
||||
new_request->flags.redirected = 1;
|
||||
@@ -3051,6 +3228,9 @@
|
||||
safe_free(http->log_uri);
|
||||
http->log_uri = xstrdup(urlCanonicalClean(request));
|
||||
request->client_addr = conn->peer.sin_addr;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ request->indirect_client_addr = request->client_addr;
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
request->my_addr = conn->me.sin_addr;
|
||||
request->my_port = ntohs(conn->me.sin_port);
|
||||
request->http_ver = http->http_ver;
|
||||
Index: src/delay_pools.c
|
||||
--- src/delay_pools.c 19 Jun 2003 02:13:57 -0000 1.5.54.6
|
||||
+++ src/delay_pools.c 23 Nov 2003 14:20:23 -0000
|
||||
@@ -318,6 +318,11 @@
|
||||
r = http->request;
|
||||
|
||||
memset(&ch, '\0', sizeof(ch));
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (Config.onoff.delay_pool_uses_indirect_client) {
|
||||
+ ch.src_addr = r->indirect_client_addr;
|
||||
+ } else
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
ch.src_addr = r->client_addr;
|
||||
ch.my_addr = r->my_addr;
|
||||
ch.my_port = r->my_port;
|
||||
*** src/structs.h.orig Sun Jun 26 12:45:58 2005
|
||||
--- src/structs.h Sun Jun 26 12:48:45 2005
|
||||
***************
|
||||
*** 610,615 ****
|
||||
--- 610,620 ----
|
||||
int accel_uses_host_header;
|
||||
int accel_no_pmtu_disc;
|
||||
int global_internal_static;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ int acl_uses_indirect_client;
|
||||
+ int delay_pool_uses_indirect_client;
|
||||
+ int log_uses_indirect_client;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
} onoff;
|
||||
acl *aclList;
|
||||
struct {
|
||||
***************
|
||||
*** 631,636 ****
|
||||
--- 636,644 ----
|
||||
acl_access *reply;
|
||||
acl_address *outgoing_address;
|
||||
acl_tos *outgoing_tos;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ acl_access *followXFF;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
} accessList;
|
||||
acl_deny_info_list *denyInfoList;
|
||||
struct _authConfig {
|
||||
***************
|
||||
*** 1623,1628 ****
|
||||
--- 1631,1641 ----
|
||||
unsigned int body_sent:1;
|
||||
unsigned int reset_tcp:1;
|
||||
unsigned int must_keepalive:1;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ /* XXX this flag could be eliminated;
|
||||
+ * see comments in clientAccessCheck */
|
||||
+ unsigned int done_follow_x_forwarded_for;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
};
|
||||
|
||||
struct _link_list {
|
||||
***************
|
||||
*** 1666,1671 ****
|
||||
--- 1679,1687 ----
|
||||
int max_forwards;
|
||||
/* these in_addr's could probably be sockaddr_in's */
|
||||
struct in_addr client_addr;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ struct in_addr indirect_client_addr; /* after following X-Forwarded-For */
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
struct in_addr my_addr;
|
||||
unsigned short my_port;
|
||||
HttpHeader header;
|
||||
***************
|
||||
*** 1677,1682 ****
|
||||
--- 1693,1703 ----
|
||||
const char *vary_headers; /* Used when varying entities are detected. Changes how the store key is calculated */
|
||||
BODY_HANDLER *body_reader;
|
||||
void *body_reader_data;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ /* XXX a list of IP addresses would be a better data structure
|
||||
+ * than this String */
|
||||
+ String x_forwarded_for_iterator;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
};
|
||||
|
||||
struct _cachemgr_passwd {
|
@ -1,65 +0,0 @@
|
||||
!Simulate the autotools bootstrap of the follow-x-forwarded-for patchset.
|
||||
!
|
||||
!Beware that all line number informations in configure.log greater
|
||||
!than 2972 are offset by at least -29 (correcting all line numbers would have
|
||||
!bloated the patch by 92kB!)
|
||||
--- include/autoconf.h.in.orig Sat Jan 18 02:46:11 2003
|
||||
+++ include/autoconf.h.in Thu Jun 24 13:19:07 2004
|
||||
@@ -291,6 +291,12 @@
|
||||
#define USE_IDENT 1
|
||||
|
||||
/*
|
||||
+ * Compile in support for following X-Forwarded-For headers?
|
||||
+ * Enabled by default.
|
||||
+ */
|
||||
+#define FOLLOW_X_FORWARDED_FOR 1
|
||||
+
|
||||
+/*
|
||||
* If your system has statvfs(), and if it actually works!
|
||||
*/
|
||||
#undef HAVE_STATVFS
|
||||
--- configure.orig Thu Sep 22 10:16:26 2005
|
||||
+++ configure Thu Sep 22 17:29:01 2005
|
||||
@@ -249,6 +249,12 @@
|
||||
if you build as another user who is not privileged
|
||||
to use the number of filedescriptors you want the
|
||||
resulting binary to support"
|
||||
+ac_help="$ac_help
|
||||
+ --enable-follow-x-forwarded-for
|
||||
+ Enable support for following the X-Forwarded-For
|
||||
+ HTTP header to try to find the IP address of the
|
||||
+ original or indirect client when a request has
|
||||
+ been forwarded through other proxies."
|
||||
|
||||
# Initialize some variables set by options.
|
||||
# The variables have the same names as the options, with
|
||||
@@ -3255,6 +3261,29 @@
|
||||
|
||||
fi
|
||||
|
||||
+
|
||||
+follow_xff=1
|
||||
+# Check whether --enable-follow-x-forwarded-for or --disable-follow-x-forwarded-for was given.
|
||||
+if test "${enable_follow_x_forwarded_for+set}" = set; then
|
||||
+ enableval="$enable_follow_x_forwarded_for"
|
||||
+ if test "$enableval" = "yes" ; then
|
||||
+ echo "follow X-Forwarded-For enabled"
|
||||
+ follow_xff=1
|
||||
+ fi
|
||||
+
|
||||
+fi
|
||||
+
|
||||
+if test $follow_xff = 1; then
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define FOLLOW_X_FORWARDED_FOR 1
|
||||
+EOF
|
||||
+
|
||||
+else
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define FOLLOW_X_FORWARDED_FOR 0
|
||||
+EOF
|
||||
+
|
||||
+fi
|
||||
|
||||
# Force some compilers to use ANSI features
|
||||
#
|
@ -1,422 +0,0 @@
|
||||
Patch 2 of 2 to integrate the icap-2_5 branch into the FreeBSD squid port.
|
||||
|
||||
Created by Thomas-Martin Seck <tmseck@netcologne.de>.
|
||||
|
||||
This patch simulates the autotools bootstrap necessary after applying the
|
||||
ICAP patchset.
|
||||
|
||||
Please see icap-2.5-core.patch for further information.
|
||||
|
||||
Patch last updated: 2005-12-17
|
||||
|
||||
--- configure.orig Sat Oct 22 11:56:01 2005
|
||||
+++ configure Sat Dec 17 17:45:21 2005
|
||||
@@ -70,6 +70,8 @@
|
||||
ac_help="$ac_help
|
||||
--enable-delay-pools Enable delay pools to limit bandwidth usage"
|
||||
ac_help="$ac_help
|
||||
+ --enable-icap-support Enable iCAP client capability"
|
||||
+ac_help="$ac_help
|
||||
--enable-useragent-log Enable logging of User-Agent header"
|
||||
ac_help="$ac_help
|
||||
--enable-referer-log Enable logging of Referer header"
|
||||
@@ -2170,6 +2172,38 @@
|
||||
|
||||
|
||||
|
||||
+
|
||||
+if false; then
|
||||
+ USE_ICAP_TRUE=
|
||||
+ USE_ICAP_FALSE='#'
|
||||
+else
|
||||
+ USE_ICAP_TRUE='#'
|
||||
+ USE_ICAP_FALSE=
|
||||
+fi
|
||||
+# Check whether --enable-icap-support or --disable-icap-support was given.
|
||||
+if test "${enable_icap_support+set}" = set; then
|
||||
+ enableval="$enable_icap_support"
|
||||
+ if test "$enableval" = "yes" ; then
|
||||
+ echo "ICAP support enabled"
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define HS_FEAT_ICAP 1
|
||||
+EOF
|
||||
+
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ USE_ICAP_TRUE=
|
||||
+ USE_ICAP_FALSE='#'
|
||||
+else
|
||||
+ USE_ICAP_TRUE='#'
|
||||
+ USE_ICAP_FALSE=
|
||||
+fi
|
||||
+ fi
|
||||
+
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
# Check whether --enable-useragent-log or --disable-useragent-log was given.
|
||||
if test "${enable_useragent_log+set}" = set; then
|
||||
enableval="$enable_useragent_log"
|
||||
@@ -7428,14 +7462,14 @@
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
- echo $ac_n "checking for main in -lpthread""... $ac_c" 1>&6
|
||||
-echo "configure:7433: checking for main in -lpthread" >&5
|
||||
+ echo $ac_n "checking for main in -pthread""... $ac_c" 1>&6
|
||||
+echo "configure:7433: checking for main in -pthread" >&5
|
||||
ac_lib_var=`echo pthread'_'main | sed 'y%./+-%__p_%'`
|
||||
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
|
||||
echo $ac_n "(cached) $ac_c" 1>&6
|
||||
else
|
||||
ac_save_LIBS="$LIBS"
|
||||
-LIBS="-lpthread $LIBS"
|
||||
+LIBS="-pthread $LIBS"
|
||||
cat > conftest.$ac_ext <<EOF
|
||||
#line 7441 "configure"
|
||||
#include "confdefs.h"
|
||||
@@ -7465,7 +7499,7 @@
|
||||
#define $ac_tr_lib 1
|
||||
EOF
|
||||
|
||||
- LIBS="-lpthread $LIBS"
|
||||
+ LIBS="-pthread $LIBS"
|
||||
|
||||
else
|
||||
echo "$ac_t""no" 1>&6
|
||||
@@ -7769,6 +7803,8 @@
|
||||
srand48 \
|
||||
srandom \
|
||||
statfs \
|
||||
+ strnstr \
|
||||
+ strcasestr \
|
||||
strtoll \
|
||||
sysconf \
|
||||
syslog \
|
||||
@@ -7898,6 +7934,50 @@
|
||||
fi
|
||||
fi
|
||||
|
||||
+
|
||||
+if false; then
|
||||
+ NEED_OWN_STRNSTR_TRUE=
|
||||
+ NEED_OWN_STRNSTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRNSTR_TRUE='#'
|
||||
+ NEED_OWN_STRNSTR_FALSE=
|
||||
+fi
|
||||
+if test "$ac_cv_func_strnstr" = "no" || test "$ac_cv_func_vstrnstr" = "no" ; then
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ NEED_OWN_STRNSTR_TRUE=
|
||||
+ NEED_OWN_STRNSTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRNSTR_TRUE='#'
|
||||
+ NEED_OWN_STRNSTR_FALSE=
|
||||
+fi
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
+if false; then
|
||||
+ NEED_OWN_STRCASESTR_TRUE=
|
||||
+ NEED_OWN_STRCASESTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRCASESTR_TRUE='#'
|
||||
+ NEED_OWN_STRCASESTR_FALSE=
|
||||
+fi
|
||||
+if test "$ac_cv_func_strcasestr" = "no" || test "$ac_cv_func_vstrcasestr" = "no"; then
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ NEED_OWN_STRCASESTR_TRUE=
|
||||
+ NEED_OWN_STRCASESTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRCASESTR_TRUE='#'
|
||||
+ NEED_OWN_STRCASESTR_FALSE=
|
||||
+fi
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
+
|
||||
echo $ac_n "checking if va_copy is implemented""... $ac_c" 1>&6
|
||||
echo "configure:7903: checking if va_copy is implemented" >&5
|
||||
if eval "test \"`echo '$''{'ac_cv_func_va_copy'+set}'`\" = set"; then
|
||||
@@ -9072,6 +9152,8 @@
|
||||
s%@ENABLE_PINGER_FALSE@%$ENABLE_PINGER_FALSE%g
|
||||
s%@USE_DELAY_POOLS_TRUE@%$USE_DELAY_POOLS_TRUE%g
|
||||
s%@USE_DELAY_POOLS_FALSE@%$USE_DELAY_POOLS_FALSE%g
|
||||
+s%@USE_ICAP_TRUE@%$USE_ICAP_TRUE%g
|
||||
+s%@USE_ICAP_FALSE@%$USE_ICAP_FALSE%g
|
||||
s%@USE_SNMP_TRUE@%$USE_SNMP_TRUE%g
|
||||
s%@USE_SNMP_FALSE@%$USE_SNMP_FALSE%g
|
||||
s%@SNMPLIB@%$SNMPLIB%g
|
||||
@@ -9118,6 +9200,10 @@
|
||||
s%@LIB_LBER@%$LIB_LBER%g
|
||||
s%@NEED_OWN_SNPRINTF_TRUE@%$NEED_OWN_SNPRINTF_TRUE%g
|
||||
s%@NEED_OWN_SNPRINTF_FALSE@%$NEED_OWN_SNPRINTF_FALSE%g
|
||||
+s%@NEED_OWN_STRNSTR_TRUE@%$NEED_OWN_STRNSTR_TRUE%g
|
||||
+s%@NEED_OWN_STRNSTR_FALSE@%$NEED_OWN_STRNSTR_FALSE%g
|
||||
+s%@NEED_OWN_STRCASESTR_TRUE@%$NEED_OWN_STRCASESTR_TRUE%g
|
||||
+s%@NEED_OWN_STRCASESTR_FALSE@%$NEED_OWN_STRCASESTR_FALSE%g
|
||||
s%@REGEXLIB@%$REGEXLIB%g
|
||||
s%@LIBREGEX@%$LIBREGEX%g
|
||||
s%@LIBOBJS@%$LIBOBJS%g
|
||||
--- include/autoconf.h.in.orig Tue Sep 13 02:12:34 2005
|
||||
+++ include/autoconf.h.in Sat Dec 17 17:45:21 2005
|
||||
@@ -124,6 +124,11 @@
|
||||
*/
|
||||
#undef DELAY_POOLS
|
||||
|
||||
+/*
|
||||
+ * ICAP - Internet Content Adaptation Protocol
|
||||
+ */
|
||||
+#undef HS_FEAT_ICAP
|
||||
+
|
||||
/*
|
||||
* If you want to log User-Agent request header values, define this.
|
||||
* By default, they are written to useragent.log in the Squid log
|
||||
@@ -574,6 +579,12 @@
|
||||
|
||||
/* Define if you have the statfs function. */
|
||||
#undef HAVE_STATFS
|
||||
+
|
||||
+/* Define if you have the strcasestr function. */
|
||||
+#undef HAVE_STRCASESTR
|
||||
+
|
||||
+/* Define if you have the strnstr function. */
|
||||
+#undef HAVE_STRNSTR
|
||||
|
||||
/* Define if you have the strerror function. */
|
||||
#undef HAVE_STRERROR
|
||||
--- lib/Makefile.in.orig Wed Sep 28 22:57:20 2005
|
||||
+++ lib/Makefile.in Sat Dec 17 17:45:21 2005
|
||||
@@ -123,6 +123,13 @@
|
||||
|
||||
@NEED_OWN_SNPRINTF_TRUE@SNPRINTFSOURCE = snprintf.c
|
||||
@NEED_OWN_SNPRINTF_FALSE@SNPRINTFSOURCE =
|
||||
+
|
||||
+@NEED_OWN_STRNSTR_TRUE@STRNSTRSOURCE = strnstr.c
|
||||
+@NEED_OWN_STRNSTR_FALSE@STRNSTRSOURCE =
|
||||
+
|
||||
+@NEED_OWN_STRCASESTR_TRUE@STRCASESTRSOURCE = strcasestr.c
|
||||
+@NEED_OWN_STRCASESTR_FALSE@STRCASESTRSOURCE =
|
||||
+
|
||||
@NEED_OWN_MD5_TRUE@MD5SOURCE = md5.c
|
||||
@NEED_OWN_MD5_FALSE@MD5SOURCE =
|
||||
|
||||
@@ -158,6 +165,8 @@
|
||||
$(SNPRINTFSOURCE) \
|
||||
splay.c \
|
||||
Stack.c \
|
||||
+ $(STRNSTRSOURCE) \
|
||||
+ $(STRCASESTRSOURCE) \
|
||||
stub_memaccount.c \
|
||||
util.c \
|
||||
uudecode.c
|
||||
@@ -196,13 +205,18 @@
|
||||
@NEED_OWN_MD5_FALSE@am__objects_1 =
|
||||
@NEED_OWN_SNPRINTF_FALSE@am__objects_2 =
|
||||
@NEED_OWN_SNPRINTF_TRUE@am__objects_2 = snprintf.$(OBJEXT)
|
||||
+@NEED_OWN_STRNSTR_FALSE@am__objects_3 =
|
||||
+@NEED_OWN_STRNSTR_TRUE@am__objects_3 = strnstr.$(OBJEXT)
|
||||
+@NEED_OWN_STRCASESTR_TRUE@am__objects_4 = strcasestr.$(OBJEXT)
|
||||
+@NEED_OWN_STRCASESTR_FALSE@am__objects_4 =
|
||||
am_libmiscutil_a_OBJECTS = Array.$(OBJEXT) base64.$(OBJEXT) \
|
||||
getfullhostname.$(OBJEXT) hash.$(OBJEXT) heap.$(OBJEXT) \
|
||||
html_quote.$(OBJEXT) iso3307.$(OBJEXT) $(am__objects_1) \
|
||||
radix.$(OBJEXT) rfc1035.$(OBJEXT) rfc1123.$(OBJEXT) \
|
||||
rfc1738.$(OBJEXT) rfc2617.$(OBJEXT) safe_inet_addr.$(OBJEXT) \
|
||||
$(am__objects_2) splay.$(OBJEXT) Stack.$(OBJEXT) \
|
||||
- stub_memaccount.$(OBJEXT) util.$(OBJEXT) uudecode.$(OBJEXT)
|
||||
+ $(am__objects_3) $(am__objects_4) stub_memaccount.$(OBJEXT) \
|
||||
+ util.$(OBJEXT) uudecode.$(OBJEXT)
|
||||
libmiscutil_a_OBJECTS = $(am_libmiscutil_a_OBJECTS)
|
||||
libntlmauth_a_AR = $(AR) cru
|
||||
libntlmauth_a_DEPENDENCIES = @LIBOBJS@
|
||||
@@ -224,15 +238,16 @@
|
||||
@AMDEP_TRUE@ $(DEPDIR)/dlmalloc.Po $(DEPDIR)/drand48.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/getfullhostname.Po $(DEPDIR)/hash.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/heap.Po $(DEPDIR)/html_quote.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/initgroups.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/iso3307.Po $(DEPDIR)/md5.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/ntlmauth.Po $(DEPDIR)/radix.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/rfc1035.Po $(DEPDIR)/rfc1123.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/rfc1738.Po $(DEPDIR)/rfc2617.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/safe_inet_addr.Po $(DEPDIR)/snprintf.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/splay.Po $(DEPDIR)/strerror.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/stub_memaccount.Po $(DEPDIR)/tempnam.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/util.Po $(DEPDIR)/uudecode.Po
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/iso3307.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/md5.Po $(DEPDIR)/ntlmauth.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/radix.Po $(DEPDIR)/rfc1035.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/rfc1123.Po $(DEPDIR)/rfc1738.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/rfc2617.Po $(DEPDIR)/safe_inet_addr.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/snprintf.Po $(DEPDIR)/splay.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/strcasestr.Po $(DEPDIR)/strerror.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/strnstr.Po $(DEPDIR)/stub_memaccount.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/tempnam.Po $(DEPDIR)/util.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/uudecode.Po
|
||||
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
|
||||
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
|
||||
CCLD = $(CC)
|
||||
@@ -241,8 +256,8 @@
|
||||
DIST_SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) \
|
||||
$(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) \
|
||||
$(libregex_a_SOURCES)
|
||||
-DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c \
|
||||
- initgroups.c strerror.c tempnam.c
|
||||
+DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c strerror.c \
|
||||
+ tempnam.c
|
||||
SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) $(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) $(libregex_a_SOURCES)
|
||||
|
||||
all: all-am
|
||||
@@ -295,7 +310,6 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/heap.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/html_quote.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_ntoa.Po@am__quote@
|
||||
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/initgroups.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/iso3307.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/md5.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ntlmauth.Po@am__quote@
|
||||
@@ -307,7 +321,9 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/safe_inet_addr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/snprintf.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/splay.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strcasestr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strerror.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strnstr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/stub_memaccount.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tempnam.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/util.Po@am__quote@
|
||||
--- src/Makefile.in.orig Wed Sep 28 22:57:21 2005
|
||||
+++ src/Makefile.in Sat Dec 17 17:45:21 2005
|
||||
@@ -125,6 +125,9 @@
|
||||
install_sh = @install_sh@
|
||||
makesnmplib = @makesnmplib@
|
||||
|
||||
+@USE_ICAP_TRUE@ICAPSOURCE = icap_common.c icap_reqmod.c icap_respmod.c icap_opt.c
|
||||
+@USE_ICAP_FALSE@ICAPSOURCE =
|
||||
+
|
||||
@USE_DNSSERVER_TRUE@DNSSOURCE = dns.c
|
||||
@USE_DNSSERVER_FALSE@DNSSOURCE = dns_internal.c
|
||||
@USE_DNSSERVER_TRUE@DNSSERVER = dnsserver
|
||||
@@ -249,6 +252,7 @@
|
||||
HttpMsg.c \
|
||||
HttpReply.c \
|
||||
HttpRequest.c \
|
||||
+ $(ICAPSOURCE) \
|
||||
icmp.c \
|
||||
icp_v2.c \
|
||||
icp_v3.c \
|
||||
@@ -468,54 +472,58 @@
|
||||
pinger_LDADD = $(LDADD)
|
||||
pinger_DEPENDENCIES =
|
||||
pinger_LDFLAGS =
|
||||
-@USE_DELAY_POOLS_TRUE@am__objects_3 = delay_pools.$(OBJEXT)
|
||||
-@USE_DELAY_POOLS_FALSE@am__objects_3 =
|
||||
-@USE_DNSSERVER_FALSE@am__objects_4 = dns_internal.$(OBJEXT)
|
||||
-@USE_DNSSERVER_TRUE@am__objects_4 = dns.$(OBJEXT)
|
||||
-@ENABLE_HTCP_TRUE@am__objects_5 = htcp.$(OBJEXT)
|
||||
-@MAKE_LEAKFINDER_FALSE@am__objects_6 =
|
||||
-@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
|
||||
-@USE_SNMP_TRUE@am__objects_7 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
|
||||
-@USE_SNMP_FALSE@am__objects_7 =
|
||||
-@ENABLE_SSL_TRUE@am__objects_8 = ssl_support.$(OBJEXT)
|
||||
-@ENABLE_SSL_FALSE@am__objects_8 =
|
||||
-@ENABLE_UNLINKD_FALSE@am__objects_9 =
|
||||
-@ENABLE_UNLINKD_TRUE@am__objects_9 = unlinkd.$(OBJEXT)
|
||||
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_10 = win32.$(OBJEXT)
|
||||
-@ENABLE_WIN32SPECIFIC_FALSE@am__objects_10 =
|
||||
+@USE_DELAY_POOLS_FALSE@am__objects_5 =
|
||||
+@USE_DELAY_POOLS_TRUE@am__objects_5 = delay_pools.$(OBJEXT)
|
||||
+@USE_DNSSERVER_FALSE@am__objects_6 = dns_internal.$(OBJEXT)
|
||||
+@USE_DNSSERVER_TRUE@am__objects_6 = dns.$(OBJEXT)
|
||||
+@ENABLE_HTCP_TRUE@am__objects_7 = htcp.$(OBJEXT)
|
||||
+@USE_ICAP_TRUE@am__objects_8 = icap_common.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@ icap_reqmod.$(OBJEXT) icap_respmod.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@ icap_opt.$(OBJEXT)
|
||||
+@USE_ICAP_FALSE@am__objects_8 =
|
||||
+@MAKE_LEAKFINDER_TRUE@am__objects_9 = leakfinder.$(OBJEXT)
|
||||
+@MAKE_LEAKFINDER_FALSE@am__objects_9 =
|
||||
+@USE_SNMP_TRUE@am__objects_10 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
|
||||
+@USE_SNMP_FALSE@am__objects_10 =
|
||||
+@ENABLE_SSL_FALSE@am__objects_11 =
|
||||
+@ENABLE_SSL_TRUE@am__objects_11 = ssl_support.$(OBJEXT)
|
||||
+@ENABLE_UNLINKD_TRUE@am__objects_12 = unlinkd.$(OBJEXT)
|
||||
+@ENABLE_UNLINKD_FALSE@am__objects_12 =
|
||||
+@ENABLE_WIN32SPECIFIC_FALSE@am__objects_13 =
|
||||
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_13 = win32.$(OBJEXT)
|
||||
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) asn.$(OBJEXT) \
|
||||
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) CacheDigest.$(OBJEXT) \
|
||||
cache_manager.$(OBJEXT) carp.$(OBJEXT) cbdata.$(OBJEXT) \
|
||||
client_db.$(OBJEXT) client_side.$(OBJEXT) comm.$(OBJEXT) \
|
||||
- comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_3) \
|
||||
- disk.$(OBJEXT) $(am__objects_4) errorpage.$(OBJEXT) \
|
||||
+ comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_5) \
|
||||
+ disk.$(OBJEXT) $(am__objects_6) errorpage.$(OBJEXT) \
|
||||
ETag.$(OBJEXT) event.$(OBJEXT) external_acl.$(OBJEXT) \
|
||||
fd.$(OBJEXT) filemap.$(OBJEXT) forward.$(OBJEXT) \
|
||||
fqdncache.$(OBJEXT) ftp.$(OBJEXT) gopher.$(OBJEXT) \
|
||||
- helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \
|
||||
+ helper.$(OBJEXT) $(am__objects_7) http.$(OBJEXT) \
|
||||
HttpStatusLine.$(OBJEXT) HttpHdrCc.$(OBJEXT) \
|
||||
HttpHdrRange.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \
|
||||
HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \
|
||||
HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) HttpReply.$(OBJEXT) \
|
||||
- HttpRequest.$(OBJEXT) icmp.$(OBJEXT) icp_v2.$(OBJEXT) \
|
||||
- icp_v3.$(OBJEXT) ident.$(OBJEXT) internal.$(OBJEXT) \
|
||||
- ipc.$(OBJEXT) ipcache.$(OBJEXT) $(am__objects_6) \
|
||||
- logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
|
||||
+ HttpRequest.$(OBJEXT) $(am__objects_8) icmp.$(OBJEXT) \
|
||||
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) ident.$(OBJEXT) \
|
||||
+ internal.$(OBJEXT) ipc.$(OBJEXT) ipcache.$(OBJEXT) \
|
||||
+ $(am__objects_9) logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
|
||||
MemPool.$(OBJEXT) MemBuf.$(OBJEXT) mime.$(OBJEXT) \
|
||||
multicast.$(OBJEXT) neighbors.$(OBJEXT) net_db.$(OBJEXT) \
|
||||
Packer.$(OBJEXT) pconn.$(OBJEXT) peer_digest.$(OBJEXT) \
|
||||
peer_select.$(OBJEXT) redirect.$(OBJEXT) referer.$(OBJEXT) \
|
||||
- refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_7) \
|
||||
- ssl.$(OBJEXT) $(am__objects_8) stat.$(OBJEXT) \
|
||||
+ refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_10) \
|
||||
+ ssl.$(OBJEXT) $(am__objects_11) stat.$(OBJEXT) \
|
||||
StatHist.$(OBJEXT) String.$(OBJEXT) stmem.$(OBJEXT) \
|
||||
store.$(OBJEXT) store_io.$(OBJEXT) store_client.$(OBJEXT) \
|
||||
store_digest.$(OBJEXT) store_dir.$(OBJEXT) \
|
||||
store_key_md5.$(OBJEXT) store_log.$(OBJEXT) \
|
||||
store_rebuild.$(OBJEXT) store_swapin.$(OBJEXT) \
|
||||
store_swapmeta.$(OBJEXT) store_swapout.$(OBJEXT) \
|
||||
- tools.$(OBJEXT) $(am__objects_9) url.$(OBJEXT) urn.$(OBJEXT) \
|
||||
+ tools.$(OBJEXT) $(am__objects_12) url.$(OBJEXT) urn.$(OBJEXT) \
|
||||
useragent.$(OBJEXT) wais.$(OBJEXT) wccp.$(OBJEXT) \
|
||||
- whois.$(OBJEXT) $(am__objects_10)
|
||||
+ whois.$(OBJEXT) $(am__objects_13)
|
||||
nodist_squid_OBJECTS = repl_modules.$(OBJEXT) auth_modules.$(OBJEXT) \
|
||||
store_modules.$(OBJEXT) globals.$(OBJEXT) \
|
||||
string_arrays.$(OBJEXT)
|
||||
@@ -563,7 +571,9 @@
|
||||
@AMDEP_TRUE@ $(DEPDIR)/fqdncache.Po $(DEPDIR)/ftp.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/globals.Po $(DEPDIR)/gopher.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/helper.Po $(DEPDIR)/htcp.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icmp.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icap_common.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/icap_opt.Po $(DEPDIR)/icap_reqmod.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/icap_respmod.Po $(DEPDIR)/icmp.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/icp_v2.Po $(DEPDIR)/icp_v3.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/ident.Po $(DEPDIR)/internal.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/ipc.Po $(DEPDIR)/ipcache.Po \
|
||||
@@ -777,6 +787,10 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/helper.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/htcp.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/http.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_common.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_opt.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_reqmod.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_respmod.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icmp.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v2.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v3.Po@am__quote@
|
@ -1,6 +1,28 @@
|
||||
--- src/cf.data.pre.orig Fri Aug 20 16:23:18 2004
|
||||
+++ src/cf.data.pre Fri Aug 20 16:25:23 2004
|
||||
@@ -2396,12 +2396,12 @@
|
||||
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
|
||||
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
|
||||
@@ -1183,6 +1183,21 @@
|
||||
|
||||
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
|
||||
(hard coded at 1 MB).
|
||||
+
|
||||
+ Note for FreeBSD users:
|
||||
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
|
||||
+ support for the aufs storage type, COSS will use POSIX AIO.
|
||||
+ This means that you need to add the line
|
||||
+
|
||||
+ options VFS_AIO
|
||||
+
|
||||
+ to your kernel configuration in order to use COSS.
|
||||
+
|
||||
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
|
||||
+ necessarily need to recompile your kernel.
|
||||
+
|
||||
+ If you compiled Squid with both support for aufs and COSS, COSS
|
||||
+ will use aufs' routines and does not need special kernel support.
|
||||
DOC_END
|
||||
|
||||
NAME: logformat
|
||||
@@ -3280,12 +3295,12 @@
|
||||
|
||||
NAME: cache_effective_user
|
||||
TYPE: string
|
||||
|
@ -1,24 +0,0 @@
|
||||
Patch for Squid bug #1857, obtained from Squid bugzilla 2007-01-15.
|
||||
|
||||
--- src/ftp.c.orig Sun Feb 26 00:34:13 2006
|
||||
+++ src/ftp.c Mon Jan 15 19:46:29 2007
|
||||
@@ -441,7 +441,7 @@
|
||||
ftpState->flags.dir_slash ? rfc1738_escape_part(ftpState->old_filepath) : ".");
|
||||
} else if (ftpState->typecode == 'D') {
|
||||
const char *path = ftpState->flags.dir_slash ? ftpState->filepath : ".";
|
||||
- storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", html_quote(path));
|
||||
+ storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", rfc1738_escape_part(path));
|
||||
}
|
||||
storeAppendPrintf(e, "<HR noshade size=\"1px\">\n");
|
||||
storeAppendPrintf(e, "<ADDRESS>\n");
|
||||
@@ -689,8 +689,8 @@
|
||||
snprintf(html, 8192, "%s\n", line);
|
||||
return html;
|
||||
}
|
||||
- if (ftpState->flags.dir_slash)
|
||||
- snprintf(prefix, sizeof(prefix), "%s/", rfc1738_escape_part(ftpState->dirpath));
|
||||
+ if (ftpState->flags.dir_slash && ftpState->dirpath && ftpState->typecode != 'D' )
|
||||
+ snprintf(prefix, 2048, "%s/", rfc1738_escape_part(ftpState->dirpath));
|
||||
else
|
||||
prefix[0] = '\0';
|
||||
/* Handle builtin <dirup> */
|
@ -21,12 +21,11 @@ POST-DEINSTALL)
|
||||
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
|
||||
echo " created by a default installation of this package, run"
|
||||
echo ""
|
||||
echo " pw userdel -r -n %%SQUID_UID%% -u 100"
|
||||
echo ""
|
||||
echo " pw userdel -n %%SQUID_UID%% -u 100"
|
||||
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
|
||||
echo ""
|
||||
echo " To ease updates, the cache and log directories and"
|
||||
echo " all configuration files modified by you were preserved."
|
||||
echo " In order to ease updates the cache and log directories"
|
||||
echo " and all configuration files modified by you were preserved."
|
||||
echo ""
|
||||
echo " Please remove them manually if you do not want to use"
|
||||
echo " Squid any longer."
|
||||
|
@ -16,18 +16,11 @@ squid_user="%%SQUID_UID%%"
|
||||
squid_group="%%SQUID_GID%%"
|
||||
squid_gid=100
|
||||
squid_uid=100
|
||||
# Try to catch the case where the $squid_user might have been created with an
|
||||
# id greater than or equal 3128. The valid exception is "nobody".
|
||||
nobody_uid=65534
|
||||
nobody_gid=65534
|
||||
squid_oldgid=3128
|
||||
squid_olduid=3128
|
||||
unset wrong_id
|
||||
case $2 in
|
||||
PRE-INSTALL)
|
||||
echo "===> Pre-installation configuration for ${pkgname}"
|
||||
if ! pw groupshow ${squid_group} -q >/dev/null ; then
|
||||
echo "There is no group '${squid_group}' on this system, so I will try to create it:"
|
||||
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
|
||||
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
|
||||
echo "Failed to create group \"${squid_group}\"!" >&2
|
||||
echo "Please create it manually." >&2
|
||||
@ -37,16 +30,11 @@ PRE-INSTALL)
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing group '${squid_group}':"
|
||||
current_gid=`pw groupshow ${squid_group}|cut -f 3 -d :`
|
||||
if [ ${current_gid} -ge ${squid_oldgid} \
|
||||
-a ${current_gid} -ne ${nobody_gid} ]; then
|
||||
wrong_id=1
|
||||
fi
|
||||
fi
|
||||
pw groupshow ${squid_group}
|
||||
|
||||
if ! pw usershow ${squid_user} -q >/dev/null ; then
|
||||
echo "There is no account '${squid_user}' on this system, so I will try to create it:"
|
||||
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
|
||||
if ! pw useradd -q -n ${squid_user} \
|
||||
-u ${squid_uid} -g ${squid_group} \
|
||||
-c "Squid caching-proxy pseudo user" \
|
||||
@ -60,53 +48,8 @@ PRE-INSTALL)
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing user '${squid_user}':"
|
||||
current_uid=`id -u ${squid_user}`
|
||||
if [ ${current_uid} -ge ${squid_olduid} \
|
||||
-a ${current_uid} -ne ${nobody_uid} ];
|
||||
then
|
||||
wrong_id=1
|
||||
fi
|
||||
fi
|
||||
pw usershow ${squid_user}
|
||||
if [ "${wrong_id}" ]; then
|
||||
echo ""
|
||||
echo " * NOTICE *"
|
||||
echo ""
|
||||
echo "The Squid pseudo-user's uid and/or gid have been found"
|
||||
echo "to be greater than or equal 3128."
|
||||
echo ""
|
||||
echo "This is not a problem as such, but violates the FreeBSD"
|
||||
echo "ports' principle that a ports must not claim a uid greater"
|
||||
echo "than 999."
|
||||
echo ""
|
||||
echo "Since version 2.5.4_11, the Squid user is thus created"
|
||||
echo "with an id of ${squid_uid}:${squid_gid} while earlier versions of this"
|
||||
echo "port used the first unused uid/gid greater than or"
|
||||
echo "equal 3128."
|
||||
echo ""
|
||||
echo "If you want to change the existing Squid user's id, run"
|
||||
echo "'make changeuser' after the installation has completed."
|
||||
echo "If you installed this port via a package, issue the"
|
||||
echo "following commands as root:"
|
||||
echo ""
|
||||
echo "pw userdel -u ${current_uid}"
|
||||
echo "pw groupadd -n ${squid_group} -g ${squid_gid}"
|
||||
echo "pw useradd -n ${squid_user} -u ${squid_uid} \\"
|
||||
echo " -c \"Squid caching-proxy pseudo user\" \\"
|
||||
echo " -g ${squid_group} -d ${squid_base} -s /sbin/nologin \\"
|
||||
echo " -h -"
|
||||
echo "find -H ${PKG_PREFIX} -user ${current_uid} -exec chown ${squid_user} {} \\;"
|
||||
echo "find -H ${PKG_PREFIX} -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
|
||||
echo ""
|
||||
echo "In case you have installed third party software for Squid"
|
||||
echo "like squidGuard, you should additionally run:"
|
||||
echo "find -H /var -user ${current_uid} -exec chown ${squid_user} {} \\;"
|
||||
echo "find -H /var -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
|
||||
echo ""
|
||||
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
|
||||
sleep 30
|
||||
fi
|
||||
fi
|
||||
for dir in cache logs; do
|
||||
if [ ! -d ${squid_base}/${dir} ]; then
|
||||
echo "Creating ${squid_base}/${dir}..."
|
||||
|
@ -1,24 +1,31 @@
|
||||
o You can find the configuration files for this package in the
|
||||
directory %%PREFIX%%/etc/squid.
|
||||
|
||||
|
||||
o A cache directory has been created in %%PREFIX%%/squid/cache.
|
||||
Log files will be written to %%PREFIX%%/squid/logs.
|
||||
|
||||
|
||||
Note:
|
||||
You must initialize new cache directories before you can start
|
||||
Squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
|
||||
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
|
||||
If your cache directories are already initialized (e.g. after an
|
||||
upgrade of Squid) you do not need to initialize them again.
|
||||
upgrade of squid) you do not need to initialize them again.
|
||||
|
||||
o The default configuration will deny everyone access to the
|
||||
proxy service. Edit the "http_access" directives in
|
||||
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
|
||||
--begin rcng
|
||||
|
||||
Please note that the Squid start script is an rc.d style script.
|
||||
This means that Squid will not start automatically at boot time.
|
||||
This means that Squid will not start automatically at boot
|
||||
time unless it is explicitly enabled.
|
||||
|
||||
To enable Squid, set squid_enable=yes in either
|
||||
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
|
||||
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
|
||||
--end rcng
|
||||
|
||||
Note:
|
||||
If you just updated your Squid installation from 2.5 or earlier,
|
||||
make sure to check your Squid configuration against the 2.6 default
|
||||
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
|
||||
|
||||
Additionally, you should check your configuration by calling
|
||||
'squid -f /path/to/squid.conf -k parse' before starting Squid.
|
||||
|
@ -5,7 +5,7 @@
|
||||
# PROVIDE: squid
|
||||
# REQUIRE: LOGIN
|
||||
# KEYWORD: shutdown
|
||||
#
|
||||
#
|
||||
# Note:
|
||||
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
|
||||
# /etc/rc.conf.d/squid to make this script actually do something. There
|
@ -98,6 +98,8 @@ PATCH_DIST_STRIP= -p1
|
||||
MAINTAINER= tmseck@netcologne.de
|
||||
COMMENT= HTTP Caching Proxy
|
||||
|
||||
LATEST_LINK= squid25
|
||||
|
||||
CONFLICTS= squid-2.[^5]*
|
||||
GNU_CONFIGURE= yes
|
||||
USE_BZIP2= yes
|
||||
|
@ -1,432 +0,0 @@
|
||||
# New ports collection makefile for: squid26
|
||||
# Date created: 2006-06-01
|
||||
# Whom: Thomas-Martin Seck <tmseck@netcologne.de>
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# Tunables not (yet) configurable via 'make config':
|
||||
# SQUID_{U,G}ID
|
||||
# Which user/group Squid should run as (default: squid/squid).
|
||||
# The user and group will be created if they do not already exist using
|
||||
# a uid:gid of 100:100.
|
||||
# NOTE: older versions of Squid defaulted to nobody/nogroup.
|
||||
# If you wish to run Squid as "nobody" (which is not recommended), please
|
||||
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
|
||||
# before you start the update or installation of this port.
|
||||
#
|
||||
# SQUID_LANGUAGES
|
||||
# A list of languages for which error page files should be installed
|
||||
# (default: all)
|
||||
#
|
||||
# E.g. use `make SQUID_LANGUAGES="English French"' if you want to
|
||||
# install the files for these languages only.
|
||||
# Use `make -VSQUID_LANGUAGES' or scroll down to this variable's
|
||||
# definition to see which values are valid.
|
||||
#
|
||||
# SQUID_DEFAULT_LANG
|
||||
# If you define SQUID_LANGUAGES, select which language should be the default
|
||||
# one (this variable defaults to English). This setting can be overwritten
|
||||
# with squid.conf's error_directory directive.
|
||||
#
|
||||
# SQUID_CONFIGURE_ARGS
|
||||
# Additional configuration options.
|
||||
#
|
||||
# To enable them, use e.g
|
||||
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
|
||||
#
|
||||
# The list below may be incomplete, please see the configure script
|
||||
# in the Squid source distribution for the complete list of additional
|
||||
# options.
|
||||
# Note that you probably do not need to worry about these options in most
|
||||
# cases, they are included in case you want to experiment with them.
|
||||
#
|
||||
# --enable-dlmalloc
|
||||
# Compile and use the malloc package from Doug Lea
|
||||
# --enable-gnuregex
|
||||
# Compile and use the supplied GNUregex routines instead of BSD regex
|
||||
# (not recommended).
|
||||
# --enable-xmalloc-statistics
|
||||
# Show malloc statistics in status page
|
||||
# --enable-cachemgr-hostname=some.hostname
|
||||
# Set an explicit hostname in cachemgr.cgi
|
||||
# --enable-truncate
|
||||
# Use truncate() rather than unlink()
|
||||
# --disable-unlinkd
|
||||
# Do not use "unlinkd"
|
||||
# --with-aufs-threads=N_THREADS
|
||||
# Tune the number of worker threads for the aufs object
|
||||
# --with-coss-membuf-size
|
||||
# COSS membuf size (default: 1048576 bytes)
|
||||
# --with-maxfd=N
|
||||
# Override the maximum number of filedescriptors. Useful if you
|
||||
# build as another user who is not privileged to use the amount
|
||||
# of filedescriptors the resulting binary is expected to support.
|
||||
# --enable-ntlm-fail-open
|
||||
# Enable NTLM fail open, where a helper that fails one of the
|
||||
# Authentication steps can allow Squid to still authenticate the user
|
||||
# --enable-x-accelerator-vary
|
||||
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
|
||||
# to indicate variance within an accelerator setup. Typically used
|
||||
# together with other code that adds custom HTTP headers to the
|
||||
# requests.
|
||||
# --enable-forward-log
|
||||
# Enable experimental forward_log directive.
|
||||
# --enable-multicast-miss
|
||||
# Enable experimental multicast notification of cachemisses.
|
||||
|
||||
PORTNAME= squid
|
||||
PORTVERSION= 2.6.9
|
||||
CATEGORIES= www
|
||||
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
|
||||
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
|
||||
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
|
||||
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
|
||||
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
|
||||
MASTER_SITE_SUBDIR= squid-2/STABLE
|
||||
DISTNAME= squid-2.6.STABLE9
|
||||
DIST_SUBDIR= squid2.6
|
||||
|
||||
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www3.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.at.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.nl.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.ru.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.uk.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.jp.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.tw.squid-cache.org/%SUBDIR%/
|
||||
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
|
||||
PATCHFILES=
|
||||
PATCH_DIST_STRIP= -p1
|
||||
|
||||
MAINTAINER= tmseck@netcologne.de
|
||||
COMMENT= HTTP Caching Proxy
|
||||
|
||||
LATEST_LINK= squid26
|
||||
|
||||
CONFLICTS= squid-2.[^6]*
|
||||
GNU_CONFIGURE= yes
|
||||
USE_BZIP2= yes
|
||||
USE_PERL5= yes
|
||||
USE_RC_SUBR= squid
|
||||
|
||||
SQUID_UID?= squid
|
||||
SQUID_GID?= squid
|
||||
|
||||
MAN8= cachemgr.cgi.8 squid.8
|
||||
docs= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
|
||||
PORTDOCS= ${docs:T}
|
||||
SUB_FILES+= pkg-deinstall pkg-install pkg-message
|
||||
SUB_LIST+= SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID}
|
||||
|
||||
OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
|
||||
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
|
||||
SQUID_DELAY_POOLS "Enable delay pools" off \
|
||||
SQUID_SNMP "Enable SNMP support" off \
|
||||
SQUID_CARP "Enable CARP support" on \
|
||||
SQUID_SSL "Enable SSL support for reverse proxies" off \
|
||||
SQUID_PINGER "Install the icmp helper" off \
|
||||
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
|
||||
SQUID_HTCP "Enable HTCP support" off \
|
||||
SQUID_VIA_DB "Enable forward/via database" off \
|
||||
SQUID_CACHE_DIGESTS "Enable cache digests" off \
|
||||
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
|
||||
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
|
||||
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
|
||||
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
|
||||
SQUID_REFERER_LOG "Enable Referer-header logging" off \
|
||||
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
|
||||
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
|
||||
SQUID_PF "Enable transparent proxying with PF" off \
|
||||
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
|
||||
SQUID_FOLLOW_XFF "Follow X-Forwarded-For headers" off \
|
||||
SQUID_ICAP "Enable ICAP client functionality" off \
|
||||
SQUID_AUFS "Enable the aufs storage scheme" off \
|
||||
SQUID_COSS "Enable the COSS storage scheme" off \
|
||||
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
|
||||
SQUID_LARGEFILE "Support log and cache files >2GB" off \
|
||||
SQUID_STACKTRACES "Create backtraces on fatal errors" off
|
||||
|
||||
etc_files= squid/cachemgr.conf.default \
|
||||
squid/mib.txt squid/mime.conf.default \
|
||||
squid/msntauth.conf.default squid/squid.conf.default
|
||||
|
||||
icon_files= anthony-binhex.gif anthony-bomb.gif anthony-box.gif \
|
||||
anthony-box2.gif anthony-c.gif anthony-compressed.gif \
|
||||
anthony-dir.gif anthony-dirup.gif anthony-dvi.gif \
|
||||
anthony-f.gif anthony-image.gif anthony-image2.gif \
|
||||
anthony-layout.gif anthony-link.gif anthony-movie.gif \
|
||||
anthony-pdf.gif anthony-portal.gif anthony-ps.gif \
|
||||
anthony-quill.gif anthony-script.gif anthony-sound.gif \
|
||||
anthony-tar.gif anthony-tex.gif anthony-text.gif \
|
||||
anthony-unknown.gif anthony-xbm.gif anthony-xpm.gif
|
||||
|
||||
error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
|
||||
ERR_CACHE_MGR_ACCESS_DENIED ERR_CANNOT_FORWARD \
|
||||
ERR_CONNECT_FAIL ERR_DNS_FAIL ERR_FORWARDING_DENIED \
|
||||
ERR_FTP_DISABLED ERR_FTP_FAILURE ERR_FTP_FORBIDDEN \
|
||||
ERR_FTP_NOT_FOUND ERR_FTP_PUT_CREATED \
|
||||
ERR_FTP_PUT_ERROR ERR_FTP_PUT_MODIFIED ERR_FTP_UNAVAILABLE \
|
||||
ERR_INVALID_REQ ERR_INVALID_RESP ERR_INVALID_URL \
|
||||
ERR_LIFETIME_EXP ERR_NO_RELAY ERR_ONLY_IF_CACHED_MISS \
|
||||
ERR_READ_ERROR ERR_READ_TIMEOUT ERR_SHUTTING_DOWN \
|
||||
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
|
||||
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
|
||||
|
||||
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
|
||||
msnt_auth ncsa_auth ntlm_auth \
|
||||
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
|
||||
wbinfo_group.pl
|
||||
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
|
||||
libexec+= unlinkd
|
||||
.endif
|
||||
|
||||
sbin= RunCache squidclient squid
|
||||
|
||||
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
|
||||
--sbindir=${PREFIX}/sbin \
|
||||
--datadir=${PREFIX}/etc/squid \
|
||||
--libexecdir=${PREFIX}/libexec/squid \
|
||||
--localstatedir=${PREFIX}/squid \
|
||||
--sysconfdir=${PREFIX}/etc/squid \
|
||||
--enable-removal-policies="lru heap" \
|
||||
--disable-linux-netfilter \
|
||||
--disable-linux-tproxy \
|
||||
--disable-epoll
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
# Authentication methods and modules:
|
||||
|
||||
basic_auth= NCSA PAM MSNT SMB
|
||||
digest_auth= password
|
||||
external_acl= ip_user session unix_group wbinfo_group
|
||||
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
|
||||
.if defined(WITH_SQUID_LDAP_AUTH)
|
||||
USE_OPENLDAP= yes
|
||||
CFLAGS+= -I${LOCALBASE}/include
|
||||
LDFLAGS+= -L${LOCALBASE}/lib
|
||||
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
|
||||
basic_auth+= LDAP
|
||||
digest_auth+= ldap
|
||||
external_acl+= ldap_group
|
||||
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SASL_AUTH)
|
||||
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
|
||||
CFLAGS+= -I${LOCALBASE}/include
|
||||
CPPFLAGS+= -I${LOCALBASE}/include
|
||||
LDFLAGS+= -L${LOCALBASE}/lib
|
||||
basic_auth+= SASL
|
||||
libexec+= sasl_auth
|
||||
.endif
|
||||
.if !defined(NO_NIS) && !defined(WITHOUT_NIS)
|
||||
basic_auth+= YP
|
||||
libexec+= yp_auth
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
|
||||
--enable-basic-auth-helpers="${basic_auth}" \
|
||||
--enable-digest-auth-helpers="${digest_auth}" \
|
||||
--enable-external-acl-helpers="${external_acl}" \
|
||||
--enable-ntlm-auth-helpers="SMB"
|
||||
|
||||
# Storage schemes:
|
||||
|
||||
storage_schemes= ufs diskd null
|
||||
.if defined(WITH_SQUID_AUFS)
|
||||
storage_schemes+= aufs
|
||||
.if ${OSVERSION}>=501000
|
||||
# Only document libmap.conf where it is available:
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
|
||||
.endif
|
||||
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
|
||||
CONFIGURE_ARGS+= --with-pthreads
|
||||
CFLAGS+= ${PTHREAD_CFLAGS}
|
||||
.endif
|
||||
.if defined(WITH_SQUID_COSS)
|
||||
storage_schemes+= coss
|
||||
.if !defined(WITH_SQUID_AUFS)
|
||||
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
|
||||
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
|
||||
# adding the option VFS_AIO to your kernel configuration if you want to
|
||||
# actually use COSS storage:
|
||||
CONFIGURE_ARGS+= --enable-coss-aio-ops
|
||||
.endif
|
||||
sbin+= cossdump
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
|
||||
|
||||
# Other options set via 'make config':
|
||||
|
||||
.if defined(WITH_SQUID_DELAY_POOLS)
|
||||
CONFIGURE_ARGS+= --enable-delay-pools
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SNMP)
|
||||
CONFIGURE_ARGS+= --enable-snmp
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_CARP)
|
||||
CONFIGURE_ARGS+= --disable-carp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SSL)
|
||||
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
|
||||
# works when it is defined before bsd.port{.pre}.mk is .included.
|
||||
# This makes it currently impossible to combine this macro with OPTIONS to
|
||||
# conditionally include OpenSSL support.
|
||||
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
|
||||
CONFIGURE_ARGS+= --enable-ssl \
|
||||
--with-openssl="${OPENSSLBASE}"
|
||||
CFLAGS+= -I${OPENSSLINC}
|
||||
LDFLAGS+= -L${OPENSSLLIB}
|
||||
.endif
|
||||
.if defined(WITH_SQUID_PINGER)
|
||||
CONFIGURE_ARGS+= --enable-icmp
|
||||
libexec+= pinger
|
||||
.endif
|
||||
.if defined(WITH_SQUID_DNS_HELPER)
|
||||
CONFIGURE_ARGS+= --disable-internal-dns
|
||||
libexec+= dnsserver
|
||||
.endif
|
||||
.if defined(WITH_SQUID_HTCP)
|
||||
CONFIGURE_ARGS+= --enable-htcp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_VIA_DB)
|
||||
CONFIGURE_ARGS+= --enable-forw-via-db
|
||||
.endif
|
||||
.if defined(WITH_SQUID_CACHE_DIGESTS)
|
||||
CONFIGURE_ARGS+= --enable-cache-digests
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_WCCP)
|
||||
CONFIGURE_ARGS+= --disable-wccp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_WCCPV2)
|
||||
CONFIGURE_ARGS+= --enable-wccpv2
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STRICT_HTTP)
|
||||
CONFIGURE_ARGS+= --disable-http-violations
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_IDENT)
|
||||
CONFIGURE_ARGS+= --disable-ident-lookups
|
||||
.endif
|
||||
.if defined(WITH_SQUID_REFERER_LOG)
|
||||
CONFIGURE_ARGS+= --enable-referer-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_USERAGENT_LOG)
|
||||
CONFIGURE_ARGS+= --enable-useragent-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ARP_ACL)
|
||||
CONFIGURE_ARGS+= --enable-arp-acl
|
||||
.endif
|
||||
.if defined(WITH_SQUID_PF)
|
||||
CONFIGURE_ARGS+= --enable-pf-transparent
|
||||
.if ${OSVERSION} < 502106
|
||||
IGNORE= pf available only in FreeBSD 5.3 and newer
|
||||
.endif
|
||||
.endif
|
||||
# IPFilter-headers are not installed on FreeBSD 4 since 4.7-RELEASE,
|
||||
# they were not installed on FreeBSD 5 from 2002-03-26 (OSVERSION > 500032) to
|
||||
# 2003-06-27 (OSVERSION < 501101).
|
||||
#
|
||||
# Please see PR misc/44148 and the CVS log of src/include/Makefile for further
|
||||
# information.
|
||||
.if defined(WITH_SQUID_IPFILTER)
|
||||
.if (${OSVERSION} >= 470000 && ${OSVERSION} < 500000) || (${OSVERSION} > 500032 && ${OSVERSION} < 501101)
|
||||
IGNORE= IPFilter headers are not part of the base system
|
||||
.else
|
||||
CONFIGURE_ARGS+= --enable-ipf-transparent
|
||||
.endif
|
||||
.endif
|
||||
.if defined(WITH_SQUID_FOLLOW_XFF)
|
||||
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ICAP)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
|
||||
${PATCHDIR}/icap-2.6-core.patch
|
||||
CONFIGURE_ARGS+= --enable-icap-support
|
||||
error_files+= ERR_ICAP_FAILURE
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_KQUEUE)
|
||||
CONFIGURE_ARGS+= --enable-kqueue
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-kqueue
|
||||
.endif
|
||||
.if defined(WITH_SQUID_LARGEFILE)
|
||||
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
|
||||
CONFIGURE_ARGS+= --enable-stacktraces
|
||||
CFLAGS+= -g
|
||||
STRIP= ""
|
||||
.endif
|
||||
|
||||
# Languages:
|
||||
#
|
||||
# If you do not define SQUID_LANGUAGES yourself, all available language files
|
||||
# will be installed; the default language will be English.
|
||||
|
||||
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
|
||||
English Estonian Finnish French German Greek Hebrew \
|
||||
Hungarian Italian Japanese Korean Lithuanian \
|
||||
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
|
||||
Serbian Simplify_Chinese Slovak Spanish Swedish \
|
||||
Traditional_Chinese Turkish
|
||||
SQUID_DEFAULT_LANG?= English
|
||||
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
|
||||
--enable-default-err-language=${SQUID_DEFAULT_LANG}
|
||||
|
||||
# Finally, add additional user specified configuration options:
|
||||
CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS}
|
||||
|
||||
CONFIGURE_ENV+= CFLAGS="${CFLAGS}" \
|
||||
CPPFLAGS="${CPPFLAGS}"\
|
||||
LDFLAGS="${LDFLAGS}"
|
||||
|
||||
PLIST_DIRS= etc/squid/icons libexec/squid
|
||||
PLIST_FILES= ${etc_files:S,^,etc/,} ${icon_files:S,^,etc/squid/icons/,} \
|
||||
${libexec:S,^,libexec/squid/,} ${sbin:S,^,sbin/,}
|
||||
|
||||
.for d in ${SQUID_LANGUAGES}
|
||||
PLIST_DIRS+= etc/squid/errors/${d}
|
||||
PLIST_FILES+= ${error_files:S,^,etc/squid/errors/${d}/,}
|
||||
.endfor
|
||||
PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
|
||||
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
|
||||
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
|
||||
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
|
||||
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
|
||||
|
||||
pre-install:
|
||||
# Prevent installation of .orig files by deleting them.
|
||||
@${FIND} ${WRKSRC} -name '*.bak' -delete
|
||||
@${FIND} ${WRKSRC} -name '*.orig' -delete
|
||||
|
||||
pre-su-install:
|
||||
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
|
||||
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
|
||||
|
||||
post-install:
|
||||
.if defined(WITH_SQUID_PINGER)
|
||||
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
|
||||
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
|
||||
.endif
|
||||
.if !defined(NOPORTDOCS)
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
|
||||
.endif
|
||||
@${SETENV} PKG_PREFIX=${PREFIX} \
|
||||
${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
|
||||
|
||||
@${ECHO_CMD} "===> post-installation information for ${PKGNAME}:"
|
||||
@${ECHO_CMD} ""
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
@${ECHO_CMD} ""
|
||||
|
||||
.include <bsd.port.post.mk>
|
@ -1,3 +0,0 @@
|
||||
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
|
||||
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
|
||||
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060
|
@ -1,11 +0,0 @@
|
||||
--- include/squid_types.h.orig Mon Jul 7 00:45:26 2003
|
||||
+++ include/squid_types.h Mon Jul 7 00:48:39 2003
|
||||
@@ -66,8 +66,5 @@
|
||||
#if HAVE_SYS_TYPES_H
|
||||
#include <sys/types.h>
|
||||
#endif
|
||||
-#if HAVE_SYS_BITYPES_H
|
||||
-#include <sys/bitypes.h>
|
||||
-#endif
|
||||
|
||||
#endif /* SQUID_TYPES_H */
|
@ -1,11 +0,0 @@
|
||||
--- helpers/basic_auth/SMB/Makefile.in.orig Tue Oct 4 07:29:26 2005
|
||||
+++ helpers/basic_auth/SMB/Makefile.in Tue Oct 4 07:29:49 2005
|
||||
@@ -129,7 +129,7 @@
|
||||
makesnmplib = @makesnmplib@
|
||||
|
||||
SMB_AUTH_HELPER = smb_auth.sh
|
||||
-SAMBAPREFIX = /usr/local/samba
|
||||
+SAMBAPREFIX = %%LOCALBASE%%
|
||||
SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
|
||||
|
||||
libexec_SCRIPTS = $(SMB_AUTH_HELPER)
|
@ -1,13 +0,0 @@
|
||||
*** helpers/basic_auth/SMB/smb_auth.sh.orig Thu Feb 26 20:58:22 2004
|
||||
--- helpers/basic_auth/SMB/smb_auth.sh Thu Feb 26 20:59:45 2004
|
||||
***************
|
||||
*** 17,22 ****
|
||||
--- 17,24 ----
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
+ SAMBAPREFIX=${SAMBAPREFIX:-%%LOCALBASE%%}
|
||||
+
|
||||
read DOMAINNAME
|
||||
read PASSTHROUGH
|
||||
read NMBADDR
|
@ -1,39 +0,0 @@
|
||||
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
|
||||
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
|
||||
@@ -1183,6 +1183,21 @@
|
||||
|
||||
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
|
||||
(hard coded at 1 MB).
|
||||
+
|
||||
+ Note for FreeBSD users:
|
||||
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
|
||||
+ support for the aufs storage type, COSS will use POSIX AIO.
|
||||
+ This means that you need to add the line
|
||||
+
|
||||
+ options VFS_AIO
|
||||
+
|
||||
+ to your kernel configuration in order to use COSS.
|
||||
+
|
||||
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
|
||||
+ necessarily need to recompile your kernel.
|
||||
+
|
||||
+ If you compiled Squid with both support for aufs and COSS, COSS
|
||||
+ will use aufs' routines and does not need special kernel support.
|
||||
DOC_END
|
||||
|
||||
NAME: logformat
|
||||
@@ -3280,12 +3295,12 @@
|
||||
|
||||
NAME: cache_effective_user
|
||||
TYPE: string
|
||||
-DEFAULT: nobody
|
||||
+DEFAULT: %%SQUID_UID%%
|
||||
LOC: Config.effectiveUser
|
||||
DOC_START
|
||||
If you start Squid as root, it will change its effective/real
|
||||
UID/GID to the user specified below. The default is to change
|
||||
- to UID to nobody. If you define cache_effective_user, but not
|
||||
+ to UID to %%SQUID_UID%%. If you define cache_effective_user, but not
|
||||
cache_effective_group, Squid sets the GID to the effective
|
||||
user's default group ID (taken from the password file) and
|
||||
supplementary group list from the from groups membership of
|
@ -1,39 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PATH=/bin:/usr/bin:/usr/sbin
|
||||
|
||||
case $2 in
|
||||
DEINSTALL)
|
||||
cd ${PKG_PREFIX}/etc/squid || exit 1
|
||||
for f in cachemgr.conf mime.conf msntauth.conf squid.conf; do
|
||||
cmp -s -z ${f} ${f}.default && rm ${f}
|
||||
done
|
||||
;;
|
||||
POST-DEINSTALL)
|
||||
echo "===> post-deinstallation information for $1:"
|
||||
echo ""
|
||||
echo " Note:"
|
||||
echo " Squid related user accounts and groups were not removed."
|
||||
echo ""
|
||||
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
|
||||
echo " created by a default installation of this package, run"
|
||||
echo ""
|
||||
echo " pw userdel -n %%SQUID_UID%% -u 100"
|
||||
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
|
||||
echo ""
|
||||
echo " In order to ease updates the cache and log directories"
|
||||
echo " and all configuration files modified by you were preserved."
|
||||
echo ""
|
||||
echo " Please remove them manually if you do not want to use"
|
||||
echo " Squid any longer."
|
||||
fi
|
||||
echo ""
|
||||
;;
|
||||
*)
|
||||
exit 64
|
||||
;;
|
||||
esac
|
||||
exit 0
|
@ -1,81 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PATH=/bin:/usr/bin:/usr/sbin
|
||||
pkgname=$1
|
||||
squid_base="${PKG_PREFIX:-%%PREFIX%%}/squid"
|
||||
squid_confdir="${PKG_PREFIX:-%%PREFIX%%}/etc/squid"
|
||||
if [ -x /usr/sbin/nologin ]; then
|
||||
nologin=/usr/sbin/nologin
|
||||
else
|
||||
nologin=/sbin/nologin
|
||||
fi
|
||||
squid_user="%%SQUID_UID%%"
|
||||
squid_group="%%SQUID_GID%%"
|
||||
squid_gid=100
|
||||
squid_uid=100
|
||||
case $2 in
|
||||
PRE-INSTALL)
|
||||
echo "===> Pre-installation configuration for ${pkgname}"
|
||||
if ! pw groupshow ${squid_group} -q >/dev/null ; then
|
||||
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
|
||||
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
|
||||
echo "Failed to create group \"${squid_group}\"!" >&2
|
||||
echo "Please create it manually." >&2
|
||||
exit 1
|
||||
else
|
||||
echo "Group '${squid_group}' created successfully:"
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing group '${squid_group}':"
|
||||
fi
|
||||
pw groupshow ${squid_group}
|
||||
|
||||
if ! pw usershow ${squid_user} -q >/dev/null ; then
|
||||
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
|
||||
if ! pw useradd -q -n ${squid_user} \
|
||||
-u ${squid_uid} -g ${squid_group} \
|
||||
-c "Squid caching-proxy pseudo user" \
|
||||
-d "${squid_base}" -s "${nologin}" \
|
||||
-h - ; then
|
||||
echo "Failed to create user '${squid_user}'!" >&2
|
||||
echo "Please create it manually." >&2
|
||||
exit 1
|
||||
else
|
||||
echo "User '${squid_user}' created successfully:"
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing user '${squid_user}':"
|
||||
fi
|
||||
pw usershow ${squid_user}
|
||||
for dir in cache logs; do
|
||||
if [ ! -d ${squid_base}/${dir} ]; then
|
||||
echo "Creating ${squid_base}/${dir}..."
|
||||
install -d -o ${squid_user} -g ${squid_group} \
|
||||
-m 0750 ${squid_base}/${dir}
|
||||
fi
|
||||
done
|
||||
if [ ! -d ${squid_confdir} ]; then
|
||||
echo "Creating ${squid_confdir}..."
|
||||
install -d -o root -g ${squid_group} \
|
||||
-m 0750 ${squid_confdir}
|
||||
fi
|
||||
;;
|
||||
POST-INSTALL)
|
||||
for file in cachemgr.conf mime.conf squid.conf; do
|
||||
if [ ! -f ${squid_confdir}/${file} \
|
||||
-a -f ${squid_confdir}/${file}.default ]; then
|
||||
echo "Creating ${file} from default..."
|
||||
install -c -o root -g ${squid_group} -m 0640 \
|
||||
${squid_confdir}/${file}.default \
|
||||
${squid_confdir}/${file}
|
||||
fi
|
||||
done
|
||||
;;
|
||||
*)
|
||||
exit 64
|
||||
;;
|
||||
esac
|
||||
exit 0
|
@ -1,31 +0,0 @@
|
||||
o You can find the configuration files for this package in the
|
||||
directory %%PREFIX%%/etc/squid.
|
||||
|
||||
o A cache directory has been created in %%PREFIX%%/squid/cache.
|
||||
Log files will be written to %%PREFIX%%/squid/logs.
|
||||
|
||||
Note:
|
||||
You must initialize new cache directories before you can start
|
||||
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
|
||||
If your cache directories are already initialized (e.g. after an
|
||||
upgrade of squid) you do not need to initialize them again.
|
||||
|
||||
o The default configuration will deny everyone access to the
|
||||
proxy service. Edit the "http_access" directives in
|
||||
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
|
||||
|
||||
Please note that the Squid start script is an rc.d style script.
|
||||
This means that Squid will not start automatically at boot
|
||||
time unless it is explicitly enabled.
|
||||
|
||||
To enable Squid, set squid_enable=yes in either
|
||||
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
|
||||
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
|
||||
|
||||
Note:
|
||||
If you just updated your Squid installation from 2.5 or earlier,
|
||||
make sure to check your Squid configuration against the 2.6 default
|
||||
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
|
||||
|
||||
Additionally, you should check your configuration by calling
|
||||
'squid -f /path/to/squid.conf -k parse' before starting Squid.
|
@ -1,10 +0,0 @@
|
||||
Squid is a high-performance proxy caching server for web clients,
|
||||
supporting FTP, gopher, and HTTP data objects. Unlike traditional
|
||||
caching software, Squid handles all requests in a single, non-blocking,
|
||||
I/O-driven process.
|
||||
|
||||
Squid supports SSL, extensive access controls, and full request logging.
|
||||
By using the lightweight Internet Cache Protocol, Squid caches can be
|
||||
arranged in a hierarchy or mesh for additional bandwidth savings.
|
||||
|
||||
WWW: http://www.squid-cache.org/
|
@ -1,432 +0,0 @@
|
||||
# New ports collection makefile for: squid26
|
||||
# Date created: 2006-06-01
|
||||
# Whom: Thomas-Martin Seck <tmseck@netcologne.de>
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# Tunables not (yet) configurable via 'make config':
|
||||
# SQUID_{U,G}ID
|
||||
# Which user/group Squid should run as (default: squid/squid).
|
||||
# The user and group will be created if they do not already exist using
|
||||
# a uid:gid of 100:100.
|
||||
# NOTE: older versions of Squid defaulted to nobody/nogroup.
|
||||
# If you wish to run Squid as "nobody" (which is not recommended), please
|
||||
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
|
||||
# before you start the update or installation of this port.
|
||||
#
|
||||
# SQUID_LANGUAGES
|
||||
# A list of languages for which error page files should be installed
|
||||
# (default: all)
|
||||
#
|
||||
# E.g. use `make SQUID_LANGUAGES="English French"' if you want to
|
||||
# install the files for these languages only.
|
||||
# Use `make -VSQUID_LANGUAGES' or scroll down to this variable's
|
||||
# definition to see which values are valid.
|
||||
#
|
||||
# SQUID_DEFAULT_LANG
|
||||
# If you define SQUID_LANGUAGES, select which language should be the default
|
||||
# one (this variable defaults to English). This setting can be overwritten
|
||||
# with squid.conf's error_directory directive.
|
||||
#
|
||||
# SQUID_CONFIGURE_ARGS
|
||||
# Additional configuration options.
|
||||
#
|
||||
# To enable them, use e.g
|
||||
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
|
||||
#
|
||||
# The list below may be incomplete, please see the configure script
|
||||
# in the Squid source distribution for the complete list of additional
|
||||
# options.
|
||||
# Note that you probably do not need to worry about these options in most
|
||||
# cases, they are included in case you want to experiment with them.
|
||||
#
|
||||
# --enable-dlmalloc
|
||||
# Compile and use the malloc package from Doug Lea
|
||||
# --enable-gnuregex
|
||||
# Compile and use the supplied GNUregex routines instead of BSD regex
|
||||
# (not recommended).
|
||||
# --enable-xmalloc-statistics
|
||||
# Show malloc statistics in status page
|
||||
# --enable-cachemgr-hostname=some.hostname
|
||||
# Set an explicit hostname in cachemgr.cgi
|
||||
# --enable-truncate
|
||||
# Use truncate() rather than unlink()
|
||||
# --disable-unlinkd
|
||||
# Do not use "unlinkd"
|
||||
# --with-aufs-threads=N_THREADS
|
||||
# Tune the number of worker threads for the aufs object
|
||||
# --with-coss-membuf-size
|
||||
# COSS membuf size (default: 1048576 bytes)
|
||||
# --with-maxfd=N
|
||||
# Override the maximum number of filedescriptors. Useful if you
|
||||
# build as another user who is not privileged to use the amount
|
||||
# of filedescriptors the resulting binary is expected to support.
|
||||
# --enable-ntlm-fail-open
|
||||
# Enable NTLM fail open, where a helper that fails one of the
|
||||
# Authentication steps can allow Squid to still authenticate the user
|
||||
# --enable-x-accelerator-vary
|
||||
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
|
||||
# to indicate variance within an accelerator setup. Typically used
|
||||
# together with other code that adds custom HTTP headers to the
|
||||
# requests.
|
||||
# --enable-forward-log
|
||||
# Enable experimental forward_log directive.
|
||||
# --enable-multicast-miss
|
||||
# Enable experimental multicast notification of cachemisses.
|
||||
|
||||
PORTNAME= squid
|
||||
PORTVERSION= 2.6.9
|
||||
CATEGORIES= www
|
||||
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
|
||||
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
|
||||
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
|
||||
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
|
||||
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
|
||||
MASTER_SITE_SUBDIR= squid-2/STABLE
|
||||
DISTNAME= squid-2.6.STABLE9
|
||||
DIST_SUBDIR= squid2.6
|
||||
|
||||
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www3.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.at.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.nl.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.ru.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.uk.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.jp.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.tw.squid-cache.org/%SUBDIR%/
|
||||
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
|
||||
PATCHFILES=
|
||||
PATCH_DIST_STRIP= -p1
|
||||
|
||||
MAINTAINER= tmseck@netcologne.de
|
||||
COMMENT= HTTP Caching Proxy
|
||||
|
||||
LATEST_LINK= squid26
|
||||
|
||||
CONFLICTS= squid-2.[^6]*
|
||||
GNU_CONFIGURE= yes
|
||||
USE_BZIP2= yes
|
||||
USE_PERL5= yes
|
||||
USE_RC_SUBR= squid
|
||||
|
||||
SQUID_UID?= squid
|
||||
SQUID_GID?= squid
|
||||
|
||||
MAN8= cachemgr.cgi.8 squid.8
|
||||
docs= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
|
||||
PORTDOCS= ${docs:T}
|
||||
SUB_FILES+= pkg-deinstall pkg-install pkg-message
|
||||
SUB_LIST+= SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID}
|
||||
|
||||
OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
|
||||
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
|
||||
SQUID_DELAY_POOLS "Enable delay pools" off \
|
||||
SQUID_SNMP "Enable SNMP support" off \
|
||||
SQUID_CARP "Enable CARP support" on \
|
||||
SQUID_SSL "Enable SSL support for reverse proxies" off \
|
||||
SQUID_PINGER "Install the icmp helper" off \
|
||||
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
|
||||
SQUID_HTCP "Enable HTCP support" off \
|
||||
SQUID_VIA_DB "Enable forward/via database" off \
|
||||
SQUID_CACHE_DIGESTS "Enable cache digests" off \
|
||||
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
|
||||
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
|
||||
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
|
||||
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
|
||||
SQUID_REFERER_LOG "Enable Referer-header logging" off \
|
||||
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
|
||||
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
|
||||
SQUID_PF "Enable transparent proxying with PF" off \
|
||||
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
|
||||
SQUID_FOLLOW_XFF "Follow X-Forwarded-For headers" off \
|
||||
SQUID_ICAP "Enable ICAP client functionality" off \
|
||||
SQUID_AUFS "Enable the aufs storage scheme" off \
|
||||
SQUID_COSS "Enable the COSS storage scheme" off \
|
||||
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
|
||||
SQUID_LARGEFILE "Support log and cache files >2GB" off \
|
||||
SQUID_STACKTRACES "Create backtraces on fatal errors" off
|
||||
|
||||
etc_files= squid/cachemgr.conf.default \
|
||||
squid/mib.txt squid/mime.conf.default \
|
||||
squid/msntauth.conf.default squid/squid.conf.default
|
||||
|
||||
icon_files= anthony-binhex.gif anthony-bomb.gif anthony-box.gif \
|
||||
anthony-box2.gif anthony-c.gif anthony-compressed.gif \
|
||||
anthony-dir.gif anthony-dirup.gif anthony-dvi.gif \
|
||||
anthony-f.gif anthony-image.gif anthony-image2.gif \
|
||||
anthony-layout.gif anthony-link.gif anthony-movie.gif \
|
||||
anthony-pdf.gif anthony-portal.gif anthony-ps.gif \
|
||||
anthony-quill.gif anthony-script.gif anthony-sound.gif \
|
||||
anthony-tar.gif anthony-tex.gif anthony-text.gif \
|
||||
anthony-unknown.gif anthony-xbm.gif anthony-xpm.gif
|
||||
|
||||
error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
|
||||
ERR_CACHE_MGR_ACCESS_DENIED ERR_CANNOT_FORWARD \
|
||||
ERR_CONNECT_FAIL ERR_DNS_FAIL ERR_FORWARDING_DENIED \
|
||||
ERR_FTP_DISABLED ERR_FTP_FAILURE ERR_FTP_FORBIDDEN \
|
||||
ERR_FTP_NOT_FOUND ERR_FTP_PUT_CREATED \
|
||||
ERR_FTP_PUT_ERROR ERR_FTP_PUT_MODIFIED ERR_FTP_UNAVAILABLE \
|
||||
ERR_INVALID_REQ ERR_INVALID_RESP ERR_INVALID_URL \
|
||||
ERR_LIFETIME_EXP ERR_NO_RELAY ERR_ONLY_IF_CACHED_MISS \
|
||||
ERR_READ_ERROR ERR_READ_TIMEOUT ERR_SHUTTING_DOWN \
|
||||
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
|
||||
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
|
||||
|
||||
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
|
||||
msnt_auth ncsa_auth ntlm_auth \
|
||||
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
|
||||
wbinfo_group.pl
|
||||
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
|
||||
libexec+= unlinkd
|
||||
.endif
|
||||
|
||||
sbin= RunCache squidclient squid
|
||||
|
||||
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
|
||||
--sbindir=${PREFIX}/sbin \
|
||||
--datadir=${PREFIX}/etc/squid \
|
||||
--libexecdir=${PREFIX}/libexec/squid \
|
||||
--localstatedir=${PREFIX}/squid \
|
||||
--sysconfdir=${PREFIX}/etc/squid \
|
||||
--enable-removal-policies="lru heap" \
|
||||
--disable-linux-netfilter \
|
||||
--disable-linux-tproxy \
|
||||
--disable-epoll
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
# Authentication methods and modules:
|
||||
|
||||
basic_auth= NCSA PAM MSNT SMB
|
||||
digest_auth= password
|
||||
external_acl= ip_user session unix_group wbinfo_group
|
||||
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
|
||||
.if defined(WITH_SQUID_LDAP_AUTH)
|
||||
USE_OPENLDAP= yes
|
||||
CFLAGS+= -I${LOCALBASE}/include
|
||||
LDFLAGS+= -L${LOCALBASE}/lib
|
||||
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
|
||||
basic_auth+= LDAP
|
||||
digest_auth+= ldap
|
||||
external_acl+= ldap_group
|
||||
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SASL_AUTH)
|
||||
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
|
||||
CFLAGS+= -I${LOCALBASE}/include
|
||||
CPPFLAGS+= -I${LOCALBASE}/include
|
||||
LDFLAGS+= -L${LOCALBASE}/lib
|
||||
basic_auth+= SASL
|
||||
libexec+= sasl_auth
|
||||
.endif
|
||||
.if !defined(NO_NIS) && !defined(WITHOUT_NIS)
|
||||
basic_auth+= YP
|
||||
libexec+= yp_auth
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
|
||||
--enable-basic-auth-helpers="${basic_auth}" \
|
||||
--enable-digest-auth-helpers="${digest_auth}" \
|
||||
--enable-external-acl-helpers="${external_acl}" \
|
||||
--enable-ntlm-auth-helpers="SMB"
|
||||
|
||||
# Storage schemes:
|
||||
|
||||
storage_schemes= ufs diskd null
|
||||
.if defined(WITH_SQUID_AUFS)
|
||||
storage_schemes+= aufs
|
||||
.if ${OSVERSION}>=501000
|
||||
# Only document libmap.conf where it is available:
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
|
||||
.endif
|
||||
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
|
||||
CONFIGURE_ARGS+= --with-pthreads
|
||||
CFLAGS+= ${PTHREAD_CFLAGS}
|
||||
.endif
|
||||
.if defined(WITH_SQUID_COSS)
|
||||
storage_schemes+= coss
|
||||
.if !defined(WITH_SQUID_AUFS)
|
||||
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
|
||||
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
|
||||
# adding the option VFS_AIO to your kernel configuration if you want to
|
||||
# actually use COSS storage:
|
||||
CONFIGURE_ARGS+= --enable-coss-aio-ops
|
||||
.endif
|
||||
sbin+= cossdump
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
|
||||
|
||||
# Other options set via 'make config':
|
||||
|
||||
.if defined(WITH_SQUID_DELAY_POOLS)
|
||||
CONFIGURE_ARGS+= --enable-delay-pools
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SNMP)
|
||||
CONFIGURE_ARGS+= --enable-snmp
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_CARP)
|
||||
CONFIGURE_ARGS+= --disable-carp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SSL)
|
||||
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
|
||||
# works when it is defined before bsd.port{.pre}.mk is .included.
|
||||
# This makes it currently impossible to combine this macro with OPTIONS to
|
||||
# conditionally include OpenSSL support.
|
||||
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
|
||||
CONFIGURE_ARGS+= --enable-ssl \
|
||||
--with-openssl="${OPENSSLBASE}"
|
||||
CFLAGS+= -I${OPENSSLINC}
|
||||
LDFLAGS+= -L${OPENSSLLIB}
|
||||
.endif
|
||||
.if defined(WITH_SQUID_PINGER)
|
||||
CONFIGURE_ARGS+= --enable-icmp
|
||||
libexec+= pinger
|
||||
.endif
|
||||
.if defined(WITH_SQUID_DNS_HELPER)
|
||||
CONFIGURE_ARGS+= --disable-internal-dns
|
||||
libexec+= dnsserver
|
||||
.endif
|
||||
.if defined(WITH_SQUID_HTCP)
|
||||
CONFIGURE_ARGS+= --enable-htcp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_VIA_DB)
|
||||
CONFIGURE_ARGS+= --enable-forw-via-db
|
||||
.endif
|
||||
.if defined(WITH_SQUID_CACHE_DIGESTS)
|
||||
CONFIGURE_ARGS+= --enable-cache-digests
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_WCCP)
|
||||
CONFIGURE_ARGS+= --disable-wccp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_WCCPV2)
|
||||
CONFIGURE_ARGS+= --enable-wccpv2
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STRICT_HTTP)
|
||||
CONFIGURE_ARGS+= --disable-http-violations
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_IDENT)
|
||||
CONFIGURE_ARGS+= --disable-ident-lookups
|
||||
.endif
|
||||
.if defined(WITH_SQUID_REFERER_LOG)
|
||||
CONFIGURE_ARGS+= --enable-referer-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_USERAGENT_LOG)
|
||||
CONFIGURE_ARGS+= --enable-useragent-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ARP_ACL)
|
||||
CONFIGURE_ARGS+= --enable-arp-acl
|
||||
.endif
|
||||
.if defined(WITH_SQUID_PF)
|
||||
CONFIGURE_ARGS+= --enable-pf-transparent
|
||||
.if ${OSVERSION} < 502106
|
||||
IGNORE= pf available only in FreeBSD 5.3 and newer
|
||||
.endif
|
||||
.endif
|
||||
# IPFilter-headers are not installed on FreeBSD 4 since 4.7-RELEASE,
|
||||
# they were not installed on FreeBSD 5 from 2002-03-26 (OSVERSION > 500032) to
|
||||
# 2003-06-27 (OSVERSION < 501101).
|
||||
#
|
||||
# Please see PR misc/44148 and the CVS log of src/include/Makefile for further
|
||||
# information.
|
||||
.if defined(WITH_SQUID_IPFILTER)
|
||||
.if (${OSVERSION} >= 470000 && ${OSVERSION} < 500000) || (${OSVERSION} > 500032 && ${OSVERSION} < 501101)
|
||||
IGNORE= IPFilter headers are not part of the base system
|
||||
.else
|
||||
CONFIGURE_ARGS+= --enable-ipf-transparent
|
||||
.endif
|
||||
.endif
|
||||
.if defined(WITH_SQUID_FOLLOW_XFF)
|
||||
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ICAP)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
|
||||
${PATCHDIR}/icap-2.6-core.patch
|
||||
CONFIGURE_ARGS+= --enable-icap-support
|
||||
error_files+= ERR_ICAP_FAILURE
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_KQUEUE)
|
||||
CONFIGURE_ARGS+= --enable-kqueue
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-kqueue
|
||||
.endif
|
||||
.if defined(WITH_SQUID_LARGEFILE)
|
||||
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
|
||||
CONFIGURE_ARGS+= --enable-stacktraces
|
||||
CFLAGS+= -g
|
||||
STRIP= ""
|
||||
.endif
|
||||
|
||||
# Languages:
|
||||
#
|
||||
# If you do not define SQUID_LANGUAGES yourself, all available language files
|
||||
# will be installed; the default language will be English.
|
||||
|
||||
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
|
||||
English Estonian Finnish French German Greek Hebrew \
|
||||
Hungarian Italian Japanese Korean Lithuanian \
|
||||
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
|
||||
Serbian Simplify_Chinese Slovak Spanish Swedish \
|
||||
Traditional_Chinese Turkish
|
||||
SQUID_DEFAULT_LANG?= English
|
||||
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
|
||||
--enable-default-err-language=${SQUID_DEFAULT_LANG}
|
||||
|
||||
# Finally, add additional user specified configuration options:
|
||||
CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS}
|
||||
|
||||
CONFIGURE_ENV+= CFLAGS="${CFLAGS}" \
|
||||
CPPFLAGS="${CPPFLAGS}"\
|
||||
LDFLAGS="${LDFLAGS}"
|
||||
|
||||
PLIST_DIRS= etc/squid/icons libexec/squid
|
||||
PLIST_FILES= ${etc_files:S,^,etc/,} ${icon_files:S,^,etc/squid/icons/,} \
|
||||
${libexec:S,^,libexec/squid/,} ${sbin:S,^,sbin/,}
|
||||
|
||||
.for d in ${SQUID_LANGUAGES}
|
||||
PLIST_DIRS+= etc/squid/errors/${d}
|
||||
PLIST_FILES+= ${error_files:S,^,etc/squid/errors/${d}/,}
|
||||
.endfor
|
||||
PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
|
||||
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
|
||||
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
|
||||
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
|
||||
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
|
||||
|
||||
pre-install:
|
||||
# Prevent installation of .orig files by deleting them.
|
||||
@${FIND} ${WRKSRC} -name '*.bak' -delete
|
||||
@${FIND} ${WRKSRC} -name '*.orig' -delete
|
||||
|
||||
pre-su-install:
|
||||
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
|
||||
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
|
||||
|
||||
post-install:
|
||||
.if defined(WITH_SQUID_PINGER)
|
||||
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
|
||||
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
|
||||
.endif
|
||||
.if !defined(NOPORTDOCS)
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
|
||||
.endif
|
||||
@${SETENV} PKG_PREFIX=${PREFIX} \
|
||||
${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
|
||||
|
||||
@${ECHO_CMD} "===> post-installation information for ${PKGNAME}:"
|
||||
@${ECHO_CMD} ""
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
@${ECHO_CMD} ""
|
||||
|
||||
.include <bsd.port.post.mk>
|
@ -1,3 +0,0 @@
|
||||
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
|
||||
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
|
||||
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060
|
@ -1,11 +0,0 @@
|
||||
--- include/squid_types.h.orig Mon Jul 7 00:45:26 2003
|
||||
+++ include/squid_types.h Mon Jul 7 00:48:39 2003
|
||||
@@ -66,8 +66,5 @@
|
||||
#if HAVE_SYS_TYPES_H
|
||||
#include <sys/types.h>
|
||||
#endif
|
||||
-#if HAVE_SYS_BITYPES_H
|
||||
-#include <sys/bitypes.h>
|
||||
-#endif
|
||||
|
||||
#endif /* SQUID_TYPES_H */
|
@ -1,11 +0,0 @@
|
||||
--- helpers/basic_auth/SMB/Makefile.in.orig Tue Oct 4 07:29:26 2005
|
||||
+++ helpers/basic_auth/SMB/Makefile.in Tue Oct 4 07:29:49 2005
|
||||
@@ -129,7 +129,7 @@
|
||||
makesnmplib = @makesnmplib@
|
||||
|
||||
SMB_AUTH_HELPER = smb_auth.sh
|
||||
-SAMBAPREFIX = /usr/local/samba
|
||||
+SAMBAPREFIX = %%LOCALBASE%%
|
||||
SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
|
||||
|
||||
libexec_SCRIPTS = $(SMB_AUTH_HELPER)
|
@ -1,13 +0,0 @@
|
||||
*** helpers/basic_auth/SMB/smb_auth.sh.orig Thu Feb 26 20:58:22 2004
|
||||
--- helpers/basic_auth/SMB/smb_auth.sh Thu Feb 26 20:59:45 2004
|
||||
***************
|
||||
*** 17,22 ****
|
||||
--- 17,24 ----
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
||||
|
||||
+ SAMBAPREFIX=${SAMBAPREFIX:-%%LOCALBASE%%}
|
||||
+
|
||||
read DOMAINNAME
|
||||
read PASSTHROUGH
|
||||
read NMBADDR
|
@ -1,39 +0,0 @@
|
||||
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
|
||||
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
|
||||
@@ -1183,6 +1183,21 @@
|
||||
|
||||
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
|
||||
(hard coded at 1 MB).
|
||||
+
|
||||
+ Note for FreeBSD users:
|
||||
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
|
||||
+ support for the aufs storage type, COSS will use POSIX AIO.
|
||||
+ This means that you need to add the line
|
||||
+
|
||||
+ options VFS_AIO
|
||||
+
|
||||
+ to your kernel configuration in order to use COSS.
|
||||
+
|
||||
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
|
||||
+ necessarily need to recompile your kernel.
|
||||
+
|
||||
+ If you compiled Squid with both support for aufs and COSS, COSS
|
||||
+ will use aufs' routines and does not need special kernel support.
|
||||
DOC_END
|
||||
|
||||
NAME: logformat
|
||||
@@ -3280,12 +3295,12 @@
|
||||
|
||||
NAME: cache_effective_user
|
||||
TYPE: string
|
||||
-DEFAULT: nobody
|
||||
+DEFAULT: %%SQUID_UID%%
|
||||
LOC: Config.effectiveUser
|
||||
DOC_START
|
||||
If you start Squid as root, it will change its effective/real
|
||||
UID/GID to the user specified below. The default is to change
|
||||
- to UID to nobody. If you define cache_effective_user, but not
|
||||
+ to UID to %%SQUID_UID%%. If you define cache_effective_user, but not
|
||||
cache_effective_group, Squid sets the GID to the effective
|
||||
user's default group ID (taken from the password file) and
|
||||
supplementary group list from the from groups membership of
|
@ -1,39 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PATH=/bin:/usr/bin:/usr/sbin
|
||||
|
||||
case $2 in
|
||||
DEINSTALL)
|
||||
cd ${PKG_PREFIX}/etc/squid || exit 1
|
||||
for f in cachemgr.conf mime.conf msntauth.conf squid.conf; do
|
||||
cmp -s -z ${f} ${f}.default && rm ${f}
|
||||
done
|
||||
;;
|
||||
POST-DEINSTALL)
|
||||
echo "===> post-deinstallation information for $1:"
|
||||
echo ""
|
||||
echo " Note:"
|
||||
echo " Squid related user accounts and groups were not removed."
|
||||
echo ""
|
||||
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
|
||||
echo " created by a default installation of this package, run"
|
||||
echo ""
|
||||
echo " pw userdel -n %%SQUID_UID%% -u 100"
|
||||
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
|
||||
echo ""
|
||||
echo " In order to ease updates the cache and log directories"
|
||||
echo " and all configuration files modified by you were preserved."
|
||||
echo ""
|
||||
echo " Please remove them manually if you do not want to use"
|
||||
echo " Squid any longer."
|
||||
fi
|
||||
echo ""
|
||||
;;
|
||||
*)
|
||||
exit 64
|
||||
;;
|
||||
esac
|
||||
exit 0
|
@ -1,81 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
PATH=/bin:/usr/bin:/usr/sbin
|
||||
pkgname=$1
|
||||
squid_base="${PKG_PREFIX:-%%PREFIX%%}/squid"
|
||||
squid_confdir="${PKG_PREFIX:-%%PREFIX%%}/etc/squid"
|
||||
if [ -x /usr/sbin/nologin ]; then
|
||||
nologin=/usr/sbin/nologin
|
||||
else
|
||||
nologin=/sbin/nologin
|
||||
fi
|
||||
squid_user="%%SQUID_UID%%"
|
||||
squid_group="%%SQUID_GID%%"
|
||||
squid_gid=100
|
||||
squid_uid=100
|
||||
case $2 in
|
||||
PRE-INSTALL)
|
||||
echo "===> Pre-installation configuration for ${pkgname}"
|
||||
if ! pw groupshow ${squid_group} -q >/dev/null ; then
|
||||
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
|
||||
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
|
||||
echo "Failed to create group \"${squid_group}\"!" >&2
|
||||
echo "Please create it manually." >&2
|
||||
exit 1
|
||||
else
|
||||
echo "Group '${squid_group}' created successfully:"
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing group '${squid_group}':"
|
||||
fi
|
||||
pw groupshow ${squid_group}
|
||||
|
||||
if ! pw usershow ${squid_user} -q >/dev/null ; then
|
||||
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
|
||||
if ! pw useradd -q -n ${squid_user} \
|
||||
-u ${squid_uid} -g ${squid_group} \
|
||||
-c "Squid caching-proxy pseudo user" \
|
||||
-d "${squid_base}" -s "${nologin}" \
|
||||
-h - ; then
|
||||
echo "Failed to create user '${squid_user}'!" >&2
|
||||
echo "Please create it manually." >&2
|
||||
exit 1
|
||||
else
|
||||
echo "User '${squid_user}' created successfully:"
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing user '${squid_user}':"
|
||||
fi
|
||||
pw usershow ${squid_user}
|
||||
for dir in cache logs; do
|
||||
if [ ! -d ${squid_base}/${dir} ]; then
|
||||
echo "Creating ${squid_base}/${dir}..."
|
||||
install -d -o ${squid_user} -g ${squid_group} \
|
||||
-m 0750 ${squid_base}/${dir}
|
||||
fi
|
||||
done
|
||||
if [ ! -d ${squid_confdir} ]; then
|
||||
echo "Creating ${squid_confdir}..."
|
||||
install -d -o root -g ${squid_group} \
|
||||
-m 0750 ${squid_confdir}
|
||||
fi
|
||||
;;
|
||||
POST-INSTALL)
|
||||
for file in cachemgr.conf mime.conf squid.conf; do
|
||||
if [ ! -f ${squid_confdir}/${file} \
|
||||
-a -f ${squid_confdir}/${file}.default ]; then
|
||||
echo "Creating ${file} from default..."
|
||||
install -c -o root -g ${squid_group} -m 0640 \
|
||||
${squid_confdir}/${file}.default \
|
||||
${squid_confdir}/${file}
|
||||
fi
|
||||
done
|
||||
;;
|
||||
*)
|
||||
exit 64
|
||||
;;
|
||||
esac
|
||||
exit 0
|
@ -1,31 +0,0 @@
|
||||
o You can find the configuration files for this package in the
|
||||
directory %%PREFIX%%/etc/squid.
|
||||
|
||||
o A cache directory has been created in %%PREFIX%%/squid/cache.
|
||||
Log files will be written to %%PREFIX%%/squid/logs.
|
||||
|
||||
Note:
|
||||
You must initialize new cache directories before you can start
|
||||
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
|
||||
If your cache directories are already initialized (e.g. after an
|
||||
upgrade of squid) you do not need to initialize them again.
|
||||
|
||||
o The default configuration will deny everyone access to the
|
||||
proxy service. Edit the "http_access" directives in
|
||||
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
|
||||
|
||||
Please note that the Squid start script is an rc.d style script.
|
||||
This means that Squid will not start automatically at boot
|
||||
time unless it is explicitly enabled.
|
||||
|
||||
To enable Squid, set squid_enable=yes in either
|
||||
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
|
||||
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
|
||||
|
||||
Note:
|
||||
If you just updated your Squid installation from 2.5 or earlier,
|
||||
make sure to check your Squid configuration against the 2.6 default
|
||||
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
|
||||
|
||||
Additionally, you should check your configuration by calling
|
||||
'squid -f /path/to/squid.conf -k parse' before starting Squid.
|
@ -1,10 +0,0 @@
|
||||
Squid is a high-performance proxy caching server for web clients,
|
||||
supporting FTP, gopher, and HTTP data objects. Unlike traditional
|
||||
caching software, Squid handles all requests in a single, non-blocking,
|
||||
I/O-driven process.
|
||||
|
||||
Squid supports SSL, extensive access controls, and full request logging.
|
||||
By using the lightweight Internet Cache Protocol, Squid caches can be
|
||||
arranged in a hierarchy or mesh for additional bandwidth savings.
|
||||
|
||||
WWW: http://www.squid-cache.org/
|
@ -9,15 +9,11 @@
|
||||
# Which user/group Squid should run as (default: squid/squid).
|
||||
# The user and group will be created if they do not already exist using
|
||||
# a uid:gid of 100:100.
|
||||
# NOTE: before version 2.5.4_6, these settings defaulted to
|
||||
# nobody/nogroup.
|
||||
# If you wish to keep these settings, please define SQUID_UID=nobody and
|
||||
# SQUID_GID=nogroup in your make environment before you start the update.
|
||||
# NOTE2:
|
||||
# Before version 2.5.4_11 the numerical id chosen for SQUID_UID (and
|
||||
# SQUID_GID respectively) was the first free id greater than or equal 3128.
|
||||
# If you wish to move your squid user to id 100:100, run "make changeuser",
|
||||
# please see the changeuser target's definition for further information.
|
||||
# NOTE: older versions of Squid defaulted to nobody/nogroup.
|
||||
# If you wish to run Squid as "nobody" (which is not recommended), please
|
||||
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
|
||||
# before you start the update or installation of this port.
|
||||
#
|
||||
# SQUID_LANGUAGES
|
||||
# A list of languages for which error page files should be installed
|
||||
# (default: all)
|
||||
@ -39,7 +35,7 @@
|
||||
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
|
||||
#
|
||||
# The list below may be incomplete, please see the configure script
|
||||
# in the squid source distribution for the complete list of additional
|
||||
# in the Squid source distribution for the complete list of additional
|
||||
# options.
|
||||
# Note that you probably do not need to worry about these options in most
|
||||
# cases, they are included in case you want to experiment with them.
|
||||
@ -47,11 +43,10 @@
|
||||
# --enable-dlmalloc
|
||||
# Compile and use the malloc package from Doug Lea
|
||||
# --enable-gnuregex
|
||||
# Compile and use the supplied GNUregex routines instead of BSD regex.
|
||||
# Compile and use the supplied GNUregex routines instead of BSD regex
|
||||
# (not recommended).
|
||||
# --enable-xmalloc-statistics
|
||||
# Show malloc statistics in status page
|
||||
# --enable-time-hack
|
||||
# Optimize time updates to one per second rather than calling gettimeofday()
|
||||
# --enable-cachemgr-hostname=some.hostname
|
||||
# Set an explicit hostname in cachemgr.cgi
|
||||
# --enable-truncate
|
||||
@ -69,39 +64,53 @@
|
||||
# --enable-ntlm-fail-open
|
||||
# Enable NTLM fail open, where a helper that fails one of the
|
||||
# Authentication steps can allow Squid to still authenticate the user
|
||||
#
|
||||
# --enable-x-accelerator-vary
|
||||
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
|
||||
# to indicate variance within an accelerator setup. Typically used
|
||||
# together with other code that adds custom HTTP headers to the
|
||||
# requests.
|
||||
# --enable-forward-log
|
||||
# Enable experimental forward_log directive.
|
||||
# --enable-multicast-miss
|
||||
# Enable experimental multicast notification of cachemisses.
|
||||
|
||||
PORTNAME= squid
|
||||
PORTVERSION= 2.5.14
|
||||
PORTREVISION= 4
|
||||
PORTVERSION= 2.6.9
|
||||
CATEGORIES= www
|
||||
MASTER_SITES= http://www.squid-cache.org/%SUBDIR%/ \
|
||||
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
|
||||
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
|
||||
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
|
||||
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
|
||||
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
|
||||
MASTER_SITE_SUBDIR= squid-2/STABLE
|
||||
DISTNAME= squid-2.6.STABLE9
|
||||
DIST_SUBDIR= squid2.6
|
||||
|
||||
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www3.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.at.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.nl.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.ru.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.uk.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.gr.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.jp.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.tw.squid-cache.org/%SUBDIR%/
|
||||
MASTER_SITE_SUBDIR= Versions/v2/2.5
|
||||
DISTNAME= squid-2.5.STABLE14
|
||||
DIST_SUBDIR= squid2.5
|
||||
|
||||
PATCH_SITES= ${MASTER_SITES}
|
||||
PATCH_SITE_SUBDIR= Versions/v2/2.5/bugs
|
||||
PATCHFILES= squid-2.5.STABLE14-httpReplyDestroy.patch \
|
||||
squid-2.5.STABLE14-hierarchy_tag.patch
|
||||
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
|
||||
PATCHFILES=
|
||||
PATCH_DIST_STRIP= -p1
|
||||
|
||||
MAINTAINER= tmseck@netcologne.de
|
||||
COMMENT= HTTP Caching Proxy
|
||||
|
||||
CONFLICTS= squid-2.[^5]*
|
||||
CONFLICTS= squid-2.[^6]*
|
||||
GNU_CONFIGURE= yes
|
||||
USE_BZIP2= yes
|
||||
USE_PERL5= yes
|
||||
USE_RC_SUBR= squid
|
||||
|
||||
SQUID_UID?= squid
|
||||
SQUID_GID?= squid
|
||||
@ -116,20 +125,19 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
|
||||
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
|
||||
SQUID_DELAY_POOLS "Enable delay pools" off \
|
||||
SQUID_SNMP "Enable SNMP support" off \
|
||||
SQUID_CARP "Enable CARP support" off \
|
||||
SQUID_CARP "Enable CARP support" on \
|
||||
SQUID_SSL "Enable SSL support for reverse proxies" off \
|
||||
SQUID_PINGER "Install the icmp helper" off \
|
||||
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
|
||||
SQUID_HTCP "Enable HTCP support" off \
|
||||
SQUID_VIA_DB "Enable forward/via database" off \
|
||||
SQUID_CACHE_DIGESTS "Enable cache digests" off \
|
||||
SQUID_WCCP "Enable Web Cache Coordination Protocol" on \
|
||||
SQUID_UNDERSCORES "Allow underscores in hostnames" on \
|
||||
SQUID_CHECK_HOSTNAME "Do hostname checking" on \
|
||||
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
|
||||
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
|
||||
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
|
||||
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
|
||||
SQUID_REFERER_LOG "Enable Referer-header logging" off \
|
||||
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
|
||||
SQUID_CUSTOM_LOG "Enable custom log format" off \
|
||||
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
|
||||
SQUID_PF "Enable transparent proxying with PF" off \
|
||||
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
|
||||
@ -137,9 +145,9 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
|
||||
SQUID_ICAP "Enable ICAP client functionality" off \
|
||||
SQUID_AUFS "Enable the aufs storage scheme" off \
|
||||
SQUID_COSS "Enable the COSS storage scheme" off \
|
||||
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
|
||||
SQUID_LARGEFILE "Support log and cache files >2GB" off \
|
||||
SQUID_STACKTRACES "Create backtraces on fatal errors" off \
|
||||
SQUID_RCNG "Install an rc.d style startup script" on
|
||||
SQUID_STACKTRACES "Create backtraces on fatal errors" off
|
||||
|
||||
etc_files= squid/cachemgr.conf.default \
|
||||
squid/mib.txt squid/mime.conf.default \
|
||||
@ -167,37 +175,44 @@ error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
|
||||
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
|
||||
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
|
||||
|
||||
libexec= cachemgr.cgi digest_pw_auth diskd ip_user_check \
|
||||
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
|
||||
msnt_auth ncsa_auth ntlm_auth \
|
||||
pam_auth smb_auth smb_auth.sh squid_unix_group \
|
||||
wb_auth wb_group wb_ntlmauth wbinfo_group.pl
|
||||
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
|
||||
wbinfo_group.pl
|
||||
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
|
||||
libexec+= unlinkd
|
||||
.endif
|
||||
|
||||
sbin= RunAccel RunCache squidclient squid
|
||||
sbin= RunCache squidclient squid
|
||||
|
||||
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \
|
||||
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
|
||||
--sbindir=${PREFIX}/sbin \
|
||||
--datadir=${PREFIX}/etc/squid \
|
||||
--libexecdir=${PREFIX}/libexec/squid \
|
||||
--localstatedir=${PREFIX}/squid \
|
||||
--enable-removal-policies="lru heap"
|
||||
--sysconfdir=${PREFIX}/etc/squid \
|
||||
--enable-removal-policies="lru heap" \
|
||||
--disable-linux-netfilter \
|
||||
--disable-linux-tproxy \
|
||||
--disable-epoll
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
# Authentication methods and modules:
|
||||
|
||||
basic_auth= NCSA PAM MSNT SMB winbind
|
||||
external_acl= ip_user unix_group wbinfo_group winbind_group
|
||||
MAN8+= pam_auth.8 squid_unix_group.8
|
||||
basic_auth= NCSA PAM MSNT SMB
|
||||
digest_auth= password
|
||||
external_acl= ip_user session unix_group wbinfo_group
|
||||
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
|
||||
.if defined(WITH_SQUID_LDAP_AUTH)
|
||||
USE_OPENLDAP= yes
|
||||
CFLAGS+= -I${LOCALBASE}/include
|
||||
LDFLAGS+= -L${LOCALBASE}/lib
|
||||
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
|
||||
basic_auth+= LDAP
|
||||
digest_auth+= ldap
|
||||
external_acl+= ldap_group
|
||||
libexec+= squid_ldap_auth squid_ldap_group
|
||||
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SASL_AUTH)
|
||||
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
|
||||
@ -213,23 +228,33 @@ libexec+= yp_auth
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
|
||||
--enable-basic-auth-helpers="${basic_auth}" \
|
||||
--enable-digest-auth-helpers="password" \
|
||||
--enable-digest-auth-helpers="${digest_auth}" \
|
||||
--enable-external-acl-helpers="${external_acl}" \
|
||||
--enable-ntlm-auth-helpers="SMB winbind"
|
||||
--enable-ntlm-auth-helpers="SMB"
|
||||
|
||||
# Selection of storage schemes:
|
||||
# Storage schemes:
|
||||
|
||||
storage_schemes= ufs diskd null
|
||||
.if defined(WITH_SQUID_AUFS)
|
||||
storage_schemes+= aufs
|
||||
.if ${OSVERSION}>=501000
|
||||
# Only document libmap.conf where it is available:
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
|
||||
.endif
|
||||
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
|
||||
CONFIGURE_ARGS+= --enable-async-io \
|
||||
--with-pthreads
|
||||
CONFIGURE_ARGS+= --with-pthreads
|
||||
CFLAGS+= ${PTHREAD_CFLAGS}
|
||||
.endif
|
||||
.if defined(WITH_SQUID_COSS)
|
||||
storage_schemes+= coss
|
||||
CONFIGURE_ARGS+= --with-aio
|
||||
.if !defined(WITH_SQUID_AUFS)
|
||||
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
|
||||
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
|
||||
# adding the option VFS_AIO to your kernel configuration if you want to
|
||||
# actually use COSS storage:
|
||||
CONFIGURE_ARGS+= --enable-coss-aio-ops
|
||||
.endif
|
||||
sbin+= cossdump
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
|
||||
|
||||
@ -241,13 +266,14 @@ CONFIGURE_ARGS+= --enable-delay-pools
|
||||
.if defined(WITH_SQUID_SNMP)
|
||||
CONFIGURE_ARGS+= --enable-snmp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_CARP)
|
||||
CONFIGURE_ARGS+= --enable-carp
|
||||
.if defined(WITHOUT_SQUID_CARP)
|
||||
CONFIGURE_ARGS+= --disable-carp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SSL)
|
||||
# we need to .include bsd.openssl.mk manually here because USE_OPENSSL only
|
||||
# works when it is defined before bsd.port{.pre}.mk is .included and this is
|
||||
# not possible when using OPTIONS
|
||||
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
|
||||
# works when it is defined before bsd.port{.pre}.mk is .included.
|
||||
# This makes it currently impossible to combine this macro with OPTIONS to
|
||||
# conditionally include OpenSSL support.
|
||||
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
|
||||
CONFIGURE_ARGS+= --enable-ssl \
|
||||
--with-openssl="${OPENSSLBASE}"
|
||||
@ -274,11 +300,8 @@ CONFIGURE_ARGS+= --enable-cache-digests
|
||||
.if defined(WITHOUT_SQUID_WCCP)
|
||||
CONFIGURE_ARGS+= --disable-wccp
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_UNDERSCORES)
|
||||
CONFIGURE_ARGS+= --enable-underscores
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_CHECK_HOSTNAME)
|
||||
CONFIGURE_ARGS+= --disable-hostname-checks
|
||||
.if defined(WITH_SQUID_WCCPV2)
|
||||
CONFIGURE_ARGS+= --enable-wccpv2
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STRICT_HTTP)
|
||||
CONFIGURE_ARGS+= --disable-http-violations
|
||||
@ -286,12 +309,12 @@ CONFIGURE_ARGS+= --disable-http-violations
|
||||
.if defined(WITHOUT_SQUID_IDENT)
|
||||
CONFIGURE_ARGS+= --disable-ident-lookups
|
||||
.endif
|
||||
.if defined(WITH_SQUID_REFERER_LOG)
|
||||
CONFIGURE_ARGS+= --enable-referer-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_USERAGENT_LOG)
|
||||
CONFIGURE_ARGS+= --enable-useragent-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_CUSTOM_LOG)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/customlog-2.5.patch
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ARP_ACL)
|
||||
CONFIGURE_ARGS+= --enable-arp-acl
|
||||
.endif
|
||||
@ -315,45 +338,39 @@ CONFIGURE_ARGS+= --enable-ipf-transparent
|
||||
.endif
|
||||
.endif
|
||||
.if defined(WITH_SQUID_FOLLOW_XFF)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/follow_xff-2.5.patch \
|
||||
${PATCHDIR}/follow_xff-configure.patch
|
||||
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ICAP)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.5-core.patch \
|
||||
${PATCHDIR}/icap-2.5-bootstrap.patch
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
|
||||
${PATCHDIR}/icap-2.6-core.patch
|
||||
CONFIGURE_ARGS+= --enable-icap-support
|
||||
error_files+= ERR_ICAP_FAILURE
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_KQUEUE)
|
||||
CONFIGURE_ARGS+= --enable-kqueue
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-kqueue
|
||||
.endif
|
||||
.if defined(WITH_SQUID_LARGEFILE)
|
||||
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STACKTRACES)
|
||||
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
|
||||
CONFIGURE_ARGS+= --enable-stacktraces
|
||||
CFLAGS+= -g
|
||||
STRIP= ""
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_RCNG)
|
||||
USE_RC_SUBR= squid.sh
|
||||
rc_del= rcold
|
||||
rc_state= rcng
|
||||
.else
|
||||
SUB_FILES+= squid.sh
|
||||
etc_files+= rc.d/squid.sh
|
||||
rc_del= rcng
|
||||
rc_state= rcold
|
||||
.endif
|
||||
|
||||
# Languages:
|
||||
#
|
||||
# If you do not define SQUID_LANGUAGES yourself, all available language files
|
||||
# will be installed; the default language will be English.
|
||||
|
||||
SQUID_LANGUAGES?= \
|
||||
Azerbaijani Bulgarian Catalan Czech Danish Dutch English Estonian Finnish \
|
||||
French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian \
|
||||
Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian \
|
||||
Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish
|
||||
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
|
||||
English Estonian Finnish French German Greek Hebrew \
|
||||
Hungarian Italian Japanese Korean Lithuanian \
|
||||
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
|
||||
Serbian Simplify_Chinese Slovak Spanish Swedish \
|
||||
Traditional_Chinese Turkish
|
||||
SQUID_DEFAULT_LANG?= English
|
||||
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
|
||||
--enable-default-err-language=${SQUID_DEFAULT_LANG}
|
||||
@ -378,7 +395,8 @@ PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
|
||||
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
|
||||
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre
|
||||
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
|
||||
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
|
||||
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
|
||||
@ -387,31 +405,16 @@ pre-install:
|
||||
# Prevent installation of .orig files by deleting them.
|
||||
@${FIND} ${WRKSRC} -name '*.bak' -delete
|
||||
@${FIND} ${WRKSRC} -name '*.orig' -delete
|
||||
# create the start script:
|
||||
@${REINPLACE_CMD} \
|
||||
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
|
||||
-e '/--.*${rc_state}/d' ${WRKDIR}/squid.sh
|
||||
# create variable information in pkg-message:
|
||||
@${REINPLACE_CMD} \
|
||||
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
|
||||
-e '/--.*${rc_state}/d' ${PKGMESSAGE}
|
||||
|
||||
pre-su-install:
|
||||
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
|
||||
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
|
||||
|
||||
post-install:
|
||||
# Create cachemgr.conf.default manually since squid's install routine
|
||||
# unfortunately fails to do so:
|
||||
${INSTALL_DATA} ${WRKSRC}/src/cachemgr.conf \
|
||||
${PREFIX}/etc/squid/cachemgr.conf.default
|
||||
.if defined(WITH_SQUID_PINGER)
|
||||
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
|
||||
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_RCNG)
|
||||
${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/
|
||||
.endif
|
||||
.if !defined(NOPORTDOCS)
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
|
||||
@ -423,50 +426,5 @@ post-install:
|
||||
@${ECHO_CMD} ""
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
@${ECHO_CMD} ""
|
||||
changeuser:
|
||||
# Recover from the problem that earlier versions of this port created the
|
||||
# squid pseudo-user with an id greater than 999 which is not allowed in
|
||||
# FreeBSD's ports system. The port now uses id 100:100.
|
||||
# NOTE:
|
||||
# This target assumes that SQUID_GID is the primary group of SQUID_UID. If you
|
||||
# have a different setup, do not run this target!
|
||||
.if ${SQUID_UID:L} == nobody
|
||||
@${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \
|
||||
${ECHO_CMD} "this target!"
|
||||
${FALSE}
|
||||
.endif
|
||||
@if [ `${ID} -u` -ne 0 ]; \
|
||||
then ${ECHO_CMD} "Sorry, you must be root to use this target."; ${FALSE}; fi; \
|
||||
current_uid=`id -u ${SQUID_UID}`; \
|
||||
current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \
|
||||
${ECHO_CMD} "I will remove this user:"; \
|
||||
${ID} -P $${current_uid}; \
|
||||
${ECHO_CMD} "and this group:"; \
|
||||
pw groupshow ${SQUID_GID}; \
|
||||
${ECHO_CMD} "I will then re-create them with a user and group id of 100."; \
|
||||
${ECHO_CMD} "Then all files and directories under ${PREFIX} and /var that"; \
|
||||
${ECHO_CMD} "are owned by uid $${current_uid} will be chown(1)'ed."; \
|
||||
${ECHO_CMD} "After that, all files and directories that were accessible"; \
|
||||
${ECHO_CMD} "by group $${current_gid} will chgrp(1)'ed respectively."; \
|
||||
${ECHO_CMD} "Note that this assumes group '${SQUID_GID}' to be the primary"; \
|
||||
${ECHO_CMD} "group of user '${SQUID_UID}'. If you have a different setup"; \
|
||||
${ECHO_CMD} "please abort this target now."; \
|
||||
read -p "Press RETURN to continue or CTRL-C to abort:" dummy ; \
|
||||
${ECHO_CMD} "OK, here we go:"; \
|
||||
${ECHO_CMD} "deleting user $${current_uid} and his primary group..."; \
|
||||
pw userdel -u $${current_uid}; \
|
||||
${ECHO_CMD} "adding user ${SQUID_UID} with id 100..."; \
|
||||
pw groupadd -n ${SQUID_GID} -g 100; \
|
||||
pw useradd -n ${SQUID_UID} -u 100 -c "squid caching-proxy pseudo user" \
|
||||
-d ${PREFIX}/squid -s /sbin/nologin -h - ; \
|
||||
${ECHO_CMD} "chown(1)'ing everything under ${PREFIX} from $${current_uid} to 100..."; \
|
||||
${FIND} -H ${PREFIX} -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
|
||||
${ECHO_CMD} "chgrp(1)'ing everything under ${PREFIX} from $${current_gid} to 100..."; \
|
||||
${FIND} -H ${PREFIX} -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
|
||||
${ECHO_CMD} "chown(1)'ing everything under /var from $${current_uid} to 100..."; \
|
||||
${FIND} -H /var -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
|
||||
${ECHO_CMD} "chgrp(1)'ing everything under /var from $${current_gid} to 100..."; \
|
||||
${FIND} -H /var -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
|
||||
${ECHO_CMD} "Finished."
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
|
@ -1,9 +1,3 @@
|
||||
MD5 (squid2.5/squid-2.5.STABLE14.tar.bz2) = f413e0b887a5f9b2a75350243ed5564c
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14.tar.bz2) = c4eaee0e5ee42f46060217df9a88d628d244c0a543feab8296e44269e57ec7bd
|
||||
SIZE (squid2.5/squid-2.5.STABLE14.tar.bz2) = 1073745
|
||||
MD5 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1529f8b0170e24b26353578778435bd4
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 9e99132b8efb07e3465d5e33749aa450daecfa3acde73755b6a3589d09d19285
|
||||
SIZE (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1277
|
||||
MD5 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 9abe563ca3d01dc58502737edc6f3c60
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 6c98f1f2351b79cfc3f956ed1c46d86c7a53aac0ba28203a33f2dadc7d1e96fe
|
||||
SIZE (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 1319
|
||||
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
|
||||
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
|
||||
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,411 +0,0 @@
|
||||
! This is a reduced part of the original follow-XFF patchset from
|
||||
! devel.squid-cache.org for use with the FreeBSD squid-2.5 port.
|
||||
Index: src/acl.c
|
||||
--- src/acl.c 13 May 2003 02:14:12 -0000 1.43.2.16
|
||||
+++ src/acl.c 23 Nov 2003 14:20:12 -0000
|
||||
@@ -2001,6 +2001,11 @@
|
||||
cbdataLock(A);
|
||||
if (request != NULL) {
|
||||
checklist->request = requestLink(request);
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (Config.onoff.acl_uses_indirect_client) {
|
||||
+ checklist->src_addr = request->indirect_client_addr;
|
||||
+ } else
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
checklist->src_addr = request->client_addr;
|
||||
checklist->my_addr = request->my_addr;
|
||||
checklist->my_port = request->my_port;
|
||||
Index: src/cf.data.pre
|
||||
--- src/cf.data.pre 7 Nov 2003 03:14:30 -0000 1.49.2.46
|
||||
+++ src/cf.data.pre 23 Nov 2003 14:20:17 -0000
|
||||
@@ -2065,6 +2065,92 @@
|
||||
NOCOMMENT_END
|
||||
DOC_END
|
||||
|
||||
+NAME: follow_x_forwarded_for
|
||||
+TYPE: acl_access
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+LOC: Config.accessList.followXFF
|
||||
+DEFAULT: none
|
||||
+DEFAULT_IF_NONE: deny all
|
||||
+DOC_START
|
||||
+ Allowing or Denying the X-Forwarded-For header to be followed to
|
||||
+ find the original source of a request.
|
||||
+
|
||||
+ Requests may pass through a chain of several other proxies
|
||||
+ before reaching us. The X-Forwarded-For header will contain a
|
||||
+ comma-separated list of the IP addresses in the chain, with the
|
||||
+ rightmost address being the most recent.
|
||||
+
|
||||
+ If a request reaches us from a source that is allowed by this
|
||||
+ configuration item, then we consult the X-Forwarded-For header
|
||||
+ to see where that host received the request from. If the
|
||||
+ X-Forwarded-For header contains multiple addresses, and if
|
||||
+ acl_uses_indirect_client is on, then we continue backtracking
|
||||
+ until we reach an address for which we are not allowed to
|
||||
+ follow the X-Forwarded-For header, or until we reach the first
|
||||
+ address in the list. (If acl_uses_indirect_client is off, then
|
||||
+ it's impossible to backtrack through more than one level of
|
||||
+ X-Forwarded-For addresses.)
|
||||
+
|
||||
+ The end result of this process is an IP address that we will
|
||||
+ refer to as the indirect client address. This address may
|
||||
+ be treated as the client address for access control, delay
|
||||
+ pools and logging, depending on the acl_uses_indirect_client,
|
||||
+ delay_pool_uses_indirect_client and log_uses_indirect_client
|
||||
+ options.
|
||||
+
|
||||
+ SECURITY CONSIDERATIONS:
|
||||
+
|
||||
+ Any host for which we follow the X-Forwarded-For header
|
||||
+ can place incorrect information in the header, and Squid
|
||||
+ will use the incorrect information as if it were the
|
||||
+ source address of the request. This may enable remote
|
||||
+ hosts to bypass any access control restrictions that are
|
||||
+ based on the client's source addresses.
|
||||
+
|
||||
+ For example:
|
||||
+
|
||||
+ acl localhost src 127.0.0.1
|
||||
+ acl my_other_proxy srcdomain .proxy.example.com
|
||||
+ follow_x_forwarded_for allow localhost
|
||||
+ follow_x_forwarded_for allow my_other_proxy
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: acl_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.acl_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in acl matching.
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: delay_pool_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR && DELAY_POOLS
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.delay_pool_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in delay pools.
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: log_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.log_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in the access log.
|
||||
+DOC_END
|
||||
+
|
||||
NAME: http_access
|
||||
TYPE: acl_access
|
||||
LOC: Config.accessList.http
|
||||
Index: src/client_side.c
|
||||
--- src/client_side.c 2 Sep 2003 02:13:45 -0000 1.47.2.39
|
||||
+++ src/client_side.c 23 Nov 2003 14:20:22 -0000
|
||||
@@ -109,6 +109,11 @@
|
||||
#if USE_IDENT
|
||||
static IDCB clientIdentDone;
|
||||
#endif
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+static void clientFollowXForwardedForStart(void *data);
|
||||
+static void clientFollowXForwardedForNext(void *data);
|
||||
+static void clientFollowXForwardedForDone(int answer, void *data);
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
static int clientOnlyIfCached(clientHttpRequest * http);
|
||||
static STCB clientSendMoreData;
|
||||
static STCB clientCacheHit;
|
||||
@@ -177,10 +182,179 @@
|
||||
return ch;
|
||||
}
|
||||
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+/*
|
||||
+ * clientFollowXForwardedForStart() copies the X-Forwarded-For
|
||||
+ * header into x_forwarded_for_iterator and passes control to
|
||||
+ * clientFollowXForwardedForNext().
|
||||
+ *
|
||||
+ * clientFollowXForwardedForNext() checks the indirect_client_addr
|
||||
+ * against the followXFF ACL and passes the result to
|
||||
+ * clientFollowXForwardedForDone().
|
||||
+ *
|
||||
+ * clientFollowXForwardedForDone() either grabs the next address
|
||||
+ * from the tail of x_forwarded_for_iterator and loops back to
|
||||
+ * clientFollowXForwardedForNext(), or cleans up and passes control to
|
||||
+ * clientAccessCheck().
|
||||
+ */
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForStart(void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ if (Config.accessList.followXFF
|
||||
+ && httpHeaderHas(&request->header, HDR_X_FORWARDED_FOR))
|
||||
+ {
|
||||
+ request->x_forwarded_for_iterator = httpHeaderGetList(
|
||||
+ &request->header, HDR_X_FORWARDED_FOR);
|
||||
+ debug(33, 5) ("clientFollowXForwardedForStart: indirect_client_addr=%s XFF='%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ strBuf(request->x_forwarded_for_iterator));
|
||||
+ clientFollowXForwardedForNext(http);
|
||||
+ } else {
|
||||
+ /* not configured to follow X-Forwarded-For, or nothing to follow */
|
||||
+ debug(33, 5) ("clientFollowXForwardedForStart: nothing to do\n");
|
||||
+ clientFollowXForwardedForDone(-1, http);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForNext(void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ debug(33, 5) ("clientFollowXForwardedForNext: indirect_client_addr=%s XFF='%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ strBuf(request->x_forwarded_for_iterator));
|
||||
+ if (strLen(request->x_forwarded_for_iterator) != 0) {
|
||||
+ /* check the acl to see whether to believe the X-Forwarded-For header */
|
||||
+ http->acl_checklist = clientAclChecklistCreate(
|
||||
+ Config.accessList.followXFF, http);
|
||||
+ aclNBCheck(http->acl_checklist, clientFollowXForwardedForDone, http);
|
||||
+ } else {
|
||||
+ /* nothing left to follow */
|
||||
+ debug(33, 5) ("clientFollowXForwardedForNext: nothing more to do\n");
|
||||
+ clientFollowXForwardedForDone(-1, http);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForDone(int answer, void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ /*
|
||||
+ * answer should be be ACCESS_ALLOWED or ACCESS_DENIED if we are
|
||||
+ * called as a result of ACL checks, or -1 if we are called when
|
||||
+ * there's nothing left to do.
|
||||
+ */
|
||||
+ if (answer == ACCESS_ALLOWED) {
|
||||
+ /*
|
||||
+ * The IP address currently in request->indirect_client_addr
|
||||
+ * is trusted to use X-Forwarded-For. Remove the last
|
||||
+ * comma-delimited element from x_forwarded_for_iterator and use
|
||||
+ * it to to replace indirect_client_addr, then repeat the cycle.
|
||||
+ */
|
||||
+ const char *p;
|
||||
+ const char *asciiaddr;
|
||||
+ int l;
|
||||
+ struct in_addr addr;
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s is trusted\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ p = strBuf(request->x_forwarded_for_iterator);
|
||||
+ l = strLen(request->x_forwarded_for_iterator);
|
||||
+
|
||||
+ /*
|
||||
+ * XXX x_forwarded_for_iterator should really be a list of
|
||||
+ * IP addresses, but it's a String instead. We have to
|
||||
+ * walk backwards through the String, biting off the last
|
||||
+ * comma-delimited part each time. As long as the data is in
|
||||
+ * a String, we should probably implement and use a variant of
|
||||
+ * strListGetItem() that walks backwards instead of forwards
|
||||
+ * through a comma-separated list. But we don't even do that;
|
||||
+ * we just do the work in-line here.
|
||||
+ */
|
||||
+ /* skip trailing space and commas */
|
||||
+ while (l > 0 && (p[l-1] == ',' || xisspace(p[l-1])))
|
||||
+ l--;
|
||||
+ strCut(request->x_forwarded_for_iterator, l);
|
||||
+ /* look for start of last item in list */
|
||||
+ while (l > 0 && ! (p[l-1] == ',' || xisspace(p[l-1])))
|
||||
+ l--;
|
||||
+ asciiaddr = p+l;
|
||||
+ if (inet_aton(asciiaddr, &addr) == 0) {
|
||||
+ /* the address is not well formed; do not use it */
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: malformed address '%s'\n",
|
||||
+ asciiaddr);
|
||||
+ goto done;
|
||||
+ }
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: changing indirect_client_addr from %s to '%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ asciiaddr);
|
||||
+ request->indirect_client_addr = addr;
|
||||
+ strCut(request->x_forwarded_for_iterator, l);
|
||||
+ if (! Config.onoff.acl_uses_indirect_client) {
|
||||
+ /*
|
||||
+ * If acl_uses_indirect_client is off, then it's impossible
|
||||
+ * to follow more than one level of X-Forwarded-For.
|
||||
+ */
|
||||
+ goto done;
|
||||
+ }
|
||||
+ clientFollowXForwardedForNext(http);
|
||||
+ return;
|
||||
+ } else if (answer == ACCESS_DENIED) {
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s not trusted\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ } else {
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s nothing more to do\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ }
|
||||
+done:
|
||||
+ /* clean up, and pass control to clientAccessCheck */
|
||||
+ debug(33, 6) ("clientFollowXForwardedForDone: cleanup\n");
|
||||
+ if (Config.onoff.log_uses_indirect_client) {
|
||||
+ /*
|
||||
+ * Ensure that the access log shows the indirect client
|
||||
+ * instead of the direct client.
|
||||
+ */
|
||||
+ ConnStateData *conn = http->conn;
|
||||
+ conn->log_addr = request->indirect_client_addr;
|
||||
+ conn->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr;
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: setting log_addr=%s\n",
|
||||
+ inet_ntoa(conn->log_addr));
|
||||
+ }
|
||||
+ stringClean(&request->x_forwarded_for_iterator);
|
||||
+ request->flags.done_follow_x_forwarded_for = 1;
|
||||
+ http->acl_checklist = NULL; /* XXX do we need to aclChecklistFree() ? */
|
||||
+ clientAccessCheck(http);
|
||||
+}
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
+
|
||||
void
|
||||
clientAccessCheck(void *data)
|
||||
{
|
||||
clientHttpRequest *http = data;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (! http->request->flags.done_follow_x_forwarded_for
|
||||
+ && httpHeaderHas(&http->request->header, HDR_X_FORWARDED_FOR))
|
||||
+ {
|
||||
+ /*
|
||||
+ * There's an X-ForwardedFor header and we haven't yet tried
|
||||
+ * to follow it to find the indirect_client_addr. Follow it now.
|
||||
+ * clientFollowXForwardedForDone() will eventually pass control
|
||||
+ * back to us.
|
||||
+ *
|
||||
+ * XXX perhaps our caller should have called
|
||||
+ * clientFollowXForwardedForStart instead. Then we wouldn't
|
||||
+ * need to do this little dance transferring control over
|
||||
+ * there and then back here, and we wouldn't need the
|
||||
+ * done_follow_x_forwarded_for flag.
|
||||
+ */
|
||||
+ clientFollowXForwardedForStart(data);
|
||||
+ return;
|
||||
+ }
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
if (checkAccelOnly(http)) {
|
||||
/* deny proxy requests in accel_only mode */
|
||||
debug(33, 1) ("clientAccessCheck: proxy request denied in accel_only mode\n");
|
||||
@@ -325,6 +499,9 @@
|
||||
new_request->http_ver = old_request->http_ver;
|
||||
httpHeaderAppend(&new_request->header, &old_request->header);
|
||||
new_request->client_addr = old_request->client_addr;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ new_request->indirect_client_addr = old_request->indirect_client_addr;
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
new_request->my_addr = old_request->my_addr;
|
||||
new_request->my_port = old_request->my_port;
|
||||
new_request->flags.redirected = 1;
|
||||
@@ -3051,6 +3228,9 @@
|
||||
safe_free(http->log_uri);
|
||||
http->log_uri = xstrdup(urlCanonicalClean(request));
|
||||
request->client_addr = conn->peer.sin_addr;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ request->indirect_client_addr = request->client_addr;
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
request->my_addr = conn->me.sin_addr;
|
||||
request->my_port = ntohs(conn->me.sin_port);
|
||||
request->http_ver = http->http_ver;
|
||||
Index: src/delay_pools.c
|
||||
--- src/delay_pools.c 19 Jun 2003 02:13:57 -0000 1.5.54.6
|
||||
+++ src/delay_pools.c 23 Nov 2003 14:20:23 -0000
|
||||
@@ -318,6 +318,11 @@
|
||||
r = http->request;
|
||||
|
||||
memset(&ch, '\0', sizeof(ch));
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (Config.onoff.delay_pool_uses_indirect_client) {
|
||||
+ ch.src_addr = r->indirect_client_addr;
|
||||
+ } else
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
ch.src_addr = r->client_addr;
|
||||
ch.my_addr = r->my_addr;
|
||||
ch.my_port = r->my_port;
|
||||
*** src/structs.h.orig Sun Jun 26 12:45:58 2005
|
||||
--- src/structs.h Sun Jun 26 12:48:45 2005
|
||||
***************
|
||||
*** 610,615 ****
|
||||
--- 610,620 ----
|
||||
int accel_uses_host_header;
|
||||
int accel_no_pmtu_disc;
|
||||
int global_internal_static;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ int acl_uses_indirect_client;
|
||||
+ int delay_pool_uses_indirect_client;
|
||||
+ int log_uses_indirect_client;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
} onoff;
|
||||
acl *aclList;
|
||||
struct {
|
||||
***************
|
||||
*** 631,636 ****
|
||||
--- 636,644 ----
|
||||
acl_access *reply;
|
||||
acl_address *outgoing_address;
|
||||
acl_tos *outgoing_tos;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ acl_access *followXFF;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
} accessList;
|
||||
acl_deny_info_list *denyInfoList;
|
||||
struct _authConfig {
|
||||
***************
|
||||
*** 1623,1628 ****
|
||||
--- 1631,1641 ----
|
||||
unsigned int body_sent:1;
|
||||
unsigned int reset_tcp:1;
|
||||
unsigned int must_keepalive:1;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ /* XXX this flag could be eliminated;
|
||||
+ * see comments in clientAccessCheck */
|
||||
+ unsigned int done_follow_x_forwarded_for;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
};
|
||||
|
||||
struct _link_list {
|
||||
***************
|
||||
*** 1666,1671 ****
|
||||
--- 1679,1687 ----
|
||||
int max_forwards;
|
||||
/* these in_addr's could probably be sockaddr_in's */
|
||||
struct in_addr client_addr;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ struct in_addr indirect_client_addr; /* after following X-Forwarded-For */
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
struct in_addr my_addr;
|
||||
unsigned short my_port;
|
||||
HttpHeader header;
|
||||
***************
|
||||
*** 1677,1682 ****
|
||||
--- 1693,1703 ----
|
||||
const char *vary_headers; /* Used when varying entities are detected. Changes how the store key is calculated */
|
||||
BODY_HANDLER *body_reader;
|
||||
void *body_reader_data;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ /* XXX a list of IP addresses would be a better data structure
|
||||
+ * than this String */
|
||||
+ String x_forwarded_for_iterator;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
};
|
||||
|
||||
struct _cachemgr_passwd {
|
@ -1,65 +0,0 @@
|
||||
!Simulate the autotools bootstrap of the follow-x-forwarded-for patchset.
|
||||
!
|
||||
!Beware that all line number informations in configure.log greater
|
||||
!than 2972 are offset by at least -29 (correcting all line numbers would have
|
||||
!bloated the patch by 92kB!)
|
||||
--- include/autoconf.h.in.orig Sat Jan 18 02:46:11 2003
|
||||
+++ include/autoconf.h.in Thu Jun 24 13:19:07 2004
|
||||
@@ -291,6 +291,12 @@
|
||||
#define USE_IDENT 1
|
||||
|
||||
/*
|
||||
+ * Compile in support for following X-Forwarded-For headers?
|
||||
+ * Enabled by default.
|
||||
+ */
|
||||
+#define FOLLOW_X_FORWARDED_FOR 1
|
||||
+
|
||||
+/*
|
||||
* If your system has statvfs(), and if it actually works!
|
||||
*/
|
||||
#undef HAVE_STATVFS
|
||||
--- configure.orig Thu Sep 22 10:16:26 2005
|
||||
+++ configure Thu Sep 22 17:29:01 2005
|
||||
@@ -249,6 +249,12 @@
|
||||
if you build as another user who is not privileged
|
||||
to use the number of filedescriptors you want the
|
||||
resulting binary to support"
|
||||
+ac_help="$ac_help
|
||||
+ --enable-follow-x-forwarded-for
|
||||
+ Enable support for following the X-Forwarded-For
|
||||
+ HTTP header to try to find the IP address of the
|
||||
+ original or indirect client when a request has
|
||||
+ been forwarded through other proxies."
|
||||
|
||||
# Initialize some variables set by options.
|
||||
# The variables have the same names as the options, with
|
||||
@@ -3255,6 +3261,29 @@
|
||||
|
||||
fi
|
||||
|
||||
+
|
||||
+follow_xff=1
|
||||
+# Check whether --enable-follow-x-forwarded-for or --disable-follow-x-forwarded-for was given.
|
||||
+if test "${enable_follow_x_forwarded_for+set}" = set; then
|
||||
+ enableval="$enable_follow_x_forwarded_for"
|
||||
+ if test "$enableval" = "yes" ; then
|
||||
+ echo "follow X-Forwarded-For enabled"
|
||||
+ follow_xff=1
|
||||
+ fi
|
||||
+
|
||||
+fi
|
||||
+
|
||||
+if test $follow_xff = 1; then
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define FOLLOW_X_FORWARDED_FOR 1
|
||||
+EOF
|
||||
+
|
||||
+else
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define FOLLOW_X_FORWARDED_FOR 0
|
||||
+EOF
|
||||
+
|
||||
+fi
|
||||
|
||||
# Force some compilers to use ANSI features
|
||||
#
|
@ -1,422 +0,0 @@
|
||||
Patch 2 of 2 to integrate the icap-2_5 branch into the FreeBSD squid port.
|
||||
|
||||
Created by Thomas-Martin Seck <tmseck@netcologne.de>.
|
||||
|
||||
This patch simulates the autotools bootstrap necessary after applying the
|
||||
ICAP patchset.
|
||||
|
||||
Please see icap-2.5-core.patch for further information.
|
||||
|
||||
Patch last updated: 2005-12-17
|
||||
|
||||
--- configure.orig Sat Oct 22 11:56:01 2005
|
||||
+++ configure Sat Dec 17 17:45:21 2005
|
||||
@@ -70,6 +70,8 @@
|
||||
ac_help="$ac_help
|
||||
--enable-delay-pools Enable delay pools to limit bandwidth usage"
|
||||
ac_help="$ac_help
|
||||
+ --enable-icap-support Enable iCAP client capability"
|
||||
+ac_help="$ac_help
|
||||
--enable-useragent-log Enable logging of User-Agent header"
|
||||
ac_help="$ac_help
|
||||
--enable-referer-log Enable logging of Referer header"
|
||||
@@ -2170,6 +2172,38 @@
|
||||
|
||||
|
||||
|
||||
+
|
||||
+if false; then
|
||||
+ USE_ICAP_TRUE=
|
||||
+ USE_ICAP_FALSE='#'
|
||||
+else
|
||||
+ USE_ICAP_TRUE='#'
|
||||
+ USE_ICAP_FALSE=
|
||||
+fi
|
||||
+# Check whether --enable-icap-support or --disable-icap-support was given.
|
||||
+if test "${enable_icap_support+set}" = set; then
|
||||
+ enableval="$enable_icap_support"
|
||||
+ if test "$enableval" = "yes" ; then
|
||||
+ echo "ICAP support enabled"
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define HS_FEAT_ICAP 1
|
||||
+EOF
|
||||
+
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ USE_ICAP_TRUE=
|
||||
+ USE_ICAP_FALSE='#'
|
||||
+else
|
||||
+ USE_ICAP_TRUE='#'
|
||||
+ USE_ICAP_FALSE=
|
||||
+fi
|
||||
+ fi
|
||||
+
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
# Check whether --enable-useragent-log or --disable-useragent-log was given.
|
||||
if test "${enable_useragent_log+set}" = set; then
|
||||
enableval="$enable_useragent_log"
|
||||
@@ -7428,14 +7462,14 @@
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
- echo $ac_n "checking for main in -lpthread""... $ac_c" 1>&6
|
||||
-echo "configure:7433: checking for main in -lpthread" >&5
|
||||
+ echo $ac_n "checking for main in -pthread""... $ac_c" 1>&6
|
||||
+echo "configure:7433: checking for main in -pthread" >&5
|
||||
ac_lib_var=`echo pthread'_'main | sed 'y%./+-%__p_%'`
|
||||
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
|
||||
echo $ac_n "(cached) $ac_c" 1>&6
|
||||
else
|
||||
ac_save_LIBS="$LIBS"
|
||||
-LIBS="-lpthread $LIBS"
|
||||
+LIBS="-pthread $LIBS"
|
||||
cat > conftest.$ac_ext <<EOF
|
||||
#line 7441 "configure"
|
||||
#include "confdefs.h"
|
||||
@@ -7465,7 +7499,7 @@
|
||||
#define $ac_tr_lib 1
|
||||
EOF
|
||||
|
||||
- LIBS="-lpthread $LIBS"
|
||||
+ LIBS="-pthread $LIBS"
|
||||
|
||||
else
|
||||
echo "$ac_t""no" 1>&6
|
||||
@@ -7769,6 +7803,8 @@
|
||||
srand48 \
|
||||
srandom \
|
||||
statfs \
|
||||
+ strnstr \
|
||||
+ strcasestr \
|
||||
strtoll \
|
||||
sysconf \
|
||||
syslog \
|
||||
@@ -7898,6 +7934,50 @@
|
||||
fi
|
||||
fi
|
||||
|
||||
+
|
||||
+if false; then
|
||||
+ NEED_OWN_STRNSTR_TRUE=
|
||||
+ NEED_OWN_STRNSTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRNSTR_TRUE='#'
|
||||
+ NEED_OWN_STRNSTR_FALSE=
|
||||
+fi
|
||||
+if test "$ac_cv_func_strnstr" = "no" || test "$ac_cv_func_vstrnstr" = "no" ; then
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ NEED_OWN_STRNSTR_TRUE=
|
||||
+ NEED_OWN_STRNSTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRNSTR_TRUE='#'
|
||||
+ NEED_OWN_STRNSTR_FALSE=
|
||||
+fi
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
+if false; then
|
||||
+ NEED_OWN_STRCASESTR_TRUE=
|
||||
+ NEED_OWN_STRCASESTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRCASESTR_TRUE='#'
|
||||
+ NEED_OWN_STRCASESTR_FALSE=
|
||||
+fi
|
||||
+if test "$ac_cv_func_strcasestr" = "no" || test "$ac_cv_func_vstrcasestr" = "no"; then
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ NEED_OWN_STRCASESTR_TRUE=
|
||||
+ NEED_OWN_STRCASESTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRCASESTR_TRUE='#'
|
||||
+ NEED_OWN_STRCASESTR_FALSE=
|
||||
+fi
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
+
|
||||
echo $ac_n "checking if va_copy is implemented""... $ac_c" 1>&6
|
||||
echo "configure:7903: checking if va_copy is implemented" >&5
|
||||
if eval "test \"`echo '$''{'ac_cv_func_va_copy'+set}'`\" = set"; then
|
||||
@@ -9072,6 +9152,8 @@
|
||||
s%@ENABLE_PINGER_FALSE@%$ENABLE_PINGER_FALSE%g
|
||||
s%@USE_DELAY_POOLS_TRUE@%$USE_DELAY_POOLS_TRUE%g
|
||||
s%@USE_DELAY_POOLS_FALSE@%$USE_DELAY_POOLS_FALSE%g
|
||||
+s%@USE_ICAP_TRUE@%$USE_ICAP_TRUE%g
|
||||
+s%@USE_ICAP_FALSE@%$USE_ICAP_FALSE%g
|
||||
s%@USE_SNMP_TRUE@%$USE_SNMP_TRUE%g
|
||||
s%@USE_SNMP_FALSE@%$USE_SNMP_FALSE%g
|
||||
s%@SNMPLIB@%$SNMPLIB%g
|
||||
@@ -9118,6 +9200,10 @@
|
||||
s%@LIB_LBER@%$LIB_LBER%g
|
||||
s%@NEED_OWN_SNPRINTF_TRUE@%$NEED_OWN_SNPRINTF_TRUE%g
|
||||
s%@NEED_OWN_SNPRINTF_FALSE@%$NEED_OWN_SNPRINTF_FALSE%g
|
||||
+s%@NEED_OWN_STRNSTR_TRUE@%$NEED_OWN_STRNSTR_TRUE%g
|
||||
+s%@NEED_OWN_STRNSTR_FALSE@%$NEED_OWN_STRNSTR_FALSE%g
|
||||
+s%@NEED_OWN_STRCASESTR_TRUE@%$NEED_OWN_STRCASESTR_TRUE%g
|
||||
+s%@NEED_OWN_STRCASESTR_FALSE@%$NEED_OWN_STRCASESTR_FALSE%g
|
||||
s%@REGEXLIB@%$REGEXLIB%g
|
||||
s%@LIBREGEX@%$LIBREGEX%g
|
||||
s%@LIBOBJS@%$LIBOBJS%g
|
||||
--- include/autoconf.h.in.orig Tue Sep 13 02:12:34 2005
|
||||
+++ include/autoconf.h.in Sat Dec 17 17:45:21 2005
|
||||
@@ -124,6 +124,11 @@
|
||||
*/
|
||||
#undef DELAY_POOLS
|
||||
|
||||
+/*
|
||||
+ * ICAP - Internet Content Adaptation Protocol
|
||||
+ */
|
||||
+#undef HS_FEAT_ICAP
|
||||
+
|
||||
/*
|
||||
* If you want to log User-Agent request header values, define this.
|
||||
* By default, they are written to useragent.log in the Squid log
|
||||
@@ -574,6 +579,12 @@
|
||||
|
||||
/* Define if you have the statfs function. */
|
||||
#undef HAVE_STATFS
|
||||
+
|
||||
+/* Define if you have the strcasestr function. */
|
||||
+#undef HAVE_STRCASESTR
|
||||
+
|
||||
+/* Define if you have the strnstr function. */
|
||||
+#undef HAVE_STRNSTR
|
||||
|
||||
/* Define if you have the strerror function. */
|
||||
#undef HAVE_STRERROR
|
||||
--- lib/Makefile.in.orig Wed Sep 28 22:57:20 2005
|
||||
+++ lib/Makefile.in Sat Dec 17 17:45:21 2005
|
||||
@@ -123,6 +123,13 @@
|
||||
|
||||
@NEED_OWN_SNPRINTF_TRUE@SNPRINTFSOURCE = snprintf.c
|
||||
@NEED_OWN_SNPRINTF_FALSE@SNPRINTFSOURCE =
|
||||
+
|
||||
+@NEED_OWN_STRNSTR_TRUE@STRNSTRSOURCE = strnstr.c
|
||||
+@NEED_OWN_STRNSTR_FALSE@STRNSTRSOURCE =
|
||||
+
|
||||
+@NEED_OWN_STRCASESTR_TRUE@STRCASESTRSOURCE = strcasestr.c
|
||||
+@NEED_OWN_STRCASESTR_FALSE@STRCASESTRSOURCE =
|
||||
+
|
||||
@NEED_OWN_MD5_TRUE@MD5SOURCE = md5.c
|
||||
@NEED_OWN_MD5_FALSE@MD5SOURCE =
|
||||
|
||||
@@ -158,6 +165,8 @@
|
||||
$(SNPRINTFSOURCE) \
|
||||
splay.c \
|
||||
Stack.c \
|
||||
+ $(STRNSTRSOURCE) \
|
||||
+ $(STRCASESTRSOURCE) \
|
||||
stub_memaccount.c \
|
||||
util.c \
|
||||
uudecode.c
|
||||
@@ -196,13 +205,18 @@
|
||||
@NEED_OWN_MD5_FALSE@am__objects_1 =
|
||||
@NEED_OWN_SNPRINTF_FALSE@am__objects_2 =
|
||||
@NEED_OWN_SNPRINTF_TRUE@am__objects_2 = snprintf.$(OBJEXT)
|
||||
+@NEED_OWN_STRNSTR_FALSE@am__objects_3 =
|
||||
+@NEED_OWN_STRNSTR_TRUE@am__objects_3 = strnstr.$(OBJEXT)
|
||||
+@NEED_OWN_STRCASESTR_TRUE@am__objects_4 = strcasestr.$(OBJEXT)
|
||||
+@NEED_OWN_STRCASESTR_FALSE@am__objects_4 =
|
||||
am_libmiscutil_a_OBJECTS = Array.$(OBJEXT) base64.$(OBJEXT) \
|
||||
getfullhostname.$(OBJEXT) hash.$(OBJEXT) heap.$(OBJEXT) \
|
||||
html_quote.$(OBJEXT) iso3307.$(OBJEXT) $(am__objects_1) \
|
||||
radix.$(OBJEXT) rfc1035.$(OBJEXT) rfc1123.$(OBJEXT) \
|
||||
rfc1738.$(OBJEXT) rfc2617.$(OBJEXT) safe_inet_addr.$(OBJEXT) \
|
||||
$(am__objects_2) splay.$(OBJEXT) Stack.$(OBJEXT) \
|
||||
- stub_memaccount.$(OBJEXT) util.$(OBJEXT) uudecode.$(OBJEXT)
|
||||
+ $(am__objects_3) $(am__objects_4) stub_memaccount.$(OBJEXT) \
|
||||
+ util.$(OBJEXT) uudecode.$(OBJEXT)
|
||||
libmiscutil_a_OBJECTS = $(am_libmiscutil_a_OBJECTS)
|
||||
libntlmauth_a_AR = $(AR) cru
|
||||
libntlmauth_a_DEPENDENCIES = @LIBOBJS@
|
||||
@@ -224,15 +238,16 @@
|
||||
@AMDEP_TRUE@ $(DEPDIR)/dlmalloc.Po $(DEPDIR)/drand48.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/getfullhostname.Po $(DEPDIR)/hash.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/heap.Po $(DEPDIR)/html_quote.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/initgroups.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/iso3307.Po $(DEPDIR)/md5.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/ntlmauth.Po $(DEPDIR)/radix.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/rfc1035.Po $(DEPDIR)/rfc1123.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/rfc1738.Po $(DEPDIR)/rfc2617.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/safe_inet_addr.Po $(DEPDIR)/snprintf.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/splay.Po $(DEPDIR)/strerror.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/stub_memaccount.Po $(DEPDIR)/tempnam.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/util.Po $(DEPDIR)/uudecode.Po
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/iso3307.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/md5.Po $(DEPDIR)/ntlmauth.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/radix.Po $(DEPDIR)/rfc1035.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/rfc1123.Po $(DEPDIR)/rfc1738.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/rfc2617.Po $(DEPDIR)/safe_inet_addr.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/snprintf.Po $(DEPDIR)/splay.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/strcasestr.Po $(DEPDIR)/strerror.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/strnstr.Po $(DEPDIR)/stub_memaccount.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/tempnam.Po $(DEPDIR)/util.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/uudecode.Po
|
||||
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
|
||||
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
|
||||
CCLD = $(CC)
|
||||
@@ -241,8 +256,8 @@
|
||||
DIST_SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) \
|
||||
$(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) \
|
||||
$(libregex_a_SOURCES)
|
||||
-DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c \
|
||||
- initgroups.c strerror.c tempnam.c
|
||||
+DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c strerror.c \
|
||||
+ tempnam.c
|
||||
SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) $(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) $(libregex_a_SOURCES)
|
||||
|
||||
all: all-am
|
||||
@@ -295,7 +310,6 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/heap.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/html_quote.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_ntoa.Po@am__quote@
|
||||
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/initgroups.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/iso3307.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/md5.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ntlmauth.Po@am__quote@
|
||||
@@ -307,7 +321,9 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/safe_inet_addr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/snprintf.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/splay.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strcasestr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strerror.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strnstr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/stub_memaccount.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tempnam.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/util.Po@am__quote@
|
||||
--- src/Makefile.in.orig Wed Sep 28 22:57:21 2005
|
||||
+++ src/Makefile.in Sat Dec 17 17:45:21 2005
|
||||
@@ -125,6 +125,9 @@
|
||||
install_sh = @install_sh@
|
||||
makesnmplib = @makesnmplib@
|
||||
|
||||
+@USE_ICAP_TRUE@ICAPSOURCE = icap_common.c icap_reqmod.c icap_respmod.c icap_opt.c
|
||||
+@USE_ICAP_FALSE@ICAPSOURCE =
|
||||
+
|
||||
@USE_DNSSERVER_TRUE@DNSSOURCE = dns.c
|
||||
@USE_DNSSERVER_FALSE@DNSSOURCE = dns_internal.c
|
||||
@USE_DNSSERVER_TRUE@DNSSERVER = dnsserver
|
||||
@@ -249,6 +252,7 @@
|
||||
HttpMsg.c \
|
||||
HttpReply.c \
|
||||
HttpRequest.c \
|
||||
+ $(ICAPSOURCE) \
|
||||
icmp.c \
|
||||
icp_v2.c \
|
||||
icp_v3.c \
|
||||
@@ -468,54 +472,58 @@
|
||||
pinger_LDADD = $(LDADD)
|
||||
pinger_DEPENDENCIES =
|
||||
pinger_LDFLAGS =
|
||||
-@USE_DELAY_POOLS_TRUE@am__objects_3 = delay_pools.$(OBJEXT)
|
||||
-@USE_DELAY_POOLS_FALSE@am__objects_3 =
|
||||
-@USE_DNSSERVER_FALSE@am__objects_4 = dns_internal.$(OBJEXT)
|
||||
-@USE_DNSSERVER_TRUE@am__objects_4 = dns.$(OBJEXT)
|
||||
-@ENABLE_HTCP_TRUE@am__objects_5 = htcp.$(OBJEXT)
|
||||
-@MAKE_LEAKFINDER_FALSE@am__objects_6 =
|
||||
-@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
|
||||
-@USE_SNMP_TRUE@am__objects_7 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
|
||||
-@USE_SNMP_FALSE@am__objects_7 =
|
||||
-@ENABLE_SSL_TRUE@am__objects_8 = ssl_support.$(OBJEXT)
|
||||
-@ENABLE_SSL_FALSE@am__objects_8 =
|
||||
-@ENABLE_UNLINKD_FALSE@am__objects_9 =
|
||||
-@ENABLE_UNLINKD_TRUE@am__objects_9 = unlinkd.$(OBJEXT)
|
||||
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_10 = win32.$(OBJEXT)
|
||||
-@ENABLE_WIN32SPECIFIC_FALSE@am__objects_10 =
|
||||
+@USE_DELAY_POOLS_FALSE@am__objects_5 =
|
||||
+@USE_DELAY_POOLS_TRUE@am__objects_5 = delay_pools.$(OBJEXT)
|
||||
+@USE_DNSSERVER_FALSE@am__objects_6 = dns_internal.$(OBJEXT)
|
||||
+@USE_DNSSERVER_TRUE@am__objects_6 = dns.$(OBJEXT)
|
||||
+@ENABLE_HTCP_TRUE@am__objects_7 = htcp.$(OBJEXT)
|
||||
+@USE_ICAP_TRUE@am__objects_8 = icap_common.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@ icap_reqmod.$(OBJEXT) icap_respmod.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@ icap_opt.$(OBJEXT)
|
||||
+@USE_ICAP_FALSE@am__objects_8 =
|
||||
+@MAKE_LEAKFINDER_TRUE@am__objects_9 = leakfinder.$(OBJEXT)
|
||||
+@MAKE_LEAKFINDER_FALSE@am__objects_9 =
|
||||
+@USE_SNMP_TRUE@am__objects_10 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
|
||||
+@USE_SNMP_FALSE@am__objects_10 =
|
||||
+@ENABLE_SSL_FALSE@am__objects_11 =
|
||||
+@ENABLE_SSL_TRUE@am__objects_11 = ssl_support.$(OBJEXT)
|
||||
+@ENABLE_UNLINKD_TRUE@am__objects_12 = unlinkd.$(OBJEXT)
|
||||
+@ENABLE_UNLINKD_FALSE@am__objects_12 =
|
||||
+@ENABLE_WIN32SPECIFIC_FALSE@am__objects_13 =
|
||||
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_13 = win32.$(OBJEXT)
|
||||
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) asn.$(OBJEXT) \
|
||||
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) CacheDigest.$(OBJEXT) \
|
||||
cache_manager.$(OBJEXT) carp.$(OBJEXT) cbdata.$(OBJEXT) \
|
||||
client_db.$(OBJEXT) client_side.$(OBJEXT) comm.$(OBJEXT) \
|
||||
- comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_3) \
|
||||
- disk.$(OBJEXT) $(am__objects_4) errorpage.$(OBJEXT) \
|
||||
+ comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_5) \
|
||||
+ disk.$(OBJEXT) $(am__objects_6) errorpage.$(OBJEXT) \
|
||||
ETag.$(OBJEXT) event.$(OBJEXT) external_acl.$(OBJEXT) \
|
||||
fd.$(OBJEXT) filemap.$(OBJEXT) forward.$(OBJEXT) \
|
||||
fqdncache.$(OBJEXT) ftp.$(OBJEXT) gopher.$(OBJEXT) \
|
||||
- helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \
|
||||
+ helper.$(OBJEXT) $(am__objects_7) http.$(OBJEXT) \
|
||||
HttpStatusLine.$(OBJEXT) HttpHdrCc.$(OBJEXT) \
|
||||
HttpHdrRange.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \
|
||||
HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \
|
||||
HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) HttpReply.$(OBJEXT) \
|
||||
- HttpRequest.$(OBJEXT) icmp.$(OBJEXT) icp_v2.$(OBJEXT) \
|
||||
- icp_v3.$(OBJEXT) ident.$(OBJEXT) internal.$(OBJEXT) \
|
||||
- ipc.$(OBJEXT) ipcache.$(OBJEXT) $(am__objects_6) \
|
||||
- logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
|
||||
+ HttpRequest.$(OBJEXT) $(am__objects_8) icmp.$(OBJEXT) \
|
||||
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) ident.$(OBJEXT) \
|
||||
+ internal.$(OBJEXT) ipc.$(OBJEXT) ipcache.$(OBJEXT) \
|
||||
+ $(am__objects_9) logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
|
||||
MemPool.$(OBJEXT) MemBuf.$(OBJEXT) mime.$(OBJEXT) \
|
||||
multicast.$(OBJEXT) neighbors.$(OBJEXT) net_db.$(OBJEXT) \
|
||||
Packer.$(OBJEXT) pconn.$(OBJEXT) peer_digest.$(OBJEXT) \
|
||||
peer_select.$(OBJEXT) redirect.$(OBJEXT) referer.$(OBJEXT) \
|
||||
- refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_7) \
|
||||
- ssl.$(OBJEXT) $(am__objects_8) stat.$(OBJEXT) \
|
||||
+ refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_10) \
|
||||
+ ssl.$(OBJEXT) $(am__objects_11) stat.$(OBJEXT) \
|
||||
StatHist.$(OBJEXT) String.$(OBJEXT) stmem.$(OBJEXT) \
|
||||
store.$(OBJEXT) store_io.$(OBJEXT) store_client.$(OBJEXT) \
|
||||
store_digest.$(OBJEXT) store_dir.$(OBJEXT) \
|
||||
store_key_md5.$(OBJEXT) store_log.$(OBJEXT) \
|
||||
store_rebuild.$(OBJEXT) store_swapin.$(OBJEXT) \
|
||||
store_swapmeta.$(OBJEXT) store_swapout.$(OBJEXT) \
|
||||
- tools.$(OBJEXT) $(am__objects_9) url.$(OBJEXT) urn.$(OBJEXT) \
|
||||
+ tools.$(OBJEXT) $(am__objects_12) url.$(OBJEXT) urn.$(OBJEXT) \
|
||||
useragent.$(OBJEXT) wais.$(OBJEXT) wccp.$(OBJEXT) \
|
||||
- whois.$(OBJEXT) $(am__objects_10)
|
||||
+ whois.$(OBJEXT) $(am__objects_13)
|
||||
nodist_squid_OBJECTS = repl_modules.$(OBJEXT) auth_modules.$(OBJEXT) \
|
||||
store_modules.$(OBJEXT) globals.$(OBJEXT) \
|
||||
string_arrays.$(OBJEXT)
|
||||
@@ -563,7 +571,9 @@
|
||||
@AMDEP_TRUE@ $(DEPDIR)/fqdncache.Po $(DEPDIR)/ftp.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/globals.Po $(DEPDIR)/gopher.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/helper.Po $(DEPDIR)/htcp.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icmp.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icap_common.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/icap_opt.Po $(DEPDIR)/icap_reqmod.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/icap_respmod.Po $(DEPDIR)/icmp.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/icp_v2.Po $(DEPDIR)/icp_v3.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/ident.Po $(DEPDIR)/internal.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/ipc.Po $(DEPDIR)/ipcache.Po \
|
||||
@@ -777,6 +787,10 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/helper.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/htcp.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/http.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_common.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_opt.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_reqmod.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_respmod.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icmp.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v2.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v3.Po@am__quote@
|
File diff suppressed because it is too large
Load Diff
@ -1,6 +1,28 @@
|
||||
--- src/cf.data.pre.orig Fri Aug 20 16:23:18 2004
|
||||
+++ src/cf.data.pre Fri Aug 20 16:25:23 2004
|
||||
@@ -2396,12 +2396,12 @@
|
||||
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
|
||||
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
|
||||
@@ -1183,6 +1183,21 @@
|
||||
|
||||
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
|
||||
(hard coded at 1 MB).
|
||||
+
|
||||
+ Note for FreeBSD users:
|
||||
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
|
||||
+ support for the aufs storage type, COSS will use POSIX AIO.
|
||||
+ This means that you need to add the line
|
||||
+
|
||||
+ options VFS_AIO
|
||||
+
|
||||
+ to your kernel configuration in order to use COSS.
|
||||
+
|
||||
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
|
||||
+ necessarily need to recompile your kernel.
|
||||
+
|
||||
+ If you compiled Squid with both support for aufs and COSS, COSS
|
||||
+ will use aufs' routines and does not need special kernel support.
|
||||
DOC_END
|
||||
|
||||
NAME: logformat
|
||||
@@ -3280,12 +3295,12 @@
|
||||
|
||||
NAME: cache_effective_user
|
||||
TYPE: string
|
||||
|
@ -1,24 +0,0 @@
|
||||
Patch for Squid bug #1857, obtained from Squid bugzilla 2007-01-15.
|
||||
|
||||
--- src/ftp.c.orig Sun Feb 26 00:34:13 2006
|
||||
+++ src/ftp.c Mon Jan 15 19:46:29 2007
|
||||
@@ -441,7 +441,7 @@
|
||||
ftpState->flags.dir_slash ? rfc1738_escape_part(ftpState->old_filepath) : ".");
|
||||
} else if (ftpState->typecode == 'D') {
|
||||
const char *path = ftpState->flags.dir_slash ? ftpState->filepath : ".";
|
||||
- storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", html_quote(path));
|
||||
+ storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", rfc1738_escape_part(path));
|
||||
}
|
||||
storeAppendPrintf(e, "<HR noshade size=\"1px\">\n");
|
||||
storeAppendPrintf(e, "<ADDRESS>\n");
|
||||
@@ -689,8 +689,8 @@
|
||||
snprintf(html, 8192, "%s\n", line);
|
||||
return html;
|
||||
}
|
||||
- if (ftpState->flags.dir_slash)
|
||||
- snprintf(prefix, sizeof(prefix), "%s/", rfc1738_escape_part(ftpState->dirpath));
|
||||
+ if (ftpState->flags.dir_slash && ftpState->dirpath && ftpState->typecode != 'D' )
|
||||
+ snprintf(prefix, 2048, "%s/", rfc1738_escape_part(ftpState->dirpath));
|
||||
else
|
||||
prefix[0] = '\0';
|
||||
/* Handle builtin <dirup> */
|
@ -21,12 +21,11 @@ POST-DEINSTALL)
|
||||
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
|
||||
echo " created by a default installation of this package, run"
|
||||
echo ""
|
||||
echo " pw userdel -r -n %%SQUID_UID%% -u 100"
|
||||
echo ""
|
||||
echo " pw userdel -n %%SQUID_UID%% -u 100"
|
||||
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
|
||||
echo ""
|
||||
echo " To ease updates, the cache and log directories and"
|
||||
echo " all configuration files modified by you were preserved."
|
||||
echo " In order to ease updates the cache and log directories"
|
||||
echo " and all configuration files modified by you were preserved."
|
||||
echo ""
|
||||
echo " Please remove them manually if you do not want to use"
|
||||
echo " Squid any longer."
|
||||
|
@ -16,18 +16,11 @@ squid_user="%%SQUID_UID%%"
|
||||
squid_group="%%SQUID_GID%%"
|
||||
squid_gid=100
|
||||
squid_uid=100
|
||||
# Try to catch the case where the $squid_user might have been created with an
|
||||
# id greater than or equal 3128. The valid exception is "nobody".
|
||||
nobody_uid=65534
|
||||
nobody_gid=65534
|
||||
squid_oldgid=3128
|
||||
squid_olduid=3128
|
||||
unset wrong_id
|
||||
case $2 in
|
||||
PRE-INSTALL)
|
||||
echo "===> Pre-installation configuration for ${pkgname}"
|
||||
if ! pw groupshow ${squid_group} -q >/dev/null ; then
|
||||
echo "There is no group '${squid_group}' on this system, so I will try to create it:"
|
||||
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
|
||||
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
|
||||
echo "Failed to create group \"${squid_group}\"!" >&2
|
||||
echo "Please create it manually." >&2
|
||||
@ -37,16 +30,11 @@ PRE-INSTALL)
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing group '${squid_group}':"
|
||||
current_gid=`pw groupshow ${squid_group}|cut -f 3 -d :`
|
||||
if [ ${current_gid} -ge ${squid_oldgid} \
|
||||
-a ${current_gid} -ne ${nobody_gid} ]; then
|
||||
wrong_id=1
|
||||
fi
|
||||
fi
|
||||
pw groupshow ${squid_group}
|
||||
|
||||
if ! pw usershow ${squid_user} -q >/dev/null ; then
|
||||
echo "There is no account '${squid_user}' on this system, so I will try to create it:"
|
||||
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
|
||||
if ! pw useradd -q -n ${squid_user} \
|
||||
-u ${squid_uid} -g ${squid_group} \
|
||||
-c "Squid caching-proxy pseudo user" \
|
||||
@ -60,53 +48,8 @@ PRE-INSTALL)
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing user '${squid_user}':"
|
||||
current_uid=`id -u ${squid_user}`
|
||||
if [ ${current_uid} -ge ${squid_olduid} \
|
||||
-a ${current_uid} -ne ${nobody_uid} ];
|
||||
then
|
||||
wrong_id=1
|
||||
fi
|
||||
fi
|
||||
pw usershow ${squid_user}
|
||||
if [ "${wrong_id}" ]; then
|
||||
echo ""
|
||||
echo " * NOTICE *"
|
||||
echo ""
|
||||
echo "The Squid pseudo-user's uid and/or gid have been found"
|
||||
echo "to be greater than or equal 3128."
|
||||
echo ""
|
||||
echo "This is not a problem as such, but violates the FreeBSD"
|
||||
echo "ports' principle that a ports must not claim a uid greater"
|
||||
echo "than 999."
|
||||
echo ""
|
||||
echo "Since version 2.5.4_11, the Squid user is thus created"
|
||||
echo "with an id of ${squid_uid}:${squid_gid} while earlier versions of this"
|
||||
echo "port used the first unused uid/gid greater than or"
|
||||
echo "equal 3128."
|
||||
echo ""
|
||||
echo "If you want to change the existing Squid user's id, run"
|
||||
echo "'make changeuser' after the installation has completed."
|
||||
echo "If you installed this port via a package, issue the"
|
||||
echo "following commands as root:"
|
||||
echo ""
|
||||
echo "pw userdel -u ${current_uid}"
|
||||
echo "pw groupadd -n ${squid_group} -g ${squid_gid}"
|
||||
echo "pw useradd -n ${squid_user} -u ${squid_uid} \\"
|
||||
echo " -c \"Squid caching-proxy pseudo user\" \\"
|
||||
echo " -g ${squid_group} -d ${squid_base} -s /sbin/nologin \\"
|
||||
echo " -h -"
|
||||
echo "find -H ${PKG_PREFIX} -user ${current_uid} -exec chown ${squid_user} {} \\;"
|
||||
echo "find -H ${PKG_PREFIX} -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
|
||||
echo ""
|
||||
echo "In case you have installed third party software for Squid"
|
||||
echo "like squidGuard, you should additionally run:"
|
||||
echo "find -H /var -user ${current_uid} -exec chown ${squid_user} {} \\;"
|
||||
echo "find -H /var -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
|
||||
echo ""
|
||||
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
|
||||
sleep 30
|
||||
fi
|
||||
fi
|
||||
for dir in cache logs; do
|
||||
if [ ! -d ${squid_base}/${dir} ]; then
|
||||
echo "Creating ${squid_base}/${dir}..."
|
||||
|
@ -1,24 +1,31 @@
|
||||
o You can find the configuration files for this package in the
|
||||
directory %%PREFIX%%/etc/squid.
|
||||
|
||||
|
||||
o A cache directory has been created in %%PREFIX%%/squid/cache.
|
||||
Log files will be written to %%PREFIX%%/squid/logs.
|
||||
|
||||
|
||||
Note:
|
||||
You must initialize new cache directories before you can start
|
||||
Squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
|
||||
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
|
||||
If your cache directories are already initialized (e.g. after an
|
||||
upgrade of Squid) you do not need to initialize them again.
|
||||
upgrade of squid) you do not need to initialize them again.
|
||||
|
||||
o The default configuration will deny everyone access to the
|
||||
proxy service. Edit the "http_access" directives in
|
||||
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
|
||||
--begin rcng
|
||||
|
||||
Please note that the Squid start script is an rc.d style script.
|
||||
This means that Squid will not start automatically at boot time.
|
||||
This means that Squid will not start automatically at boot
|
||||
time unless it is explicitly enabled.
|
||||
|
||||
To enable Squid, set squid_enable=yes in either
|
||||
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
|
||||
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
|
||||
--end rcng
|
||||
|
||||
Note:
|
||||
If you just updated your Squid installation from 2.5 or earlier,
|
||||
make sure to check your Squid configuration against the 2.6 default
|
||||
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
|
||||
|
||||
Additionally, you should check your configuration by calling
|
||||
'squid -f /path/to/squid.conf -k parse' before starting Squid.
|
||||
|
@ -5,7 +5,7 @@
|
||||
# PROVIDE: squid
|
||||
# REQUIRE: LOGIN
|
||||
# KEYWORD: shutdown
|
||||
#
|
||||
#
|
||||
# Note:
|
||||
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
|
||||
# /etc/rc.conf.d/squid to make this script actually do something. There
|
@ -1,88 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# --begin rcng
|
||||
# PROVIDE: squid
|
||||
# REQUIRE: LOGIN
|
||||
# KEYWORD: shutdown
|
||||
#
|
||||
# Note:
|
||||
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
|
||||
# /etc/rc.conf.d/squid to make this script actually do something. There
|
||||
# you can also set squid_chdir, squid_user, and squid_flags.
|
||||
#
|
||||
# Please see squid(8), rc.conf(5) and rc(8) for further details.
|
||||
#
|
||||
# --end rcng
|
||||
|
||||
name=squid
|
||||
command=%%PREFIX%%/sbin/squid
|
||||
# --begin rcng
|
||||
extra_commands=reload
|
||||
reload_cmd="${command} ${squid_flags} -k reconfigure"
|
||||
# --end rcng
|
||||
stop_cmd="squid_stop"
|
||||
squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
|
||||
# --begin rcng
|
||||
squid_enable=${squid_enable:-"NO"}
|
||||
# --end rcng
|
||||
squid_flags=${squid_flags-"-D"}
|
||||
squid_user=${squid_user:-%%SQUID_UID%%}
|
||||
default_config=%%PREFIX%%/etc/squid/squid.conf
|
||||
|
||||
# --begin rcold
|
||||
squid_stop() {
|
||||
echo -n " ${name}"
|
||||
${command} -k shutdown
|
||||
while ps -xcU ${squid_user} | grep -q squid; do
|
||||
sleep 2
|
||||
done
|
||||
}
|
||||
|
||||
# --end rcold
|
||||
# --begin rcng
|
||||
squid_stop() {
|
||||
echo "Stopping ${name}."
|
||||
${command} ${squid_flags} -k shutdown
|
||||
run_rc_command poll
|
||||
}
|
||||
|
||||
. %%RC_SUBR%%
|
||||
rcvar=`set_rcvar`
|
||||
load_rc_config ${name}
|
||||
|
||||
# squid(8) will not start if ${default_config} is not present so try
|
||||
# to catch that beforehand via ${required_files} rather than make
|
||||
# squid(8) crash.
|
||||
# If you remove the default configuration file make sure to add
|
||||
# '-f /path/to/your/squid.conf' to squid_flags
|
||||
|
||||
if [ -z "${squid_flags}" ]; then
|
||||
required_files=${default_config}
|
||||
fi
|
||||
required_dirs=${squid_chdir}
|
||||
run_rc_command "$1"
|
||||
# --end rcng
|
||||
# --begin rcold
|
||||
case $1 in
|
||||
start)
|
||||
if [ -x "${command}" -a \
|
||||
\( -f "${default_config}" -o "${squid_flags}" \) ]; then
|
||||
echo -n " ${name}"
|
||||
(cd ${squid_chdir} && exec su -fm ${squid_user} -c \
|
||||
"${command} ${squid_flags}")
|
||||
fi
|
||||
;;
|
||||
stop)
|
||||
if [ -x "${command}" ]; then
|
||||
${stop_cmd}
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "usage: ${0##*/} {start|stop}" >&2
|
||||
exit 64
|
||||
;;
|
||||
esac
|
||||
exit 0
|
||||
# --end rcold
|
@ -9,15 +9,11 @@
|
||||
# Which user/group Squid should run as (default: squid/squid).
|
||||
# The user and group will be created if they do not already exist using
|
||||
# a uid:gid of 100:100.
|
||||
# NOTE: before version 2.5.4_6, these settings defaulted to
|
||||
# nobody/nogroup.
|
||||
# If you wish to keep these settings, please define SQUID_UID=nobody and
|
||||
# SQUID_GID=nogroup in your make environment before you start the update.
|
||||
# NOTE2:
|
||||
# Before version 2.5.4_11 the numerical id chosen for SQUID_UID (and
|
||||
# SQUID_GID respectively) was the first free id greater than or equal 3128.
|
||||
# If you wish to move your squid user to id 100:100, run "make changeuser",
|
||||
# please see the changeuser target's definition for further information.
|
||||
# NOTE: older versions of Squid defaulted to nobody/nogroup.
|
||||
# If you wish to run Squid as "nobody" (which is not recommended), please
|
||||
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
|
||||
# before you start the update or installation of this port.
|
||||
#
|
||||
# SQUID_LANGUAGES
|
||||
# A list of languages for which error page files should be installed
|
||||
# (default: all)
|
||||
@ -39,7 +35,7 @@
|
||||
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
|
||||
#
|
||||
# The list below may be incomplete, please see the configure script
|
||||
# in the squid source distribution for the complete list of additional
|
||||
# in the Squid source distribution for the complete list of additional
|
||||
# options.
|
||||
# Note that you probably do not need to worry about these options in most
|
||||
# cases, they are included in case you want to experiment with them.
|
||||
@ -47,11 +43,10 @@
|
||||
# --enable-dlmalloc
|
||||
# Compile and use the malloc package from Doug Lea
|
||||
# --enable-gnuregex
|
||||
# Compile and use the supplied GNUregex routines instead of BSD regex.
|
||||
# Compile and use the supplied GNUregex routines instead of BSD regex
|
||||
# (not recommended).
|
||||
# --enable-xmalloc-statistics
|
||||
# Show malloc statistics in status page
|
||||
# --enable-time-hack
|
||||
# Optimize time updates to one per second rather than calling gettimeofday()
|
||||
# --enable-cachemgr-hostname=some.hostname
|
||||
# Set an explicit hostname in cachemgr.cgi
|
||||
# --enable-truncate
|
||||
@ -69,39 +64,53 @@
|
||||
# --enable-ntlm-fail-open
|
||||
# Enable NTLM fail open, where a helper that fails one of the
|
||||
# Authentication steps can allow Squid to still authenticate the user
|
||||
#
|
||||
# --enable-x-accelerator-vary
|
||||
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
|
||||
# to indicate variance within an accelerator setup. Typically used
|
||||
# together with other code that adds custom HTTP headers to the
|
||||
# requests.
|
||||
# --enable-forward-log
|
||||
# Enable experimental forward_log directive.
|
||||
# --enable-multicast-miss
|
||||
# Enable experimental multicast notification of cachemisses.
|
||||
|
||||
PORTNAME= squid
|
||||
PORTVERSION= 2.5.14
|
||||
PORTREVISION= 4
|
||||
PORTVERSION= 2.6.9
|
||||
CATEGORIES= www
|
||||
MASTER_SITES= http://www.squid-cache.org/%SUBDIR%/ \
|
||||
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
|
||||
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
|
||||
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
|
||||
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
|
||||
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
|
||||
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
|
||||
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
|
||||
MASTER_SITE_SUBDIR= squid-2/STABLE
|
||||
DISTNAME= squid-2.6.STABLE9
|
||||
DIST_SUBDIR= squid2.6
|
||||
|
||||
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www3.us.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.at.squid-cache.org/%SUBDIR%/ \
|
||||
http://www2.nl.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.ru.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.uk.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.gr.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.jp.squid-cache.org/%SUBDIR%/ \
|
||||
http://www1.tw.squid-cache.org/%SUBDIR%/
|
||||
MASTER_SITE_SUBDIR= Versions/v2/2.5
|
||||
DISTNAME= squid-2.5.STABLE14
|
||||
DIST_SUBDIR= squid2.5
|
||||
|
||||
PATCH_SITES= ${MASTER_SITES}
|
||||
PATCH_SITE_SUBDIR= Versions/v2/2.5/bugs
|
||||
PATCHFILES= squid-2.5.STABLE14-httpReplyDestroy.patch \
|
||||
squid-2.5.STABLE14-hierarchy_tag.patch
|
||||
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
|
||||
PATCHFILES=
|
||||
PATCH_DIST_STRIP= -p1
|
||||
|
||||
MAINTAINER= tmseck@netcologne.de
|
||||
COMMENT= HTTP Caching Proxy
|
||||
|
||||
CONFLICTS= squid-2.[^5]*
|
||||
CONFLICTS= squid-2.[^6]*
|
||||
GNU_CONFIGURE= yes
|
||||
USE_BZIP2= yes
|
||||
USE_PERL5= yes
|
||||
USE_RC_SUBR= squid
|
||||
|
||||
SQUID_UID?= squid
|
||||
SQUID_GID?= squid
|
||||
@ -116,20 +125,19 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
|
||||
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
|
||||
SQUID_DELAY_POOLS "Enable delay pools" off \
|
||||
SQUID_SNMP "Enable SNMP support" off \
|
||||
SQUID_CARP "Enable CARP support" off \
|
||||
SQUID_CARP "Enable CARP support" on \
|
||||
SQUID_SSL "Enable SSL support for reverse proxies" off \
|
||||
SQUID_PINGER "Install the icmp helper" off \
|
||||
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
|
||||
SQUID_HTCP "Enable HTCP support" off \
|
||||
SQUID_VIA_DB "Enable forward/via database" off \
|
||||
SQUID_CACHE_DIGESTS "Enable cache digests" off \
|
||||
SQUID_WCCP "Enable Web Cache Coordination Protocol" on \
|
||||
SQUID_UNDERSCORES "Allow underscores in hostnames" on \
|
||||
SQUID_CHECK_HOSTNAME "Do hostname checking" on \
|
||||
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
|
||||
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
|
||||
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
|
||||
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
|
||||
SQUID_REFERER_LOG "Enable Referer-header logging" off \
|
||||
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
|
||||
SQUID_CUSTOM_LOG "Enable custom log format" off \
|
||||
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
|
||||
SQUID_PF "Enable transparent proxying with PF" off \
|
||||
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
|
||||
@ -137,9 +145,9 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
|
||||
SQUID_ICAP "Enable ICAP client functionality" off \
|
||||
SQUID_AUFS "Enable the aufs storage scheme" off \
|
||||
SQUID_COSS "Enable the COSS storage scheme" off \
|
||||
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
|
||||
SQUID_LARGEFILE "Support log and cache files >2GB" off \
|
||||
SQUID_STACKTRACES "Create backtraces on fatal errors" off \
|
||||
SQUID_RCNG "Install an rc.d style startup script" on
|
||||
SQUID_STACKTRACES "Create backtraces on fatal errors" off
|
||||
|
||||
etc_files= squid/cachemgr.conf.default \
|
||||
squid/mib.txt squid/mime.conf.default \
|
||||
@ -167,37 +175,44 @@ error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
|
||||
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
|
||||
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
|
||||
|
||||
libexec= cachemgr.cgi digest_pw_auth diskd ip_user_check \
|
||||
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
|
||||
msnt_auth ncsa_auth ntlm_auth \
|
||||
pam_auth smb_auth smb_auth.sh squid_unix_group \
|
||||
wb_auth wb_group wb_ntlmauth wbinfo_group.pl
|
||||
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
|
||||
wbinfo_group.pl
|
||||
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
|
||||
libexec+= unlinkd
|
||||
.endif
|
||||
|
||||
sbin= RunAccel RunCache squidclient squid
|
||||
sbin= RunCache squidclient squid
|
||||
|
||||
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \
|
||||
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
|
||||
--sbindir=${PREFIX}/sbin \
|
||||
--datadir=${PREFIX}/etc/squid \
|
||||
--libexecdir=${PREFIX}/libexec/squid \
|
||||
--localstatedir=${PREFIX}/squid \
|
||||
--enable-removal-policies="lru heap"
|
||||
--sysconfdir=${PREFIX}/etc/squid \
|
||||
--enable-removal-policies="lru heap" \
|
||||
--disable-linux-netfilter \
|
||||
--disable-linux-tproxy \
|
||||
--disable-epoll
|
||||
|
||||
.include <bsd.port.pre.mk>
|
||||
|
||||
# Authentication methods and modules:
|
||||
|
||||
basic_auth= NCSA PAM MSNT SMB winbind
|
||||
external_acl= ip_user unix_group wbinfo_group winbind_group
|
||||
MAN8+= pam_auth.8 squid_unix_group.8
|
||||
basic_auth= NCSA PAM MSNT SMB
|
||||
digest_auth= password
|
||||
external_acl= ip_user session unix_group wbinfo_group
|
||||
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
|
||||
.if defined(WITH_SQUID_LDAP_AUTH)
|
||||
USE_OPENLDAP= yes
|
||||
CFLAGS+= -I${LOCALBASE}/include
|
||||
LDFLAGS+= -L${LOCALBASE}/lib
|
||||
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
|
||||
basic_auth+= LDAP
|
||||
digest_auth+= ldap
|
||||
external_acl+= ldap_group
|
||||
libexec+= squid_ldap_auth squid_ldap_group
|
||||
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SASL_AUTH)
|
||||
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
|
||||
@ -213,23 +228,33 @@ libexec+= yp_auth
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
|
||||
--enable-basic-auth-helpers="${basic_auth}" \
|
||||
--enable-digest-auth-helpers="password" \
|
||||
--enable-digest-auth-helpers="${digest_auth}" \
|
||||
--enable-external-acl-helpers="${external_acl}" \
|
||||
--enable-ntlm-auth-helpers="SMB winbind"
|
||||
--enable-ntlm-auth-helpers="SMB"
|
||||
|
||||
# Selection of storage schemes:
|
||||
# Storage schemes:
|
||||
|
||||
storage_schemes= ufs diskd null
|
||||
.if defined(WITH_SQUID_AUFS)
|
||||
storage_schemes+= aufs
|
||||
.if ${OSVERSION}>=501000
|
||||
# Only document libmap.conf where it is available:
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
|
||||
.endif
|
||||
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
|
||||
CONFIGURE_ARGS+= --enable-async-io \
|
||||
--with-pthreads
|
||||
CONFIGURE_ARGS+= --with-pthreads
|
||||
CFLAGS+= ${PTHREAD_CFLAGS}
|
||||
.endif
|
||||
.if defined(WITH_SQUID_COSS)
|
||||
storage_schemes+= coss
|
||||
CONFIGURE_ARGS+= --with-aio
|
||||
.if !defined(WITH_SQUID_AUFS)
|
||||
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
|
||||
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
|
||||
# adding the option VFS_AIO to your kernel configuration if you want to
|
||||
# actually use COSS storage:
|
||||
CONFIGURE_ARGS+= --enable-coss-aio-ops
|
||||
.endif
|
||||
sbin+= cossdump
|
||||
.endif
|
||||
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
|
||||
|
||||
@ -241,13 +266,14 @@ CONFIGURE_ARGS+= --enable-delay-pools
|
||||
.if defined(WITH_SQUID_SNMP)
|
||||
CONFIGURE_ARGS+= --enable-snmp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_CARP)
|
||||
CONFIGURE_ARGS+= --enable-carp
|
||||
.if defined(WITHOUT_SQUID_CARP)
|
||||
CONFIGURE_ARGS+= --disable-carp
|
||||
.endif
|
||||
.if defined(WITH_SQUID_SSL)
|
||||
# we need to .include bsd.openssl.mk manually here because USE_OPENSSL only
|
||||
# works when it is defined before bsd.port{.pre}.mk is .included and this is
|
||||
# not possible when using OPTIONS
|
||||
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
|
||||
# works when it is defined before bsd.port{.pre}.mk is .included.
|
||||
# This makes it currently impossible to combine this macro with OPTIONS to
|
||||
# conditionally include OpenSSL support.
|
||||
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
|
||||
CONFIGURE_ARGS+= --enable-ssl \
|
||||
--with-openssl="${OPENSSLBASE}"
|
||||
@ -274,11 +300,8 @@ CONFIGURE_ARGS+= --enable-cache-digests
|
||||
.if defined(WITHOUT_SQUID_WCCP)
|
||||
CONFIGURE_ARGS+= --disable-wccp
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_UNDERSCORES)
|
||||
CONFIGURE_ARGS+= --enable-underscores
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_CHECK_HOSTNAME)
|
||||
CONFIGURE_ARGS+= --disable-hostname-checks
|
||||
.if defined(WITH_SQUID_WCCPV2)
|
||||
CONFIGURE_ARGS+= --enable-wccpv2
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STRICT_HTTP)
|
||||
CONFIGURE_ARGS+= --disable-http-violations
|
||||
@ -286,12 +309,12 @@ CONFIGURE_ARGS+= --disable-http-violations
|
||||
.if defined(WITHOUT_SQUID_IDENT)
|
||||
CONFIGURE_ARGS+= --disable-ident-lookups
|
||||
.endif
|
||||
.if defined(WITH_SQUID_REFERER_LOG)
|
||||
CONFIGURE_ARGS+= --enable-referer-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_USERAGENT_LOG)
|
||||
CONFIGURE_ARGS+= --enable-useragent-log
|
||||
.endif
|
||||
.if defined(WITH_SQUID_CUSTOM_LOG)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/customlog-2.5.patch
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ARP_ACL)
|
||||
CONFIGURE_ARGS+= --enable-arp-acl
|
||||
.endif
|
||||
@ -315,45 +338,39 @@ CONFIGURE_ARGS+= --enable-ipf-transparent
|
||||
.endif
|
||||
.endif
|
||||
.if defined(WITH_SQUID_FOLLOW_XFF)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/follow_xff-2.5.patch \
|
||||
${PATCHDIR}/follow_xff-configure.patch
|
||||
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
|
||||
.endif
|
||||
.if defined(WITH_SQUID_ICAP)
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.5-core.patch \
|
||||
${PATCHDIR}/icap-2.5-bootstrap.patch
|
||||
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
|
||||
${PATCHDIR}/icap-2.6-core.patch
|
||||
CONFIGURE_ARGS+= --enable-icap-support
|
||||
error_files+= ERR_ICAP_FAILURE
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_KQUEUE)
|
||||
CONFIGURE_ARGS+= --enable-kqueue
|
||||
.else
|
||||
CONFIGURE_ARGS+= --disable-kqueue
|
||||
.endif
|
||||
.if defined(WITH_SQUID_LARGEFILE)
|
||||
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
|
||||
.endif
|
||||
.if defined(WITH_SQUID_STACKTRACES)
|
||||
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
|
||||
CONFIGURE_ARGS+= --enable-stacktraces
|
||||
CFLAGS+= -g
|
||||
STRIP= ""
|
||||
.endif
|
||||
.if !defined(WITHOUT_SQUID_RCNG)
|
||||
USE_RC_SUBR= squid.sh
|
||||
rc_del= rcold
|
||||
rc_state= rcng
|
||||
.else
|
||||
SUB_FILES+= squid.sh
|
||||
etc_files+= rc.d/squid.sh
|
||||
rc_del= rcng
|
||||
rc_state= rcold
|
||||
.endif
|
||||
|
||||
# Languages:
|
||||
#
|
||||
# If you do not define SQUID_LANGUAGES yourself, all available language files
|
||||
# will be installed; the default language will be English.
|
||||
|
||||
SQUID_LANGUAGES?= \
|
||||
Azerbaijani Bulgarian Catalan Czech Danish Dutch English Estonian Finnish \
|
||||
French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian \
|
||||
Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian \
|
||||
Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish
|
||||
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
|
||||
English Estonian Finnish French German Greek Hebrew \
|
||||
Hungarian Italian Japanese Korean Lithuanian \
|
||||
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
|
||||
Serbian Simplify_Chinese Slovak Spanish Swedish \
|
||||
Traditional_Chinese Turkish
|
||||
SQUID_DEFAULT_LANG?= English
|
||||
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
|
||||
--enable-default-err-language=${SQUID_DEFAULT_LANG}
|
||||
@ -378,7 +395,8 @@ PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
|
||||
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
|
||||
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre
|
||||
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
|
||||
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
|
||||
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
|
||||
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
|
||||
@ -387,31 +405,16 @@ pre-install:
|
||||
# Prevent installation of .orig files by deleting them.
|
||||
@${FIND} ${WRKSRC} -name '*.bak' -delete
|
||||
@${FIND} ${WRKSRC} -name '*.orig' -delete
|
||||
# create the start script:
|
||||
@${REINPLACE_CMD} \
|
||||
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
|
||||
-e '/--.*${rc_state}/d' ${WRKDIR}/squid.sh
|
||||
# create variable information in pkg-message:
|
||||
@${REINPLACE_CMD} \
|
||||
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
|
||||
-e '/--.*${rc_state}/d' ${PKGMESSAGE}
|
||||
|
||||
pre-su-install:
|
||||
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
|
||||
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
|
||||
|
||||
post-install:
|
||||
# Create cachemgr.conf.default manually since squid's install routine
|
||||
# unfortunately fails to do so:
|
||||
${INSTALL_DATA} ${WRKSRC}/src/cachemgr.conf \
|
||||
${PREFIX}/etc/squid/cachemgr.conf.default
|
||||
.if defined(WITH_SQUID_PINGER)
|
||||
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
|
||||
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
|
||||
.endif
|
||||
.if defined(WITHOUT_SQUID_RCNG)
|
||||
${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/
|
||||
.endif
|
||||
.if !defined(NOPORTDOCS)
|
||||
@${MKDIR} ${DOCSDIR}
|
||||
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
|
||||
@ -423,50 +426,5 @@ post-install:
|
||||
@${ECHO_CMD} ""
|
||||
@${CAT} ${PKGMESSAGE}
|
||||
@${ECHO_CMD} ""
|
||||
changeuser:
|
||||
# Recover from the problem that earlier versions of this port created the
|
||||
# squid pseudo-user with an id greater than 999 which is not allowed in
|
||||
# FreeBSD's ports system. The port now uses id 100:100.
|
||||
# NOTE:
|
||||
# This target assumes that SQUID_GID is the primary group of SQUID_UID. If you
|
||||
# have a different setup, do not run this target!
|
||||
.if ${SQUID_UID:L} == nobody
|
||||
@${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \
|
||||
${ECHO_CMD} "this target!"
|
||||
${FALSE}
|
||||
.endif
|
||||
@if [ `${ID} -u` -ne 0 ]; \
|
||||
then ${ECHO_CMD} "Sorry, you must be root to use this target."; ${FALSE}; fi; \
|
||||
current_uid=`id -u ${SQUID_UID}`; \
|
||||
current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \
|
||||
${ECHO_CMD} "I will remove this user:"; \
|
||||
${ID} -P $${current_uid}; \
|
||||
${ECHO_CMD} "and this group:"; \
|
||||
pw groupshow ${SQUID_GID}; \
|
||||
${ECHO_CMD} "I will then re-create them with a user and group id of 100."; \
|
||||
${ECHO_CMD} "Then all files and directories under ${PREFIX} and /var that"; \
|
||||
${ECHO_CMD} "are owned by uid $${current_uid} will be chown(1)'ed."; \
|
||||
${ECHO_CMD} "After that, all files and directories that were accessible"; \
|
||||
${ECHO_CMD} "by group $${current_gid} will chgrp(1)'ed respectively."; \
|
||||
${ECHO_CMD} "Note that this assumes group '${SQUID_GID}' to be the primary"; \
|
||||
${ECHO_CMD} "group of user '${SQUID_UID}'. If you have a different setup"; \
|
||||
${ECHO_CMD} "please abort this target now."; \
|
||||
read -p "Press RETURN to continue or CTRL-C to abort:" dummy ; \
|
||||
${ECHO_CMD} "OK, here we go:"; \
|
||||
${ECHO_CMD} "deleting user $${current_uid} and his primary group..."; \
|
||||
pw userdel -u $${current_uid}; \
|
||||
${ECHO_CMD} "adding user ${SQUID_UID} with id 100..."; \
|
||||
pw groupadd -n ${SQUID_GID} -g 100; \
|
||||
pw useradd -n ${SQUID_UID} -u 100 -c "squid caching-proxy pseudo user" \
|
||||
-d ${PREFIX}/squid -s /sbin/nologin -h - ; \
|
||||
${ECHO_CMD} "chown(1)'ing everything under ${PREFIX} from $${current_uid} to 100..."; \
|
||||
${FIND} -H ${PREFIX} -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
|
||||
${ECHO_CMD} "chgrp(1)'ing everything under ${PREFIX} from $${current_gid} to 100..."; \
|
||||
${FIND} -H ${PREFIX} -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
|
||||
${ECHO_CMD} "chown(1)'ing everything under /var from $${current_uid} to 100..."; \
|
||||
${FIND} -H /var -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
|
||||
${ECHO_CMD} "chgrp(1)'ing everything under /var from $${current_gid} to 100..."; \
|
||||
${FIND} -H /var -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
|
||||
${ECHO_CMD} "Finished."
|
||||
|
||||
.include <bsd.port.post.mk>
|
||||
|
@ -1,9 +1,3 @@
|
||||
MD5 (squid2.5/squid-2.5.STABLE14.tar.bz2) = f413e0b887a5f9b2a75350243ed5564c
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14.tar.bz2) = c4eaee0e5ee42f46060217df9a88d628d244c0a543feab8296e44269e57ec7bd
|
||||
SIZE (squid2.5/squid-2.5.STABLE14.tar.bz2) = 1073745
|
||||
MD5 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1529f8b0170e24b26353578778435bd4
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 9e99132b8efb07e3465d5e33749aa450daecfa3acde73755b6a3589d09d19285
|
||||
SIZE (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1277
|
||||
MD5 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 9abe563ca3d01dc58502737edc6f3c60
|
||||
SHA256 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 6c98f1f2351b79cfc3f956ed1c46d86c7a53aac0ba28203a33f2dadc7d1e96fe
|
||||
SIZE (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 1319
|
||||
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
|
||||
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
|
||||
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060
|
||||
|
File diff suppressed because it is too large
Load Diff
20
www/squid31/files/extra-patch-src-cf.data.pre.aufs
Normal file
20
www/squid31/files/extra-patch-src-cf.data.pre.aufs
Normal file
@ -0,0 +1,20 @@
|
||||
--- src/cf.data.pre.orig Wed Nov 1 15:12:02 2006
|
||||
+++ src/cf.data.pre Wed Nov 1 15:12:17 2006
|
||||
@@ -1097,6 +1100,17 @@
|
||||
|
||||
see argument descriptions under ufs above
|
||||
|
||||
+ Note:
|
||||
+ By default, FreeBSD uses the pthread(3) M:N threading library.
|
||||
+ You can, however, map the thread library to the 1:1 libthr(3)
|
||||
+ implementation by inserting the following lines into
|
||||
+ /etc/libmap.conf and see whether this performs better on your
|
||||
+ system:
|
||||
+
|
||||
+ [%%PREFIX%%/sbin/squid]
|
||||
+ libpthread.so.1 libthr.so.1
|
||||
+ libpthread.so.2 libthr.so.2
|
||||
+
|
||||
The diskd store type:
|
||||
|
||||
"diskd" uses the same storage format as "ufs", utilizing a
|
@ -1,411 +0,0 @@
|
||||
! This is a reduced part of the original follow-XFF patchset from
|
||||
! devel.squid-cache.org for use with the FreeBSD squid-2.5 port.
|
||||
Index: src/acl.c
|
||||
--- src/acl.c 13 May 2003 02:14:12 -0000 1.43.2.16
|
||||
+++ src/acl.c 23 Nov 2003 14:20:12 -0000
|
||||
@@ -2001,6 +2001,11 @@
|
||||
cbdataLock(A);
|
||||
if (request != NULL) {
|
||||
checklist->request = requestLink(request);
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (Config.onoff.acl_uses_indirect_client) {
|
||||
+ checklist->src_addr = request->indirect_client_addr;
|
||||
+ } else
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
checklist->src_addr = request->client_addr;
|
||||
checklist->my_addr = request->my_addr;
|
||||
checklist->my_port = request->my_port;
|
||||
Index: src/cf.data.pre
|
||||
--- src/cf.data.pre 7 Nov 2003 03:14:30 -0000 1.49.2.46
|
||||
+++ src/cf.data.pre 23 Nov 2003 14:20:17 -0000
|
||||
@@ -2065,6 +2065,92 @@
|
||||
NOCOMMENT_END
|
||||
DOC_END
|
||||
|
||||
+NAME: follow_x_forwarded_for
|
||||
+TYPE: acl_access
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+LOC: Config.accessList.followXFF
|
||||
+DEFAULT: none
|
||||
+DEFAULT_IF_NONE: deny all
|
||||
+DOC_START
|
||||
+ Allowing or Denying the X-Forwarded-For header to be followed to
|
||||
+ find the original source of a request.
|
||||
+
|
||||
+ Requests may pass through a chain of several other proxies
|
||||
+ before reaching us. The X-Forwarded-For header will contain a
|
||||
+ comma-separated list of the IP addresses in the chain, with the
|
||||
+ rightmost address being the most recent.
|
||||
+
|
||||
+ If a request reaches us from a source that is allowed by this
|
||||
+ configuration item, then we consult the X-Forwarded-For header
|
||||
+ to see where that host received the request from. If the
|
||||
+ X-Forwarded-For header contains multiple addresses, and if
|
||||
+ acl_uses_indirect_client is on, then we continue backtracking
|
||||
+ until we reach an address for which we are not allowed to
|
||||
+ follow the X-Forwarded-For header, or until we reach the first
|
||||
+ address in the list. (If acl_uses_indirect_client is off, then
|
||||
+ it's impossible to backtrack through more than one level of
|
||||
+ X-Forwarded-For addresses.)
|
||||
+
|
||||
+ The end result of this process is an IP address that we will
|
||||
+ refer to as the indirect client address. This address may
|
||||
+ be treated as the client address for access control, delay
|
||||
+ pools and logging, depending on the acl_uses_indirect_client,
|
||||
+ delay_pool_uses_indirect_client and log_uses_indirect_client
|
||||
+ options.
|
||||
+
|
||||
+ SECURITY CONSIDERATIONS:
|
||||
+
|
||||
+ Any host for which we follow the X-Forwarded-For header
|
||||
+ can place incorrect information in the header, and Squid
|
||||
+ will use the incorrect information as if it were the
|
||||
+ source address of the request. This may enable remote
|
||||
+ hosts to bypass any access control restrictions that are
|
||||
+ based on the client's source addresses.
|
||||
+
|
||||
+ For example:
|
||||
+
|
||||
+ acl localhost src 127.0.0.1
|
||||
+ acl my_other_proxy srcdomain .proxy.example.com
|
||||
+ follow_x_forwarded_for allow localhost
|
||||
+ follow_x_forwarded_for allow my_other_proxy
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: acl_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.acl_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in acl matching.
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: delay_pool_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR && DELAY_POOLS
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.delay_pool_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in delay pools.
|
||||
+DOC_END
|
||||
+
|
||||
+NAME: log_uses_indirect_client
|
||||
+COMMENT: on|off
|
||||
+TYPE: onoff
|
||||
+IFDEF: FOLLOW_X_FORWARDED_FOR
|
||||
+DEFAULT: on
|
||||
+LOC: Config.onoff.log_uses_indirect_client
|
||||
+DOC_START
|
||||
+ Controls whether the indirect client address
|
||||
+ (see follow_x_forwarded_for) is used instead of the
|
||||
+ direct client address in the access log.
|
||||
+DOC_END
|
||||
+
|
||||
NAME: http_access
|
||||
TYPE: acl_access
|
||||
LOC: Config.accessList.http
|
||||
Index: src/client_side.c
|
||||
--- src/client_side.c 2 Sep 2003 02:13:45 -0000 1.47.2.39
|
||||
+++ src/client_side.c 23 Nov 2003 14:20:22 -0000
|
||||
@@ -109,6 +109,11 @@
|
||||
#if USE_IDENT
|
||||
static IDCB clientIdentDone;
|
||||
#endif
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+static void clientFollowXForwardedForStart(void *data);
|
||||
+static void clientFollowXForwardedForNext(void *data);
|
||||
+static void clientFollowXForwardedForDone(int answer, void *data);
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
static int clientOnlyIfCached(clientHttpRequest * http);
|
||||
static STCB clientSendMoreData;
|
||||
static STCB clientCacheHit;
|
||||
@@ -177,10 +182,179 @@
|
||||
return ch;
|
||||
}
|
||||
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+/*
|
||||
+ * clientFollowXForwardedForStart() copies the X-Forwarded-For
|
||||
+ * header into x_forwarded_for_iterator and passes control to
|
||||
+ * clientFollowXForwardedForNext().
|
||||
+ *
|
||||
+ * clientFollowXForwardedForNext() checks the indirect_client_addr
|
||||
+ * against the followXFF ACL and passes the result to
|
||||
+ * clientFollowXForwardedForDone().
|
||||
+ *
|
||||
+ * clientFollowXForwardedForDone() either grabs the next address
|
||||
+ * from the tail of x_forwarded_for_iterator and loops back to
|
||||
+ * clientFollowXForwardedForNext(), or cleans up and passes control to
|
||||
+ * clientAccessCheck().
|
||||
+ */
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForStart(void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ if (Config.accessList.followXFF
|
||||
+ && httpHeaderHas(&request->header, HDR_X_FORWARDED_FOR))
|
||||
+ {
|
||||
+ request->x_forwarded_for_iterator = httpHeaderGetList(
|
||||
+ &request->header, HDR_X_FORWARDED_FOR);
|
||||
+ debug(33, 5) ("clientFollowXForwardedForStart: indirect_client_addr=%s XFF='%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ strBuf(request->x_forwarded_for_iterator));
|
||||
+ clientFollowXForwardedForNext(http);
|
||||
+ } else {
|
||||
+ /* not configured to follow X-Forwarded-For, or nothing to follow */
|
||||
+ debug(33, 5) ("clientFollowXForwardedForStart: nothing to do\n");
|
||||
+ clientFollowXForwardedForDone(-1, http);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForNext(void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ debug(33, 5) ("clientFollowXForwardedForNext: indirect_client_addr=%s XFF='%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ strBuf(request->x_forwarded_for_iterator));
|
||||
+ if (strLen(request->x_forwarded_for_iterator) != 0) {
|
||||
+ /* check the acl to see whether to believe the X-Forwarded-For header */
|
||||
+ http->acl_checklist = clientAclChecklistCreate(
|
||||
+ Config.accessList.followXFF, http);
|
||||
+ aclNBCheck(http->acl_checklist, clientFollowXForwardedForDone, http);
|
||||
+ } else {
|
||||
+ /* nothing left to follow */
|
||||
+ debug(33, 5) ("clientFollowXForwardedForNext: nothing more to do\n");
|
||||
+ clientFollowXForwardedForDone(-1, http);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+clientFollowXForwardedForDone(int answer, void *data)
|
||||
+{
|
||||
+ clientHttpRequest *http = data;
|
||||
+ request_t *request = http->request;
|
||||
+ /*
|
||||
+ * answer should be be ACCESS_ALLOWED or ACCESS_DENIED if we are
|
||||
+ * called as a result of ACL checks, or -1 if we are called when
|
||||
+ * there's nothing left to do.
|
||||
+ */
|
||||
+ if (answer == ACCESS_ALLOWED) {
|
||||
+ /*
|
||||
+ * The IP address currently in request->indirect_client_addr
|
||||
+ * is trusted to use X-Forwarded-For. Remove the last
|
||||
+ * comma-delimited element from x_forwarded_for_iterator and use
|
||||
+ * it to to replace indirect_client_addr, then repeat the cycle.
|
||||
+ */
|
||||
+ const char *p;
|
||||
+ const char *asciiaddr;
|
||||
+ int l;
|
||||
+ struct in_addr addr;
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s is trusted\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ p = strBuf(request->x_forwarded_for_iterator);
|
||||
+ l = strLen(request->x_forwarded_for_iterator);
|
||||
+
|
||||
+ /*
|
||||
+ * XXX x_forwarded_for_iterator should really be a list of
|
||||
+ * IP addresses, but it's a String instead. We have to
|
||||
+ * walk backwards through the String, biting off the last
|
||||
+ * comma-delimited part each time. As long as the data is in
|
||||
+ * a String, we should probably implement and use a variant of
|
||||
+ * strListGetItem() that walks backwards instead of forwards
|
||||
+ * through a comma-separated list. But we don't even do that;
|
||||
+ * we just do the work in-line here.
|
||||
+ */
|
||||
+ /* skip trailing space and commas */
|
||||
+ while (l > 0 && (p[l-1] == ',' || xisspace(p[l-1])))
|
||||
+ l--;
|
||||
+ strCut(request->x_forwarded_for_iterator, l);
|
||||
+ /* look for start of last item in list */
|
||||
+ while (l > 0 && ! (p[l-1] == ',' || xisspace(p[l-1])))
|
||||
+ l--;
|
||||
+ asciiaddr = p+l;
|
||||
+ if (inet_aton(asciiaddr, &addr) == 0) {
|
||||
+ /* the address is not well formed; do not use it */
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: malformed address '%s'\n",
|
||||
+ asciiaddr);
|
||||
+ goto done;
|
||||
+ }
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: changing indirect_client_addr from %s to '%s'\n",
|
||||
+ inet_ntoa(request->indirect_client_addr),
|
||||
+ asciiaddr);
|
||||
+ request->indirect_client_addr = addr;
|
||||
+ strCut(request->x_forwarded_for_iterator, l);
|
||||
+ if (! Config.onoff.acl_uses_indirect_client) {
|
||||
+ /*
|
||||
+ * If acl_uses_indirect_client is off, then it's impossible
|
||||
+ * to follow more than one level of X-Forwarded-For.
|
||||
+ */
|
||||
+ goto done;
|
||||
+ }
|
||||
+ clientFollowXForwardedForNext(http);
|
||||
+ return;
|
||||
+ } else if (answer == ACCESS_DENIED) {
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s not trusted\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ } else {
|
||||
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s nothing more to do\n",
|
||||
+ inet_ntoa(request->indirect_client_addr));
|
||||
+ }
|
||||
+done:
|
||||
+ /* clean up, and pass control to clientAccessCheck */
|
||||
+ debug(33, 6) ("clientFollowXForwardedForDone: cleanup\n");
|
||||
+ if (Config.onoff.log_uses_indirect_client) {
|
||||
+ /*
|
||||
+ * Ensure that the access log shows the indirect client
|
||||
+ * instead of the direct client.
|
||||
+ */
|
||||
+ ConnStateData *conn = http->conn;
|
||||
+ conn->log_addr = request->indirect_client_addr;
|
||||
+ conn->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr;
|
||||
+ debug(33, 3) ("clientFollowXForwardedForDone: setting log_addr=%s\n",
|
||||
+ inet_ntoa(conn->log_addr));
|
||||
+ }
|
||||
+ stringClean(&request->x_forwarded_for_iterator);
|
||||
+ request->flags.done_follow_x_forwarded_for = 1;
|
||||
+ http->acl_checklist = NULL; /* XXX do we need to aclChecklistFree() ? */
|
||||
+ clientAccessCheck(http);
|
||||
+}
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
+
|
||||
void
|
||||
clientAccessCheck(void *data)
|
||||
{
|
||||
clientHttpRequest *http = data;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (! http->request->flags.done_follow_x_forwarded_for
|
||||
+ && httpHeaderHas(&http->request->header, HDR_X_FORWARDED_FOR))
|
||||
+ {
|
||||
+ /*
|
||||
+ * There's an X-ForwardedFor header and we haven't yet tried
|
||||
+ * to follow it to find the indirect_client_addr. Follow it now.
|
||||
+ * clientFollowXForwardedForDone() will eventually pass control
|
||||
+ * back to us.
|
||||
+ *
|
||||
+ * XXX perhaps our caller should have called
|
||||
+ * clientFollowXForwardedForStart instead. Then we wouldn't
|
||||
+ * need to do this little dance transferring control over
|
||||
+ * there and then back here, and we wouldn't need the
|
||||
+ * done_follow_x_forwarded_for flag.
|
||||
+ */
|
||||
+ clientFollowXForwardedForStart(data);
|
||||
+ return;
|
||||
+ }
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
if (checkAccelOnly(http)) {
|
||||
/* deny proxy requests in accel_only mode */
|
||||
debug(33, 1) ("clientAccessCheck: proxy request denied in accel_only mode\n");
|
||||
@@ -325,6 +499,9 @@
|
||||
new_request->http_ver = old_request->http_ver;
|
||||
httpHeaderAppend(&new_request->header, &old_request->header);
|
||||
new_request->client_addr = old_request->client_addr;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ new_request->indirect_client_addr = old_request->indirect_client_addr;
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
new_request->my_addr = old_request->my_addr;
|
||||
new_request->my_port = old_request->my_port;
|
||||
new_request->flags.redirected = 1;
|
||||
@@ -3051,6 +3228,9 @@
|
||||
safe_free(http->log_uri);
|
||||
http->log_uri = xstrdup(urlCanonicalClean(request));
|
||||
request->client_addr = conn->peer.sin_addr;
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ request->indirect_client_addr = request->client_addr;
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
request->my_addr = conn->me.sin_addr;
|
||||
request->my_port = ntohs(conn->me.sin_port);
|
||||
request->http_ver = http->http_ver;
|
||||
Index: src/delay_pools.c
|
||||
--- src/delay_pools.c 19 Jun 2003 02:13:57 -0000 1.5.54.6
|
||||
+++ src/delay_pools.c 23 Nov 2003 14:20:23 -0000
|
||||
@@ -318,6 +318,11 @@
|
||||
r = http->request;
|
||||
|
||||
memset(&ch, '\0', sizeof(ch));
|
||||
+#if FOLLOW_X_FORWARDED_FOR
|
||||
+ if (Config.onoff.delay_pool_uses_indirect_client) {
|
||||
+ ch.src_addr = r->indirect_client_addr;
|
||||
+ } else
|
||||
+#endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
ch.src_addr = r->client_addr;
|
||||
ch.my_addr = r->my_addr;
|
||||
ch.my_port = r->my_port;
|
||||
*** src/structs.h.orig Sun Jun 26 12:45:58 2005
|
||||
--- src/structs.h Sun Jun 26 12:48:45 2005
|
||||
***************
|
||||
*** 610,615 ****
|
||||
--- 610,620 ----
|
||||
int accel_uses_host_header;
|
||||
int accel_no_pmtu_disc;
|
||||
int global_internal_static;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ int acl_uses_indirect_client;
|
||||
+ int delay_pool_uses_indirect_client;
|
||||
+ int log_uses_indirect_client;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
} onoff;
|
||||
acl *aclList;
|
||||
struct {
|
||||
***************
|
||||
*** 631,636 ****
|
||||
--- 636,644 ----
|
||||
acl_access *reply;
|
||||
acl_address *outgoing_address;
|
||||
acl_tos *outgoing_tos;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ acl_access *followXFF;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
} accessList;
|
||||
acl_deny_info_list *denyInfoList;
|
||||
struct _authConfig {
|
||||
***************
|
||||
*** 1623,1628 ****
|
||||
--- 1631,1641 ----
|
||||
unsigned int body_sent:1;
|
||||
unsigned int reset_tcp:1;
|
||||
unsigned int must_keepalive:1;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ /* XXX this flag could be eliminated;
|
||||
+ * see comments in clientAccessCheck */
|
||||
+ unsigned int done_follow_x_forwarded_for;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
};
|
||||
|
||||
struct _link_list {
|
||||
***************
|
||||
*** 1666,1671 ****
|
||||
--- 1679,1687 ----
|
||||
int max_forwards;
|
||||
/* these in_addr's could probably be sockaddr_in's */
|
||||
struct in_addr client_addr;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ struct in_addr indirect_client_addr; /* after following X-Forwarded-For */
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
struct in_addr my_addr;
|
||||
unsigned short my_port;
|
||||
HttpHeader header;
|
||||
***************
|
||||
*** 1677,1682 ****
|
||||
--- 1693,1703 ----
|
||||
const char *vary_headers; /* Used when varying entities are detected. Changes how the store key is calculated */
|
||||
BODY_HANDLER *body_reader;
|
||||
void *body_reader_data;
|
||||
+ #if FOLLOW_X_FORWARDED_FOR
|
||||
+ /* XXX a list of IP addresses would be a better data structure
|
||||
+ * than this String */
|
||||
+ String x_forwarded_for_iterator;
|
||||
+ #endif /* FOLLOW_X_FORWARDED_FOR */
|
||||
};
|
||||
|
||||
struct _cachemgr_passwd {
|
@ -1,65 +0,0 @@
|
||||
!Simulate the autotools bootstrap of the follow-x-forwarded-for patchset.
|
||||
!
|
||||
!Beware that all line number informations in configure.log greater
|
||||
!than 2972 are offset by at least -29 (correcting all line numbers would have
|
||||
!bloated the patch by 92kB!)
|
||||
--- include/autoconf.h.in.orig Sat Jan 18 02:46:11 2003
|
||||
+++ include/autoconf.h.in Thu Jun 24 13:19:07 2004
|
||||
@@ -291,6 +291,12 @@
|
||||
#define USE_IDENT 1
|
||||
|
||||
/*
|
||||
+ * Compile in support for following X-Forwarded-For headers?
|
||||
+ * Enabled by default.
|
||||
+ */
|
||||
+#define FOLLOW_X_FORWARDED_FOR 1
|
||||
+
|
||||
+/*
|
||||
* If your system has statvfs(), and if it actually works!
|
||||
*/
|
||||
#undef HAVE_STATVFS
|
||||
--- configure.orig Thu Sep 22 10:16:26 2005
|
||||
+++ configure Thu Sep 22 17:29:01 2005
|
||||
@@ -249,6 +249,12 @@
|
||||
if you build as another user who is not privileged
|
||||
to use the number of filedescriptors you want the
|
||||
resulting binary to support"
|
||||
+ac_help="$ac_help
|
||||
+ --enable-follow-x-forwarded-for
|
||||
+ Enable support for following the X-Forwarded-For
|
||||
+ HTTP header to try to find the IP address of the
|
||||
+ original or indirect client when a request has
|
||||
+ been forwarded through other proxies."
|
||||
|
||||
# Initialize some variables set by options.
|
||||
# The variables have the same names as the options, with
|
||||
@@ -3255,6 +3261,29 @@
|
||||
|
||||
fi
|
||||
|
||||
+
|
||||
+follow_xff=1
|
||||
+# Check whether --enable-follow-x-forwarded-for or --disable-follow-x-forwarded-for was given.
|
||||
+if test "${enable_follow_x_forwarded_for+set}" = set; then
|
||||
+ enableval="$enable_follow_x_forwarded_for"
|
||||
+ if test "$enableval" = "yes" ; then
|
||||
+ echo "follow X-Forwarded-For enabled"
|
||||
+ follow_xff=1
|
||||
+ fi
|
||||
+
|
||||
+fi
|
||||
+
|
||||
+if test $follow_xff = 1; then
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define FOLLOW_X_FORWARDED_FOR 1
|
||||
+EOF
|
||||
+
|
||||
+else
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define FOLLOW_X_FORWARDED_FOR 0
|
||||
+EOF
|
||||
+
|
||||
+fi
|
||||
|
||||
# Force some compilers to use ANSI features
|
||||
#
|
@ -1,422 +0,0 @@
|
||||
Patch 2 of 2 to integrate the icap-2_5 branch into the FreeBSD squid port.
|
||||
|
||||
Created by Thomas-Martin Seck <tmseck@netcologne.de>.
|
||||
|
||||
This patch simulates the autotools bootstrap necessary after applying the
|
||||
ICAP patchset.
|
||||
|
||||
Please see icap-2.5-core.patch for further information.
|
||||
|
||||
Patch last updated: 2005-12-17
|
||||
|
||||
--- configure.orig Sat Oct 22 11:56:01 2005
|
||||
+++ configure Sat Dec 17 17:45:21 2005
|
||||
@@ -70,6 +70,8 @@
|
||||
ac_help="$ac_help
|
||||
--enable-delay-pools Enable delay pools to limit bandwidth usage"
|
||||
ac_help="$ac_help
|
||||
+ --enable-icap-support Enable iCAP client capability"
|
||||
+ac_help="$ac_help
|
||||
--enable-useragent-log Enable logging of User-Agent header"
|
||||
ac_help="$ac_help
|
||||
--enable-referer-log Enable logging of Referer header"
|
||||
@@ -2170,6 +2172,38 @@
|
||||
|
||||
|
||||
|
||||
+
|
||||
+if false; then
|
||||
+ USE_ICAP_TRUE=
|
||||
+ USE_ICAP_FALSE='#'
|
||||
+else
|
||||
+ USE_ICAP_TRUE='#'
|
||||
+ USE_ICAP_FALSE=
|
||||
+fi
|
||||
+# Check whether --enable-icap-support or --disable-icap-support was given.
|
||||
+if test "${enable_icap_support+set}" = set; then
|
||||
+ enableval="$enable_icap_support"
|
||||
+ if test "$enableval" = "yes" ; then
|
||||
+ echo "ICAP support enabled"
|
||||
+ cat >> confdefs.h <<\EOF
|
||||
+#define HS_FEAT_ICAP 1
|
||||
+EOF
|
||||
+
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ USE_ICAP_TRUE=
|
||||
+ USE_ICAP_FALSE='#'
|
||||
+else
|
||||
+ USE_ICAP_TRUE='#'
|
||||
+ USE_ICAP_FALSE=
|
||||
+fi
|
||||
+ fi
|
||||
+
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
# Check whether --enable-useragent-log or --disable-useragent-log was given.
|
||||
if test "${enable_useragent_log+set}" = set; then
|
||||
enableval="$enable_useragent_log"
|
||||
@@ -7428,14 +7462,14 @@
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
- echo $ac_n "checking for main in -lpthread""... $ac_c" 1>&6
|
||||
-echo "configure:7433: checking for main in -lpthread" >&5
|
||||
+ echo $ac_n "checking for main in -pthread""... $ac_c" 1>&6
|
||||
+echo "configure:7433: checking for main in -pthread" >&5
|
||||
ac_lib_var=`echo pthread'_'main | sed 'y%./+-%__p_%'`
|
||||
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
|
||||
echo $ac_n "(cached) $ac_c" 1>&6
|
||||
else
|
||||
ac_save_LIBS="$LIBS"
|
||||
-LIBS="-lpthread $LIBS"
|
||||
+LIBS="-pthread $LIBS"
|
||||
cat > conftest.$ac_ext <<EOF
|
||||
#line 7441 "configure"
|
||||
#include "confdefs.h"
|
||||
@@ -7465,7 +7499,7 @@
|
||||
#define $ac_tr_lib 1
|
||||
EOF
|
||||
|
||||
- LIBS="-lpthread $LIBS"
|
||||
+ LIBS="-pthread $LIBS"
|
||||
|
||||
else
|
||||
echo "$ac_t""no" 1>&6
|
||||
@@ -7769,6 +7803,8 @@
|
||||
srand48 \
|
||||
srandom \
|
||||
statfs \
|
||||
+ strnstr \
|
||||
+ strcasestr \
|
||||
strtoll \
|
||||
sysconf \
|
||||
syslog \
|
||||
@@ -7898,6 +7934,50 @@
|
||||
fi
|
||||
fi
|
||||
|
||||
+
|
||||
+if false; then
|
||||
+ NEED_OWN_STRNSTR_TRUE=
|
||||
+ NEED_OWN_STRNSTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRNSTR_TRUE='#'
|
||||
+ NEED_OWN_STRNSTR_FALSE=
|
||||
+fi
|
||||
+if test "$ac_cv_func_strnstr" = "no" || test "$ac_cv_func_vstrnstr" = "no" ; then
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ NEED_OWN_STRNSTR_TRUE=
|
||||
+ NEED_OWN_STRNSTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRNSTR_TRUE='#'
|
||||
+ NEED_OWN_STRNSTR_FALSE=
|
||||
+fi
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
+if false; then
|
||||
+ NEED_OWN_STRCASESTR_TRUE=
|
||||
+ NEED_OWN_STRCASESTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRCASESTR_TRUE='#'
|
||||
+ NEED_OWN_STRCASESTR_FALSE=
|
||||
+fi
|
||||
+if test "$ac_cv_func_strcasestr" = "no" || test "$ac_cv_func_vstrcasestr" = "no"; then
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ NEED_OWN_STRCASESTR_TRUE=
|
||||
+ NEED_OWN_STRCASESTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRCASESTR_TRUE='#'
|
||||
+ NEED_OWN_STRCASESTR_FALSE=
|
||||
+fi
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
+
|
||||
echo $ac_n "checking if va_copy is implemented""... $ac_c" 1>&6
|
||||
echo "configure:7903: checking if va_copy is implemented" >&5
|
||||
if eval "test \"`echo '$''{'ac_cv_func_va_copy'+set}'`\" = set"; then
|
||||
@@ -9072,6 +9152,8 @@
|
||||
s%@ENABLE_PINGER_FALSE@%$ENABLE_PINGER_FALSE%g
|
||||
s%@USE_DELAY_POOLS_TRUE@%$USE_DELAY_POOLS_TRUE%g
|
||||
s%@USE_DELAY_POOLS_FALSE@%$USE_DELAY_POOLS_FALSE%g
|
||||
+s%@USE_ICAP_TRUE@%$USE_ICAP_TRUE%g
|
||||
+s%@USE_ICAP_FALSE@%$USE_ICAP_FALSE%g
|
||||
s%@USE_SNMP_TRUE@%$USE_SNMP_TRUE%g
|
||||
s%@USE_SNMP_FALSE@%$USE_SNMP_FALSE%g
|
||||
s%@SNMPLIB@%$SNMPLIB%g
|
||||
@@ -9118,6 +9200,10 @@
|
||||
s%@LIB_LBER@%$LIB_LBER%g
|
||||
s%@NEED_OWN_SNPRINTF_TRUE@%$NEED_OWN_SNPRINTF_TRUE%g
|
||||
s%@NEED_OWN_SNPRINTF_FALSE@%$NEED_OWN_SNPRINTF_FALSE%g
|
||||
+s%@NEED_OWN_STRNSTR_TRUE@%$NEED_OWN_STRNSTR_TRUE%g
|
||||
+s%@NEED_OWN_STRNSTR_FALSE@%$NEED_OWN_STRNSTR_FALSE%g
|
||||
+s%@NEED_OWN_STRCASESTR_TRUE@%$NEED_OWN_STRCASESTR_TRUE%g
|
||||
+s%@NEED_OWN_STRCASESTR_FALSE@%$NEED_OWN_STRCASESTR_FALSE%g
|
||||
s%@REGEXLIB@%$REGEXLIB%g
|
||||
s%@LIBREGEX@%$LIBREGEX%g
|
||||
s%@LIBOBJS@%$LIBOBJS%g
|
||||
--- include/autoconf.h.in.orig Tue Sep 13 02:12:34 2005
|
||||
+++ include/autoconf.h.in Sat Dec 17 17:45:21 2005
|
||||
@@ -124,6 +124,11 @@
|
||||
*/
|
||||
#undef DELAY_POOLS
|
||||
|
||||
+/*
|
||||
+ * ICAP - Internet Content Adaptation Protocol
|
||||
+ */
|
||||
+#undef HS_FEAT_ICAP
|
||||
+
|
||||
/*
|
||||
* If you want to log User-Agent request header values, define this.
|
||||
* By default, they are written to useragent.log in the Squid log
|
||||
@@ -574,6 +579,12 @@
|
||||
|
||||
/* Define if you have the statfs function. */
|
||||
#undef HAVE_STATFS
|
||||
+
|
||||
+/* Define if you have the strcasestr function. */
|
||||
+#undef HAVE_STRCASESTR
|
||||
+
|
||||
+/* Define if you have the strnstr function. */
|
||||
+#undef HAVE_STRNSTR
|
||||
|
||||
/* Define if you have the strerror function. */
|
||||
#undef HAVE_STRERROR
|
||||
--- lib/Makefile.in.orig Wed Sep 28 22:57:20 2005
|
||||
+++ lib/Makefile.in Sat Dec 17 17:45:21 2005
|
||||
@@ -123,6 +123,13 @@
|
||||
|
||||
@NEED_OWN_SNPRINTF_TRUE@SNPRINTFSOURCE = snprintf.c
|
||||
@NEED_OWN_SNPRINTF_FALSE@SNPRINTFSOURCE =
|
||||
+
|
||||
+@NEED_OWN_STRNSTR_TRUE@STRNSTRSOURCE = strnstr.c
|
||||
+@NEED_OWN_STRNSTR_FALSE@STRNSTRSOURCE =
|
||||
+
|
||||
+@NEED_OWN_STRCASESTR_TRUE@STRCASESTRSOURCE = strcasestr.c
|
||||
+@NEED_OWN_STRCASESTR_FALSE@STRCASESTRSOURCE =
|
||||
+
|
||||
@NEED_OWN_MD5_TRUE@MD5SOURCE = md5.c
|
||||
@NEED_OWN_MD5_FALSE@MD5SOURCE =
|
||||
|
||||
@@ -158,6 +165,8 @@
|
||||
$(SNPRINTFSOURCE) \
|
||||
splay.c \
|
||||
Stack.c \
|
||||
+ $(STRNSTRSOURCE) \
|
||||
+ $(STRCASESTRSOURCE) \
|
||||
stub_memaccount.c \
|
||||
util.c \
|
||||
uudecode.c
|
||||
@@ -196,13 +205,18 @@
|
||||
@NEED_OWN_MD5_FALSE@am__objects_1 =
|
||||
@NEED_OWN_SNPRINTF_FALSE@am__objects_2 =
|
||||
@NEED_OWN_SNPRINTF_TRUE@am__objects_2 = snprintf.$(OBJEXT)
|
||||
+@NEED_OWN_STRNSTR_FALSE@am__objects_3 =
|
||||
+@NEED_OWN_STRNSTR_TRUE@am__objects_3 = strnstr.$(OBJEXT)
|
||||
+@NEED_OWN_STRCASESTR_TRUE@am__objects_4 = strcasestr.$(OBJEXT)
|
||||
+@NEED_OWN_STRCASESTR_FALSE@am__objects_4 =
|
||||
am_libmiscutil_a_OBJECTS = Array.$(OBJEXT) base64.$(OBJEXT) \
|
||||
getfullhostname.$(OBJEXT) hash.$(OBJEXT) heap.$(OBJEXT) \
|
||||
html_quote.$(OBJEXT) iso3307.$(OBJEXT) $(am__objects_1) \
|
||||
radix.$(OBJEXT) rfc1035.$(OBJEXT) rfc1123.$(OBJEXT) \
|
||||
rfc1738.$(OBJEXT) rfc2617.$(OBJEXT) safe_inet_addr.$(OBJEXT) \
|
||||
$(am__objects_2) splay.$(OBJEXT) Stack.$(OBJEXT) \
|
||||
- stub_memaccount.$(OBJEXT) util.$(OBJEXT) uudecode.$(OBJEXT)
|
||||
+ $(am__objects_3) $(am__objects_4) stub_memaccount.$(OBJEXT) \
|
||||
+ util.$(OBJEXT) uudecode.$(OBJEXT)
|
||||
libmiscutil_a_OBJECTS = $(am_libmiscutil_a_OBJECTS)
|
||||
libntlmauth_a_AR = $(AR) cru
|
||||
libntlmauth_a_DEPENDENCIES = @LIBOBJS@
|
||||
@@ -224,15 +238,16 @@
|
||||
@AMDEP_TRUE@ $(DEPDIR)/dlmalloc.Po $(DEPDIR)/drand48.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/getfullhostname.Po $(DEPDIR)/hash.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/heap.Po $(DEPDIR)/html_quote.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/initgroups.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/iso3307.Po $(DEPDIR)/md5.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/ntlmauth.Po $(DEPDIR)/radix.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/rfc1035.Po $(DEPDIR)/rfc1123.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/rfc1738.Po $(DEPDIR)/rfc2617.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/safe_inet_addr.Po $(DEPDIR)/snprintf.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/splay.Po $(DEPDIR)/strerror.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/stub_memaccount.Po $(DEPDIR)/tempnam.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/util.Po $(DEPDIR)/uudecode.Po
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/iso3307.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/md5.Po $(DEPDIR)/ntlmauth.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/radix.Po $(DEPDIR)/rfc1035.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/rfc1123.Po $(DEPDIR)/rfc1738.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/rfc2617.Po $(DEPDIR)/safe_inet_addr.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/snprintf.Po $(DEPDIR)/splay.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/strcasestr.Po $(DEPDIR)/strerror.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/strnstr.Po $(DEPDIR)/stub_memaccount.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/tempnam.Po $(DEPDIR)/util.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/uudecode.Po
|
||||
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
|
||||
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
|
||||
CCLD = $(CC)
|
||||
@@ -241,8 +256,8 @@
|
||||
DIST_SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) \
|
||||
$(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) \
|
||||
$(libregex_a_SOURCES)
|
||||
-DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c \
|
||||
- initgroups.c strerror.c tempnam.c
|
||||
+DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c strerror.c \
|
||||
+ tempnam.c
|
||||
SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) $(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) $(libregex_a_SOURCES)
|
||||
|
||||
all: all-am
|
||||
@@ -295,7 +310,6 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/heap.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/html_quote.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_ntoa.Po@am__quote@
|
||||
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/initgroups.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/iso3307.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/md5.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ntlmauth.Po@am__quote@
|
||||
@@ -307,7 +321,9 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/safe_inet_addr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/snprintf.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/splay.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strcasestr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strerror.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strnstr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/stub_memaccount.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tempnam.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/util.Po@am__quote@
|
||||
--- src/Makefile.in.orig Wed Sep 28 22:57:21 2005
|
||||
+++ src/Makefile.in Sat Dec 17 17:45:21 2005
|
||||
@@ -125,6 +125,9 @@
|
||||
install_sh = @install_sh@
|
||||
makesnmplib = @makesnmplib@
|
||||
|
||||
+@USE_ICAP_TRUE@ICAPSOURCE = icap_common.c icap_reqmod.c icap_respmod.c icap_opt.c
|
||||
+@USE_ICAP_FALSE@ICAPSOURCE =
|
||||
+
|
||||
@USE_DNSSERVER_TRUE@DNSSOURCE = dns.c
|
||||
@USE_DNSSERVER_FALSE@DNSSOURCE = dns_internal.c
|
||||
@USE_DNSSERVER_TRUE@DNSSERVER = dnsserver
|
||||
@@ -249,6 +252,7 @@
|
||||
HttpMsg.c \
|
||||
HttpReply.c \
|
||||
HttpRequest.c \
|
||||
+ $(ICAPSOURCE) \
|
||||
icmp.c \
|
||||
icp_v2.c \
|
||||
icp_v3.c \
|
||||
@@ -468,54 +472,58 @@
|
||||
pinger_LDADD = $(LDADD)
|
||||
pinger_DEPENDENCIES =
|
||||
pinger_LDFLAGS =
|
||||
-@USE_DELAY_POOLS_TRUE@am__objects_3 = delay_pools.$(OBJEXT)
|
||||
-@USE_DELAY_POOLS_FALSE@am__objects_3 =
|
||||
-@USE_DNSSERVER_FALSE@am__objects_4 = dns_internal.$(OBJEXT)
|
||||
-@USE_DNSSERVER_TRUE@am__objects_4 = dns.$(OBJEXT)
|
||||
-@ENABLE_HTCP_TRUE@am__objects_5 = htcp.$(OBJEXT)
|
||||
-@MAKE_LEAKFINDER_FALSE@am__objects_6 =
|
||||
-@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
|
||||
-@USE_SNMP_TRUE@am__objects_7 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
|
||||
-@USE_SNMP_FALSE@am__objects_7 =
|
||||
-@ENABLE_SSL_TRUE@am__objects_8 = ssl_support.$(OBJEXT)
|
||||
-@ENABLE_SSL_FALSE@am__objects_8 =
|
||||
-@ENABLE_UNLINKD_FALSE@am__objects_9 =
|
||||
-@ENABLE_UNLINKD_TRUE@am__objects_9 = unlinkd.$(OBJEXT)
|
||||
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_10 = win32.$(OBJEXT)
|
||||
-@ENABLE_WIN32SPECIFIC_FALSE@am__objects_10 =
|
||||
+@USE_DELAY_POOLS_FALSE@am__objects_5 =
|
||||
+@USE_DELAY_POOLS_TRUE@am__objects_5 = delay_pools.$(OBJEXT)
|
||||
+@USE_DNSSERVER_FALSE@am__objects_6 = dns_internal.$(OBJEXT)
|
||||
+@USE_DNSSERVER_TRUE@am__objects_6 = dns.$(OBJEXT)
|
||||
+@ENABLE_HTCP_TRUE@am__objects_7 = htcp.$(OBJEXT)
|
||||
+@USE_ICAP_TRUE@am__objects_8 = icap_common.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@ icap_reqmod.$(OBJEXT) icap_respmod.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@ icap_opt.$(OBJEXT)
|
||||
+@USE_ICAP_FALSE@am__objects_8 =
|
||||
+@MAKE_LEAKFINDER_TRUE@am__objects_9 = leakfinder.$(OBJEXT)
|
||||
+@MAKE_LEAKFINDER_FALSE@am__objects_9 =
|
||||
+@USE_SNMP_TRUE@am__objects_10 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
|
||||
+@USE_SNMP_FALSE@am__objects_10 =
|
||||
+@ENABLE_SSL_FALSE@am__objects_11 =
|
||||
+@ENABLE_SSL_TRUE@am__objects_11 = ssl_support.$(OBJEXT)
|
||||
+@ENABLE_UNLINKD_TRUE@am__objects_12 = unlinkd.$(OBJEXT)
|
||||
+@ENABLE_UNLINKD_FALSE@am__objects_12 =
|
||||
+@ENABLE_WIN32SPECIFIC_FALSE@am__objects_13 =
|
||||
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_13 = win32.$(OBJEXT)
|
||||
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) asn.$(OBJEXT) \
|
||||
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) CacheDigest.$(OBJEXT) \
|
||||
cache_manager.$(OBJEXT) carp.$(OBJEXT) cbdata.$(OBJEXT) \
|
||||
client_db.$(OBJEXT) client_side.$(OBJEXT) comm.$(OBJEXT) \
|
||||
- comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_3) \
|
||||
- disk.$(OBJEXT) $(am__objects_4) errorpage.$(OBJEXT) \
|
||||
+ comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_5) \
|
||||
+ disk.$(OBJEXT) $(am__objects_6) errorpage.$(OBJEXT) \
|
||||
ETag.$(OBJEXT) event.$(OBJEXT) external_acl.$(OBJEXT) \
|
||||
fd.$(OBJEXT) filemap.$(OBJEXT) forward.$(OBJEXT) \
|
||||
fqdncache.$(OBJEXT) ftp.$(OBJEXT) gopher.$(OBJEXT) \
|
||||
- helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \
|
||||
+ helper.$(OBJEXT) $(am__objects_7) http.$(OBJEXT) \
|
||||
HttpStatusLine.$(OBJEXT) HttpHdrCc.$(OBJEXT) \
|
||||
HttpHdrRange.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \
|
||||
HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \
|
||||
HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) HttpReply.$(OBJEXT) \
|
||||
- HttpRequest.$(OBJEXT) icmp.$(OBJEXT) icp_v2.$(OBJEXT) \
|
||||
- icp_v3.$(OBJEXT) ident.$(OBJEXT) internal.$(OBJEXT) \
|
||||
- ipc.$(OBJEXT) ipcache.$(OBJEXT) $(am__objects_6) \
|
||||
- logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
|
||||
+ HttpRequest.$(OBJEXT) $(am__objects_8) icmp.$(OBJEXT) \
|
||||
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) ident.$(OBJEXT) \
|
||||
+ internal.$(OBJEXT) ipc.$(OBJEXT) ipcache.$(OBJEXT) \
|
||||
+ $(am__objects_9) logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
|
||||
MemPool.$(OBJEXT) MemBuf.$(OBJEXT) mime.$(OBJEXT) \
|
||||
multicast.$(OBJEXT) neighbors.$(OBJEXT) net_db.$(OBJEXT) \
|
||||
Packer.$(OBJEXT) pconn.$(OBJEXT) peer_digest.$(OBJEXT) \
|
||||
peer_select.$(OBJEXT) redirect.$(OBJEXT) referer.$(OBJEXT) \
|
||||
- refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_7) \
|
||||
- ssl.$(OBJEXT) $(am__objects_8) stat.$(OBJEXT) \
|
||||
+ refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_10) \
|
||||
+ ssl.$(OBJEXT) $(am__objects_11) stat.$(OBJEXT) \
|
||||
StatHist.$(OBJEXT) String.$(OBJEXT) stmem.$(OBJEXT) \
|
||||
store.$(OBJEXT) store_io.$(OBJEXT) store_client.$(OBJEXT) \
|
||||
store_digest.$(OBJEXT) store_dir.$(OBJEXT) \
|
||||
store_key_md5.$(OBJEXT) store_log.$(OBJEXT) \
|
||||
store_rebuild.$(OBJEXT) store_swapin.$(OBJEXT) \
|
||||
store_swapmeta.$(OBJEXT) store_swapout.$(OBJEXT) \
|
||||
- tools.$(OBJEXT) $(am__objects_9) url.$(OBJEXT) urn.$(OBJEXT) \
|
||||
+ tools.$(OBJEXT) $(am__objects_12) url.$(OBJEXT) urn.$(OBJEXT) \
|
||||
useragent.$(OBJEXT) wais.$(OBJEXT) wccp.$(OBJEXT) \
|
||||
- whois.$(OBJEXT) $(am__objects_10)
|
||||
+ whois.$(OBJEXT) $(am__objects_13)
|
||||
nodist_squid_OBJECTS = repl_modules.$(OBJEXT) auth_modules.$(OBJEXT) \
|
||||
store_modules.$(OBJEXT) globals.$(OBJEXT) \
|
||||
string_arrays.$(OBJEXT)
|
||||
@@ -563,7 +571,9 @@
|
||||
@AMDEP_TRUE@ $(DEPDIR)/fqdncache.Po $(DEPDIR)/ftp.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/globals.Po $(DEPDIR)/gopher.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/helper.Po $(DEPDIR)/htcp.Po \
|
||||
-@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icmp.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icap_common.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/icap_opt.Po $(DEPDIR)/icap_reqmod.Po \
|
||||
+@AMDEP_TRUE@ $(DEPDIR)/icap_respmod.Po $(DEPDIR)/icmp.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/icp_v2.Po $(DEPDIR)/icp_v3.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/ident.Po $(DEPDIR)/internal.Po \
|
||||
@AMDEP_TRUE@ $(DEPDIR)/ipc.Po $(DEPDIR)/ipcache.Po \
|
||||
@@ -777,6 +787,10 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/helper.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/htcp.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/http.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_common.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_opt.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_reqmod.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_respmod.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icmp.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v2.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v3.Po@am__quote@
|
File diff suppressed because it is too large
Load Diff
470
www/squid31/files/icap-2.6-bootstrap.patch
Normal file
470
www/squid31/files/icap-2.6-bootstrap.patch
Normal file
@ -0,0 +1,470 @@
|
||||
Patch 2 of 2 to integrate the icap-2_6 branch into the FreeBSD squid port.
|
||||
|
||||
Created by Thomas-Martin Seck <tmseck@netcologne.de>.
|
||||
|
||||
This patch simulates the autotools bootstrap necessary after applying the
|
||||
ICAP patchset.
|
||||
|
||||
Please see icap-2.6-core.patch for further information.
|
||||
|
||||
Patch last updated: 2006-11-04
|
||||
|
||||
--- configure.orig Sat Nov 4 16:28:41 2006
|
||||
+++ configure Sat Nov 4 16:31:58 2006
|
||||
@@ -312,7 +312,7 @@
|
||||
# include <unistd.h>
|
||||
#endif"
|
||||
|
||||
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE build build_cpu build_vendor build_os host host_cpu host_vendor host_os PKGCONFIG CGIEXT ENABLE_WIN32SPECIFIC_TRUE ENABLE_WIN32SPECIFIC_FALSE ENABLE_MINGW32SPECIFIC_TRUE ENABLE_MINGW32SPECIFIC_FALSE WIN32_PSAPI CACHE_HTTP_PORT CACHE_ICP_PORT LIBDLMALLOC LIB_MALLOC STORE_OBJS STORE_LIBS STORE_MODULES NEED_DISKD_TRUE NEED_DISKD_FALSE USE_AIOPS_WIN32_TRUE USE_AIOPS_WIN32_FALSE NEED_COSSDUMP_TRUE NEED_COSSDUMP_FALSE REPL_POLICIES REPL_OBJS REPL_LIBS ENABLE_PINGER_TRUE ENABLE_PINGER_FALSE USE_DELAY_POOLS_TRUE USE_DELAY_POOLS_FALSE USE_SNMP_TRUE USE_SNMP_FALSE SNMPLIB makesnmplib ENABLE_HTCP_TRUE ENABLE_HTCP_FALSE ENABLE_SSL_TRUE ENABLE_SSL_FALSE NEED_OWN_MD5_TRUE NEED_OWN_MD5_FALSE SSLLIB ERR_DEFAULT_LANGUAGE ERR_LANGUAGES MAKE_LEAKFINDER_TRUE MAKE_LEAKFINDER_FALSE USE_DNSSERVER_TRUE USE_DNSSERVER_FALSE OPT_DEFAULT_HOSTS AUTH_MODULES AUTH_OBJS AUTH_LIBS BASIC_AUTH_HELPERS NTLM_AUTH_HELPERS DIGEST_AUTH_HELPERS NEGOTIATE_AUTH_HELPERS EXTERNAL_ACL_HELPERS CPP EGREP LIBSASL ENABLE_UNLINKD_TRUE ENABLE_UNLINKD_FALSE RANLIB ac_ct_RANLIB LN_S SH FALSE TRUE RM MV MKDIR LN PERL AR AR_R ALLOCA CRYPTLIB LIB_EPOLL LIB_LDAP LIB_LBER LIB_DB USE_POLL_TRUE USE_POLL_FALSE USE_EPOLL_TRUE USE_EPOLL_FALSE USE_SELECT_TRUE USE_SELECT_FALSE USE_SELECT_SIMPLE_TRUE USE_SELECT_SIMPLE_FALSE USE_SELECT_WIN32_TRUE USE_SELECT_WIN32_FALSE USE_KQUEUE_TRUE USE_KQUEUE_FALSE NEED_OWN_SNPRINTF_TRUE NEED_OWN_SNPRINTF_FALSE NEED_OWN_STRSEP_TRUE NEED_OWN_STRSEP_FALSE REGEXLIB LIBREGEX LIBOBJS XTRA_OBJS XTRA_LIBS LTLIBOBJS'
|
||||
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE build build_cpu build_vendor build_os host host_cpu host_vendor host_os PKGCONFIG CGIEXT ENABLE_WIN32SPECIFIC_TRUE ENABLE_WIN32SPECIFIC_FALSE ENABLE_MINGW32SPECIFIC_TRUE ENABLE_MINGW32SPECIFIC_FALSE WIN32_PSAPI CACHE_HTTP_PORT CACHE_ICP_PORT LIBDLMALLOC LIB_MALLOC STORE_OBJS STORE_LIBS STORE_MODULES NEED_DISKD_TRUE NEED_DISKD_FALSE USE_AIOPS_WIN32_TRUE USE_AIOPS_WIN32_FALSE NEED_COSSDUMP_TRUE NEED_COSSDUMP_FALSE REPL_POLICIES REPL_OBJS REPL_LIBS ENABLE_PINGER_TRUE ENABLE_PINGER_FALSE USE_DELAY_POOLS_TRUE USE_DELAY_POOLS_FALSE USE_ICAP_TRUE USE_ICAP_FALSE USE_SNMP_TRUE USE_SNMP_FALSE SNMPLIB makesnmplib ENABLE_HTCP_TRUE ENABLE_HTCP_FALSE ENABLE_SSL_TRUE ENABLE_SSL_FALSE NEED_OWN_MD5_TRUE NEED_OWN_MD5_FALSE SSLLIB ERR_DEFAULT_LANGUAGE ERR_LANGUAGES MAKE_LEAKFINDER_TRUE MAKE_LEAKFINDER_FALSE USE_DNSSERVER_TRUE USE_DNSSERVER_FALSE OPT_DEFAULT_HOSTS AUTH_MODULES AUTH_OBJS AUTH_LIBS BASIC_AUTH_HELPERS NTLM_AUTH_HELPERS DIGEST_AUTH_HELPERS NEGOTIATE_AUTH_HELPERS EXTERNAL_ACL_HELPERS CPP EGREP LIBSASL ENABLE_UNLINKD_TRUE ENABLE_UNLINKD_FALSE RANLIB ac_ct_RANLIB LN_S SH FALSE TRUE RM MV MKDIR LN PERL AR AR_R ALLOCA CRYPTLIB LIB_EPOLL LIB_LDAP LIB_LBER LIB_DB USE_POLL_TRUE USE_POLL_FALSE USE_EPOLL_TRUE USE_EPOLL_FALSE USE_SELECT_TRUE USE_SELECT_FALSE USE_SELECT_SIMPLE_TRUE USE_SELECT_SIMPLE_FALSE USE_SELECT_WIN32_TRUE USE_SELECT_WIN32_FALSE USE_KQUEUE_TRUE USE_KQUEUE_FALSE NEED_OWN_SNPRINTF_TRUE NEED_OWN_SNPRINTF_FALSE NEED_OWN_STRNSTR_TRUE NEED_OWN_STRNSTR_FALSE NEED_OWN_STRCASESTR_TRUE NEED_OWN_STRCASESTR_FALSE NEED_OWN_STRSEP_TRUE NEED_OWN_STRSEP_FALSE REGEXLIB LIBREGEX LIBOBJS XTRA_OBJS XTRA_LIBS LTLIBOBJS'
|
||||
ac_subst_files=''
|
||||
|
||||
# Initialize some variables set by options.
|
||||
@@ -890,6 +890,7 @@
|
||||
to build your custom policy
|
||||
--enable-icmp Enable ICMP pinging
|
||||
--enable-delay-pools Enable delay pools to limit bandwidth usage
|
||||
+ --enable-icap-support Enable ICAP client capability
|
||||
--enable-useragent-log Enable logging of User-Agent header
|
||||
--enable-referer-log Enable logging of Referer header
|
||||
--disable-wccp Disable Web Cache Coordination V1 Protocol
|
||||
@@ -3954,6 +3955,40 @@
|
||||
fi;
|
||||
|
||||
|
||||
+
|
||||
+if false; then
|
||||
+ USE_ICAP_TRUE=
|
||||
+ USE_ICAP_FALSE='#'
|
||||
+else
|
||||
+ USE_ICAP_TRUE='#'
|
||||
+ USE_ICAP_FALSE=
|
||||
+fi
|
||||
+
|
||||
+# Check whether --enable-icap-support or --disable-icap-support was given.
|
||||
+if test "${enable_icap_support+set}" = set; then
|
||||
+ enableval="$enable_icap_support"
|
||||
+ if test "$enableval" = "yes" ; then
|
||||
+ echo "ICAP support enabled"
|
||||
+
|
||||
+cat >>confdefs.h <<\_ACEOF
|
||||
+#define HS_FEAT_ICAP 1
|
||||
+_ACEOF
|
||||
+
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ USE_ICAP_TRUE=
|
||||
+ USE_ICAP_FALSE='#'
|
||||
+else
|
||||
+ USE_ICAP_TRUE='#'
|
||||
+ USE_ICAP_FALSE=
|
||||
+fi
|
||||
+
|
||||
+ fi
|
||||
+
|
||||
+fi;
|
||||
+
|
||||
+
|
||||
# Check whether --enable-useragent-log or --disable-useragent-log was given.
|
||||
if test "${enable_useragent_log+set}" = set; then
|
||||
enableval="$enable_useragent_log"
|
||||
@@ -15923,6 +15958,8 @@
|
||||
|
||||
|
||||
|
||||
+
|
||||
+
|
||||
for ac_func in \
|
||||
bcopy \
|
||||
backtrace_symbols_fd \
|
||||
@@ -15971,6 +16008,8 @@
|
||||
srand48 \
|
||||
srandom \
|
||||
statfs \
|
||||
+ strnstr \
|
||||
+ strcasestr \
|
||||
strsep \
|
||||
strtoll \
|
||||
sysconf \
|
||||
@@ -16430,6 +16469,52 @@
|
||||
|
||||
|
||||
if false; then
|
||||
+ NEED_OWN_STRNSTR_TRUE=
|
||||
+ NEED_OWN_STRNSTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRNSTR_TRUE='#'
|
||||
+ NEED_OWN_STRNSTR_FALSE=
|
||||
+fi
|
||||
+
|
||||
+if test "$ac_cv_func_strnstr" = "no" || test "$ac_cv_func_vstrnstr" = "no" ; then
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ NEED_OWN_STRNSTR_TRUE=
|
||||
+ NEED_OWN_STRNSTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRNSTR_TRUE='#'
|
||||
+ NEED_OWN_STRNSTR_FALSE=
|
||||
+fi
|
||||
+
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
+if false; then
|
||||
+ NEED_OWN_STRCASESTR_TRUE=
|
||||
+ NEED_OWN_STRCASESTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRCASESTR_TRUE='#'
|
||||
+ NEED_OWN_STRCASESTR_FALSE=
|
||||
+fi
|
||||
+
|
||||
+if test "$ac_cv_func_strcasestr" = "no" || test "$ac_cv_func_vstrcasestr" = "no"; then
|
||||
+
|
||||
+
|
||||
+if true; then
|
||||
+ NEED_OWN_STRCASESTR_TRUE=
|
||||
+ NEED_OWN_STRCASESTR_FALSE='#'
|
||||
+else
|
||||
+ NEED_OWN_STRCASESTR_TRUE='#'
|
||||
+ NEED_OWN_STRCASESTR_FALSE=
|
||||
+fi
|
||||
+
|
||||
+fi
|
||||
+
|
||||
+
|
||||
+
|
||||
+if false; then
|
||||
NEED_OWN_STRSEP_TRUE=
|
||||
NEED_OWN_STRSEP_FALSE='#'
|
||||
else
|
||||
@@ -17947,6 +18032,20 @@
|
||||
Usually this means the macro was only invoked conditionally." >&2;}
|
||||
{ (exit 1); exit 1; }; }
|
||||
fi
|
||||
+if test -z "${USE_ICAP_TRUE}" && test -z "${USE_ICAP_FALSE}"; then
|
||||
+ { { echo "$as_me:$LINENO: error: conditional \"USE_ICAP\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&5
|
||||
+echo "$as_me: error: conditional \"USE_ICAP\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&2;}
|
||||
+ { (exit 1); exit 1; }; }
|
||||
+fi
|
||||
+if test -z "${USE_ICAP_TRUE}" && test -z "${USE_ICAP_FALSE}"; then
|
||||
+ { { echo "$as_me:$LINENO: error: conditional \"USE_ICAP\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&5
|
||||
+echo "$as_me: error: conditional \"USE_ICAP\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&2;}
|
||||
+ { (exit 1); exit 1; }; }
|
||||
+fi
|
||||
if test -z "${USE_SNMP_TRUE}" && test -z "${USE_SNMP_FALSE}"; then
|
||||
{ { echo "$as_me:$LINENO: error: conditional \"USE_SNMP\" was never defined.
|
||||
Usually this means the macro was only invoked conditionally." >&5
|
||||
@@ -18101,6 +18200,34 @@
|
||||
Usually this means the macro was only invoked conditionally." >&2;}
|
||||
{ (exit 1); exit 1; }; }
|
||||
fi
|
||||
+if test -z "${NEED_OWN_STRNSTR_TRUE}" && test -z "${NEED_OWN_STRNSTR_FALSE}"; then
|
||||
+ { { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRNSTR\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&5
|
||||
+echo "$as_me: error: conditional \"NEED_OWN_STRNSTR\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&2;}
|
||||
+ { (exit 1); exit 1; }; }
|
||||
+fi
|
||||
+if test -z "${NEED_OWN_STRNSTR_TRUE}" && test -z "${NEED_OWN_STRNSTR_FALSE}"; then
|
||||
+ { { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRNSTR\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&5
|
||||
+echo "$as_me: error: conditional \"NEED_OWN_STRNSTR\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&2;}
|
||||
+ { (exit 1); exit 1; }; }
|
||||
+fi
|
||||
+if test -z "${NEED_OWN_STRCASESTR_TRUE}" && test -z "${NEED_OWN_STRCASESTR_FALSE}"; then
|
||||
+ { { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRCASESTR\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&5
|
||||
+echo "$as_me: error: conditional \"NEED_OWN_STRCASESTR\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&2;}
|
||||
+ { (exit 1); exit 1; }; }
|
||||
+fi
|
||||
+if test -z "${NEED_OWN_STRCASESTR_TRUE}" && test -z "${NEED_OWN_STRCASESTR_FALSE}"; then
|
||||
+ { { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRCASESTR\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&5
|
||||
+echo "$as_me: error: conditional \"NEED_OWN_STRCASESTR\" was never defined.
|
||||
+Usually this means the macro was only invoked conditionally." >&2;}
|
||||
+ { (exit 1); exit 1; }; }
|
||||
+fi
|
||||
if test -z "${NEED_OWN_STRSEP_TRUE}" && test -z "${NEED_OWN_STRSEP_FALSE}"; then
|
||||
{ { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRSEP\" was never defined.
|
||||
Usually this means the macro was only invoked conditionally." >&5
|
||||
@@ -18766,6 +18893,8 @@
|
||||
s,@ENABLE_PINGER_FALSE@,$ENABLE_PINGER_FALSE,;t t
|
||||
s,@USE_DELAY_POOLS_TRUE@,$USE_DELAY_POOLS_TRUE,;t t
|
||||
s,@USE_DELAY_POOLS_FALSE@,$USE_DELAY_POOLS_FALSE,;t t
|
||||
+s,@USE_ICAP_TRUE@,$USE_ICAP_TRUE,;t t
|
||||
+s,@USE_ICAP_FALSE@,$USE_ICAP_FALSE,;t t
|
||||
s,@USE_SNMP_TRUE@,$USE_SNMP_TRUE,;t t
|
||||
s,@USE_SNMP_FALSE@,$USE_SNMP_FALSE,;t t
|
||||
s,@SNMPLIB@,$SNMPLIB,;t t
|
||||
@@ -18599,6 +18728,10 @@
|
||||
s,@USE_KQUEUE_FALSE@,$USE_KQUEUE_FALSE,;t t
|
||||
s,@NEED_OWN_SNPRINTF_TRUE@,$NEED_OWN_SNPRINTF_TRUE,;t t
|
||||
s,@NEED_OWN_SNPRINTF_FALSE@,$NEED_OWN_SNPRINTF_FALSE,;t t
|
||||
+s,@NEED_OWN_STRNSTR_TRUE@,$NEED_OWN_STRNSTR_TRUE,;t t
|
||||
+s,@NEED_OWN_STRNSTR_FALSE@,$NEED_OWN_STRNSTR_FALSE,;t t
|
||||
+s,@NEED_OWN_STRCASESTR_TRUE@,$NEED_OWN_STRCASESTR_TRUE,;t t
|
||||
+s,@NEED_OWN_STRCASESTR_FALSE@,$NEED_OWN_STRCASESTR_FALSE,;t t
|
||||
s,@NEED_OWN_STRSEP_TRUE@,$NEED_OWN_STRSEP_TRUE,;t t
|
||||
s,@NEED_OWN_STRSEP_FALSE@,$NEED_OWN_STRSEP_FALSE,;t t
|
||||
s,@REGEXLIB@,$REGEXLIB,;t t
|
||||
--- include/autoconf.h.in.orig Wed Jul 12 17:00:31 2006
|
||||
+++ include/autoconf.h.in Sat Aug 5 16:18:25 2006
|
||||
@@ -454,6 +454,9 @@
|
||||
/* Define to 1 if you have the <stdlib.h> header file. */
|
||||
#undef HAVE_STDLIB_H
|
||||
|
||||
+/* Define to 1 if you have the `strcasestr' function. */
|
||||
+#undef HAVE_STRCASESTR
|
||||
+
|
||||
/* Define to 1 if you have the `strerror' function. */
|
||||
#undef HAVE_STRERROR
|
||||
|
||||
@@ -463,6 +466,9 @@
|
||||
/* Define to 1 if you have the <string.h> header file. */
|
||||
#undef HAVE_STRING_H
|
||||
|
||||
+/* Define to 1 if you have the `strnstr' function. */
|
||||
+#undef HAVE_STRNSTR
|
||||
+
|
||||
/* Define to 1 if you have the `strsep' function. */
|
||||
#undef HAVE_STRSEP
|
||||
|
||||
@@ -587,6 +593,9 @@
|
||||
|
||||
/* Some systems support __va_copy */
|
||||
#undef HAVE___VA_COPY
|
||||
+
|
||||
+/* Content filtering via ICAP servers. */
|
||||
+#undef HS_FEAT_ICAP
|
||||
|
||||
/* By default (for now anyway) Squid includes options which allows the cache
|
||||
administrator to violate the HTTP protocol specification in terms of cache
|
||||
--- lib/Makefile.in.orig Fri Sep 22 11:09:48 2006
|
||||
+++ lib/Makefile.in Sat Sep 19 20:05:28 2006
|
||||
@@ -62,20 +62,23 @@
|
||||
am__libmiscutil_a_SOURCES_DIST = Array.c base64.c getfullhostname.c \
|
||||
hash.c heap.c html_quote.c iso3307.c md5.c radix.c rfc1035.c \
|
||||
rfc1123.c rfc1738.c rfc2617.c safe_inet_addr.c snprintf.c \
|
||||
- splay.c Stack.c strsep.c stub_memaccount.c util.c uudecode.c \
|
||||
- win32lib.c
|
||||
+ splay.c Stack.c strnstr.c strcasestr.c strsep.c \
|
||||
+ stub_memaccount.c util.c uudecode.c win32lib.c
|
||||
@NEED_OWN_MD5_TRUE@am__objects_1 = md5.$(OBJEXT)
|
||||
@NEED_OWN_SNPRINTF_TRUE@am__objects_2 = snprintf.$(OBJEXT)
|
||||
-@NEED_OWN_STRSEP_TRUE@am__objects_3 = strsep.$(OBJEXT)
|
||||
-@ENABLE_MINGW32SPECIFIC_TRUE@am__objects_4 = win32lib.$(OBJEXT)
|
||||
+@NEED_OWN_STRNSTR_TRUE@am__objects_3 = strnstr.$(OBJEXT)
|
||||
+@NEED_OWN_STRCASESTR_TRUE@am__objects_4 = strcasestr.$(OBJEXT)
|
||||
+@NEED_OWN_STRSEP_TRUE@am__objects_5 = strsep.$(OBJEXT)
|
||||
+@ENABLE_MINGW32SPECIFIC_TRUE@am__objects_6 = win32lib.$(OBJEXT)
|
||||
am_libmiscutil_a_OBJECTS = Array.$(OBJEXT) base64.$(OBJEXT) \
|
||||
getfullhostname.$(OBJEXT) hash.$(OBJEXT) heap.$(OBJEXT) \
|
||||
html_quote.$(OBJEXT) iso3307.$(OBJEXT) $(am__objects_1) \
|
||||
radix.$(OBJEXT) rfc1035.$(OBJEXT) rfc1123.$(OBJEXT) \
|
||||
rfc1738.$(OBJEXT) rfc2617.$(OBJEXT) safe_inet_addr.$(OBJEXT) \
|
||||
$(am__objects_2) splay.$(OBJEXT) Stack.$(OBJEXT) \
|
||||
- $(am__objects_3) stub_memaccount.$(OBJEXT) util.$(OBJEXT) \
|
||||
- uudecode.$(OBJEXT) $(am__objects_4)
|
||||
+ $(am__objects_3) $(am__objects_4) $(am__objects_5) \
|
||||
+ stub_memaccount.$(OBJEXT) util.$(OBJEXT) uudecode.$(OBJEXT) \
|
||||
+ $(am__objects_6)
|
||||
libmiscutil_a_OBJECTS = $(am_libmiscutil_a_OBJECTS)
|
||||
libntlmauth_a_AR = $(AR) $(ARFLAGS)
|
||||
libntlmauth_a_DEPENDENCIES = @LIBOBJS@
|
||||
@@ -190,6 +193,10 @@
|
||||
NEED_OWN_MD5_TRUE = @NEED_OWN_MD5_TRUE@
|
||||
NEED_OWN_SNPRINTF_FALSE = @NEED_OWN_SNPRINTF_FALSE@
|
||||
NEED_OWN_SNPRINTF_TRUE = @NEED_OWN_SNPRINTF_TRUE@
|
||||
+NEED_OWN_STRCASESTR_FALSE = @NEED_OWN_STRCASESTR_FALSE@
|
||||
+NEED_OWN_STRCASESTR_TRUE = @NEED_OWN_STRCASESTR_TRUE@
|
||||
+NEED_OWN_STRNSTR_FALSE = @NEED_OWN_STRNSTR_FALSE@
|
||||
+NEED_OWN_STRNSTR_TRUE = @NEED_OWN_STRNSTR_TRUE@
|
||||
NEED_OWN_STRSEP_FALSE = @NEED_OWN_STRSEP_FALSE@
|
||||
NEED_OWN_STRSEP_TRUE = @NEED_OWN_STRSEP_TRUE@
|
||||
NEGOTIATE_AUTH_HELPERS = @NEGOTIATE_AUTH_HELPERS@
|
||||
@@ -229,6 +236,8 @@
|
||||
USE_DNSSERVER_TRUE = @USE_DNSSERVER_TRUE@
|
||||
USE_EPOLL_FALSE = @USE_EPOLL_FALSE@
|
||||
USE_EPOLL_TRUE = @USE_EPOLL_TRUE@
|
||||
+USE_ICAP_FALSE = @USE_ICAP_FALSE@
|
||||
+USE_ICAP_TRUE = @USE_ICAP_TRUE@
|
||||
USE_KQUEUE_FALSE = @USE_KQUEUE_FALSE@
|
||||
USE_KQUEUE_TRUE = @USE_KQUEUE_TRUE@
|
||||
USE_POLL_FALSE = @USE_POLL_FALSE@
|
||||
@@ -284,6 +293,10 @@
|
||||
target_alias = @target_alias@
|
||||
@NEED_OWN_SNPRINTF_FALSE@SNPRINTFSOURCE =
|
||||
@NEED_OWN_SNPRINTF_TRUE@SNPRINTFSOURCE = snprintf.c
|
||||
+@NEED_OWN_STRNSTR_FALSE@STRNSTRSOURCE =
|
||||
+@NEED_OWN_STRNSTR_TRUE@STRNSTRSOURCE = strnstr.c
|
||||
+@NEED_OWN_STRCASESTR_FALSE@STRCASESTRSOURCE =
|
||||
+@NEED_OWN_STRCASESTR_TRUE@STRCASESTRSOURCE = strcasestr.c
|
||||
@NEED_OWN_STRSEP_FALSE@STRSEPSOURCE =
|
||||
@NEED_OWN_STRSEP_TRUE@STRSEPSOURCE = strsep.c
|
||||
@NEED_OWN_MD5_FALSE@MD5SOURCE =
|
||||
@@ -328,6 +341,8 @@
|
||||
$(SNPRINTFSOURCE) \
|
||||
splay.c \
|
||||
Stack.c \
|
||||
+ $(STRNSTRSOURCE) \
|
||||
+ $(STRCASESTRSOURCE) \
|
||||
$(STRSEPSOURCE) \
|
||||
stub_memaccount.c \
|
||||
util.c \
|
||||
@@ -443,6 +458,8 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snprintf.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/splay.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sspwin32.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strcasestr.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strnstr.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strsep.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/stub_memaccount.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/util.Po@am__quote@
|
||||
-- src/Makefile.in.orig Sat Nov 4 16:36:15 2006
|
||||
+++ src/Makefile.in Sat Nov 4 16:36:27 2006
|
||||
@@ -91,14 +91,15 @@
|
||||
globals.h gopher.c helper.c htcp.c http.c HttpStatusLine.c \
|
||||
HttpHdrCc.c HttpHdrRange.c HttpHdrContRange.c HttpHeader.c \
|
||||
HttpHeaderTools.c HttpBody.c HttpMsg.c HttpReply.c \
|
||||
- HttpRequest.c icmp.c icp_v2.c icp_v3.c ident.c internal.c \
|
||||
- ipc.c ipc_win32.c ipcache.c leakfinder.c locrewrite.c \
|
||||
- logfile.c main.c mem.c MemPool.c MemBuf.c mime.c multicast.c \
|
||||
- neighbors.c net_db.c Packer.c pconn.c peer_digest.c \
|
||||
- peer_monitor.c peer_select.c peer_sourcehash.c peer_userhash.c \
|
||||
- protos.h redirect.c referer.c refresh.c send-announce.c \
|
||||
- snmp_core.c snmp_agent.c squid.h ssl.c ssl_support.c stat.c \
|
||||
- StatHist.c String.c stmem.c store.c store_io.c store_client.c \
|
||||
+ HttpRequest.c icap_common.c icap_reqmod.c icap_respmod.c \
|
||||
+ icap_opt.c icmp.c icp_v2.c icp_v3.c ident.c internal.c ipc.c \
|
||||
+ ipc_win32.c ipcache.c leakfinder.c locrewrite.c logfile.c \
|
||||
+ main.c mem.c MemPool.c MemBuf.c mime.c multicast.c neighbors.c \
|
||||
+ net_db.c Packer.c pconn.c peer_digest.c peer_monitor.c \
|
||||
+ peer_select.c peer_sourcehash.c peer_userhash.c protos.h \
|
||||
+ redirect.c referer.c refresh.c send-announce.c snmp_core.c \
|
||||
+ snmp_agent.c squid.h ssl.c ssl_support.c stat.c StatHist.c \
|
||||
+ String.c stmem.c store.c store_io.c store_client.c \
|
||||
store_digest.c store_dir.c store_key_md5.c store_log.c \
|
||||
store_rebuild.c store_swapin.c store_swapmeta.c \
|
||||
store_swapout.c structs.h tools.c typedefs.h unlinkd.c url.c \
|
||||
@@ -114,14 +115,17 @@
|
||||
@USE_DNSSERVER_FALSE@am__objects_3 = dns_internal.$(OBJEXT)
|
||||
@USE_DNSSERVER_TRUE@am__objects_3 = dns.$(OBJEXT)
|
||||
@ENABLE_HTCP_TRUE@am__objects_4 = htcp.$(OBJEXT)
|
||||
-@ENABLE_MINGW32SPECIFIC_FALSE@am__objects_5 = ipc.$(OBJEXT)
|
||||
-@ENABLE_MINGW32SPECIFIC_TRUE@am__objects_5 = ipc_win32.$(OBJEXT)
|
||||
-@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
|
||||
-@USE_SNMP_TRUE@am__objects_7 = snmp_core.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@am__objects_5 = icap_common.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@ icap_reqmod.$(OBJEXT) icap_respmod.$(OBJEXT) \
|
||||
+@USE_ICAP_TRUE@ icap_opt.$(OBJEXT)
|
||||
+@ENABLE_MINGW32SPECIFIC_FALSE@am__objects_6 = ipc.$(OBJEXT)
|
||||
+@ENABLE_MINGW32SPECIFIC_TRUE@am__objects_6 = ipc_win32.$(OBJEXT)
|
||||
+@MAKE_LEAKFINDER_TRUE@am__objects_7 = leakfinder.$(OBJEXT)
|
||||
+@USE_SNMP_TRUE@am__objects_8 = snmp_core.$(OBJEXT) \
|
||||
@USE_SNMP_TRUE@ snmp_agent.$(OBJEXT)
|
||||
-@ENABLE_SSL_TRUE@am__objects_8 = ssl_support.$(OBJEXT)
|
||||
-@ENABLE_UNLINKD_TRUE@am__objects_9 = unlinkd.$(OBJEXT)
|
||||
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_10 = win32.$(OBJEXT)
|
||||
+@ENABLE_SSL_TRUE@am__objects_9 = ssl_support.$(OBJEXT)
|
||||
+@ENABLE_UNLINKD_TRUE@am__objects_10 = unlinkd.$(OBJEXT)
|
||||
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_11 = win32.$(OBJEXT)
|
||||
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) asn.$(OBJEXT) \
|
||||
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) \
|
||||
CacheDigest.$(OBJEXT) cache_manager.$(OBJEXT) carp.$(OBJEXT) \
|
||||
@@ -136,27 +140,27 @@
|
||||
HttpHdrRange.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \
|
||||
HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \
|
||||
HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) HttpReply.$(OBJEXT) \
|
||||
- HttpRequest.$(OBJEXT) icmp.$(OBJEXT) icp_v2.$(OBJEXT) \
|
||||
- icp_v3.$(OBJEXT) ident.$(OBJEXT) internal.$(OBJEXT) \
|
||||
- $(am__objects_5) ipcache.$(OBJEXT) $(am__objects_6) \
|
||||
- locrewrite.$(OBJEXT) logfile.$(OBJEXT) main.$(OBJEXT) \
|
||||
- mem.$(OBJEXT) MemPool.$(OBJEXT) MemBuf.$(OBJEXT) \
|
||||
- mime.$(OBJEXT) multicast.$(OBJEXT) neighbors.$(OBJEXT) \
|
||||
- net_db.$(OBJEXT) Packer.$(OBJEXT) pconn.$(OBJEXT) \
|
||||
- peer_digest.$(OBJEXT) peer_monitor.$(OBJEXT) \
|
||||
+ HttpRequest.$(OBJEXT) $(am__objects_5) icmp.$(OBJEXT) \
|
||||
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) ident.$(OBJEXT) \
|
||||
+ internal.$(OBJEXT) $(am__objects_6) ipcache.$(OBJEXT) \
|
||||
+ $(am__objects_7) locrewrite.$(OBJEXT) logfile.$(OBJEXT) \
|
||||
+ main.$(OBJEXT) mem.$(OBJEXT) MemPool.$(OBJEXT) \
|
||||
+ MemBuf.$(OBJEXT) mime.$(OBJEXT) multicast.$(OBJEXT) \
|
||||
+ neighbors.$(OBJEXT) net_db.$(OBJEXT) Packer.$(OBJEXT) \
|
||||
+ pconn.$(OBJEXT) peer_digest.$(OBJEXT) peer_monitor.$(OBJEXT) \
|
||||
peer_select.$(OBJEXT) peer_sourcehash.$(OBJEXT) \
|
||||
peer_userhash.$(OBJEXT) redirect.$(OBJEXT) referer.$(OBJEXT) \
|
||||
- refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_7) \
|
||||
- ssl.$(OBJEXT) $(am__objects_8) stat.$(OBJEXT) \
|
||||
+ refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_8) \
|
||||
+ ssl.$(OBJEXT) $(am__objects_9) stat.$(OBJEXT) \
|
||||
StatHist.$(OBJEXT) String.$(OBJEXT) stmem.$(OBJEXT) \
|
||||
store.$(OBJEXT) store_io.$(OBJEXT) store_client.$(OBJEXT) \
|
||||
store_digest.$(OBJEXT) store_dir.$(OBJEXT) \
|
||||
store_key_md5.$(OBJEXT) store_log.$(OBJEXT) \
|
||||
store_rebuild.$(OBJEXT) store_swapin.$(OBJEXT) \
|
||||
store_swapmeta.$(OBJEXT) store_swapout.$(OBJEXT) \
|
||||
- tools.$(OBJEXT) $(am__objects_9) url.$(OBJEXT) urn.$(OBJEXT) \
|
||||
+ tools.$(OBJEXT) $(am__objects_10) url.$(OBJEXT) urn.$(OBJEXT) \
|
||||
useragent.$(OBJEXT) wais.$(OBJEXT) wccp.$(OBJEXT) \
|
||||
- wccp2.$(OBJEXT) whois.$(OBJEXT) $(am__objects_10)
|
||||
+ wccp2.$(OBJEXT) whois.$(OBJEXT) $(am__objects_11)
|
||||
nodist_squid_OBJECTS = repl_modules.$(OBJEXT) auth_modules.$(OBJEXT) \
|
||||
store_modules.$(OBJEXT) globals.$(OBJEXT) \
|
||||
string_arrays.$(OBJEXT)
|
||||
@@ -282,6 +286,10 @@
|
||||
NEED_OWN_MD5_TRUE = @NEED_OWN_MD5_TRUE@
|
||||
NEED_OWN_SNPRINTF_FALSE = @NEED_OWN_SNPRINTF_FALSE@
|
||||
NEED_OWN_SNPRINTF_TRUE = @NEED_OWN_SNPRINTF_TRUE@
|
||||
+NEED_OWN_STRCASESTR_FALSE = @NEED_OWN_STRCASESTR_FALSE@
|
||||
+NEED_OWN_STRCASESTR_TRUE = @NEED_OWN_STRCASESTR_TRUE@
|
||||
+NEED_OWN_STRNSTR_FALSE = @NEED_OWN_STRNSTR_FALSE@
|
||||
+NEED_OWN_STRNSTR_TRUE = @NEED_OWN_STRNSTR_TRUE@
|
||||
NEED_OWN_STRSEP_FALSE = @NEED_OWN_STRSEP_FALSE@
|
||||
NEED_OWN_STRSEP_TRUE = @NEED_OWN_STRSEP_TRUE@
|
||||
NEGOTIATE_AUTH_HELPERS = @NEGOTIATE_AUTH_HELPERS@
|
||||
@@ -321,6 +329,8 @@
|
||||
USE_DNSSERVER_TRUE = @USE_DNSSERVER_TRUE@
|
||||
USE_EPOLL_FALSE = @USE_EPOLL_FALSE@
|
||||
USE_EPOLL_TRUE = @USE_EPOLL_TRUE@
|
||||
+USE_ICAP_FALSE = @USE_ICAP_FALSE@
|
||||
+USE_ICAP_TRUE = @USE_ICAP_TRUE@
|
||||
USE_KQUEUE_FALSE = @USE_KQUEUE_FALSE@
|
||||
USE_KQUEUE_TRUE = @USE_KQUEUE_TRUE@
|
||||
USE_POLL_FALSE = @USE_POLL_FALSE@
|
||||
@@ -376,6 +386,8 @@
|
||||
sharedstatedir = @sharedstatedir@
|
||||
sysconfdir = @sysconfdir@
|
||||
target_alias = @target_alias@
|
||||
+@USE_ICAP_FALSE@ICAPSOURCE =
|
||||
+@USE_ICAP_TRUE@ICAPSOURCE = icap_common.c icap_reqmod.c icap_respmod.c icap_opt.c
|
||||
@USE_DNSSERVER_FALSE@DNSSOURCE = dns_internal.c
|
||||
@USE_DNSSERVER_TRUE@DNSSOURCE = dns.c
|
||||
@USE_DNSSERVER_FALSE@DNSSERVER =
|
||||
@@ -479,6 +491,7 @@
|
||||
HttpMsg.c \
|
||||
HttpReply.c \
|
||||
HttpRequest.c \
|
||||
+ $(ICAPSOURCE) \
|
||||
icmp.c \
|
||||
icp_v2.c \
|
||||
icp_v3.c \
|
||||
@@ -791,6 +804,10 @@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/helper.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/htcp.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/http.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icap_common.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icap_opt.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icap_reqmod.Po@am__quote@
|
||||
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icap_respmod.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icmp.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icp_v2.Po@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icp_v3.Po@am__quote@
|
File diff suppressed because it is too large
Load Diff
@ -1,6 +1,28 @@
|
||||
--- src/cf.data.pre.orig Fri Aug 20 16:23:18 2004
|
||||
+++ src/cf.data.pre Fri Aug 20 16:25:23 2004
|
||||
@@ -2396,12 +2396,12 @@
|
||||
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
|
||||
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
|
||||
@@ -1183,6 +1183,21 @@
|
||||
|
||||
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
|
||||
(hard coded at 1 MB).
|
||||
+
|
||||
+ Note for FreeBSD users:
|
||||
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
|
||||
+ support for the aufs storage type, COSS will use POSIX AIO.
|
||||
+ This means that you need to add the line
|
||||
+
|
||||
+ options VFS_AIO
|
||||
+
|
||||
+ to your kernel configuration in order to use COSS.
|
||||
+
|
||||
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
|
||||
+ necessarily need to recompile your kernel.
|
||||
+
|
||||
+ If you compiled Squid with both support for aufs and COSS, COSS
|
||||
+ will use aufs' routines and does not need special kernel support.
|
||||
DOC_END
|
||||
|
||||
NAME: logformat
|
||||
@@ -3280,12 +3295,12 @@
|
||||
|
||||
NAME: cache_effective_user
|
||||
TYPE: string
|
||||
|
@ -1,24 +0,0 @@
|
||||
Patch for Squid bug #1857, obtained from Squid bugzilla 2007-01-15.
|
||||
|
||||
--- src/ftp.c.orig Sun Feb 26 00:34:13 2006
|
||||
+++ src/ftp.c Mon Jan 15 19:46:29 2007
|
||||
@@ -441,7 +441,7 @@
|
||||
ftpState->flags.dir_slash ? rfc1738_escape_part(ftpState->old_filepath) : ".");
|
||||
} else if (ftpState->typecode == 'D') {
|
||||
const char *path = ftpState->flags.dir_slash ? ftpState->filepath : ".";
|
||||
- storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", html_quote(path));
|
||||
+ storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", rfc1738_escape_part(path));
|
||||
}
|
||||
storeAppendPrintf(e, "<HR noshade size=\"1px\">\n");
|
||||
storeAppendPrintf(e, "<ADDRESS>\n");
|
||||
@@ -689,8 +689,8 @@
|
||||
snprintf(html, 8192, "%s\n", line);
|
||||
return html;
|
||||
}
|
||||
- if (ftpState->flags.dir_slash)
|
||||
- snprintf(prefix, sizeof(prefix), "%s/", rfc1738_escape_part(ftpState->dirpath));
|
||||
+ if (ftpState->flags.dir_slash && ftpState->dirpath && ftpState->typecode != 'D' )
|
||||
+ snprintf(prefix, 2048, "%s/", rfc1738_escape_part(ftpState->dirpath));
|
||||
else
|
||||
prefix[0] = '\0';
|
||||
/* Handle builtin <dirup> */
|
11
www/squid31/files/patch-tools-Makefile.in
Normal file
11
www/squid31/files/patch-tools-Makefile.in
Normal file
@ -0,0 +1,11 @@
|
||||
--- tools/Makefile.in.orig Sun May 14 18:30:04 2006
|
||||
+++ tools/Makefile.in Sun May 14 18:31:02 2006
|
||||
@@ -297,7 +297,7 @@
|
||||
EXTRA_DIST = \
|
||||
cachemgr.conf
|
||||
|
||||
-DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf
|
||||
+DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf.default
|
||||
|
||||
# Don't automatically uninstall config files
|
||||
# @if test -f $(DESTDIR)$(DEFAULT_CONFIG_FILE) ; then \
|
@ -21,12 +21,11 @@ POST-DEINSTALL)
|
||||
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
|
||||
echo " created by a default installation of this package, run"
|
||||
echo ""
|
||||
echo " pw userdel -r -n %%SQUID_UID%% -u 100"
|
||||
echo ""
|
||||
echo " pw userdel -n %%SQUID_UID%% -u 100"
|
||||
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
|
||||
echo ""
|
||||
echo " To ease updates, the cache and log directories and"
|
||||
echo " all configuration files modified by you were preserved."
|
||||
echo " In order to ease updates the cache and log directories"
|
||||
echo " and all configuration files modified by you were preserved."
|
||||
echo ""
|
||||
echo " Please remove them manually if you do not want to use"
|
||||
echo " Squid any longer."
|
||||
|
@ -16,18 +16,11 @@ squid_user="%%SQUID_UID%%"
|
||||
squid_group="%%SQUID_GID%%"
|
||||
squid_gid=100
|
||||
squid_uid=100
|
||||
# Try to catch the case where the $squid_user might have been created with an
|
||||
# id greater than or equal 3128. The valid exception is "nobody".
|
||||
nobody_uid=65534
|
||||
nobody_gid=65534
|
||||
squid_oldgid=3128
|
||||
squid_olduid=3128
|
||||
unset wrong_id
|
||||
case $2 in
|
||||
PRE-INSTALL)
|
||||
echo "===> Pre-installation configuration for ${pkgname}"
|
||||
if ! pw groupshow ${squid_group} -q >/dev/null ; then
|
||||
echo "There is no group '${squid_group}' on this system, so I will try to create it:"
|
||||
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
|
||||
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
|
||||
echo "Failed to create group \"${squid_group}\"!" >&2
|
||||
echo "Please create it manually." >&2
|
||||
@ -37,16 +30,11 @@ PRE-INSTALL)
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing group '${squid_group}':"
|
||||
current_gid=`pw groupshow ${squid_group}|cut -f 3 -d :`
|
||||
if [ ${current_gid} -ge ${squid_oldgid} \
|
||||
-a ${current_gid} -ne ${nobody_gid} ]; then
|
||||
wrong_id=1
|
||||
fi
|
||||
fi
|
||||
pw groupshow ${squid_group}
|
||||
|
||||
if ! pw usershow ${squid_user} -q >/dev/null ; then
|
||||
echo "There is no account '${squid_user}' on this system, so I will try to create it:"
|
||||
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
|
||||
if ! pw useradd -q -n ${squid_user} \
|
||||
-u ${squid_uid} -g ${squid_group} \
|
||||
-c "Squid caching-proxy pseudo user" \
|
||||
@ -60,53 +48,8 @@ PRE-INSTALL)
|
||||
fi
|
||||
else
|
||||
echo "I will use the existing user '${squid_user}':"
|
||||
current_uid=`id -u ${squid_user}`
|
||||
if [ ${current_uid} -ge ${squid_olduid} \
|
||||
-a ${current_uid} -ne ${nobody_uid} ];
|
||||
then
|
||||
wrong_id=1
|
||||
fi
|
||||
fi
|
||||
pw usershow ${squid_user}
|
||||
if [ "${wrong_id}" ]; then
|
||||
echo ""
|
||||
echo " * NOTICE *"
|
||||
echo ""
|
||||
echo "The Squid pseudo-user's uid and/or gid have been found"
|
||||
echo "to be greater than or equal 3128."
|
||||
echo ""
|
||||
echo "This is not a problem as such, but violates the FreeBSD"
|
||||
echo "ports' principle that a ports must not claim a uid greater"
|
||||
echo "than 999."
|
||||
echo ""
|
||||
echo "Since version 2.5.4_11, the Squid user is thus created"
|
||||
echo "with an id of ${squid_uid}:${squid_gid} while earlier versions of this"
|
||||
echo "port used the first unused uid/gid greater than or"
|
||||
echo "equal 3128."
|
||||
echo ""
|
||||
echo "If you want to change the existing Squid user's id, run"
|
||||
echo "'make changeuser' after the installation has completed."
|
||||
echo "If you installed this port via a package, issue the"
|
||||
echo "following commands as root:"
|
||||
echo ""
|
||||
echo "pw userdel -u ${current_uid}"
|
||||
echo "pw groupadd -n ${squid_group} -g ${squid_gid}"
|
||||
echo "pw useradd -n ${squid_user} -u ${squid_uid} \\"
|
||||
echo " -c \"Squid caching-proxy pseudo user\" \\"
|
||||
echo " -g ${squid_group} -d ${squid_base} -s /sbin/nologin \\"
|
||||
echo " -h -"
|
||||
echo "find -H ${PKG_PREFIX} -user ${current_uid} -exec chown ${squid_user} {} \\;"
|
||||
echo "find -H ${PKG_PREFIX} -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
|
||||
echo ""
|
||||
echo "In case you have installed third party software for Squid"
|
||||
echo "like squidGuard, you should additionally run:"
|
||||
echo "find -H /var -user ${current_uid} -exec chown ${squid_user} {} \\;"
|
||||
echo "find -H /var -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
|
||||
echo ""
|
||||
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
|
||||
sleep 30
|
||||
fi
|
||||
fi
|
||||
for dir in cache logs; do
|
||||
if [ ! -d ${squid_base}/${dir} ]; then
|
||||
echo "Creating ${squid_base}/${dir}..."
|
||||
|
@ -1,24 +1,31 @@
|
||||
o You can find the configuration files for this package in the
|
||||
directory %%PREFIX%%/etc/squid.
|
||||
|
||||
|
||||
o A cache directory has been created in %%PREFIX%%/squid/cache.
|
||||
Log files will be written to %%PREFIX%%/squid/logs.
|
||||
|
||||
|
||||
Note:
|
||||
You must initialize new cache directories before you can start
|
||||
Squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
|
||||
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
|
||||
If your cache directories are already initialized (e.g. after an
|
||||
upgrade of Squid) you do not need to initialize them again.
|
||||
upgrade of squid) you do not need to initialize them again.
|
||||
|
||||
o The default configuration will deny everyone access to the
|
||||
proxy service. Edit the "http_access" directives in
|
||||
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
|
||||
--begin rcng
|
||||
|
||||
Please note that the Squid start script is an rc.d style script.
|
||||
This means that Squid will not start automatically at boot time.
|
||||
This means that Squid will not start automatically at boot
|
||||
time unless it is explicitly enabled.
|
||||
|
||||
To enable Squid, set squid_enable=yes in either
|
||||
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
|
||||
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
|
||||
--end rcng
|
||||
|
||||
Note:
|
||||
If you just updated your Squid installation from 2.5 or earlier,
|
||||
make sure to check your Squid configuration against the 2.6 default
|
||||
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
|
||||
|
||||
Additionally, you should check your configuration by calling
|
||||
'squid -f /path/to/squid.conf -k parse' before starting Squid.
|
||||
|
@ -2,11 +2,10 @@
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# --begin rcng
|
||||
# PROVIDE: squid
|
||||
# REQUIRE: LOGIN
|
||||
# KEYWORD: shutdown
|
||||
#
|
||||
#
|
||||
# Note:
|
||||
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
|
||||
# /etc/rc.conf.d/squid to make this script actually do something. There
|
||||
@ -14,34 +13,7 @@
|
||||
#
|
||||
# Please see squid(8), rc.conf(5) and rc(8) for further details.
|
||||
#
|
||||
# --end rcng
|
||||
|
||||
name=squid
|
||||
command=%%PREFIX%%/sbin/squid
|
||||
# --begin rcng
|
||||
extra_commands=reload
|
||||
reload_cmd="${command} ${squid_flags} -k reconfigure"
|
||||
# --end rcng
|
||||
stop_cmd="squid_stop"
|
||||
squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
|
||||
# --begin rcng
|
||||
squid_enable=${squid_enable:-"NO"}
|
||||
# --end rcng
|
||||
squid_flags=${squid_flags-"-D"}
|
||||
squid_user=${squid_user:-%%SQUID_UID%%}
|
||||
default_config=%%PREFIX%%/etc/squid/squid.conf
|
||||
|
||||
# --begin rcold
|
||||
squid_stop() {
|
||||
echo -n " ${name}"
|
||||
${command} -k shutdown
|
||||
while ps -xcU ${squid_user} | grep -q squid; do
|
||||
sleep 2
|
||||
done
|
||||
}
|
||||
|
||||
# --end rcold
|
||||
# --begin rcng
|
||||
squid_stop() {
|
||||
echo "Stopping ${name}."
|
||||
${command} ${squid_flags} -k shutdown
|
||||
@ -49,9 +21,25 @@ squid_stop() {
|
||||
}
|
||||
|
||||
. %%RC_SUBR%%
|
||||
rcvar=`set_rcvar`
|
||||
|
||||
name=squid
|
||||
rcvar=${name}_enable
|
||||
|
||||
command=%%PREFIX%%/sbin/squid
|
||||
extra_commands=reload
|
||||
reload_cmd="${command} ${squid_flags} -k reconfigure"
|
||||
stop_cmd="squid_stop"
|
||||
|
||||
load_rc_config ${name}
|
||||
|
||||
squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
|
||||
squid_enable=${squid_enable:-"NO"}
|
||||
squid_flags=${squid_flags-"-D"}
|
||||
squid_user=${squid_user:-%%SQUID_UID%%}
|
||||
default_config=%%PREFIX%%/etc/squid/squid.conf
|
||||
|
||||
required_dirs=${squid_chdir}
|
||||
|
||||
# squid(8) will not start if ${default_config} is not present so try
|
||||
# to catch that beforehand via ${required_files} rather than make
|
||||
# squid(8) crash.
|
||||
@ -61,28 +49,5 @@ load_rc_config ${name}
|
||||
if [ -z "${squid_flags}" ]; then
|
||||
required_files=${default_config}
|
||||
fi
|
||||
required_dirs=${squid_chdir}
|
||||
|
||||
run_rc_command "$1"
|
||||
# --end rcng
|
||||
# --begin rcold
|
||||
case $1 in
|
||||
start)
|
||||
if [ -x "${command}" -a \
|
||||
\( -f "${default_config}" -o "${squid_flags}" \) ]; then
|
||||
echo -n " ${name}"
|
||||
(cd ${squid_chdir} && exec su -fm ${squid_user} -c \
|
||||
"${command} ${squid_flags}")
|
||||
fi
|
||||
;;
|
||||
stop)
|
||||
if [ -x "${command}" ]; then
|
||||
${stop_cmd}
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "usage: ${0##*/} {start|stop}" >&2
|
||||
exit 64
|
||||
;;
|
||||
esac
|
||||
exit 0
|
||||
# --end rcold
|
@ -1,88 +0,0 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
# --begin rcng
|
||||
# PROVIDE: squid
|
||||
# REQUIRE: LOGIN
|
||||
# KEYWORD: shutdown
|
||||
#
|
||||
# Note:
|
||||
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
|
||||
# /etc/rc.conf.d/squid to make this script actually do something. There
|
||||
# you can also set squid_chdir, squid_user, and squid_flags.
|
||||
#
|
||||
# Please see squid(8), rc.conf(5) and rc(8) for further details.
|
||||
#
|
||||
# --end rcng
|
||||
|
||||
name=squid
|
||||
command=%%PREFIX%%/sbin/squid
|
||||
# --begin rcng
|
||||
extra_commands=reload
|
||||
reload_cmd="${command} ${squid_flags} -k reconfigure"
|
||||
# --end rcng
|
||||
stop_cmd="squid_stop"
|
||||
squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
|
||||
# --begin rcng
|
||||
squid_enable=${squid_enable:-"NO"}
|
||||
# --end rcng
|
||||
squid_flags=${squid_flags-"-D"}
|
||||
squid_user=${squid_user:-%%SQUID_UID%%}
|
||||
default_config=%%PREFIX%%/etc/squid/squid.conf
|
||||
|
||||
# --begin rcold
|
||||
squid_stop() {
|
||||
echo -n " ${name}"
|
||||
${command} -k shutdown
|
||||
while ps -xcU ${squid_user} | grep -q squid; do
|
||||
sleep 2
|
||||
done
|
||||
}
|
||||
|
||||
# --end rcold
|
||||
# --begin rcng
|
||||
squid_stop() {
|
||||
echo "Stopping ${name}."
|
||||
${command} ${squid_flags} -k shutdown
|
||||
run_rc_command poll
|
||||
}
|
||||
|
||||
. %%RC_SUBR%%
|
||||
rcvar=`set_rcvar`
|
||||
load_rc_config ${name}
|
||||
|
||||
# squid(8) will not start if ${default_config} is not present so try
|
||||
# to catch that beforehand via ${required_files} rather than make
|
||||
# squid(8) crash.
|
||||
# If you remove the default configuration file make sure to add
|
||||
# '-f /path/to/your/squid.conf' to squid_flags
|
||||
|
||||
if [ -z "${squid_flags}" ]; then
|
||||
required_files=${default_config}
|
||||
fi
|
||||
required_dirs=${squid_chdir}
|
||||
run_rc_command "$1"
|
||||
# --end rcng
|
||||
# --begin rcold
|
||||
case $1 in
|
||||
start)
|
||||
if [ -x "${command}" -a \
|
||||
\( -f "${default_config}" -o "${squid_flags}" \) ]; then
|
||||
echo -n " ${name}"
|
||||
(cd ${squid_chdir} && exec su -fm ${squid_user} -c \
|
||||
"${command} ${squid_flags}")
|
||||
fi
|
||||
;;
|
||||
stop)
|
||||
if [ -x "${command}" ]; then
|
||||
${stop_cmd}
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
echo "usage: ${0##*/} {start|stop}" >&2
|
||||
exit 64
|
||||
;;
|
||||
esac
|
||||
exit 0
|
||||
# --end rcold
|
Loading…
Reference in New Issue
Block a user