cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename

Browse Source 
www/squid -> www/squid25
  www/squid26 -> www/squid

thus effectively updating www/squid to 2.6.STABLE9

PR:		ports/108562
Submitted by:	Thomas-Martin Seck <tmseck@netcologne.de> (maintainer)
Repocopies by:	marcus
This commit is contained in:
Pav Lucistnik 2007-02-07 08:42:31 +00:00
parent 04627d16d3
commit ef5d6a8edb
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=184474
76 changed files with 1408 additions and 24499 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
MOVED
View File

@ -2799,3 +2799,4 @@ sysutils/pkg_replace|ports-mgmt/pkg_replace|2007-02-05|Moved to a new category
archivers/py-bzip2||2007-02-05|Included with all current python versions in ports tree
devel/py-logging||2007-02-05|Included with all current python versions in ports tree
misc/qt4-codecs-tw|chinese/qt4-codecs-tw|2007-02-06|Accidentally added to wrong category
www/squid26|www/squid|2007-02-07|Squid 2.6 is now mainstream version

13
UPDATING
View File

@ -6,6 +6,19 @@ You should get into the habit of checking this file for changes each
time you update your ports collection, before attempting any port
upgrades.
20070207:
AFFECTS: users of www/squid*
AUTHOR: tmseck@netcologne.de
The www/squid port has been updated to 2.6. If you are updating from Squid
2.5, please read the Squid release notes at
http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE9-RELEASENOTES.html
and see whether you need to adapt your squid.conf to the changes described
there.
Squid 2.5 will be available as www/squid25 for next few months. But note
it's no longer being maintained by the Squid developers.
20070206:
AFFECTS: users of emulators/qemu
AUTHOR: nox@FreeBSD.org

2
www/Makefile
View File

@ -1041,7 +1041,7 @@
SUBDIR += spreadlogd
SUBDIR += sqstat
SUBDIR += squid
SUBDIR += squid26
SUBDIR += squid25
SUBDIR += squid_radius_auth
SUBDIR += squidclients
SUBDIR += squidguard

246
www/squid/Makefile
View File

@ -9,15 +9,11 @@
# Which user/group Squid should run as (default: squid/squid).
# The user and group will be created if they do not already exist using
# a uid:gid of 100:100.
# NOTE: before version 2.5.4_6, these settings defaulted to
# nobody/nogroup.
# If you wish to keep these settings, please define SQUID_UID=nobody and
# SQUID_GID=nogroup in your make environment before you start the update.
# NOTE2:
# Before version 2.5.4_11 the numerical id chosen for SQUID_UID (and
# SQUID_GID respectively) was the first free id greater than or equal 3128.
# If you wish to move your squid user to id 100:100, run "make changeuser",
# please see the changeuser target's definition for further information.
# NOTE: older versions of Squid defaulted to nobody/nogroup.
# If you wish to run Squid as "nobody" (which is not recommended), please
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
# before you start the update or installation of this port.
#
# SQUID_LANGUAGES
# A list of languages for which error page files should be installed
# (default: all)
@ -39,7 +35,7 @@
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
#
# The list below may be incomplete, please see the configure script
# in the squid source distribution for the complete list of additional
# in the Squid source distribution for the complete list of additional
# options.
# Note that you probably do not need to worry about these options in most
# cases, they are included in case you want to experiment with them.
@ -47,11 +43,10 @@
# --enable-dlmalloc
# Compile and use the malloc package from Doug Lea
# --enable-gnuregex
# Compile and use the supplied GNUregex routines instead of BSD regex.
# Compile and use the supplied GNUregex routines instead of BSD regex
# (not recommended).
# --enable-xmalloc-statistics
# Show malloc statistics in status page
# --enable-time-hack
# Optimize time updates to one per second rather than calling gettimeofday()
# --enable-cachemgr-hostname=some.hostname
# Set an explicit hostname in cachemgr.cgi
# --enable-truncate
@ -69,39 +64,53 @@
# --enable-ntlm-fail-open
# Enable NTLM fail open, where a helper that fails one of the
# Authentication steps can allow Squid to still authenticate the user
#
# --enable-x-accelerator-vary
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
# to indicate variance within an accelerator setup. Typically used
# together with other code that adds custom HTTP headers to the
# requests.
# --enable-forward-log
# Enable experimental forward_log directive.
# --enable-multicast-miss
# Enable experimental multicast notification of cachemisses.
PORTNAME= squid
PORTVERSION= 2.5.14
PORTREVISION= 4
PORTVERSION= 2.6.9
CATEGORIES= www
MASTER_SITES= http://www.squid-cache.org/%SUBDIR%/ \
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
MASTER_SITE_SUBDIR= squid-2/STABLE
DISTNAME= squid-2.6.STABLE9
DIST_SUBDIR= squid2.6
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
http://www2.us.squid-cache.org/%SUBDIR%/ \
http://www3.us.squid-cache.org/%SUBDIR%/ \
http://www1.at.squid-cache.org/%SUBDIR%/ \
http://www2.nl.squid-cache.org/%SUBDIR%/ \
http://www1.ru.squid-cache.org/%SUBDIR%/ \
http://www1.uk.squid-cache.org/%SUBDIR%/ \
http://www1.gr.squid-cache.org/%SUBDIR%/ \
http://www1.jp.squid-cache.org/%SUBDIR%/ \
http://www1.tw.squid-cache.org/%SUBDIR%/
MASTER_SITE_SUBDIR= Versions/v2/2.5
DISTNAME= squid-2.5.STABLE14
DIST_SUBDIR= squid2.5
PATCH_SITES= ${MASTER_SITES}
PATCH_SITE_SUBDIR= Versions/v2/2.5/bugs
PATCHFILES= squid-2.5.STABLE14-httpReplyDestroy.patch \
squid-2.5.STABLE14-hierarchy_tag.patch
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
PATCHFILES=
PATCH_DIST_STRIP= -p1
MAINTAINER= tmseck@netcologne.de
COMMENT= HTTP Caching Proxy
CONFLICTS= squid-2.[^5]*
CONFLICTS= squid-2.[^6]*
GNU_CONFIGURE= yes
USE_BZIP2= yes
USE_PERL5= yes
USE_RC_SUBR= squid
SQUID_UID?= squid
SQUID_GID?= squid
@ -116,20 +125,19 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
SQUID_DELAY_POOLS "Enable delay pools" off \
SQUID_SNMP "Enable SNMP support" off \
SQUID_CARP "Enable CARP support" off \
SQUID_CARP "Enable CARP support" on \
SQUID_SSL "Enable SSL support for reverse proxies" off \
SQUID_PINGER "Install the icmp helper" off \
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
SQUID_HTCP "Enable HTCP support" off \
SQUID_VIA_DB "Enable forward/via database" off \
SQUID_CACHE_DIGESTS "Enable cache digests" off \
SQUID_WCCP "Enable Web Cache Coordination Protocol" on \
SQUID_UNDERSCORES "Allow underscores in hostnames" on \
SQUID_CHECK_HOSTNAME "Do hostname checking" on \
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
SQUID_REFERER_LOG "Enable Referer-header logging" off \
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
SQUID_CUSTOM_LOG "Enable custom log format" off \
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
SQUID_PF "Enable transparent proxying with PF" off \
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
@ -137,9 +145,9 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_ICAP "Enable ICAP client functionality" off \
SQUID_AUFS "Enable the aufs storage scheme" off \
SQUID_COSS "Enable the COSS storage scheme" off \
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
SQUID_LARGEFILE "Support log and cache files >2GB" off \
SQUID_STACKTRACES "Create backtraces on fatal errors" off \
SQUID_RCNG "Install an rc.d style startup script" on
SQUID_STACKTRACES "Create backtraces on fatal errors" off
etc_files= squid/cachemgr.conf.default \
squid/mib.txt squid/mime.conf.default \
@ -167,37 +175,44 @@ error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
libexec= cachemgr.cgi digest_pw_auth diskd ip_user_check \
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
msnt_auth ncsa_auth ntlm_auth \
pam_auth smb_auth smb_auth.sh squid_unix_group \
wb_auth wb_group wb_ntlmauth wbinfo_group.pl
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
wbinfo_group.pl
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
libexec+= unlinkd
.endif
sbin= RunAccel RunCache squidclient squid
sbin= RunCache squidclient squid
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
--sbindir=${PREFIX}/sbin \
--datadir=${PREFIX}/etc/squid \
--libexecdir=${PREFIX}/libexec/squid \
--localstatedir=${PREFIX}/squid \
--enable-removal-policies="lru heap"
--sysconfdir=${PREFIX}/etc/squid \
--enable-removal-policies="lru heap" \
--disable-linux-netfilter \
--disable-linux-tproxy \
--disable-epoll
.include <bsd.port.pre.mk>
# Authentication methods and modules:
basic_auth= NCSA PAM MSNT SMB winbind
external_acl= ip_user unix_group wbinfo_group winbind_group
MAN8+= pam_auth.8 squid_unix_group.8
basic_auth= NCSA PAM MSNT SMB
digest_auth= password
external_acl= ip_user session unix_group wbinfo_group
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
.if defined(WITH_SQUID_LDAP_AUTH)
USE_OPENLDAP= yes
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
basic_auth+= LDAP
digest_auth+= ldap
external_acl+= ldap_group
libexec+= squid_ldap_auth squid_ldap_group
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
.endif
.if defined(WITH_SQUID_SASL_AUTH)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
@ -213,23 +228,33 @@ libexec+= yp_auth
.endif
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
--enable-basic-auth-helpers="${basic_auth}" \
--enable-digest-auth-helpers="password" \
--enable-digest-auth-helpers="${digest_auth}" \
--enable-external-acl-helpers="${external_acl}" \
--enable-ntlm-auth-helpers="SMB winbind"
--enable-ntlm-auth-helpers="SMB"
# Selection of storage schemes:
# Storage schemes:
storage_schemes= ufs diskd null
.if defined(WITH_SQUID_AUFS)
storage_schemes+= aufs
.if ${OSVERSION}>=501000
# Only document libmap.conf where it is available:
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
.endif
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
CONFIGURE_ARGS+= --enable-async-io \
--with-pthreads
CONFIGURE_ARGS+= --with-pthreads
CFLAGS+= ${PTHREAD_CFLAGS}
.endif
.if defined(WITH_SQUID_COSS)
storage_schemes+= coss
CONFIGURE_ARGS+= --with-aio
.if !defined(WITH_SQUID_AUFS)
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
# adding the option VFS_AIO to your kernel configuration if you want to
# actually use COSS storage:
CONFIGURE_ARGS+= --enable-coss-aio-ops
.endif
sbin+= cossdump
.endif
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
@ -241,13 +266,14 @@ CONFIGURE_ARGS+= --enable-delay-pools
.if defined(WITH_SQUID_SNMP)
CONFIGURE_ARGS+= --enable-snmp
.endif
.if defined(WITH_SQUID_CARP)
CONFIGURE_ARGS+= --enable-carp
.if defined(WITHOUT_SQUID_CARP)
CONFIGURE_ARGS+= --disable-carp
.endif
.if defined(WITH_SQUID_SSL)
# we need to .include bsd.openssl.mk manually here because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included and this is
# not possible when using OPTIONS
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included.
# This makes it currently impossible to combine this macro with OPTIONS to
# conditionally include OpenSSL support.
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
CONFIGURE_ARGS+= --enable-ssl \
--with-openssl="${OPENSSLBASE}"
@ -274,11 +300,8 @@ CONFIGURE_ARGS+= --enable-cache-digests
.if defined(WITHOUT_SQUID_WCCP)
CONFIGURE_ARGS+= --disable-wccp
.endif
.if !defined(WITHOUT_SQUID_UNDERSCORES)
CONFIGURE_ARGS+= --enable-underscores
.endif
.if defined(WITHOUT_SQUID_CHECK_HOSTNAME)
CONFIGURE_ARGS+= --disable-hostname-checks
.if defined(WITH_SQUID_WCCPV2)
CONFIGURE_ARGS+= --enable-wccpv2
.endif
.if defined(WITH_SQUID_STRICT_HTTP)
CONFIGURE_ARGS+= --disable-http-violations
@ -286,12 +309,12 @@ CONFIGURE_ARGS+= --disable-http-violations
.if defined(WITHOUT_SQUID_IDENT)
CONFIGURE_ARGS+= --disable-ident-lookups
.endif
.if defined(WITH_SQUID_REFERER_LOG)
CONFIGURE_ARGS+= --enable-referer-log
.endif
.if defined(WITH_SQUID_USERAGENT_LOG)
CONFIGURE_ARGS+= --enable-useragent-log
.endif
.if defined(WITH_SQUID_CUSTOM_LOG)
EXTRA_PATCHES+= ${PATCHDIR}/customlog-2.5.patch
.endif
.if defined(WITH_SQUID_ARP_ACL)
CONFIGURE_ARGS+= --enable-arp-acl
.endif
@ -315,45 +338,39 @@ CONFIGURE_ARGS+= --enable-ipf-transparent
.endif
.endif
.if defined(WITH_SQUID_FOLLOW_XFF)
EXTRA_PATCHES+= ${PATCHDIR}/follow_xff-2.5.patch \
${PATCHDIR}/follow_xff-configure.patch
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
.endif
.if defined(WITH_SQUID_ICAP)
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.5-core.patch \
${PATCHDIR}/icap-2.5-bootstrap.patch
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
${PATCHDIR}/icap-2.6-core.patch
CONFIGURE_ARGS+= --enable-icap-support
error_files+= ERR_ICAP_FAILURE
.endif
.if !defined(WITHOUT_SQUID_KQUEUE)
CONFIGURE_ARGS+= --enable-kqueue
.else
CONFIGURE_ARGS+= --disable-kqueue
.endif
.if defined(WITH_SQUID_LARGEFILE)
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
.endif
.if defined(WITH_SQUID_STACKTRACES)
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
CONFIGURE_ARGS+= --enable-stacktraces
CFLAGS+= -g
STRIP= ""
.endif
.if !defined(WITHOUT_SQUID_RCNG)
USE_RC_SUBR= squid.sh
rc_del= rcold
rc_state= rcng
.else
SUB_FILES+= squid.sh
etc_files+= rc.d/squid.sh
rc_del= rcng
rc_state= rcold
.endif
# Languages:
#
# If you do not define SQUID_LANGUAGES yourself, all available language files
# will be installed; the default language will be English.
SQUID_LANGUAGES?= \
Azerbaijani Bulgarian Catalan Czech Danish Dutch English Estonian Finnish \
French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian \
Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
English Estonian Finnish French German Greek Hebrew \
Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
Serbian Simplify_Chinese Slovak Spanish Swedish \
Traditional_Chinese Turkish
SQUID_DEFAULT_LANG?= English
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
--enable-default-err-language=${SQUID_DEFAULT_LANG}
@ -378,7 +395,8 @@ PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
post-patch:
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
@ -387,31 +405,16 @@ pre-install:
# Prevent installation of .orig files by deleting them.
@${FIND} ${WRKSRC} -name '*.bak' -delete
@${FIND} ${WRKSRC} -name '*.orig' -delete
# create the start script:
@${REINPLACE_CMD} \
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
-e '/--.*${rc_state}/d' ${WRKDIR}/squid.sh
# create variable information in pkg-message:
@${REINPLACE_CMD} \
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
-e '/--.*${rc_state}/d' ${PKGMESSAGE}
pre-su-install:
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
# Create cachemgr.conf.default manually since squid's install routine
# unfortunately fails to do so:
${INSTALL_DATA} ${WRKSRC}/src/cachemgr.conf \
${PREFIX}/etc/squid/cachemgr.conf.default
.if defined(WITH_SQUID_PINGER)
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
.endif
.if defined(WITHOUT_SQUID_RCNG)
${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/
.endif
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
@ -423,50 +426,5 @@ post-install:
@${ECHO_CMD} ""
@${CAT} ${PKGMESSAGE}
@${ECHO_CMD} ""
changeuser:
# Recover from the problem that earlier versions of this port created the
# squid pseudo-user with an id greater than 999 which is not allowed in
# FreeBSD's ports system. The port now uses id 100:100.
# NOTE:
# This target assumes that SQUID_GID is the primary group of SQUID_UID. If you
# have a different setup, do not run this target!
.if ${SQUID_UID:L} == nobody
@${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \
${ECHO_CMD} "this target!"
${FALSE}
.endif
@if [ `${ID} -u` -ne 0 ]; \
then ${ECHO_CMD} "Sorry, you must be root to use this target."; ${FALSE}; fi; \
current_uid=`id -u ${SQUID_UID}`; \
current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \
${ECHO_CMD} "I will remove this user:"; \
${ID} -P $${current_uid}; \
${ECHO_CMD} "and this group:"; \
pw groupshow ${SQUID_GID}; \
${ECHO_CMD} "I will then re-create them with a user and group id of 100."; \
${ECHO_CMD} "Then all files and directories under ${PREFIX} and /var that"; \
${ECHO_CMD} "are owned by uid $${current_uid} will be chown(1)'ed."; \
${ECHO_CMD} "After that, all files and directories that were accessible"; \
${ECHO_CMD} "by group $${current_gid} will chgrp(1)'ed respectively."; \
${ECHO_CMD} "Note that this assumes group '${SQUID_GID}' to be the primary"; \
${ECHO_CMD} "group of user '${SQUID_UID}'. If you have a different setup"; \
${ECHO_CMD} "please abort this target now."; \
read -p "Press RETURN to continue or CTRL-C to abort:" dummy ; \
${ECHO_CMD} "OK, here we go:"; \
${ECHO_CMD} "deleting user $${current_uid} and his primary group..."; \
pw userdel -u $${current_uid}; \
${ECHO_CMD} "adding user ${SQUID_UID} with id 100..."; \
pw groupadd -n ${SQUID_GID} -g 100; \
pw useradd -n ${SQUID_UID} -u 100 -c "squid caching-proxy pseudo user" \
-d ${PREFIX}/squid -s /sbin/nologin -h - ; \
${ECHO_CMD} "chown(1)'ing everything under ${PREFIX} from $${current_uid} to 100..."; \
${FIND} -H ${PREFIX} -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
${ECHO_CMD} "chgrp(1)'ing everything under ${PREFIX} from $${current_gid} to 100..."; \
${FIND} -H ${PREFIX} -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
${ECHO_CMD} "chown(1)'ing everything under /var from $${current_uid} to 100..."; \
${FIND} -H /var -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
${ECHO_CMD} "chgrp(1)'ing everything under /var from $${current_gid} to 100..."; \
${FIND} -H /var -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
${ECHO_CMD} "Finished."
.include <bsd.port.post.mk>

12
www/squid/distinfo
View File

@ -1,9 +1,3 @@
MD5 (squid2.5/squid-2.5.STABLE14.tar.bz2) = f413e0b887a5f9b2a75350243ed5564c
SHA256 (squid2.5/squid-2.5.STABLE14.tar.bz2) = c4eaee0e5ee42f46060217df9a88d628d244c0a543feab8296e44269e57ec7bd
SIZE (squid2.5/squid-2.5.STABLE14.tar.bz2) = 1073745
MD5 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1529f8b0170e24b26353578778435bd4
SHA256 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 9e99132b8efb07e3465d5e33749aa450daecfa3acde73755b6a3589d09d19285
SIZE (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1277
MD5 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 9abe563ca3d01dc58502737edc6f3c60
SHA256 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 6c98f1f2351b79cfc3f956ed1c46d86c7a53aac0ba28203a33f2dadc7d1e96fe
SIZE (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 1319
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060

1597
www/squid/files/customlog-2.5.patch
View File

File diff suppressed because it is too large Load Diff

0
www/squid26/files/extra-patch-src-cf.data.pre.aufs → www/squid/files/extra-patch-src-cf.data.pre.aufs
View File

411
www/squid/files/follow_xff-2.5.patch
View File

@ -1,411 +0,0 @@
! This is a reduced part of the original follow-XFF patchset from
! devel.squid-cache.org for use with the FreeBSD squid-2.5 port.
Index: src/acl.c
--- src/acl.c 13 May 2003 02:14:12 -0000 1.43.2.16
+++ src/acl.c 23 Nov 2003 14:20:12 -0000
@@ -2001,6 +2001,11 @@
cbdataLock(A);
if (request != NULL) {
checklist->request = requestLink(request);
+#if FOLLOW_X_FORWARDED_FOR
+ if (Config.onoff.acl_uses_indirect_client) {
+ checklist->src_addr = request->indirect_client_addr;
+ } else
+#endif /* FOLLOW_X_FORWARDED_FOR */
checklist->src_addr = request->client_addr;
checklist->my_addr = request->my_addr;
checklist->my_port = request->my_port;
Index: src/cf.data.pre
--- src/cf.data.pre 7 Nov 2003 03:14:30 -0000 1.49.2.46
+++ src/cf.data.pre 23 Nov 2003 14:20:17 -0000
@@ -2065,6 +2065,92 @@
NOCOMMENT_END
DOC_END
+NAME: follow_x_forwarded_for
+TYPE: acl_access
+IFDEF: FOLLOW_X_FORWARDED_FOR
+LOC: Config.accessList.followXFF
+DEFAULT: none
+DEFAULT_IF_NONE: deny all
+DOC_START
+ Allowing or Denying the X-Forwarded-For header to be followed to
+ find the original source of a request.
+
+ Requests may pass through a chain of several other proxies
+ before reaching us. The X-Forwarded-For header will contain a
+ comma-separated list of the IP addresses in the chain, with the
+ rightmost address being the most recent.
+
+ If a request reaches us from a source that is allowed by this
+ configuration item, then we consult the X-Forwarded-For header
+ to see where that host received the request from. If the
+ X-Forwarded-For header contains multiple addresses, and if
+ acl_uses_indirect_client is on, then we continue backtracking
+ until we reach an address for which we are not allowed to
+ follow the X-Forwarded-For header, or until we reach the first
+ address in the list. (If acl_uses_indirect_client is off, then
+ it's impossible to backtrack through more than one level of
+ X-Forwarded-For addresses.)
+
+ The end result of this process is an IP address that we will
+ refer to as the indirect client address. This address may
+ be treated as the client address for access control, delay
+ pools and logging, depending on the acl_uses_indirect_client,
+ delay_pool_uses_indirect_client and log_uses_indirect_client
+ options.
+
+ SECURITY CONSIDERATIONS:
+
+ Any host for which we follow the X-Forwarded-For header
+ can place incorrect information in the header, and Squid
+ will use the incorrect information as if it were the
+ source address of the request. This may enable remote
+ hosts to bypass any access control restrictions that are
+ based on the client's source addresses.
+
+ For example:
+
+ acl localhost src 127.0.0.1
+ acl my_other_proxy srcdomain .proxy.example.com
+ follow_x_forwarded_for allow localhost
+ follow_x_forwarded_for allow my_other_proxy
+DOC_END
+
+NAME: acl_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR
+DEFAULT: on
+LOC: Config.onoff.acl_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in acl matching.
+DOC_END
+
+NAME: delay_pool_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR && DELAY_POOLS
+DEFAULT: on
+LOC: Config.onoff.delay_pool_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in delay pools.
+DOC_END
+
+NAME: log_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR
+DEFAULT: on
+LOC: Config.onoff.log_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in the access log.
+DOC_END
+
NAME: http_access
TYPE: acl_access
LOC: Config.accessList.http
Index: src/client_side.c
--- src/client_side.c 2 Sep 2003 02:13:45 -0000 1.47.2.39
+++ src/client_side.c 23 Nov 2003 14:20:22 -0000
@@ -109,6 +109,11 @@
#if USE_IDENT
static IDCB clientIdentDone;
#endif
+#if FOLLOW_X_FORWARDED_FOR
+static void clientFollowXForwardedForStart(void *data);
+static void clientFollowXForwardedForNext(void *data);
+static void clientFollowXForwardedForDone(int answer, void *data);
+#endif /* FOLLOW_X_FORWARDED_FOR */
static int clientOnlyIfCached(clientHttpRequest * http);
static STCB clientSendMoreData;
static STCB clientCacheHit;
@@ -177,10 +182,179 @@
return ch;
}
+#if FOLLOW_X_FORWARDED_FOR
+/*
+ * clientFollowXForwardedForStart() copies the X-Forwarded-For
+ * header into x_forwarded_for_iterator and passes control to
+ * clientFollowXForwardedForNext().
+ *
+ * clientFollowXForwardedForNext() checks the indirect_client_addr
+ * against the followXFF ACL and passes the result to
+ * clientFollowXForwardedForDone().
+ *
+ * clientFollowXForwardedForDone() either grabs the next address
+ * from the tail of x_forwarded_for_iterator and loops back to
+ * clientFollowXForwardedForNext(), or cleans up and passes control to
+ * clientAccessCheck().
+ */
+
+static void
+clientFollowXForwardedForStart(void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ if (Config.accessList.followXFF
+ && httpHeaderHas(&request->header, HDR_X_FORWARDED_FOR))
+ {
+ request->x_forwarded_for_iterator = httpHeaderGetList(
+ &request->header, HDR_X_FORWARDED_FOR);
+ debug(33, 5) ("clientFollowXForwardedForStart: indirect_client_addr=%s XFF='%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ strBuf(request->x_forwarded_for_iterator));
+ clientFollowXForwardedForNext(http);
+ } else {
+ /* not configured to follow X-Forwarded-For, or nothing to follow */
+ debug(33, 5) ("clientFollowXForwardedForStart: nothing to do\n");
+ clientFollowXForwardedForDone(-1, http);
+ }
+}
+
+static void
+clientFollowXForwardedForNext(void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ debug(33, 5) ("clientFollowXForwardedForNext: indirect_client_addr=%s XFF='%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ strBuf(request->x_forwarded_for_iterator));
+ if (strLen(request->x_forwarded_for_iterator) != 0) {
+ /* check the acl to see whether to believe the X-Forwarded-For header */
+ http->acl_checklist = clientAclChecklistCreate(
+ Config.accessList.followXFF, http);
+ aclNBCheck(http->acl_checklist, clientFollowXForwardedForDone, http);
+ } else {
+ /* nothing left to follow */
+ debug(33, 5) ("clientFollowXForwardedForNext: nothing more to do\n");
+ clientFollowXForwardedForDone(-1, http);
+ }
+}
+
+static void
+clientFollowXForwardedForDone(int answer, void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ /*
+ * answer should be be ACCESS_ALLOWED or ACCESS_DENIED if we are
+ * called as a result of ACL checks, or -1 if we are called when
+ * there's nothing left to do.
+ */
+ if (answer == ACCESS_ALLOWED) {
+ /*
+ * The IP address currently in request->indirect_client_addr
+ * is trusted to use X-Forwarded-For. Remove the last
+ * comma-delimited element from x_forwarded_for_iterator and use
+ * it to to replace indirect_client_addr, then repeat the cycle.
+ */
+ const char *p;
+ const char *asciiaddr;
+ int l;
+ struct in_addr addr;
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s is trusted\n",
+ inet_ntoa(request->indirect_client_addr));
+ p = strBuf(request->x_forwarded_for_iterator);
+ l = strLen(request->x_forwarded_for_iterator);
+
+ /*
+ * XXX x_forwarded_for_iterator should really be a list of
+ * IP addresses, but it's a String instead. We have to
+ * walk backwards through the String, biting off the last
+ * comma-delimited part each time. As long as the data is in
+ * a String, we should probably implement and use a variant of
+ * strListGetItem() that walks backwards instead of forwards
+ * through a comma-separated list. But we don't even do that;
+ * we just do the work in-line here.
+ */
+ /* skip trailing space and commas */
+ while (l > 0 && (p[l-1] == ',' || xisspace(p[l-1])))
+ l--;
+ strCut(request->x_forwarded_for_iterator, l);
+ /* look for start of last item in list */
+ while (l > 0 && ! (p[l-1] == ',' || xisspace(p[l-1])))
+ l--;
+ asciiaddr = p+l;
+ if (inet_aton(asciiaddr, &addr) == 0) {
+ /* the address is not well formed; do not use it */
+ debug(33, 3) ("clientFollowXForwardedForDone: malformed address '%s'\n",
+ asciiaddr);
+ goto done;
+ }
+ debug(33, 3) ("clientFollowXForwardedForDone: changing indirect_client_addr from %s to '%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ asciiaddr);
+ request->indirect_client_addr = addr;
+ strCut(request->x_forwarded_for_iterator, l);
+ if (! Config.onoff.acl_uses_indirect_client) {
+ /*
+ * If acl_uses_indirect_client is off, then it's impossible
+ * to follow more than one level of X-Forwarded-For.
+ */
+ goto done;
+ }
+ clientFollowXForwardedForNext(http);
+ return;
+ } else if (answer == ACCESS_DENIED) {
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s not trusted\n",
+ inet_ntoa(request->indirect_client_addr));
+ } else {
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s nothing more to do\n",
+ inet_ntoa(request->indirect_client_addr));
+ }
+done:
+ /* clean up, and pass control to clientAccessCheck */
+ debug(33, 6) ("clientFollowXForwardedForDone: cleanup\n");
+ if (Config.onoff.log_uses_indirect_client) {
+ /*
+ * Ensure that the access log shows the indirect client
+ * instead of the direct client.
+ */
+ ConnStateData *conn = http->conn;
+ conn->log_addr = request->indirect_client_addr;
+ conn->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr;
+ debug(33, 3) ("clientFollowXForwardedForDone: setting log_addr=%s\n",
+ inet_ntoa(conn->log_addr));
+ }
+ stringClean(&request->x_forwarded_for_iterator);
+ request->flags.done_follow_x_forwarded_for = 1;
+ http->acl_checklist = NULL; /* XXX do we need to aclChecklistFree() ? */
+ clientAccessCheck(http);
+}
+#endif /* FOLLOW_X_FORWARDED_FOR */
+
void
clientAccessCheck(void *data)
{
clientHttpRequest *http = data;
+#if FOLLOW_X_FORWARDED_FOR
+ if (! http->request->flags.done_follow_x_forwarded_for
+ && httpHeaderHas(&http->request->header, HDR_X_FORWARDED_FOR))
+ {
+ /*
+ * There's an X-ForwardedFor header and we haven't yet tried
+ * to follow it to find the indirect_client_addr. Follow it now.
+ * clientFollowXForwardedForDone() will eventually pass control
+ * back to us.
+ *
+ * XXX perhaps our caller should have called
+ * clientFollowXForwardedForStart instead. Then we wouldn't
+ * need to do this little dance transferring control over
+ * there and then back here, and we wouldn't need the
+ * done_follow_x_forwarded_for flag.
+ */
+ clientFollowXForwardedForStart(data);
+ return;
+ }
+#endif /* FOLLOW_X_FORWARDED_FOR */
if (checkAccelOnly(http)) {
/* deny proxy requests in accel_only mode */
debug(33, 1) ("clientAccessCheck: proxy request denied in accel_only mode\n");
@@ -325,6 +499,9 @@
new_request->http_ver = old_request->http_ver;
httpHeaderAppend(&new_request->header, &old_request->header);
new_request->client_addr = old_request->client_addr;
+#if FOLLOW_X_FORWARDED_FOR
+ new_request->indirect_client_addr = old_request->indirect_client_addr;
+#endif /* FOLLOW_X_FORWARDED_FOR */
new_request->my_addr = old_request->my_addr;
new_request->my_port = old_request->my_port;
new_request->flags.redirected = 1;
@@ -3051,6 +3228,9 @@
safe_free(http->log_uri);
http->log_uri = xstrdup(urlCanonicalClean(request));
request->client_addr = conn->peer.sin_addr;
+#if FOLLOW_X_FORWARDED_FOR
+ request->indirect_client_addr = request->client_addr;
+#endif /* FOLLOW_X_FORWARDED_FOR */
request->my_addr = conn->me.sin_addr;
request->my_port = ntohs(conn->me.sin_port);
request->http_ver = http->http_ver;
Index: src/delay_pools.c
--- src/delay_pools.c 19 Jun 2003 02:13:57 -0000 1.5.54.6
+++ src/delay_pools.c 23 Nov 2003 14:20:23 -0000
@@ -318,6 +318,11 @@
r = http->request;
memset(&ch, '\0', sizeof(ch));
+#if FOLLOW_X_FORWARDED_FOR
+ if (Config.onoff.delay_pool_uses_indirect_client) {
+ ch.src_addr = r->indirect_client_addr;
+ } else
+#endif /* FOLLOW_X_FORWARDED_FOR */
ch.src_addr = r->client_addr;
ch.my_addr = r->my_addr;
ch.my_port = r->my_port;
*** src/structs.h.orig Sun Jun 26 12:45:58 2005
--- src/structs.h Sun Jun 26 12:48:45 2005
***************
*** 610,615 ****
--- 610,620 ----
int accel_uses_host_header;
int accel_no_pmtu_disc;
int global_internal_static;
+ #if FOLLOW_X_FORWARDED_FOR
+ int acl_uses_indirect_client;
+ int delay_pool_uses_indirect_client;
+ int log_uses_indirect_client;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
} onoff;
acl *aclList;
struct {
***************
*** 631,636 ****
--- 636,644 ----
acl_access *reply;
acl_address *outgoing_address;
acl_tos *outgoing_tos;
+ #if FOLLOW_X_FORWARDED_FOR
+ acl_access *followXFF;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
} accessList;
acl_deny_info_list *denyInfoList;
struct _authConfig {
***************
*** 1623,1628 ****
--- 1631,1641 ----
unsigned int body_sent:1;
unsigned int reset_tcp:1;
unsigned int must_keepalive:1;
+ #if FOLLOW_X_FORWARDED_FOR
+ /* XXX this flag could be eliminated;
+ * see comments in clientAccessCheck */
+ unsigned int done_follow_x_forwarded_for;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
};
struct _link_list {
***************
*** 1666,1671 ****
--- 1679,1687 ----
int max_forwards;
/* these in_addr's could probably be sockaddr_in's */
struct in_addr client_addr;
+ #if FOLLOW_X_FORWARDED_FOR
+ struct in_addr indirect_client_addr; /* after following X-Forwarded-For */
+ #endif /* FOLLOW_X_FORWARDED_FOR */
struct in_addr my_addr;
unsigned short my_port;
HttpHeader header;
***************
*** 1677,1682 ****
--- 1693,1703 ----
const char *vary_headers; /* Used when varying entities are detected. Changes how the store key is calculated */
BODY_HANDLER *body_reader;
void *body_reader_data;
+ #if FOLLOW_X_FORWARDED_FOR
+ /* XXX a list of IP addresses would be a better data structure
+ * than this String */
+ String x_forwarded_for_iterator;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
};
struct _cachemgr_passwd {

65
www/squid/files/follow_xff-configure.patch
View File

@ -1,65 +0,0 @@
!Simulate the autotools bootstrap of the follow-x-forwarded-for patchset.
!
!Beware that all line number informations in configure.log greater
!than 2972 are offset by at least -29 (correcting all line numbers would have
!bloated the patch by 92kB!)
--- include/autoconf.h.in.orig Sat Jan 18 02:46:11 2003
+++ include/autoconf.h.in Thu Jun 24 13:19:07 2004
@@ -291,6 +291,12 @@
#define USE_IDENT 1
/*
+ * Compile in support for following X-Forwarded-For headers?
+ * Enabled by default.
+ */
+#define FOLLOW_X_FORWARDED_FOR 1
+
+/*
* If your system has statvfs(), and if it actually works!
*/
#undef HAVE_STATVFS
--- configure.orig Thu Sep 22 10:16:26 2005
+++ configure Thu Sep 22 17:29:01 2005
@@ -249,6 +249,12 @@
if you build as another user who is not privileged
to use the number of filedescriptors you want the
resulting binary to support"
+ac_help="$ac_help
+ --enable-follow-x-forwarded-for
+ Enable support for following the X-Forwarded-For
+ HTTP header to try to find the IP address of the
+ original or indirect client when a request has
+ been forwarded through other proxies."
# Initialize some variables set by options.
# The variables have the same names as the options, with
@@ -3255,6 +3261,29 @@
fi
+
+follow_xff=1
+# Check whether --enable-follow-x-forwarded-for or --disable-follow-x-forwarded-for was given.
+if test "${enable_follow_x_forwarded_for+set}" = set; then
+ enableval="$enable_follow_x_forwarded_for"
+ if test "$enableval" = "yes" ; then
+ echo "follow X-Forwarded-For enabled"
+ follow_xff=1
+ fi
+
+fi
+
+if test $follow_xff = 1; then
+ cat >> confdefs.h <<\EOF
+#define FOLLOW_X_FORWARDED_FOR 1
+EOF
+
+else
+ cat >> confdefs.h <<\EOF
+#define FOLLOW_X_FORWARDED_FOR 0
+EOF
+
+fi
# Force some compilers to use ANSI features
#

422
www/squid/files/icap-2.5-bootstrap.patch
View File

@ -1,422 +0,0 @@
Patch 2 of 2 to integrate the icap-2_5 branch into the FreeBSD squid port.
Created by Thomas-Martin Seck <tmseck@netcologne.de>.
This patch simulates the autotools bootstrap necessary after applying the
ICAP patchset.
Please see icap-2.5-core.patch for further information.
Patch last updated: 2005-12-17
--- configure.orig Sat Oct 22 11:56:01 2005
+++ configure Sat Dec 17 17:45:21 2005
@@ -70,6 +70,8 @@
ac_help="$ac_help
--enable-delay-pools Enable delay pools to limit bandwidth usage"
ac_help="$ac_help
+ --enable-icap-support Enable iCAP client capability"
+ac_help="$ac_help
--enable-useragent-log Enable logging of User-Agent header"
ac_help="$ac_help
--enable-referer-log Enable logging of Referer header"
@@ -2170,6 +2172,38 @@
+
+if false; then
+ USE_ICAP_TRUE=
+ USE_ICAP_FALSE='#'
+else
+ USE_ICAP_TRUE='#'
+ USE_ICAP_FALSE=
+fi
+# Check whether --enable-icap-support or --disable-icap-support was given.
+if test "${enable_icap_support+set}" = set; then
+ enableval="$enable_icap_support"
+ if test "$enableval" = "yes" ; then
+ echo "ICAP support enabled"
+ cat >> confdefs.h <<\EOF
+#define HS_FEAT_ICAP 1
+EOF
+
+
+
+if true; then
+ USE_ICAP_TRUE=
+ USE_ICAP_FALSE='#'
+else
+ USE_ICAP_TRUE='#'
+ USE_ICAP_FALSE=
+fi
+ fi
+
+fi
+
+
+
# Check whether --enable-useragent-log or --disable-useragent-log was given.
if test "${enable_useragent_log+set}" = set; then
enableval="$enable_useragent_log"
@@ -7428,14 +7462,14 @@
fi
;;
esac
- echo $ac_n "checking for main in -lpthread""... $ac_c" 1>&6
-echo "configure:7433: checking for main in -lpthread" >&5
+ echo $ac_n "checking for main in -pthread""... $ac_c" 1>&6
+echo "configure:7433: checking for main in -pthread" >&5
ac_lib_var=`echo pthread'_'main | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
-LIBS="-lpthread $LIBS"
+LIBS="-pthread $LIBS"
cat > conftest.$ac_ext <<EOF
#line 7441 "configure"
#include "confdefs.h"
@@ -7465,7 +7499,7 @@
#define $ac_tr_lib 1
EOF
- LIBS="-lpthread $LIBS"
+ LIBS="-pthread $LIBS"
else
echo "$ac_t""no" 1>&6
@@ -7769,6 +7803,8 @@
srand48 \
srandom \
statfs \
+ strnstr \
+ strcasestr \
strtoll \
sysconf \
syslog \
@@ -7898,6 +7934,50 @@
fi
fi
+
+if false; then
+ NEED_OWN_STRNSTR_TRUE=
+ NEED_OWN_STRNSTR_FALSE='#'
+else
+ NEED_OWN_STRNSTR_TRUE='#'
+ NEED_OWN_STRNSTR_FALSE=
+fi
+if test "$ac_cv_func_strnstr" = "no" || test "$ac_cv_func_vstrnstr" = "no" ; then
+
+
+if true; then
+ NEED_OWN_STRNSTR_TRUE=
+ NEED_OWN_STRNSTR_FALSE='#'
+else
+ NEED_OWN_STRNSTR_TRUE='#'
+ NEED_OWN_STRNSTR_FALSE=
+fi
+fi
+
+
+
+if false; then
+ NEED_OWN_STRCASESTR_TRUE=
+ NEED_OWN_STRCASESTR_FALSE='#'
+else
+ NEED_OWN_STRCASESTR_TRUE='#'
+ NEED_OWN_STRCASESTR_FALSE=
+fi
+if test "$ac_cv_func_strcasestr" = "no" || test "$ac_cv_func_vstrcasestr" = "no"; then
+
+
+if true; then
+ NEED_OWN_STRCASESTR_TRUE=
+ NEED_OWN_STRCASESTR_FALSE='#'
+else
+ NEED_OWN_STRCASESTR_TRUE='#'
+ NEED_OWN_STRCASESTR_FALSE=
+fi
+fi
+
+
+
+
echo $ac_n "checking if va_copy is implemented""... $ac_c" 1>&6
echo "configure:7903: checking if va_copy is implemented" >&5
if eval "test \"`echo '$''{'ac_cv_func_va_copy'+set}'`\" = set"; then
@@ -9072,6 +9152,8 @@
s%@ENABLE_PINGER_FALSE@%$ENABLE_PINGER_FALSE%g
s%@USE_DELAY_POOLS_TRUE@%$USE_DELAY_POOLS_TRUE%g
s%@USE_DELAY_POOLS_FALSE@%$USE_DELAY_POOLS_FALSE%g
+s%@USE_ICAP_TRUE@%$USE_ICAP_TRUE%g
+s%@USE_ICAP_FALSE@%$USE_ICAP_FALSE%g
s%@USE_SNMP_TRUE@%$USE_SNMP_TRUE%g
s%@USE_SNMP_FALSE@%$USE_SNMP_FALSE%g
s%@SNMPLIB@%$SNMPLIB%g
@@ -9118,6 +9200,10 @@
s%@LIB_LBER@%$LIB_LBER%g
s%@NEED_OWN_SNPRINTF_TRUE@%$NEED_OWN_SNPRINTF_TRUE%g
s%@NEED_OWN_SNPRINTF_FALSE@%$NEED_OWN_SNPRINTF_FALSE%g
+s%@NEED_OWN_STRNSTR_TRUE@%$NEED_OWN_STRNSTR_TRUE%g
+s%@NEED_OWN_STRNSTR_FALSE@%$NEED_OWN_STRNSTR_FALSE%g
+s%@NEED_OWN_STRCASESTR_TRUE@%$NEED_OWN_STRCASESTR_TRUE%g
+s%@NEED_OWN_STRCASESTR_FALSE@%$NEED_OWN_STRCASESTR_FALSE%g
s%@REGEXLIB@%$REGEXLIB%g
s%@LIBREGEX@%$LIBREGEX%g
s%@LIBOBJS@%$LIBOBJS%g
--- include/autoconf.h.in.orig Tue Sep 13 02:12:34 2005
+++ include/autoconf.h.in Sat Dec 17 17:45:21 2005
@@ -124,6 +124,11 @@
*/
#undef DELAY_POOLS
+/*
+ * ICAP - Internet Content Adaptation Protocol
+ */
+#undef HS_FEAT_ICAP
+
/*
* If you want to log User-Agent request header values, define this.
* By default, they are written to useragent.log in the Squid log
@@ -574,6 +579,12 @@
/* Define if you have the statfs function. */
#undef HAVE_STATFS
+
+/* Define if you have the strcasestr function. */
+#undef HAVE_STRCASESTR
+
+/* Define if you have the strnstr function. */
+#undef HAVE_STRNSTR
/* Define if you have the strerror function. */
#undef HAVE_STRERROR
--- lib/Makefile.in.orig Wed Sep 28 22:57:20 2005
+++ lib/Makefile.in Sat Dec 17 17:45:21 2005
@@ -123,6 +123,13 @@
@NEED_OWN_SNPRINTF_TRUE@SNPRINTFSOURCE = snprintf.c
@NEED_OWN_SNPRINTF_FALSE@SNPRINTFSOURCE =
+
+@NEED_OWN_STRNSTR_TRUE@STRNSTRSOURCE = strnstr.c
+@NEED_OWN_STRNSTR_FALSE@STRNSTRSOURCE =
+
+@NEED_OWN_STRCASESTR_TRUE@STRCASESTRSOURCE = strcasestr.c
+@NEED_OWN_STRCASESTR_FALSE@STRCASESTRSOURCE =
+
@NEED_OWN_MD5_TRUE@MD5SOURCE = md5.c
@NEED_OWN_MD5_FALSE@MD5SOURCE =
@@ -158,6 +165,8 @@
$(SNPRINTFSOURCE) \
splay.c \
Stack.c \
+ $(STRNSTRSOURCE) \
+ $(STRCASESTRSOURCE) \
stub_memaccount.c \
util.c \
uudecode.c
@@ -196,13 +205,18 @@
@NEED_OWN_MD5_FALSE@am__objects_1 =
@NEED_OWN_SNPRINTF_FALSE@am__objects_2 =
@NEED_OWN_SNPRINTF_TRUE@am__objects_2 = snprintf.$(OBJEXT)
+@NEED_OWN_STRNSTR_FALSE@am__objects_3 =
+@NEED_OWN_STRNSTR_TRUE@am__objects_3 = strnstr.$(OBJEXT)
+@NEED_OWN_STRCASESTR_TRUE@am__objects_4 = strcasestr.$(OBJEXT)
+@NEED_OWN_STRCASESTR_FALSE@am__objects_4 =
am_libmiscutil_a_OBJECTS = Array.$(OBJEXT) base64.$(OBJEXT) \
getfullhostname.$(OBJEXT) hash.$(OBJEXT) heap.$(OBJEXT) \
html_quote.$(OBJEXT) iso3307.$(OBJEXT) $(am__objects_1) \
radix.$(OBJEXT) rfc1035.$(OBJEXT) rfc1123.$(OBJEXT) \
rfc1738.$(OBJEXT) rfc2617.$(OBJEXT) safe_inet_addr.$(OBJEXT) \
$(am__objects_2) splay.$(OBJEXT) Stack.$(OBJEXT) \
- stub_memaccount.$(OBJEXT) util.$(OBJEXT) uudecode.$(OBJEXT)
+ $(am__objects_3) $(am__objects_4) stub_memaccount.$(OBJEXT) \
+ util.$(OBJEXT) uudecode.$(OBJEXT)
libmiscutil_a_OBJECTS = $(am_libmiscutil_a_OBJECTS)
libntlmauth_a_AR = $(AR) cru
libntlmauth_a_DEPENDENCIES = @LIBOBJS@
@@ -224,15 +238,16 @@
@AMDEP_TRUE@ $(DEPDIR)/dlmalloc.Po $(DEPDIR)/drand48.Po \
@AMDEP_TRUE@ $(DEPDIR)/getfullhostname.Po $(DEPDIR)/hash.Po \
@AMDEP_TRUE@ $(DEPDIR)/heap.Po $(DEPDIR)/html_quote.Po \
-@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/initgroups.Po \
-@AMDEP_TRUE@ $(DEPDIR)/iso3307.Po $(DEPDIR)/md5.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ntlmauth.Po $(DEPDIR)/radix.Po \
-@AMDEP_TRUE@ $(DEPDIR)/rfc1035.Po $(DEPDIR)/rfc1123.Po \
-@AMDEP_TRUE@ $(DEPDIR)/rfc1738.Po $(DEPDIR)/rfc2617.Po \
-@AMDEP_TRUE@ $(DEPDIR)/safe_inet_addr.Po $(DEPDIR)/snprintf.Po \
-@AMDEP_TRUE@ $(DEPDIR)/splay.Po $(DEPDIR)/strerror.Po \
-@AMDEP_TRUE@ $(DEPDIR)/stub_memaccount.Po $(DEPDIR)/tempnam.Po \
-@AMDEP_TRUE@ $(DEPDIR)/util.Po $(DEPDIR)/uudecode.Po
+@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/iso3307.Po \
+@AMDEP_TRUE@ $(DEPDIR)/md5.Po $(DEPDIR)/ntlmauth.Po \
+@AMDEP_TRUE@ $(DEPDIR)/radix.Po $(DEPDIR)/rfc1035.Po \
+@AMDEP_TRUE@ $(DEPDIR)/rfc1123.Po $(DEPDIR)/rfc1738.Po \
+@AMDEP_TRUE@ $(DEPDIR)/rfc2617.Po $(DEPDIR)/safe_inet_addr.Po \
+@AMDEP_TRUE@ $(DEPDIR)/snprintf.Po $(DEPDIR)/splay.Po \
+@AMDEP_TRUE@ $(DEPDIR)/strcasestr.Po $(DEPDIR)/strerror.Po \
+@AMDEP_TRUE@ $(DEPDIR)/strnstr.Po $(DEPDIR)/stub_memaccount.Po \
+@AMDEP_TRUE@ $(DEPDIR)/tempnam.Po $(DEPDIR)/util.Po \
+@AMDEP_TRUE@ $(DEPDIR)/uudecode.Po
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
@@ -241,8 +256,8 @@
DIST_SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) \
$(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) \
$(libregex_a_SOURCES)
-DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c \
- initgroups.c strerror.c tempnam.c
+DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c strerror.c \
+ tempnam.c
SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) $(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) $(libregex_a_SOURCES)
all: all-am
@@ -295,7 +310,6 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/heap.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/html_quote.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_ntoa.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/initgroups.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/iso3307.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/md5.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ntlmauth.Po@am__quote@
@@ -307,7 +321,9 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/safe_inet_addr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/snprintf.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/splay.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strcasestr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strerror.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strnstr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/stub_memaccount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tempnam.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/util.Po@am__quote@
--- src/Makefile.in.orig Wed Sep 28 22:57:21 2005
+++ src/Makefile.in Sat Dec 17 17:45:21 2005
@@ -125,6 +125,9 @@
install_sh = @install_sh@
makesnmplib = @makesnmplib@
+@USE_ICAP_TRUE@ICAPSOURCE = icap_common.c icap_reqmod.c icap_respmod.c icap_opt.c
+@USE_ICAP_FALSE@ICAPSOURCE =
+
@USE_DNSSERVER_TRUE@DNSSOURCE = dns.c
@USE_DNSSERVER_FALSE@DNSSOURCE = dns_internal.c
@USE_DNSSERVER_TRUE@DNSSERVER = dnsserver
@@ -249,6 +252,7 @@
HttpMsg.c \
HttpReply.c \
HttpRequest.c \
+ $(ICAPSOURCE) \
icmp.c \
icp_v2.c \
icp_v3.c \
@@ -468,54 +472,58 @@
pinger_LDADD = $(LDADD)
pinger_DEPENDENCIES =
pinger_LDFLAGS =
-@USE_DELAY_POOLS_TRUE@am__objects_3 = delay_pools.$(OBJEXT)
-@USE_DELAY_POOLS_FALSE@am__objects_3 =
-@USE_DNSSERVER_FALSE@am__objects_4 = dns_internal.$(OBJEXT)
-@USE_DNSSERVER_TRUE@am__objects_4 = dns.$(OBJEXT)
-@ENABLE_HTCP_TRUE@am__objects_5 = htcp.$(OBJEXT)
-@MAKE_LEAKFINDER_FALSE@am__objects_6 =
-@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
-@USE_SNMP_TRUE@am__objects_7 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
-@USE_SNMP_FALSE@am__objects_7 =
-@ENABLE_SSL_TRUE@am__objects_8 = ssl_support.$(OBJEXT)
-@ENABLE_SSL_FALSE@am__objects_8 =
-@ENABLE_UNLINKD_FALSE@am__objects_9 =
-@ENABLE_UNLINKD_TRUE@am__objects_9 = unlinkd.$(OBJEXT)
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_10 = win32.$(OBJEXT)
-@ENABLE_WIN32SPECIFIC_FALSE@am__objects_10 =
+@USE_DELAY_POOLS_FALSE@am__objects_5 =
+@USE_DELAY_POOLS_TRUE@am__objects_5 = delay_pools.$(OBJEXT)
+@USE_DNSSERVER_FALSE@am__objects_6 = dns_internal.$(OBJEXT)
+@USE_DNSSERVER_TRUE@am__objects_6 = dns.$(OBJEXT)
+@ENABLE_HTCP_TRUE@am__objects_7 = htcp.$(OBJEXT)
+@USE_ICAP_TRUE@am__objects_8 = icap_common.$(OBJEXT) \
+@USE_ICAP_TRUE@ icap_reqmod.$(OBJEXT) icap_respmod.$(OBJEXT) \
+@USE_ICAP_TRUE@ icap_opt.$(OBJEXT)
+@USE_ICAP_FALSE@am__objects_8 =
+@MAKE_LEAKFINDER_TRUE@am__objects_9 = leakfinder.$(OBJEXT)
+@MAKE_LEAKFINDER_FALSE@am__objects_9 =
+@USE_SNMP_TRUE@am__objects_10 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
+@USE_SNMP_FALSE@am__objects_10 =
+@ENABLE_SSL_FALSE@am__objects_11 =
+@ENABLE_SSL_TRUE@am__objects_11 = ssl_support.$(OBJEXT)
+@ENABLE_UNLINKD_TRUE@am__objects_12 = unlinkd.$(OBJEXT)
+@ENABLE_UNLINKD_FALSE@am__objects_12 =
+@ENABLE_WIN32SPECIFIC_FALSE@am__objects_13 =
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_13 = win32.$(OBJEXT)
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) asn.$(OBJEXT) \
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) CacheDigest.$(OBJEXT) \
cache_manager.$(OBJEXT) carp.$(OBJEXT) cbdata.$(OBJEXT) \
client_db.$(OBJEXT) client_side.$(OBJEXT) comm.$(OBJEXT) \
- comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_3) \
- disk.$(OBJEXT) $(am__objects_4) errorpage.$(OBJEXT) \
+ comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_5) \
+ disk.$(OBJEXT) $(am__objects_6) errorpage.$(OBJEXT) \
ETag.$(OBJEXT) event.$(OBJEXT) external_acl.$(OBJEXT) \
fd.$(OBJEXT) filemap.$(OBJEXT) forward.$(OBJEXT) \
fqdncache.$(OBJEXT) ftp.$(OBJEXT) gopher.$(OBJEXT) \
- helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \
+ helper.$(OBJEXT) $(am__objects_7) http.$(OBJEXT) \
HttpStatusLine.$(OBJEXT) HttpHdrCc.$(OBJEXT) \
HttpHdrRange.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \
HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \
HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) HttpReply.$(OBJEXT) \
- HttpRequest.$(OBJEXT) icmp.$(OBJEXT) icp_v2.$(OBJEXT) \
- icp_v3.$(OBJEXT) ident.$(OBJEXT) internal.$(OBJEXT) \
- ipc.$(OBJEXT) ipcache.$(OBJEXT) $(am__objects_6) \
- logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
+ HttpRequest.$(OBJEXT) $(am__objects_8) icmp.$(OBJEXT) \
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) ident.$(OBJEXT) \
+ internal.$(OBJEXT) ipc.$(OBJEXT) ipcache.$(OBJEXT) \
+ $(am__objects_9) logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
MemPool.$(OBJEXT) MemBuf.$(OBJEXT) mime.$(OBJEXT) \
multicast.$(OBJEXT) neighbors.$(OBJEXT) net_db.$(OBJEXT) \
Packer.$(OBJEXT) pconn.$(OBJEXT) peer_digest.$(OBJEXT) \
peer_select.$(OBJEXT) redirect.$(OBJEXT) referer.$(OBJEXT) \
- refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_7) \
- ssl.$(OBJEXT) $(am__objects_8) stat.$(OBJEXT) \
+ refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_10) \
+ ssl.$(OBJEXT) $(am__objects_11) stat.$(OBJEXT) \
StatHist.$(OBJEXT) String.$(OBJEXT) stmem.$(OBJEXT) \
store.$(OBJEXT) store_io.$(OBJEXT) store_client.$(OBJEXT) \
store_digest.$(OBJEXT) store_dir.$(OBJEXT) \
store_key_md5.$(OBJEXT) store_log.$(OBJEXT) \
store_rebuild.$(OBJEXT) store_swapin.$(OBJEXT) \
store_swapmeta.$(OBJEXT) store_swapout.$(OBJEXT) \
- tools.$(OBJEXT) $(am__objects_9) url.$(OBJEXT) urn.$(OBJEXT) \
+ tools.$(OBJEXT) $(am__objects_12) url.$(OBJEXT) urn.$(OBJEXT) \
useragent.$(OBJEXT) wais.$(OBJEXT) wccp.$(OBJEXT) \
- whois.$(OBJEXT) $(am__objects_10)
+ whois.$(OBJEXT) $(am__objects_13)
nodist_squid_OBJECTS = repl_modules.$(OBJEXT) auth_modules.$(OBJEXT) \
store_modules.$(OBJEXT) globals.$(OBJEXT) \
string_arrays.$(OBJEXT)
@@ -563,7 +571,9 @@
@AMDEP_TRUE@ $(DEPDIR)/fqdncache.Po $(DEPDIR)/ftp.Po \
@AMDEP_TRUE@ $(DEPDIR)/globals.Po $(DEPDIR)/gopher.Po \
@AMDEP_TRUE@ $(DEPDIR)/helper.Po $(DEPDIR)/htcp.Po \
-@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icmp.Po \
+@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icap_common.Po \
+@AMDEP_TRUE@ $(DEPDIR)/icap_opt.Po $(DEPDIR)/icap_reqmod.Po \
+@AMDEP_TRUE@ $(DEPDIR)/icap_respmod.Po $(DEPDIR)/icmp.Po \
@AMDEP_TRUE@ $(DEPDIR)/icp_v2.Po $(DEPDIR)/icp_v3.Po \
@AMDEP_TRUE@ $(DEPDIR)/ident.Po $(DEPDIR)/internal.Po \
@AMDEP_TRUE@ $(DEPDIR)/ipc.Po $(DEPDIR)/ipcache.Po \
@@ -777,6 +787,10 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/helper.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/htcp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/http.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_common.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_opt.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_reqmod.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_respmod.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v2.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v3.Po@am__quote@

0
www/squid26/files/icap-2.6-bootstrap.patch → www/squid/files/icap-2.6-bootstrap.patch
View File

0
www/squid26/files/icap-2.6-core.patch → www/squid/files/icap-2.6-core.patch
View File

28
www/squid/files/patch-src-cf.data.pre
View File

@ -1,6 +1,28 @@
--- src/cf.data.pre.orig Fri Aug 20 16:23:18 2004
+++ src/cf.data.pre Fri Aug 20 16:25:23 2004
@@ -2396,12 +2396,12 @@
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
@@ -1183,6 +1183,21 @@
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
(hard coded at 1 MB).
+
+ Note for FreeBSD users:
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
+ support for the aufs storage type, COSS will use POSIX AIO.
+ This means that you need to add the line
+
+ options VFS_AIO
+
+ to your kernel configuration in order to use COSS.
+
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
+ necessarily need to recompile your kernel.
+
+ If you compiled Squid with both support for aufs and COSS, COSS
+ will use aufs' routines and does not need special kernel support.
DOC_END
NAME: logformat
@@ -3280,12 +3295,12 @@
NAME: cache_effective_user
TYPE: string

24
www/squid/files/patch-src-ftp.c
View File

@ -1,24 +0,0 @@
Patch for Squid bug #1857, obtained from Squid bugzilla 2007-01-15.
--- src/ftp.c.orig Sun Feb 26 00:34:13 2006
+++ src/ftp.c Mon Jan 15 19:46:29 2007
@@ -441,7 +441,7 @@
ftpState->flags.dir_slash ? rfc1738_escape_part(ftpState->old_filepath) : ".");
} else if (ftpState->typecode == 'D') {
const char *path = ftpState->flags.dir_slash ? ftpState->filepath : ".";
- storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", html_quote(path));
+ storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", rfc1738_escape_part(path));
}
storeAppendPrintf(e, "<HR noshade size=\"1px\">\n");
storeAppendPrintf(e, "<ADDRESS>\n");
@@ -689,8 +689,8 @@
snprintf(html, 8192, "%s\n", line);
return html;
}
- if (ftpState->flags.dir_slash)
- snprintf(prefix, sizeof(prefix), "%s/", rfc1738_escape_part(ftpState->dirpath));
+ if (ftpState->flags.dir_slash && ftpState->dirpath && ftpState->typecode != 'D' )
+ snprintf(prefix, 2048, "%s/", rfc1738_escape_part(ftpState->dirpath));
else
prefix[0] = '\0';
/* Handle builtin <dirup> */

0
www/squid26/files/patch-tools-Makefile.in → www/squid/files/patch-tools-Makefile.in
View File

7
www/squid/files/pkg-deinstall.in
View File

@ -21,12 +21,11 @@ POST-DEINSTALL)
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
echo " created by a default installation of this package, run"
echo ""
echo " pw userdel -r -n %%SQUID_UID%% -u 100"
echo ""
echo " pw userdel -n %%SQUID_UID%% -u 100"
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
echo ""
echo " To ease updates, the cache and log directories and"
echo " all configuration files modified by you were preserved."
echo " In order to ease updates the cache and log directories"
echo " and all configuration files modified by you were preserved."
echo ""
echo " Please remove them manually if you do not want to use"
echo " Squid any longer."

61
www/squid/files/pkg-install.in
View File

@ -16,18 +16,11 @@ squid_user="%%SQUID_UID%%"
squid_group="%%SQUID_GID%%"
squid_gid=100
squid_uid=100
# Try to catch the case where the $squid_user might have been created with an
# id greater than or equal 3128. The valid exception is "nobody".
nobody_uid=65534
nobody_gid=65534
squid_oldgid=3128
squid_olduid=3128
unset wrong_id
case $2 in
PRE-INSTALL)
echo "===> Pre-installation configuration for ${pkgname}"
if ! pw groupshow ${squid_group} -q >/dev/null ; then
echo "There is no group '${squid_group}' on this system, so I will try to create it:"
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
echo "Failed to create group \"${squid_group}\"!" >&2
echo "Please create it manually." >&2
@ -37,16 +30,11 @@ PRE-INSTALL)
fi
else
echo "I will use the existing group '${squid_group}':"
current_gid=`pw groupshow ${squid_group}|cut -f 3 -d :`
if [ ${current_gid} -ge ${squid_oldgid} \
-a ${current_gid} -ne ${nobody_gid} ]; then
wrong_id=1
fi
fi
pw groupshow ${squid_group}
if ! pw usershow ${squid_user} -q >/dev/null ; then
echo "There is no account '${squid_user}' on this system, so I will try to create it:"
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
if ! pw useradd -q -n ${squid_user} \
-u ${squid_uid} -g ${squid_group} \
-c "Squid caching-proxy pseudo user" \
@ -60,53 +48,8 @@ PRE-INSTALL)
fi
else
echo "I will use the existing user '${squid_user}':"
current_uid=`id -u ${squid_user}`
if [ ${current_uid} -ge ${squid_olduid} \
-a ${current_uid} -ne ${nobody_uid} ];
then
wrong_id=1
fi
fi
pw usershow ${squid_user}
if [ "${wrong_id}" ]; then
echo ""
echo " * NOTICE *"
echo ""
echo "The Squid pseudo-user's uid and/or gid have been found"
echo "to be greater than or equal 3128."
echo ""
echo "This is not a problem as such, but violates the FreeBSD"
echo "ports' principle that a ports must not claim a uid greater"
echo "than 999."
echo ""
echo "Since version 2.5.4_11, the Squid user is thus created"
echo "with an id of ${squid_uid}:${squid_gid} while earlier versions of this"
echo "port used the first unused uid/gid greater than or"
echo "equal 3128."
echo ""
echo "If you want to change the existing Squid user's id, run"
echo "'make changeuser' after the installation has completed."
echo "If you installed this port via a package, issue the"
echo "following commands as root:"
echo ""
echo "pw userdel -u ${current_uid}"
echo "pw groupadd -n ${squid_group} -g ${squid_gid}"
echo "pw useradd -n ${squid_user} -u ${squid_uid} \\"
echo " -c \"Squid caching-proxy pseudo user\" \\"
echo " -g ${squid_group} -d ${squid_base} -s /sbin/nologin \\"
echo " -h -"
echo "find -H ${PKG_PREFIX} -user ${current_uid} -exec chown ${squid_user} {} \\;"
echo "find -H ${PKG_PREFIX} -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
echo ""
echo "In case you have installed third party software for Squid"
echo "like squidGuard, you should additionally run:"
echo "find -H /var -user ${current_uid} -exec chown ${squid_user} {} \\;"
echo "find -H /var -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
echo ""
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
sleep 30
fi
fi
for dir in cache logs; do
if [ ! -d ${squid_base}/${dir} ]; then
echo "Creating ${squid_base}/${dir}..."

21
www/squid/files/pkg-message.in
View File

@ -1,24 +1,31 @@
o You can find the configuration files for this package in the
directory %%PREFIX%%/etc/squid.
o A cache directory has been created in %%PREFIX%%/squid/cache.
Log files will be written to %%PREFIX%%/squid/logs.
Note:
You must initialize new cache directories before you can start
Squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
If your cache directories are already initialized (e.g. after an
upgrade of Squid) you do not need to initialize them again.
upgrade of squid) you do not need to initialize them again.
o The default configuration will deny everyone access to the
proxy service. Edit the "http_access" directives in
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
--begin rcng
Please note that the Squid start script is an rc.d style script.
This means that Squid will not start automatically at boot time.
This means that Squid will not start automatically at boot
time unless it is explicitly enabled.
To enable Squid, set squid_enable=yes in either
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
--end rcng
Note:
If you just updated your Squid installation from 2.5 or earlier,
make sure to check your Squid configuration against the 2.6 default
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
Additionally, you should check your configuration by calling
'squid -f /path/to/squid.conf -k parse' before starting Squid.

2
www/squid27/files/squid.in → www/squid/files/squid.in
View File

@ -5,7 +5,7 @@
# PROVIDE: squid
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
#
# Note:
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
# /etc/rc.conf.d/squid to make this script actually do something. There

2
www/squid25/Makefile
View File

@ -98,6 +98,8 @@ PATCH_DIST_STRIP= -p1
MAINTAINER= tmseck@netcologne.de
COMMENT= HTTP Caching Proxy
LATEST_LINK= squid25
CONFLICTS= squid-2.[^5]*
GNU_CONFIGURE= yes
USE_BZIP2= yes

432
www/squid26/Makefile
View File

@ -1,432 +0,0 @@
# New ports collection makefile for: squid26
# Date created: 2006-06-01
# Whom: Thomas-Martin Seck <tmseck@netcologne.de>
#
# $FreeBSD$
#
# Tunables not (yet) configurable via 'make config':
# SQUID_{U,G}ID
# Which user/group Squid should run as (default: squid/squid).
# The user and group will be created if they do not already exist using
# a uid:gid of 100:100.
# NOTE: older versions of Squid defaulted to nobody/nogroup.
# If you wish to run Squid as "nobody" (which is not recommended), please
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
# before you start the update or installation of this port.
#
# SQUID_LANGUAGES
# A list of languages for which error page files should be installed
# (default: all)
#
# E.g. use `make SQUID_LANGUAGES="English French"' if you want to
# install the files for these languages only.
# Use `make -VSQUID_LANGUAGES' or scroll down to this variable's
# definition to see which values are valid.
#
# SQUID_DEFAULT_LANG
# If you define SQUID_LANGUAGES, select which language should be the default
# one (this variable defaults to English). This setting can be overwritten
# with squid.conf's error_directory directive.
#
# SQUID_CONFIGURE_ARGS
# Additional configuration options.
#
# To enable them, use e.g
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
#
# The list below may be incomplete, please see the configure script
# in the Squid source distribution for the complete list of additional
# options.
# Note that you probably do not need to worry about these options in most
# cases, they are included in case you want to experiment with them.
#
# --enable-dlmalloc
# Compile and use the malloc package from Doug Lea
# --enable-gnuregex
# Compile and use the supplied GNUregex routines instead of BSD regex
# (not recommended).
# --enable-xmalloc-statistics
# Show malloc statistics in status page
# --enable-cachemgr-hostname=some.hostname
# Set an explicit hostname in cachemgr.cgi
# --enable-truncate
# Use truncate() rather than unlink()
# --disable-unlinkd
# Do not use "unlinkd"
# --with-aufs-threads=N_THREADS
# Tune the number of worker threads for the aufs object
# --with-coss-membuf-size
# COSS membuf size (default: 1048576 bytes)
# --with-maxfd=N
# Override the maximum number of filedescriptors. Useful if you
# build as another user who is not privileged to use the amount
# of filedescriptors the resulting binary is expected to support.
# --enable-ntlm-fail-open
# Enable NTLM fail open, where a helper that fails one of the
# Authentication steps can allow Squid to still authenticate the user
# --enable-x-accelerator-vary
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
# to indicate variance within an accelerator setup. Typically used
# together with other code that adds custom HTTP headers to the
# requests.
# --enable-forward-log
# Enable experimental forward_log directive.
# --enable-multicast-miss
# Enable experimental multicast notification of cachemisses.
PORTNAME= squid
PORTVERSION= 2.6.9
CATEGORIES= www
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
MASTER_SITE_SUBDIR= squid-2/STABLE
DISTNAME= squid-2.6.STABLE9
DIST_SUBDIR= squid2.6
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
http://www2.us.squid-cache.org/%SUBDIR%/ \
http://www3.us.squid-cache.org/%SUBDIR%/ \
http://www1.at.squid-cache.org/%SUBDIR%/ \
http://www2.nl.squid-cache.org/%SUBDIR%/ \
http://www1.ru.squid-cache.org/%SUBDIR%/ \
http://www1.uk.squid-cache.org/%SUBDIR%/ \
http://www1.jp.squid-cache.org/%SUBDIR%/ \
http://www1.tw.squid-cache.org/%SUBDIR%/
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
PATCHFILES=
PATCH_DIST_STRIP= -p1
MAINTAINER= tmseck@netcologne.de
COMMENT= HTTP Caching Proxy
LATEST_LINK= squid26
CONFLICTS= squid-2.[^6]*
GNU_CONFIGURE= yes
USE_BZIP2= yes
USE_PERL5= yes
USE_RC_SUBR= squid
SQUID_UID?= squid
SQUID_GID?= squid
MAN8= cachemgr.cgi.8 squid.8
docs= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
PORTDOCS= ${docs:T}
SUB_FILES+= pkg-deinstall pkg-install pkg-message
SUB_LIST+= SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID}
OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
SQUID_DELAY_POOLS "Enable delay pools" off \
SQUID_SNMP "Enable SNMP support" off \
SQUID_CARP "Enable CARP support" on \
SQUID_SSL "Enable SSL support for reverse proxies" off \
SQUID_PINGER "Install the icmp helper" off \
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
SQUID_HTCP "Enable HTCP support" off \
SQUID_VIA_DB "Enable forward/via database" off \
SQUID_CACHE_DIGESTS "Enable cache digests" off \
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
SQUID_REFERER_LOG "Enable Referer-header logging" off \
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
SQUID_PF "Enable transparent proxying with PF" off \
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
SQUID_FOLLOW_XFF "Follow X-Forwarded-For headers" off \
SQUID_ICAP "Enable ICAP client functionality" off \
SQUID_AUFS "Enable the aufs storage scheme" off \
SQUID_COSS "Enable the COSS storage scheme" off \
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
SQUID_LARGEFILE "Support log and cache files >2GB" off \
SQUID_STACKTRACES "Create backtraces on fatal errors" off
etc_files= squid/cachemgr.conf.default \
squid/mib.txt squid/mime.conf.default \
squid/msntauth.conf.default squid/squid.conf.default
icon_files= anthony-binhex.gif anthony-bomb.gif anthony-box.gif \
anthony-box2.gif anthony-c.gif anthony-compressed.gif \
anthony-dir.gif anthony-dirup.gif anthony-dvi.gif \
anthony-f.gif anthony-image.gif anthony-image2.gif \
anthony-layout.gif anthony-link.gif anthony-movie.gif \
anthony-pdf.gif anthony-portal.gif anthony-ps.gif \
anthony-quill.gif anthony-script.gif anthony-sound.gif \
anthony-tar.gif anthony-tex.gif anthony-text.gif \
anthony-unknown.gif anthony-xbm.gif anthony-xpm.gif
error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
ERR_CACHE_MGR_ACCESS_DENIED ERR_CANNOT_FORWARD \
ERR_CONNECT_FAIL ERR_DNS_FAIL ERR_FORWARDING_DENIED \
ERR_FTP_DISABLED ERR_FTP_FAILURE ERR_FTP_FORBIDDEN \
ERR_FTP_NOT_FOUND ERR_FTP_PUT_CREATED \
ERR_FTP_PUT_ERROR ERR_FTP_PUT_MODIFIED ERR_FTP_UNAVAILABLE \
ERR_INVALID_REQ ERR_INVALID_RESP ERR_INVALID_URL \
ERR_LIFETIME_EXP ERR_NO_RELAY ERR_ONLY_IF_CACHED_MISS \
ERR_READ_ERROR ERR_READ_TIMEOUT ERR_SHUTTING_DOWN \
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
msnt_auth ncsa_auth ntlm_auth \
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
wbinfo_group.pl
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
libexec+= unlinkd
.endif
sbin= RunCache squidclient squid
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
--sbindir=${PREFIX}/sbin \
--datadir=${PREFIX}/etc/squid \
--libexecdir=${PREFIX}/libexec/squid \
--localstatedir=${PREFIX}/squid \
--sysconfdir=${PREFIX}/etc/squid \
--enable-removal-policies="lru heap" \
--disable-linux-netfilter \
--disable-linux-tproxy \
--disable-epoll
.include <bsd.port.pre.mk>
# Authentication methods and modules:
basic_auth= NCSA PAM MSNT SMB
digest_auth= password
external_acl= ip_user session unix_group wbinfo_group
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
.if defined(WITH_SQUID_LDAP_AUTH)
USE_OPENLDAP= yes
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
basic_auth+= LDAP
digest_auth+= ldap
external_acl+= ldap_group
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
.endif
.if defined(WITH_SQUID_SASL_AUTH)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
CFLAGS+= -I${LOCALBASE}/include
CPPFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
basic_auth+= SASL
libexec+= sasl_auth
.endif
.if !defined(NO_NIS) && !defined(WITHOUT_NIS)
basic_auth+= YP
libexec+= yp_auth
.endif
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
--enable-basic-auth-helpers="${basic_auth}" \
--enable-digest-auth-helpers="${digest_auth}" \
--enable-external-acl-helpers="${external_acl}" \
--enable-ntlm-auth-helpers="SMB"
# Storage schemes:
storage_schemes= ufs diskd null
.if defined(WITH_SQUID_AUFS)
storage_schemes+= aufs
.if ${OSVERSION}>=501000
# Only document libmap.conf where it is available:
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
.endif
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
CONFIGURE_ARGS+= --with-pthreads
CFLAGS+= ${PTHREAD_CFLAGS}
.endif
.if defined(WITH_SQUID_COSS)
storage_schemes+= coss
.if !defined(WITH_SQUID_AUFS)
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
# adding the option VFS_AIO to your kernel configuration if you want to
# actually use COSS storage:
CONFIGURE_ARGS+= --enable-coss-aio-ops
.endif
sbin+= cossdump
.endif
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
# Other options set via 'make config':
.if defined(WITH_SQUID_DELAY_POOLS)
CONFIGURE_ARGS+= --enable-delay-pools
.endif
.if defined(WITH_SQUID_SNMP)
CONFIGURE_ARGS+= --enable-snmp
.endif
.if defined(WITHOUT_SQUID_CARP)
CONFIGURE_ARGS+= --disable-carp
.endif
.if defined(WITH_SQUID_SSL)
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included.
# This makes it currently impossible to combine this macro with OPTIONS to
# conditionally include OpenSSL support.
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
CONFIGURE_ARGS+= --enable-ssl \
--with-openssl="${OPENSSLBASE}"
CFLAGS+= -I${OPENSSLINC}
LDFLAGS+= -L${OPENSSLLIB}
.endif
.if defined(WITH_SQUID_PINGER)
CONFIGURE_ARGS+= --enable-icmp
libexec+= pinger
.endif
.if defined(WITH_SQUID_DNS_HELPER)
CONFIGURE_ARGS+= --disable-internal-dns
libexec+= dnsserver
.endif
.if defined(WITH_SQUID_HTCP)
CONFIGURE_ARGS+= --enable-htcp
.endif
.if defined(WITH_SQUID_VIA_DB)
CONFIGURE_ARGS+= --enable-forw-via-db
.endif
.if defined(WITH_SQUID_CACHE_DIGESTS)
CONFIGURE_ARGS+= --enable-cache-digests
.endif
.if defined(WITHOUT_SQUID_WCCP)
CONFIGURE_ARGS+= --disable-wccp
.endif
.if defined(WITH_SQUID_WCCPV2)
CONFIGURE_ARGS+= --enable-wccpv2
.endif
.if defined(WITH_SQUID_STRICT_HTTP)
CONFIGURE_ARGS+= --disable-http-violations
.endif
.if defined(WITHOUT_SQUID_IDENT)
CONFIGURE_ARGS+= --disable-ident-lookups
.endif
.if defined(WITH_SQUID_REFERER_LOG)
CONFIGURE_ARGS+= --enable-referer-log
.endif
.if defined(WITH_SQUID_USERAGENT_LOG)
CONFIGURE_ARGS+= --enable-useragent-log
.endif
.if defined(WITH_SQUID_ARP_ACL)
CONFIGURE_ARGS+= --enable-arp-acl
.endif
.if defined(WITH_SQUID_PF)
CONFIGURE_ARGS+= --enable-pf-transparent
.if ${OSVERSION} < 502106
IGNORE= pf available only in FreeBSD 5.3 and newer
.endif
.endif
# IPFilter-headers are not installed on FreeBSD 4 since 4.7-RELEASE,
# they were not installed on FreeBSD 5 from 2002-03-26 (OSVERSION > 500032) to
# 2003-06-27 (OSVERSION < 501101).
#
# Please see PR misc/44148 and the CVS log of src/include/Makefile for further
# information.
.if defined(WITH_SQUID_IPFILTER)
.if (${OSVERSION} >= 470000 && ${OSVERSION} < 500000) || (${OSVERSION} > 500032 && ${OSVERSION} < 501101)
IGNORE= IPFilter headers are not part of the base system
.else
CONFIGURE_ARGS+= --enable-ipf-transparent
.endif
.endif
.if defined(WITH_SQUID_FOLLOW_XFF)
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
.endif
.if defined(WITH_SQUID_ICAP)
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
${PATCHDIR}/icap-2.6-core.patch
CONFIGURE_ARGS+= --enable-icap-support
error_files+= ERR_ICAP_FAILURE
.endif
.if !defined(WITHOUT_SQUID_KQUEUE)
CONFIGURE_ARGS+= --enable-kqueue
.else
CONFIGURE_ARGS+= --disable-kqueue
.endif
.if defined(WITH_SQUID_LARGEFILE)
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
.endif
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
CONFIGURE_ARGS+= --enable-stacktraces
CFLAGS+= -g
STRIP= ""
.endif
# Languages:
#
# If you do not define SQUID_LANGUAGES yourself, all available language files
# will be installed; the default language will be English.
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
English Estonian Finnish French German Greek Hebrew \
Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
Serbian Simplify_Chinese Slovak Spanish Swedish \
Traditional_Chinese Turkish
SQUID_DEFAULT_LANG?= English
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
--enable-default-err-language=${SQUID_DEFAULT_LANG}
# Finally, add additional user specified configuration options:
CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS}
CONFIGURE_ENV+= CFLAGS="${CFLAGS}" \
CPPFLAGS="${CPPFLAGS}"\
LDFLAGS="${LDFLAGS}"
PLIST_DIRS= etc/squid/icons libexec/squid
PLIST_FILES= ${etc_files:S,^,etc/,} ${icon_files:S,^,etc/squid/icons/,} \
${libexec:S,^,libexec/squid/,} ${sbin:S,^,sbin/,}
.for d in ${SQUID_LANGUAGES}
PLIST_DIRS+= etc/squid/errors/${d}
PLIST_FILES+= ${error_files:S,^,etc/squid/errors/${d}/,}
.endfor
PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
post-patch:
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
pre-install:
# Prevent installation of .orig files by deleting them.
@${FIND} ${WRKSRC} -name '*.bak' -delete
@${FIND} ${WRKSRC} -name '*.orig' -delete
pre-su-install:
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
.if defined(WITH_SQUID_PINGER)
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
.endif
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
.endif
@${SETENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
@${ECHO_CMD} "===> post-installation information for ${PKGNAME}:"
@${ECHO_CMD} ""
@${CAT} ${PKGMESSAGE}
@${ECHO_CMD} ""
.include <bsd.port.post.mk>

3
www/squid26/distinfo
View File

@ -1,3 +0,0 @@
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060

11
www/squid26/files/patch-aa
View File

@ -1,11 +0,0 @@
--- include/squid_types.h.orig Mon Jul 7 00:45:26 2003
+++ include/squid_types.h Mon Jul 7 00:48:39 2003
@@ -66,8 +66,5 @@
#if HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
-#if HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
#endif /* SQUID_TYPES_H */

11
www/squid26/files/patch-helpers-basic_auth-SMB-Makefile.in
View File

@ -1,11 +0,0 @@
--- helpers/basic_auth/SMB/Makefile.in.orig Tue Oct 4 07:29:26 2005
+++ helpers/basic_auth/SMB/Makefile.in Tue Oct 4 07:29:49 2005
@@ -129,7 +129,7 @@
makesnmplib = @makesnmplib@
SMB_AUTH_HELPER = smb_auth.sh
-SAMBAPREFIX = /usr/local/samba
+SAMBAPREFIX = %%LOCALBASE%%
SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
libexec_SCRIPTS = $(SMB_AUTH_HELPER)

13
www/squid26/files/patch-helpers-basic_auth-SMB-smb_auth.sh
View File

@ -1,13 +0,0 @@
*** helpers/basic_auth/SMB/smb_auth.sh.orig Thu Feb 26 20:58:22 2004
--- helpers/basic_auth/SMB/smb_auth.sh Thu Feb 26 20:59:45 2004
***************
*** 17,22 ****
--- 17,24 ----
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ SAMBAPREFIX=${SAMBAPREFIX:-%%LOCALBASE%%}
+
read DOMAINNAME
read PASSTHROUGH
read NMBADDR

39
www/squid26/files/patch-src-cf.data.pre
View File

@ -1,39 +0,0 @@
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
@@ -1183,6 +1183,21 @@
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
(hard coded at 1 MB).
+
+ Note for FreeBSD users:
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
+ support for the aufs storage type, COSS will use POSIX AIO.
+ This means that you need to add the line
+
+ options VFS_AIO
+
+ to your kernel configuration in order to use COSS.
+
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
+ necessarily need to recompile your kernel.
+
+ If you compiled Squid with both support for aufs and COSS, COSS
+ will use aufs' routines and does not need special kernel support.
DOC_END
NAME: logformat
@@ -3280,12 +3295,12 @@
NAME: cache_effective_user
TYPE: string
-DEFAULT: nobody
+DEFAULT: %%SQUID_UID%%
LOC: Config.effectiveUser
DOC_START
If you start Squid as root, it will change its effective/real
UID/GID to the user specified below. The default is to change
- to UID to nobody. If you define cache_effective_user, but not
+ to UID to %%SQUID_UID%%. If you define cache_effective_user, but not
cache_effective_group, Squid sets the GID to the effective
user's default group ID (taken from the password file) and
supplementary group list from the from groups membership of

39
www/squid26/files/pkg-deinstall.in
View File

@ -1,39 +0,0 @@
#!/bin/sh
#
# $FreeBSD$
#
PATH=/bin:/usr/bin:/usr/sbin
case $2 in
DEINSTALL)
cd ${PKG_PREFIX}/etc/squid || exit 1
for f in cachemgr.conf mime.conf msntauth.conf squid.conf; do
cmp -s -z ${f} ${f}.default && rm ${f}
done
;;
POST-DEINSTALL)
echo "===> post-deinstallation information for $1:"
echo ""
echo " Note:"
echo " Squid related user accounts and groups were not removed."
echo ""
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
echo " created by a default installation of this package, run"
echo ""
echo " pw userdel -n %%SQUID_UID%% -u 100"
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
echo ""
echo " In order to ease updates the cache and log directories"
echo " and all configuration files modified by you were preserved."
echo ""
echo " Please remove them manually if you do not want to use"
echo " Squid any longer."
fi
echo ""
;;
*)
exit 64
;;
esac
exit 0

81
www/squid26/files/pkg-install.in
View File

@ -1,81 +0,0 @@
#!/bin/sh
#
# $FreeBSD$
#
PATH=/bin:/usr/bin:/usr/sbin
pkgname=$1
squid_base="${PKG_PREFIX:-%%PREFIX%%}/squid"
squid_confdir="${PKG_PREFIX:-%%PREFIX%%}/etc/squid"
if [ -x /usr/sbin/nologin ]; then
nologin=/usr/sbin/nologin
else
nologin=/sbin/nologin
fi
squid_user="%%SQUID_UID%%"
squid_group="%%SQUID_GID%%"
squid_gid=100
squid_uid=100
case $2 in
PRE-INSTALL)
echo "===> Pre-installation configuration for ${pkgname}"
if ! pw groupshow ${squid_group} -q >/dev/null ; then
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
echo "Failed to create group \"${squid_group}\"!" >&2
echo "Please create it manually." >&2
exit 1
else
echo "Group '${squid_group}' created successfully:"
fi
else
echo "I will use the existing group '${squid_group}':"
fi
pw groupshow ${squid_group}
if ! pw usershow ${squid_user} -q >/dev/null ; then
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
if ! pw useradd -q -n ${squid_user} \
-u ${squid_uid} -g ${squid_group} \
-c "Squid caching-proxy pseudo user" \
-d "${squid_base}" -s "${nologin}" \
-h - ; then
echo "Failed to create user '${squid_user}'!" >&2
echo "Please create it manually." >&2
exit 1
else
echo "User '${squid_user}' created successfully:"
fi
else
echo "I will use the existing user '${squid_user}':"
fi
pw usershow ${squid_user}
for dir in cache logs; do
if [ ! -d ${squid_base}/${dir} ]; then
echo "Creating ${squid_base}/${dir}..."
install -d -o ${squid_user} -g ${squid_group} \
-m 0750 ${squid_base}/${dir}
fi
done
if [ ! -d ${squid_confdir} ]; then
echo "Creating ${squid_confdir}..."
install -d -o root -g ${squid_group} \
-m 0750 ${squid_confdir}
fi
;;
POST-INSTALL)
for file in cachemgr.conf mime.conf squid.conf; do
if [ ! -f ${squid_confdir}/${file} \
-a -f ${squid_confdir}/${file}.default ]; then
echo "Creating ${file} from default..."
install -c -o root -g ${squid_group} -m 0640 \
${squid_confdir}/${file}.default \
${squid_confdir}/${file}
fi
done
;;
*)
exit 64
;;
esac
exit 0

31
www/squid26/files/pkg-message.in
View File

@ -1,31 +0,0 @@
o You can find the configuration files for this package in the
directory %%PREFIX%%/etc/squid.
o A cache directory has been created in %%PREFIX%%/squid/cache.
Log files will be written to %%PREFIX%%/squid/logs.
Note:
You must initialize new cache directories before you can start
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
If your cache directories are already initialized (e.g. after an
upgrade of squid) you do not need to initialize them again.
o The default configuration will deny everyone access to the
proxy service. Edit the "http_access" directives in
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
Please note that the Squid start script is an rc.d style script.
This means that Squid will not start automatically at boot
time unless it is explicitly enabled.
To enable Squid, set squid_enable=yes in either
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
Note:
If you just updated your Squid installation from 2.5 or earlier,
make sure to check your Squid configuration against the 2.6 default
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
Additionally, you should check your configuration by calling
'squid -f /path/to/squid.conf -k parse' before starting Squid.

10
www/squid26/pkg-descr
View File

@ -1,10 +0,0 @@
Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single, non-blocking,
I/O-driven process.
Squid supports SSL, extensive access controls, and full request logging.
By using the lightweight Internet Cache Protocol, Squid caches can be
arranged in a hierarchy or mesh for additional bandwidth savings.
WWW: http://www.squid-cache.org/

432
www/squid27/Makefile
View File

@ -1,432 +0,0 @@
# New ports collection makefile for: squid26
# Date created: 2006-06-01
# Whom: Thomas-Martin Seck <tmseck@netcologne.de>
#
# $FreeBSD$
#
# Tunables not (yet) configurable via 'make config':
# SQUID_{U,G}ID
# Which user/group Squid should run as (default: squid/squid).
# The user and group will be created if they do not already exist using
# a uid:gid of 100:100.
# NOTE: older versions of Squid defaulted to nobody/nogroup.
# If you wish to run Squid as "nobody" (which is not recommended), please
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
# before you start the update or installation of this port.
#
# SQUID_LANGUAGES
# A list of languages for which error page files should be installed
# (default: all)
#
# E.g. use `make SQUID_LANGUAGES="English French"' if you want to
# install the files for these languages only.
# Use `make -VSQUID_LANGUAGES' or scroll down to this variable's
# definition to see which values are valid.
#
# SQUID_DEFAULT_LANG
# If you define SQUID_LANGUAGES, select which language should be the default
# one (this variable defaults to English). This setting can be overwritten
# with squid.conf's error_directory directive.
#
# SQUID_CONFIGURE_ARGS
# Additional configuration options.
#
# To enable them, use e.g
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
#
# The list below may be incomplete, please see the configure script
# in the Squid source distribution for the complete list of additional
# options.
# Note that you probably do not need to worry about these options in most
# cases, they are included in case you want to experiment with them.
#
# --enable-dlmalloc
# Compile and use the malloc package from Doug Lea
# --enable-gnuregex
# Compile and use the supplied GNUregex routines instead of BSD regex
# (not recommended).
# --enable-xmalloc-statistics
# Show malloc statistics in status page
# --enable-cachemgr-hostname=some.hostname
# Set an explicit hostname in cachemgr.cgi
# --enable-truncate
# Use truncate() rather than unlink()
# --disable-unlinkd
# Do not use "unlinkd"
# --with-aufs-threads=N_THREADS
# Tune the number of worker threads for the aufs object
# --with-coss-membuf-size
# COSS membuf size (default: 1048576 bytes)
# --with-maxfd=N
# Override the maximum number of filedescriptors. Useful if you
# build as another user who is not privileged to use the amount
# of filedescriptors the resulting binary is expected to support.
# --enable-ntlm-fail-open
# Enable NTLM fail open, where a helper that fails one of the
# Authentication steps can allow Squid to still authenticate the user
# --enable-x-accelerator-vary
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
# to indicate variance within an accelerator setup. Typically used
# together with other code that adds custom HTTP headers to the
# requests.
# --enable-forward-log
# Enable experimental forward_log directive.
# --enable-multicast-miss
# Enable experimental multicast notification of cachemisses.
PORTNAME= squid
PORTVERSION= 2.6.9
CATEGORIES= www
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
MASTER_SITE_SUBDIR= squid-2/STABLE
DISTNAME= squid-2.6.STABLE9
DIST_SUBDIR= squid2.6
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
http://www2.us.squid-cache.org/%SUBDIR%/ \
http://www3.us.squid-cache.org/%SUBDIR%/ \
http://www1.at.squid-cache.org/%SUBDIR%/ \
http://www2.nl.squid-cache.org/%SUBDIR%/ \
http://www1.ru.squid-cache.org/%SUBDIR%/ \
http://www1.uk.squid-cache.org/%SUBDIR%/ \
http://www1.jp.squid-cache.org/%SUBDIR%/ \
http://www1.tw.squid-cache.org/%SUBDIR%/
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
PATCHFILES=
PATCH_DIST_STRIP= -p1
MAINTAINER= tmseck@netcologne.de
COMMENT= HTTP Caching Proxy
LATEST_LINK= squid26
CONFLICTS= squid-2.[^6]*
GNU_CONFIGURE= yes
USE_BZIP2= yes
USE_PERL5= yes
USE_RC_SUBR= squid
SQUID_UID?= squid
SQUID_GID?= squid
MAN8= cachemgr.cgi.8 squid.8
docs= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
PORTDOCS= ${docs:T}
SUB_FILES+= pkg-deinstall pkg-install pkg-message
SUB_LIST+= SQUID_UID=${SQUID_UID} SQUID_GID=${SQUID_GID}
OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
SQUID_DELAY_POOLS "Enable delay pools" off \
SQUID_SNMP "Enable SNMP support" off \
SQUID_CARP "Enable CARP support" on \
SQUID_SSL "Enable SSL support for reverse proxies" off \
SQUID_PINGER "Install the icmp helper" off \
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
SQUID_HTCP "Enable HTCP support" off \
SQUID_VIA_DB "Enable forward/via database" off \
SQUID_CACHE_DIGESTS "Enable cache digests" off \
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
SQUID_REFERER_LOG "Enable Referer-header logging" off \
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
SQUID_PF "Enable transparent proxying with PF" off \
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
SQUID_FOLLOW_XFF "Follow X-Forwarded-For headers" off \
SQUID_ICAP "Enable ICAP client functionality" off \
SQUID_AUFS "Enable the aufs storage scheme" off \
SQUID_COSS "Enable the COSS storage scheme" off \
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
SQUID_LARGEFILE "Support log and cache files >2GB" off \
SQUID_STACKTRACES "Create backtraces on fatal errors" off
etc_files= squid/cachemgr.conf.default \
squid/mib.txt squid/mime.conf.default \
squid/msntauth.conf.default squid/squid.conf.default
icon_files= anthony-binhex.gif anthony-bomb.gif anthony-box.gif \
anthony-box2.gif anthony-c.gif anthony-compressed.gif \
anthony-dir.gif anthony-dirup.gif anthony-dvi.gif \
anthony-f.gif anthony-image.gif anthony-image2.gif \
anthony-layout.gif anthony-link.gif anthony-movie.gif \
anthony-pdf.gif anthony-portal.gif anthony-ps.gif \
anthony-quill.gif anthony-script.gif anthony-sound.gif \
anthony-tar.gif anthony-tex.gif anthony-text.gif \
anthony-unknown.gif anthony-xbm.gif anthony-xpm.gif
error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
ERR_CACHE_MGR_ACCESS_DENIED ERR_CANNOT_FORWARD \
ERR_CONNECT_FAIL ERR_DNS_FAIL ERR_FORWARDING_DENIED \
ERR_FTP_DISABLED ERR_FTP_FAILURE ERR_FTP_FORBIDDEN \
ERR_FTP_NOT_FOUND ERR_FTP_PUT_CREATED \
ERR_FTP_PUT_ERROR ERR_FTP_PUT_MODIFIED ERR_FTP_UNAVAILABLE \
ERR_INVALID_REQ ERR_INVALID_RESP ERR_INVALID_URL \
ERR_LIFETIME_EXP ERR_NO_RELAY ERR_ONLY_IF_CACHED_MISS \
ERR_READ_ERROR ERR_READ_TIMEOUT ERR_SHUTTING_DOWN \
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
msnt_auth ncsa_auth ntlm_auth \
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
wbinfo_group.pl
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
libexec+= unlinkd
.endif
sbin= RunCache squidclient squid
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
--sbindir=${PREFIX}/sbin \
--datadir=${PREFIX}/etc/squid \
--libexecdir=${PREFIX}/libexec/squid \
--localstatedir=${PREFIX}/squid \
--sysconfdir=${PREFIX}/etc/squid \
--enable-removal-policies="lru heap" \
--disable-linux-netfilter \
--disable-linux-tproxy \
--disable-epoll
.include <bsd.port.pre.mk>
# Authentication methods and modules:
basic_auth= NCSA PAM MSNT SMB
digest_auth= password
external_acl= ip_user session unix_group wbinfo_group
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
.if defined(WITH_SQUID_LDAP_AUTH)
USE_OPENLDAP= yes
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
basic_auth+= LDAP
digest_auth+= ldap
external_acl+= ldap_group
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
.endif
.if defined(WITH_SQUID_SASL_AUTH)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
CFLAGS+= -I${LOCALBASE}/include
CPPFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
basic_auth+= SASL
libexec+= sasl_auth
.endif
.if !defined(NO_NIS) && !defined(WITHOUT_NIS)
basic_auth+= YP
libexec+= yp_auth
.endif
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
--enable-basic-auth-helpers="${basic_auth}" \
--enable-digest-auth-helpers="${digest_auth}" \
--enable-external-acl-helpers="${external_acl}" \
--enable-ntlm-auth-helpers="SMB"
# Storage schemes:
storage_schemes= ufs diskd null
.if defined(WITH_SQUID_AUFS)
storage_schemes+= aufs
.if ${OSVERSION}>=501000
# Only document libmap.conf where it is available:
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
.endif
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
CONFIGURE_ARGS+= --with-pthreads
CFLAGS+= ${PTHREAD_CFLAGS}
.endif
.if defined(WITH_SQUID_COSS)
storage_schemes+= coss
.if !defined(WITH_SQUID_AUFS)
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
# adding the option VFS_AIO to your kernel configuration if you want to
# actually use COSS storage:
CONFIGURE_ARGS+= --enable-coss-aio-ops
.endif
sbin+= cossdump
.endif
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
# Other options set via 'make config':
.if defined(WITH_SQUID_DELAY_POOLS)
CONFIGURE_ARGS+= --enable-delay-pools
.endif
.if defined(WITH_SQUID_SNMP)
CONFIGURE_ARGS+= --enable-snmp
.endif
.if defined(WITHOUT_SQUID_CARP)
CONFIGURE_ARGS+= --disable-carp
.endif
.if defined(WITH_SQUID_SSL)
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included.
# This makes it currently impossible to combine this macro with OPTIONS to
# conditionally include OpenSSL support.
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
CONFIGURE_ARGS+= --enable-ssl \
--with-openssl="${OPENSSLBASE}"
CFLAGS+= -I${OPENSSLINC}
LDFLAGS+= -L${OPENSSLLIB}
.endif
.if defined(WITH_SQUID_PINGER)
CONFIGURE_ARGS+= --enable-icmp
libexec+= pinger
.endif
.if defined(WITH_SQUID_DNS_HELPER)
CONFIGURE_ARGS+= --disable-internal-dns
libexec+= dnsserver
.endif
.if defined(WITH_SQUID_HTCP)
CONFIGURE_ARGS+= --enable-htcp
.endif
.if defined(WITH_SQUID_VIA_DB)
CONFIGURE_ARGS+= --enable-forw-via-db
.endif
.if defined(WITH_SQUID_CACHE_DIGESTS)
CONFIGURE_ARGS+= --enable-cache-digests
.endif
.if defined(WITHOUT_SQUID_WCCP)
CONFIGURE_ARGS+= --disable-wccp
.endif
.if defined(WITH_SQUID_WCCPV2)
CONFIGURE_ARGS+= --enable-wccpv2
.endif
.if defined(WITH_SQUID_STRICT_HTTP)
CONFIGURE_ARGS+= --disable-http-violations
.endif
.if defined(WITHOUT_SQUID_IDENT)
CONFIGURE_ARGS+= --disable-ident-lookups
.endif
.if defined(WITH_SQUID_REFERER_LOG)
CONFIGURE_ARGS+= --enable-referer-log
.endif
.if defined(WITH_SQUID_USERAGENT_LOG)
CONFIGURE_ARGS+= --enable-useragent-log
.endif
.if defined(WITH_SQUID_ARP_ACL)
CONFIGURE_ARGS+= --enable-arp-acl
.endif
.if defined(WITH_SQUID_PF)
CONFIGURE_ARGS+= --enable-pf-transparent
.if ${OSVERSION} < 502106
IGNORE= pf available only in FreeBSD 5.3 and newer
.endif
.endif
# IPFilter-headers are not installed on FreeBSD 4 since 4.7-RELEASE,
# they were not installed on FreeBSD 5 from 2002-03-26 (OSVERSION > 500032) to
# 2003-06-27 (OSVERSION < 501101).
#
# Please see PR misc/44148 and the CVS log of src/include/Makefile for further
# information.
.if defined(WITH_SQUID_IPFILTER)
.if (${OSVERSION} >= 470000 && ${OSVERSION} < 500000) || (${OSVERSION} > 500032 && ${OSVERSION} < 501101)
IGNORE= IPFilter headers are not part of the base system
.else
CONFIGURE_ARGS+= --enable-ipf-transparent
.endif
.endif
.if defined(WITH_SQUID_FOLLOW_XFF)
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
.endif
.if defined(WITH_SQUID_ICAP)
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
${PATCHDIR}/icap-2.6-core.patch
CONFIGURE_ARGS+= --enable-icap-support
error_files+= ERR_ICAP_FAILURE
.endif
.if !defined(WITHOUT_SQUID_KQUEUE)
CONFIGURE_ARGS+= --enable-kqueue
.else
CONFIGURE_ARGS+= --disable-kqueue
.endif
.if defined(WITH_SQUID_LARGEFILE)
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
.endif
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
CONFIGURE_ARGS+= --enable-stacktraces
CFLAGS+= -g
STRIP= ""
.endif
# Languages:
#
# If you do not define SQUID_LANGUAGES yourself, all available language files
# will be installed; the default language will be English.
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
English Estonian Finnish French German Greek Hebrew \
Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
Serbian Simplify_Chinese Slovak Spanish Swedish \
Traditional_Chinese Turkish
SQUID_DEFAULT_LANG?= English
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
--enable-default-err-language=${SQUID_DEFAULT_LANG}
# Finally, add additional user specified configuration options:
CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS}
CONFIGURE_ENV+= CFLAGS="${CFLAGS}" \
CPPFLAGS="${CPPFLAGS}"\
LDFLAGS="${LDFLAGS}"
PLIST_DIRS= etc/squid/icons libexec/squid
PLIST_FILES= ${etc_files:S,^,etc/,} ${icon_files:S,^,etc/squid/icons/,} \
${libexec:S,^,libexec/squid/,} ${sbin:S,^,sbin/,}
.for d in ${SQUID_LANGUAGES}
PLIST_DIRS+= etc/squid/errors/${d}
PLIST_FILES+= ${error_files:S,^,etc/squid/errors/${d}/,}
.endfor
PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
post-patch:
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
pre-install:
# Prevent installation of .orig files by deleting them.
@${FIND} ${WRKSRC} -name '*.bak' -delete
@${FIND} ${WRKSRC} -name '*.orig' -delete
pre-su-install:
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
.if defined(WITH_SQUID_PINGER)
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
.endif
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
.endif
@${SETENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
@${ECHO_CMD} "===> post-installation information for ${PKGNAME}:"
@${ECHO_CMD} ""
@${CAT} ${PKGMESSAGE}
@${ECHO_CMD} ""
.include <bsd.port.post.mk>

3
www/squid27/distinfo
View File

@ -1,3 +0,0 @@
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060

11
www/squid27/files/patch-aa
View File

@ -1,11 +0,0 @@
--- include/squid_types.h.orig Mon Jul 7 00:45:26 2003
+++ include/squid_types.h Mon Jul 7 00:48:39 2003
@@ -66,8 +66,5 @@
#if HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
-#if HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
#endif /* SQUID_TYPES_H */

11
www/squid27/files/patch-helpers-basic_auth-SMB-Makefile.in
View File

@ -1,11 +0,0 @@
--- helpers/basic_auth/SMB/Makefile.in.orig Tue Oct 4 07:29:26 2005
+++ helpers/basic_auth/SMB/Makefile.in Tue Oct 4 07:29:49 2005
@@ -129,7 +129,7 @@
makesnmplib = @makesnmplib@
SMB_AUTH_HELPER = smb_auth.sh
-SAMBAPREFIX = /usr/local/samba
+SAMBAPREFIX = %%LOCALBASE%%
SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
libexec_SCRIPTS = $(SMB_AUTH_HELPER)

13
www/squid27/files/patch-helpers-basic_auth-SMB-smb_auth.sh
View File

@ -1,13 +0,0 @@
*** helpers/basic_auth/SMB/smb_auth.sh.orig Thu Feb 26 20:58:22 2004
--- helpers/basic_auth/SMB/smb_auth.sh Thu Feb 26 20:59:45 2004
***************
*** 17,22 ****
--- 17,24 ----
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ SAMBAPREFIX=${SAMBAPREFIX:-%%LOCALBASE%%}
+
read DOMAINNAME
read PASSTHROUGH
read NMBADDR

39
www/squid27/files/patch-src-cf.data.pre
View File

@ -1,39 +0,0 @@
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
@@ -1183,6 +1183,21 @@
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
(hard coded at 1 MB).
+
+ Note for FreeBSD users:
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
+ support for the aufs storage type, COSS will use POSIX AIO.
+ This means that you need to add the line
+
+ options VFS_AIO
+
+ to your kernel configuration in order to use COSS.
+
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
+ necessarily need to recompile your kernel.
+
+ If you compiled Squid with both support for aufs and COSS, COSS
+ will use aufs' routines and does not need special kernel support.
DOC_END
NAME: logformat
@@ -3280,12 +3295,12 @@
NAME: cache_effective_user
TYPE: string
-DEFAULT: nobody
+DEFAULT: %%SQUID_UID%%
LOC: Config.effectiveUser
DOC_START
If you start Squid as root, it will change its effective/real
UID/GID to the user specified below. The default is to change
- to UID to nobody. If you define cache_effective_user, but not
+ to UID to %%SQUID_UID%%. If you define cache_effective_user, but not
cache_effective_group, Squid sets the GID to the effective
user's default group ID (taken from the password file) and
supplementary group list from the from groups membership of

39
www/squid27/files/pkg-deinstall.in
View File

@ -1,39 +0,0 @@
#!/bin/sh
#
# $FreeBSD$
#
PATH=/bin:/usr/bin:/usr/sbin
case $2 in
DEINSTALL)
cd ${PKG_PREFIX}/etc/squid || exit 1
for f in cachemgr.conf mime.conf msntauth.conf squid.conf; do
cmp -s -z ${f} ${f}.default && rm ${f}
done
;;
POST-DEINSTALL)
echo "===> post-deinstallation information for $1:"
echo ""
echo " Note:"
echo " Squid related user accounts and groups were not removed."
echo ""
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
echo " created by a default installation of this package, run"
echo ""
echo " pw userdel -n %%SQUID_UID%% -u 100"
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
echo ""
echo " In order to ease updates the cache and log directories"
echo " and all configuration files modified by you were preserved."
echo ""
echo " Please remove them manually if you do not want to use"
echo " Squid any longer."
fi
echo ""
;;
*)
exit 64
;;
esac
exit 0

81
www/squid27/files/pkg-install.in
View File

@ -1,81 +0,0 @@
#!/bin/sh
#
# $FreeBSD$
#
PATH=/bin:/usr/bin:/usr/sbin
pkgname=$1
squid_base="${PKG_PREFIX:-%%PREFIX%%}/squid"
squid_confdir="${PKG_PREFIX:-%%PREFIX%%}/etc/squid"
if [ -x /usr/sbin/nologin ]; then
nologin=/usr/sbin/nologin
else
nologin=/sbin/nologin
fi
squid_user="%%SQUID_UID%%"
squid_group="%%SQUID_GID%%"
squid_gid=100
squid_uid=100
case $2 in
PRE-INSTALL)
echo "===> Pre-installation configuration for ${pkgname}"
if ! pw groupshow ${squid_group} -q >/dev/null ; then
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
echo "Failed to create group \"${squid_group}\"!" >&2
echo "Please create it manually." >&2
exit 1
else
echo "Group '${squid_group}' created successfully:"
fi
else
echo "I will use the existing group '${squid_group}':"
fi
pw groupshow ${squid_group}
if ! pw usershow ${squid_user} -q >/dev/null ; then
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
if ! pw useradd -q -n ${squid_user} \
-u ${squid_uid} -g ${squid_group} \
-c "Squid caching-proxy pseudo user" \
-d "${squid_base}" -s "${nologin}" \
-h - ; then
echo "Failed to create user '${squid_user}'!" >&2
echo "Please create it manually." >&2
exit 1
else
echo "User '${squid_user}' created successfully:"
fi
else
echo "I will use the existing user '${squid_user}':"
fi
pw usershow ${squid_user}
for dir in cache logs; do
if [ ! -d ${squid_base}/${dir} ]; then
echo "Creating ${squid_base}/${dir}..."
install -d -o ${squid_user} -g ${squid_group} \
-m 0750 ${squid_base}/${dir}
fi
done
if [ ! -d ${squid_confdir} ]; then
echo "Creating ${squid_confdir}..."
install -d -o root -g ${squid_group} \
-m 0750 ${squid_confdir}
fi
;;
POST-INSTALL)
for file in cachemgr.conf mime.conf squid.conf; do
if [ ! -f ${squid_confdir}/${file} \
-a -f ${squid_confdir}/${file}.default ]; then
echo "Creating ${file} from default..."
install -c -o root -g ${squid_group} -m 0640 \
${squid_confdir}/${file}.default \
${squid_confdir}/${file}
fi
done
;;
*)
exit 64
;;
esac
exit 0

31
www/squid27/files/pkg-message.in
View File

@ -1,31 +0,0 @@
o You can find the configuration files for this package in the
directory %%PREFIX%%/etc/squid.
o A cache directory has been created in %%PREFIX%%/squid/cache.
Log files will be written to %%PREFIX%%/squid/logs.
Note:
You must initialize new cache directories before you can start
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
If your cache directories are already initialized (e.g. after an
upgrade of squid) you do not need to initialize them again.
o The default configuration will deny everyone access to the
proxy service. Edit the "http_access" directives in
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
Please note that the Squid start script is an rc.d style script.
This means that Squid will not start automatically at boot
time unless it is explicitly enabled.
To enable Squid, set squid_enable=yes in either
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
Note:
If you just updated your Squid installation from 2.5 or earlier,
make sure to check your Squid configuration against the 2.6 default
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
Additionally, you should check your configuration by calling
'squid -f /path/to/squid.conf -k parse' before starting Squid.

10
www/squid27/pkg-descr
View File

@ -1,10 +0,0 @@
Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single, non-blocking,
I/O-driven process.
Squid supports SSL, extensive access controls, and full request logging.
By using the lightweight Internet Cache Protocol, Squid caches can be
arranged in a hierarchy or mesh for additional bandwidth savings.
WWW: http://www.squid-cache.org/

246
www/squid30/Makefile
View File

@ -9,15 +9,11 @@
# Which user/group Squid should run as (default: squid/squid).
# The user and group will be created if they do not already exist using
# a uid:gid of 100:100.
# NOTE: before version 2.5.4_6, these settings defaulted to
# nobody/nogroup.
# If you wish to keep these settings, please define SQUID_UID=nobody and
# SQUID_GID=nogroup in your make environment before you start the update.
# NOTE2:
# Before version 2.5.4_11 the numerical id chosen for SQUID_UID (and
# SQUID_GID respectively) was the first free id greater than or equal 3128.
# If you wish to move your squid user to id 100:100, run "make changeuser",
# please see the changeuser target's definition for further information.
# NOTE: older versions of Squid defaulted to nobody/nogroup.
# If you wish to run Squid as "nobody" (which is not recommended), please
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
# before you start the update or installation of this port.
#
# SQUID_LANGUAGES
# A list of languages for which error page files should be installed
# (default: all)
@ -39,7 +35,7 @@
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
#
# The list below may be incomplete, please see the configure script
# in the squid source distribution for the complete list of additional
# in the Squid source distribution for the complete list of additional
# options.
# Note that you probably do not need to worry about these options in most
# cases, they are included in case you want to experiment with them.
@ -47,11 +43,10 @@
# --enable-dlmalloc
# Compile and use the malloc package from Doug Lea
# --enable-gnuregex
# Compile and use the supplied GNUregex routines instead of BSD regex.
# Compile and use the supplied GNUregex routines instead of BSD regex
# (not recommended).
# --enable-xmalloc-statistics
# Show malloc statistics in status page
# --enable-time-hack
# Optimize time updates to one per second rather than calling gettimeofday()
# --enable-cachemgr-hostname=some.hostname
# Set an explicit hostname in cachemgr.cgi
# --enable-truncate
@ -69,39 +64,53 @@
# --enable-ntlm-fail-open
# Enable NTLM fail open, where a helper that fails one of the
# Authentication steps can allow Squid to still authenticate the user
#
# --enable-x-accelerator-vary
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
# to indicate variance within an accelerator setup. Typically used
# together with other code that adds custom HTTP headers to the
# requests.
# --enable-forward-log
# Enable experimental forward_log directive.
# --enable-multicast-miss
# Enable experimental multicast notification of cachemisses.
PORTNAME= squid
PORTVERSION= 2.5.14
PORTREVISION= 4
PORTVERSION= 2.6.9
CATEGORIES= www
MASTER_SITES= http://www.squid-cache.org/%SUBDIR%/ \
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
MASTER_SITE_SUBDIR= squid-2/STABLE
DISTNAME= squid-2.6.STABLE9
DIST_SUBDIR= squid2.6
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
http://www2.us.squid-cache.org/%SUBDIR%/ \
http://www3.us.squid-cache.org/%SUBDIR%/ \
http://www1.at.squid-cache.org/%SUBDIR%/ \
http://www2.nl.squid-cache.org/%SUBDIR%/ \
http://www1.ru.squid-cache.org/%SUBDIR%/ \
http://www1.uk.squid-cache.org/%SUBDIR%/ \
http://www1.gr.squid-cache.org/%SUBDIR%/ \
http://www1.jp.squid-cache.org/%SUBDIR%/ \
http://www1.tw.squid-cache.org/%SUBDIR%/
MASTER_SITE_SUBDIR= Versions/v2/2.5
DISTNAME= squid-2.5.STABLE14
DIST_SUBDIR= squid2.5
PATCH_SITES= ${MASTER_SITES}
PATCH_SITE_SUBDIR= Versions/v2/2.5/bugs
PATCHFILES= squid-2.5.STABLE14-httpReplyDestroy.patch \
squid-2.5.STABLE14-hierarchy_tag.patch
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
PATCHFILES=
PATCH_DIST_STRIP= -p1
MAINTAINER= tmseck@netcologne.de
COMMENT= HTTP Caching Proxy
CONFLICTS= squid-2.[^5]*
CONFLICTS= squid-2.[^6]*
GNU_CONFIGURE= yes
USE_BZIP2= yes
USE_PERL5= yes
USE_RC_SUBR= squid
SQUID_UID?= squid
SQUID_GID?= squid
@ -116,20 +125,19 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
SQUID_DELAY_POOLS "Enable delay pools" off \
SQUID_SNMP "Enable SNMP support" off \
SQUID_CARP "Enable CARP support" off \
SQUID_CARP "Enable CARP support" on \
SQUID_SSL "Enable SSL support for reverse proxies" off \
SQUID_PINGER "Install the icmp helper" off \
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
SQUID_HTCP "Enable HTCP support" off \
SQUID_VIA_DB "Enable forward/via database" off \
SQUID_CACHE_DIGESTS "Enable cache digests" off \
SQUID_WCCP "Enable Web Cache Coordination Protocol" on \
SQUID_UNDERSCORES "Allow underscores in hostnames" on \
SQUID_CHECK_HOSTNAME "Do hostname checking" on \
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
SQUID_REFERER_LOG "Enable Referer-header logging" off \
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
SQUID_CUSTOM_LOG "Enable custom log format" off \
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
SQUID_PF "Enable transparent proxying with PF" off \
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
@ -137,9 +145,9 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_ICAP "Enable ICAP client functionality" off \
SQUID_AUFS "Enable the aufs storage scheme" off \
SQUID_COSS "Enable the COSS storage scheme" off \
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
SQUID_LARGEFILE "Support log and cache files >2GB" off \
SQUID_STACKTRACES "Create backtraces on fatal errors" off \
SQUID_RCNG "Install an rc.d style startup script" on
SQUID_STACKTRACES "Create backtraces on fatal errors" off
etc_files= squid/cachemgr.conf.default \
squid/mib.txt squid/mime.conf.default \
@ -167,37 +175,44 @@ error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
libexec= cachemgr.cgi digest_pw_auth diskd ip_user_check \
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
msnt_auth ncsa_auth ntlm_auth \
pam_auth smb_auth smb_auth.sh squid_unix_group \
wb_auth wb_group wb_ntlmauth wbinfo_group.pl
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
wbinfo_group.pl
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
libexec+= unlinkd
.endif
sbin= RunAccel RunCache squidclient squid
sbin= RunCache squidclient squid
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
--sbindir=${PREFIX}/sbin \
--datadir=${PREFIX}/etc/squid \
--libexecdir=${PREFIX}/libexec/squid \
--localstatedir=${PREFIX}/squid \
--enable-removal-policies="lru heap"
--sysconfdir=${PREFIX}/etc/squid \
--enable-removal-policies="lru heap" \
--disable-linux-netfilter \
--disable-linux-tproxy \
--disable-epoll
.include <bsd.port.pre.mk>
# Authentication methods and modules:
basic_auth= NCSA PAM MSNT SMB winbind
external_acl= ip_user unix_group wbinfo_group winbind_group
MAN8+= pam_auth.8 squid_unix_group.8
basic_auth= NCSA PAM MSNT SMB
digest_auth= password
external_acl= ip_user session unix_group wbinfo_group
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
.if defined(WITH_SQUID_LDAP_AUTH)
USE_OPENLDAP= yes
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
basic_auth+= LDAP
digest_auth+= ldap
external_acl+= ldap_group
libexec+= squid_ldap_auth squid_ldap_group
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
.endif
.if defined(WITH_SQUID_SASL_AUTH)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
@ -213,23 +228,33 @@ libexec+= yp_auth
.endif
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
--enable-basic-auth-helpers="${basic_auth}" \
--enable-digest-auth-helpers="password" \
--enable-digest-auth-helpers="${digest_auth}" \
--enable-external-acl-helpers="${external_acl}" \
--enable-ntlm-auth-helpers="SMB winbind"
--enable-ntlm-auth-helpers="SMB"
# Selection of storage schemes:
# Storage schemes:
storage_schemes= ufs diskd null
.if defined(WITH_SQUID_AUFS)
storage_schemes+= aufs
.if ${OSVERSION}>=501000
# Only document libmap.conf where it is available:
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
.endif
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
CONFIGURE_ARGS+= --enable-async-io \
--with-pthreads
CONFIGURE_ARGS+= --with-pthreads
CFLAGS+= ${PTHREAD_CFLAGS}
.endif
.if defined(WITH_SQUID_COSS)
storage_schemes+= coss
CONFIGURE_ARGS+= --with-aio
.if !defined(WITH_SQUID_AUFS)
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
# adding the option VFS_AIO to your kernel configuration if you want to
# actually use COSS storage:
CONFIGURE_ARGS+= --enable-coss-aio-ops
.endif
sbin+= cossdump
.endif
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
@ -241,13 +266,14 @@ CONFIGURE_ARGS+= --enable-delay-pools
.if defined(WITH_SQUID_SNMP)
CONFIGURE_ARGS+= --enable-snmp
.endif
.if defined(WITH_SQUID_CARP)
CONFIGURE_ARGS+= --enable-carp
.if defined(WITHOUT_SQUID_CARP)
CONFIGURE_ARGS+= --disable-carp
.endif
.if defined(WITH_SQUID_SSL)
# we need to .include bsd.openssl.mk manually here because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included and this is
# not possible when using OPTIONS
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included.
# This makes it currently impossible to combine this macro with OPTIONS to
# conditionally include OpenSSL support.
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
CONFIGURE_ARGS+= --enable-ssl \
--with-openssl="${OPENSSLBASE}"
@ -274,11 +300,8 @@ CONFIGURE_ARGS+= --enable-cache-digests
.if defined(WITHOUT_SQUID_WCCP)
CONFIGURE_ARGS+= --disable-wccp
.endif
.if !defined(WITHOUT_SQUID_UNDERSCORES)
CONFIGURE_ARGS+= --enable-underscores
.endif
.if defined(WITHOUT_SQUID_CHECK_HOSTNAME)
CONFIGURE_ARGS+= --disable-hostname-checks
.if defined(WITH_SQUID_WCCPV2)
CONFIGURE_ARGS+= --enable-wccpv2
.endif
.if defined(WITH_SQUID_STRICT_HTTP)
CONFIGURE_ARGS+= --disable-http-violations
@ -286,12 +309,12 @@ CONFIGURE_ARGS+= --disable-http-violations
.if defined(WITHOUT_SQUID_IDENT)
CONFIGURE_ARGS+= --disable-ident-lookups
.endif
.if defined(WITH_SQUID_REFERER_LOG)
CONFIGURE_ARGS+= --enable-referer-log
.endif
.if defined(WITH_SQUID_USERAGENT_LOG)
CONFIGURE_ARGS+= --enable-useragent-log
.endif
.if defined(WITH_SQUID_CUSTOM_LOG)
EXTRA_PATCHES+= ${PATCHDIR}/customlog-2.5.patch
.endif
.if defined(WITH_SQUID_ARP_ACL)
CONFIGURE_ARGS+= --enable-arp-acl
.endif
@ -315,45 +338,39 @@ CONFIGURE_ARGS+= --enable-ipf-transparent
.endif
.endif
.if defined(WITH_SQUID_FOLLOW_XFF)
EXTRA_PATCHES+= ${PATCHDIR}/follow_xff-2.5.patch \
${PATCHDIR}/follow_xff-configure.patch
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
.endif
.if defined(WITH_SQUID_ICAP)
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.5-core.patch \
${PATCHDIR}/icap-2.5-bootstrap.patch
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
${PATCHDIR}/icap-2.6-core.patch
CONFIGURE_ARGS+= --enable-icap-support
error_files+= ERR_ICAP_FAILURE
.endif
.if !defined(WITHOUT_SQUID_KQUEUE)
CONFIGURE_ARGS+= --enable-kqueue
.else
CONFIGURE_ARGS+= --disable-kqueue
.endif
.if defined(WITH_SQUID_LARGEFILE)
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
.endif
.if defined(WITH_SQUID_STACKTRACES)
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
CONFIGURE_ARGS+= --enable-stacktraces
CFLAGS+= -g
STRIP= ""
.endif
.if !defined(WITHOUT_SQUID_RCNG)
USE_RC_SUBR= squid.sh
rc_del= rcold
rc_state= rcng
.else
SUB_FILES+= squid.sh
etc_files+= rc.d/squid.sh
rc_del= rcng
rc_state= rcold
.endif
# Languages:
#
# If you do not define SQUID_LANGUAGES yourself, all available language files
# will be installed; the default language will be English.
SQUID_LANGUAGES?= \
Azerbaijani Bulgarian Catalan Czech Danish Dutch English Estonian Finnish \
French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian \
Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
English Estonian Finnish French German Greek Hebrew \
Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
Serbian Simplify_Chinese Slovak Spanish Swedish \
Traditional_Chinese Turkish
SQUID_DEFAULT_LANG?= English
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
--enable-default-err-language=${SQUID_DEFAULT_LANG}
@ -378,7 +395,8 @@ PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
post-patch:
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
@ -387,31 +405,16 @@ pre-install:
# Prevent installation of .orig files by deleting them.
@${FIND} ${WRKSRC} -name '*.bak' -delete
@${FIND} ${WRKSRC} -name '*.orig' -delete
# create the start script:
@${REINPLACE_CMD} \
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
-e '/--.*${rc_state}/d' ${WRKDIR}/squid.sh
# create variable information in pkg-message:
@${REINPLACE_CMD} \
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
-e '/--.*${rc_state}/d' ${PKGMESSAGE}
pre-su-install:
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
# Create cachemgr.conf.default manually since squid's install routine
# unfortunately fails to do so:
${INSTALL_DATA} ${WRKSRC}/src/cachemgr.conf \
${PREFIX}/etc/squid/cachemgr.conf.default
.if defined(WITH_SQUID_PINGER)
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
.endif
.if defined(WITHOUT_SQUID_RCNG)
${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/
.endif
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
@ -423,50 +426,5 @@ post-install:
@${ECHO_CMD} ""
@${CAT} ${PKGMESSAGE}
@${ECHO_CMD} ""
changeuser:
# Recover from the problem that earlier versions of this port created the
# squid pseudo-user with an id greater than 999 which is not allowed in
# FreeBSD's ports system. The port now uses id 100:100.
# NOTE:
# This target assumes that SQUID_GID is the primary group of SQUID_UID. If you
# have a different setup, do not run this target!
.if ${SQUID_UID:L} == nobody
@${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \
${ECHO_CMD} "this target!"
${FALSE}
.endif
@if [ `${ID} -u` -ne 0 ]; \
then ${ECHO_CMD} "Sorry, you must be root to use this target."; ${FALSE}; fi; \
current_uid=`id -u ${SQUID_UID}`; \
current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \
${ECHO_CMD} "I will remove this user:"; \
${ID} -P $${current_uid}; \
${ECHO_CMD} "and this group:"; \
pw groupshow ${SQUID_GID}; \
${ECHO_CMD} "I will then re-create them with a user and group id of 100."; \
${ECHO_CMD} "Then all files and directories under ${PREFIX} and /var that"; \
${ECHO_CMD} "are owned by uid $${current_uid} will be chown(1)'ed."; \
${ECHO_CMD} "After that, all files and directories that were accessible"; \
${ECHO_CMD} "by group $${current_gid} will chgrp(1)'ed respectively."; \
${ECHO_CMD} "Note that this assumes group '${SQUID_GID}' to be the primary"; \
${ECHO_CMD} "group of user '${SQUID_UID}'. If you have a different setup"; \
${ECHO_CMD} "please abort this target now."; \
read -p "Press RETURN to continue or CTRL-C to abort:" dummy ; \
${ECHO_CMD} "OK, here we go:"; \
${ECHO_CMD} "deleting user $${current_uid} and his primary group..."; \
pw userdel -u $${current_uid}; \
${ECHO_CMD} "adding user ${SQUID_UID} with id 100..."; \
pw groupadd -n ${SQUID_GID} -g 100; \
pw useradd -n ${SQUID_UID} -u 100 -c "squid caching-proxy pseudo user" \
-d ${PREFIX}/squid -s /sbin/nologin -h - ; \
${ECHO_CMD} "chown(1)'ing everything under ${PREFIX} from $${current_uid} to 100..."; \
${FIND} -H ${PREFIX} -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
${ECHO_CMD} "chgrp(1)'ing everything under ${PREFIX} from $${current_gid} to 100..."; \
${FIND} -H ${PREFIX} -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
${ECHO_CMD} "chown(1)'ing everything under /var from $${current_uid} to 100..."; \
${FIND} -H /var -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
${ECHO_CMD} "chgrp(1)'ing everything under /var from $${current_gid} to 100..."; \
${FIND} -H /var -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
${ECHO_CMD} "Finished."
.include <bsd.port.post.mk>

12
www/squid30/distinfo
View File

@ -1,9 +1,3 @@
MD5 (squid2.5/squid-2.5.STABLE14.tar.bz2) = f413e0b887a5f9b2a75350243ed5564c
SHA256 (squid2.5/squid-2.5.STABLE14.tar.bz2) = c4eaee0e5ee42f46060217df9a88d628d244c0a543feab8296e44269e57ec7bd
SIZE (squid2.5/squid-2.5.STABLE14.tar.bz2) = 1073745
MD5 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1529f8b0170e24b26353578778435bd4
SHA256 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 9e99132b8efb07e3465d5e33749aa450daecfa3acde73755b6a3589d09d19285
SIZE (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1277
MD5 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 9abe563ca3d01dc58502737edc6f3c60
SHA256 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 6c98f1f2351b79cfc3f956ed1c46d86c7a53aac0ba28203a33f2dadc7d1e96fe
SIZE (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 1319
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060

1597
www/squid30/files/customlog-2.5.patch
View File

File diff suppressed because it is too large Load Diff

0
www/squid27/files/extra-patch-src-cf.data.pre.aufs → www/squid30/files/extra-patch-src-cf.data.pre.aufs
View File

411
www/squid30/files/follow_xff-2.5.patch
View File

@ -1,411 +0,0 @@
! This is a reduced part of the original follow-XFF patchset from
! devel.squid-cache.org for use with the FreeBSD squid-2.5 port.
Index: src/acl.c
--- src/acl.c 13 May 2003 02:14:12 -0000 1.43.2.16
+++ src/acl.c 23 Nov 2003 14:20:12 -0000
@@ -2001,6 +2001,11 @@
cbdataLock(A);
if (request != NULL) {
checklist->request = requestLink(request);
+#if FOLLOW_X_FORWARDED_FOR
+ if (Config.onoff.acl_uses_indirect_client) {
+ checklist->src_addr = request->indirect_client_addr;
+ } else
+#endif /* FOLLOW_X_FORWARDED_FOR */
checklist->src_addr = request->client_addr;
checklist->my_addr = request->my_addr;
checklist->my_port = request->my_port;
Index: src/cf.data.pre
--- src/cf.data.pre 7 Nov 2003 03:14:30 -0000 1.49.2.46
+++ src/cf.data.pre 23 Nov 2003 14:20:17 -0000
@@ -2065,6 +2065,92 @@
NOCOMMENT_END
DOC_END
+NAME: follow_x_forwarded_for
+TYPE: acl_access
+IFDEF: FOLLOW_X_FORWARDED_FOR
+LOC: Config.accessList.followXFF
+DEFAULT: none
+DEFAULT_IF_NONE: deny all
+DOC_START
+ Allowing or Denying the X-Forwarded-For header to be followed to
+ find the original source of a request.
+
+ Requests may pass through a chain of several other proxies
+ before reaching us. The X-Forwarded-For header will contain a
+ comma-separated list of the IP addresses in the chain, with the
+ rightmost address being the most recent.
+
+ If a request reaches us from a source that is allowed by this
+ configuration item, then we consult the X-Forwarded-For header
+ to see where that host received the request from. If the
+ X-Forwarded-For header contains multiple addresses, and if
+ acl_uses_indirect_client is on, then we continue backtracking
+ until we reach an address for which we are not allowed to
+ follow the X-Forwarded-For header, or until we reach the first
+ address in the list. (If acl_uses_indirect_client is off, then
+ it's impossible to backtrack through more than one level of
+ X-Forwarded-For addresses.)
+
+ The end result of this process is an IP address that we will
+ refer to as the indirect client address. This address may
+ be treated as the client address for access control, delay
+ pools and logging, depending on the acl_uses_indirect_client,
+ delay_pool_uses_indirect_client and log_uses_indirect_client
+ options.
+
+ SECURITY CONSIDERATIONS:
+
+ Any host for which we follow the X-Forwarded-For header
+ can place incorrect information in the header, and Squid
+ will use the incorrect information as if it were the
+ source address of the request. This may enable remote
+ hosts to bypass any access control restrictions that are
+ based on the client's source addresses.
+
+ For example:
+
+ acl localhost src 127.0.0.1
+ acl my_other_proxy srcdomain .proxy.example.com
+ follow_x_forwarded_for allow localhost
+ follow_x_forwarded_for allow my_other_proxy
+DOC_END
+
+NAME: acl_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR
+DEFAULT: on
+LOC: Config.onoff.acl_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in acl matching.
+DOC_END
+
+NAME: delay_pool_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR && DELAY_POOLS
+DEFAULT: on
+LOC: Config.onoff.delay_pool_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in delay pools.
+DOC_END
+
+NAME: log_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR
+DEFAULT: on
+LOC: Config.onoff.log_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in the access log.
+DOC_END
+
NAME: http_access
TYPE: acl_access
LOC: Config.accessList.http
Index: src/client_side.c
--- src/client_side.c 2 Sep 2003 02:13:45 -0000 1.47.2.39
+++ src/client_side.c 23 Nov 2003 14:20:22 -0000
@@ -109,6 +109,11 @@
#if USE_IDENT
static IDCB clientIdentDone;
#endif
+#if FOLLOW_X_FORWARDED_FOR
+static void clientFollowXForwardedForStart(void *data);
+static void clientFollowXForwardedForNext(void *data);
+static void clientFollowXForwardedForDone(int answer, void *data);
+#endif /* FOLLOW_X_FORWARDED_FOR */
static int clientOnlyIfCached(clientHttpRequest * http);
static STCB clientSendMoreData;
static STCB clientCacheHit;
@@ -177,10 +182,179 @@
return ch;
}
+#if FOLLOW_X_FORWARDED_FOR
+/*
+ * clientFollowXForwardedForStart() copies the X-Forwarded-For
+ * header into x_forwarded_for_iterator and passes control to
+ * clientFollowXForwardedForNext().
+ *
+ * clientFollowXForwardedForNext() checks the indirect_client_addr
+ * against the followXFF ACL and passes the result to
+ * clientFollowXForwardedForDone().
+ *
+ * clientFollowXForwardedForDone() either grabs the next address
+ * from the tail of x_forwarded_for_iterator and loops back to
+ * clientFollowXForwardedForNext(), or cleans up and passes control to
+ * clientAccessCheck().
+ */
+
+static void
+clientFollowXForwardedForStart(void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ if (Config.accessList.followXFF
+ && httpHeaderHas(&request->header, HDR_X_FORWARDED_FOR))
+ {
+ request->x_forwarded_for_iterator = httpHeaderGetList(
+ &request->header, HDR_X_FORWARDED_FOR);
+ debug(33, 5) ("clientFollowXForwardedForStart: indirect_client_addr=%s XFF='%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ strBuf(request->x_forwarded_for_iterator));
+ clientFollowXForwardedForNext(http);
+ } else {
+ /* not configured to follow X-Forwarded-For, or nothing to follow */
+ debug(33, 5) ("clientFollowXForwardedForStart: nothing to do\n");
+ clientFollowXForwardedForDone(-1, http);
+ }
+}
+
+static void
+clientFollowXForwardedForNext(void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ debug(33, 5) ("clientFollowXForwardedForNext: indirect_client_addr=%s XFF='%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ strBuf(request->x_forwarded_for_iterator));
+ if (strLen(request->x_forwarded_for_iterator) != 0) {
+ /* check the acl to see whether to believe the X-Forwarded-For header */
+ http->acl_checklist = clientAclChecklistCreate(
+ Config.accessList.followXFF, http);
+ aclNBCheck(http->acl_checklist, clientFollowXForwardedForDone, http);
+ } else {
+ /* nothing left to follow */
+ debug(33, 5) ("clientFollowXForwardedForNext: nothing more to do\n");
+ clientFollowXForwardedForDone(-1, http);
+ }
+}
+
+static void
+clientFollowXForwardedForDone(int answer, void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ /*
+ * answer should be be ACCESS_ALLOWED or ACCESS_DENIED if we are
+ * called as a result of ACL checks, or -1 if we are called when
+ * there's nothing left to do.
+ */
+ if (answer == ACCESS_ALLOWED) {
+ /*
+ * The IP address currently in request->indirect_client_addr
+ * is trusted to use X-Forwarded-For. Remove the last
+ * comma-delimited element from x_forwarded_for_iterator and use
+ * it to to replace indirect_client_addr, then repeat the cycle.
+ */
+ const char *p;
+ const char *asciiaddr;
+ int l;
+ struct in_addr addr;
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s is trusted\n",
+ inet_ntoa(request->indirect_client_addr));
+ p = strBuf(request->x_forwarded_for_iterator);
+ l = strLen(request->x_forwarded_for_iterator);
+
+ /*
+ * XXX x_forwarded_for_iterator should really be a list of
+ * IP addresses, but it's a String instead. We have to
+ * walk backwards through the String, biting off the last
+ * comma-delimited part each time. As long as the data is in
+ * a String, we should probably implement and use a variant of
+ * strListGetItem() that walks backwards instead of forwards
+ * through a comma-separated list. But we don't even do that;
+ * we just do the work in-line here.
+ */
+ /* skip trailing space and commas */
+ while (l > 0 && (p[l-1] == ',' || xisspace(p[l-1])))
+ l--;
+ strCut(request->x_forwarded_for_iterator, l);
+ /* look for start of last item in list */
+ while (l > 0 && ! (p[l-1] == ',' || xisspace(p[l-1])))
+ l--;
+ asciiaddr = p+l;
+ if (inet_aton(asciiaddr, &addr) == 0) {
+ /* the address is not well formed; do not use it */
+ debug(33, 3) ("clientFollowXForwardedForDone: malformed address '%s'\n",
+ asciiaddr);
+ goto done;
+ }
+ debug(33, 3) ("clientFollowXForwardedForDone: changing indirect_client_addr from %s to '%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ asciiaddr);
+ request->indirect_client_addr = addr;
+ strCut(request->x_forwarded_for_iterator, l);
+ if (! Config.onoff.acl_uses_indirect_client) {
+ /*
+ * If acl_uses_indirect_client is off, then it's impossible
+ * to follow more than one level of X-Forwarded-For.
+ */
+ goto done;
+ }
+ clientFollowXForwardedForNext(http);
+ return;
+ } else if (answer == ACCESS_DENIED) {
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s not trusted\n",
+ inet_ntoa(request->indirect_client_addr));
+ } else {
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s nothing more to do\n",
+ inet_ntoa(request->indirect_client_addr));
+ }
+done:
+ /* clean up, and pass control to clientAccessCheck */
+ debug(33, 6) ("clientFollowXForwardedForDone: cleanup\n");
+ if (Config.onoff.log_uses_indirect_client) {
+ /*
+ * Ensure that the access log shows the indirect client
+ * instead of the direct client.
+ */
+ ConnStateData *conn = http->conn;
+ conn->log_addr = request->indirect_client_addr;
+ conn->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr;
+ debug(33, 3) ("clientFollowXForwardedForDone: setting log_addr=%s\n",
+ inet_ntoa(conn->log_addr));
+ }
+ stringClean(&request->x_forwarded_for_iterator);
+ request->flags.done_follow_x_forwarded_for = 1;
+ http->acl_checklist = NULL; /* XXX do we need to aclChecklistFree() ? */
+ clientAccessCheck(http);
+}
+#endif /* FOLLOW_X_FORWARDED_FOR */
+
void
clientAccessCheck(void *data)
{
clientHttpRequest *http = data;
+#if FOLLOW_X_FORWARDED_FOR
+ if (! http->request->flags.done_follow_x_forwarded_for
+ && httpHeaderHas(&http->request->header, HDR_X_FORWARDED_FOR))
+ {
+ /*
+ * There's an X-ForwardedFor header and we haven't yet tried
+ * to follow it to find the indirect_client_addr. Follow it now.
+ * clientFollowXForwardedForDone() will eventually pass control
+ * back to us.
+ *
+ * XXX perhaps our caller should have called
+ * clientFollowXForwardedForStart instead. Then we wouldn't
+ * need to do this little dance transferring control over
+ * there and then back here, and we wouldn't need the
+ * done_follow_x_forwarded_for flag.
+ */
+ clientFollowXForwardedForStart(data);
+ return;
+ }
+#endif /* FOLLOW_X_FORWARDED_FOR */
if (checkAccelOnly(http)) {
/* deny proxy requests in accel_only mode */
debug(33, 1) ("clientAccessCheck: proxy request denied in accel_only mode\n");
@@ -325,6 +499,9 @@
new_request->http_ver = old_request->http_ver;
httpHeaderAppend(&new_request->header, &old_request->header);
new_request->client_addr = old_request->client_addr;
+#if FOLLOW_X_FORWARDED_FOR
+ new_request->indirect_client_addr = old_request->indirect_client_addr;
+#endif /* FOLLOW_X_FORWARDED_FOR */
new_request->my_addr = old_request->my_addr;
new_request->my_port = old_request->my_port;
new_request->flags.redirected = 1;
@@ -3051,6 +3228,9 @@
safe_free(http->log_uri);
http->log_uri = xstrdup(urlCanonicalClean(request));
request->client_addr = conn->peer.sin_addr;
+#if FOLLOW_X_FORWARDED_FOR
+ request->indirect_client_addr = request->client_addr;
+#endif /* FOLLOW_X_FORWARDED_FOR */
request->my_addr = conn->me.sin_addr;
request->my_port = ntohs(conn->me.sin_port);
request->http_ver = http->http_ver;
Index: src/delay_pools.c
--- src/delay_pools.c 19 Jun 2003 02:13:57 -0000 1.5.54.6
+++ src/delay_pools.c 23 Nov 2003 14:20:23 -0000
@@ -318,6 +318,11 @@
r = http->request;
memset(&ch, '\0', sizeof(ch));
+#if FOLLOW_X_FORWARDED_FOR
+ if (Config.onoff.delay_pool_uses_indirect_client) {
+ ch.src_addr = r->indirect_client_addr;
+ } else
+#endif /* FOLLOW_X_FORWARDED_FOR */
ch.src_addr = r->client_addr;
ch.my_addr = r->my_addr;
ch.my_port = r->my_port;
*** src/structs.h.orig Sun Jun 26 12:45:58 2005
--- src/structs.h Sun Jun 26 12:48:45 2005
***************
*** 610,615 ****
--- 610,620 ----
int accel_uses_host_header;
int accel_no_pmtu_disc;
int global_internal_static;
+ #if FOLLOW_X_FORWARDED_FOR
+ int acl_uses_indirect_client;
+ int delay_pool_uses_indirect_client;
+ int log_uses_indirect_client;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
} onoff;
acl *aclList;
struct {
***************
*** 631,636 ****
--- 636,644 ----
acl_access *reply;
acl_address *outgoing_address;
acl_tos *outgoing_tos;
+ #if FOLLOW_X_FORWARDED_FOR
+ acl_access *followXFF;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
} accessList;
acl_deny_info_list *denyInfoList;
struct _authConfig {
***************
*** 1623,1628 ****
--- 1631,1641 ----
unsigned int body_sent:1;
unsigned int reset_tcp:1;
unsigned int must_keepalive:1;
+ #if FOLLOW_X_FORWARDED_FOR
+ /* XXX this flag could be eliminated;
+ * see comments in clientAccessCheck */
+ unsigned int done_follow_x_forwarded_for;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
};
struct _link_list {
***************
*** 1666,1671 ****
--- 1679,1687 ----
int max_forwards;
/* these in_addr's could probably be sockaddr_in's */
struct in_addr client_addr;
+ #if FOLLOW_X_FORWARDED_FOR
+ struct in_addr indirect_client_addr; /* after following X-Forwarded-For */
+ #endif /* FOLLOW_X_FORWARDED_FOR */
struct in_addr my_addr;
unsigned short my_port;
HttpHeader header;
***************
*** 1677,1682 ****
--- 1693,1703 ----
const char *vary_headers; /* Used when varying entities are detected. Changes how the store key is calculated */
BODY_HANDLER *body_reader;
void *body_reader_data;
+ #if FOLLOW_X_FORWARDED_FOR
+ /* XXX a list of IP addresses would be a better data structure
+ * than this String */
+ String x_forwarded_for_iterator;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
};
struct _cachemgr_passwd {

65
www/squid30/files/follow_xff-configure.patch
View File

@ -1,65 +0,0 @@
!Simulate the autotools bootstrap of the follow-x-forwarded-for patchset.
!
!Beware that all line number informations in configure.log greater
!than 2972 are offset by at least -29 (correcting all line numbers would have
!bloated the patch by 92kB!)
--- include/autoconf.h.in.orig Sat Jan 18 02:46:11 2003
+++ include/autoconf.h.in Thu Jun 24 13:19:07 2004
@@ -291,6 +291,12 @@
#define USE_IDENT 1
/*
+ * Compile in support for following X-Forwarded-For headers?
+ * Enabled by default.
+ */
+#define FOLLOW_X_FORWARDED_FOR 1
+
+/*
* If your system has statvfs(), and if it actually works!
*/
#undef HAVE_STATVFS
--- configure.orig Thu Sep 22 10:16:26 2005
+++ configure Thu Sep 22 17:29:01 2005
@@ -249,6 +249,12 @@
if you build as another user who is not privileged
to use the number of filedescriptors you want the
resulting binary to support"
+ac_help="$ac_help
+ --enable-follow-x-forwarded-for
+ Enable support for following the X-Forwarded-For
+ HTTP header to try to find the IP address of the
+ original or indirect client when a request has
+ been forwarded through other proxies."
# Initialize some variables set by options.
# The variables have the same names as the options, with
@@ -3255,6 +3261,29 @@
fi
+
+follow_xff=1
+# Check whether --enable-follow-x-forwarded-for or --disable-follow-x-forwarded-for was given.
+if test "${enable_follow_x_forwarded_for+set}" = set; then
+ enableval="$enable_follow_x_forwarded_for"
+ if test "$enableval" = "yes" ; then
+ echo "follow X-Forwarded-For enabled"
+ follow_xff=1
+ fi
+
+fi
+
+if test $follow_xff = 1; then
+ cat >> confdefs.h <<\EOF
+#define FOLLOW_X_FORWARDED_FOR 1
+EOF
+
+else
+ cat >> confdefs.h <<\EOF
+#define FOLLOW_X_FORWARDED_FOR 0
+EOF
+
+fi
# Force some compilers to use ANSI features
#

422
www/squid30/files/icap-2.5-bootstrap.patch
View File

@ -1,422 +0,0 @@
Patch 2 of 2 to integrate the icap-2_5 branch into the FreeBSD squid port.
Created by Thomas-Martin Seck <tmseck@netcologne.de>.
This patch simulates the autotools bootstrap necessary after applying the
ICAP patchset.
Please see icap-2.5-core.patch for further information.
Patch last updated: 2005-12-17
--- configure.orig Sat Oct 22 11:56:01 2005
+++ configure Sat Dec 17 17:45:21 2005
@@ -70,6 +70,8 @@
ac_help="$ac_help
--enable-delay-pools Enable delay pools to limit bandwidth usage"
ac_help="$ac_help
+ --enable-icap-support Enable iCAP client capability"
+ac_help="$ac_help
--enable-useragent-log Enable logging of User-Agent header"
ac_help="$ac_help
--enable-referer-log Enable logging of Referer header"
@@ -2170,6 +2172,38 @@
+
+if false; then
+ USE_ICAP_TRUE=
+ USE_ICAP_FALSE='#'
+else
+ USE_ICAP_TRUE='#'
+ USE_ICAP_FALSE=
+fi
+# Check whether --enable-icap-support or --disable-icap-support was given.
+if test "${enable_icap_support+set}" = set; then
+ enableval="$enable_icap_support"
+ if test "$enableval" = "yes" ; then
+ echo "ICAP support enabled"
+ cat >> confdefs.h <<\EOF
+#define HS_FEAT_ICAP 1
+EOF
+
+
+
+if true; then
+ USE_ICAP_TRUE=
+ USE_ICAP_FALSE='#'
+else
+ USE_ICAP_TRUE='#'
+ USE_ICAP_FALSE=
+fi
+ fi
+
+fi
+
+
+
# Check whether --enable-useragent-log or --disable-useragent-log was given.
if test "${enable_useragent_log+set}" = set; then
enableval="$enable_useragent_log"
@@ -7428,14 +7462,14 @@
fi
;;
esac
- echo $ac_n "checking for main in -lpthread""... $ac_c" 1>&6
-echo "configure:7433: checking for main in -lpthread" >&5
+ echo $ac_n "checking for main in -pthread""... $ac_c" 1>&6
+echo "configure:7433: checking for main in -pthread" >&5
ac_lib_var=`echo pthread'_'main | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
-LIBS="-lpthread $LIBS"
+LIBS="-pthread $LIBS"
cat > conftest.$ac_ext <<EOF
#line 7441 "configure"
#include "confdefs.h"
@@ -7465,7 +7499,7 @@
#define $ac_tr_lib 1
EOF
- LIBS="-lpthread $LIBS"
+ LIBS="-pthread $LIBS"
else
echo "$ac_t""no" 1>&6
@@ -7769,6 +7803,8 @@
srand48 \
srandom \
statfs \
+ strnstr \
+ strcasestr \
strtoll \
sysconf \
syslog \
@@ -7898,6 +7934,50 @@
fi
fi
+
+if false; then
+ NEED_OWN_STRNSTR_TRUE=
+ NEED_OWN_STRNSTR_FALSE='#'
+else
+ NEED_OWN_STRNSTR_TRUE='#'
+ NEED_OWN_STRNSTR_FALSE=
+fi
+if test "$ac_cv_func_strnstr" = "no" || test "$ac_cv_func_vstrnstr" = "no" ; then
+
+
+if true; then
+ NEED_OWN_STRNSTR_TRUE=
+ NEED_OWN_STRNSTR_FALSE='#'
+else
+ NEED_OWN_STRNSTR_TRUE='#'
+ NEED_OWN_STRNSTR_FALSE=
+fi
+fi
+
+
+
+if false; then
+ NEED_OWN_STRCASESTR_TRUE=
+ NEED_OWN_STRCASESTR_FALSE='#'
+else
+ NEED_OWN_STRCASESTR_TRUE='#'
+ NEED_OWN_STRCASESTR_FALSE=
+fi
+if test "$ac_cv_func_strcasestr" = "no" || test "$ac_cv_func_vstrcasestr" = "no"; then
+
+
+if true; then
+ NEED_OWN_STRCASESTR_TRUE=
+ NEED_OWN_STRCASESTR_FALSE='#'
+else
+ NEED_OWN_STRCASESTR_TRUE='#'
+ NEED_OWN_STRCASESTR_FALSE=
+fi
+fi
+
+
+
+
echo $ac_n "checking if va_copy is implemented""... $ac_c" 1>&6
echo "configure:7903: checking if va_copy is implemented" >&5
if eval "test \"`echo '$''{'ac_cv_func_va_copy'+set}'`\" = set"; then
@@ -9072,6 +9152,8 @@
s%@ENABLE_PINGER_FALSE@%$ENABLE_PINGER_FALSE%g
s%@USE_DELAY_POOLS_TRUE@%$USE_DELAY_POOLS_TRUE%g
s%@USE_DELAY_POOLS_FALSE@%$USE_DELAY_POOLS_FALSE%g
+s%@USE_ICAP_TRUE@%$USE_ICAP_TRUE%g
+s%@USE_ICAP_FALSE@%$USE_ICAP_FALSE%g
s%@USE_SNMP_TRUE@%$USE_SNMP_TRUE%g
s%@USE_SNMP_FALSE@%$USE_SNMP_FALSE%g
s%@SNMPLIB@%$SNMPLIB%g
@@ -9118,6 +9200,10 @@
s%@LIB_LBER@%$LIB_LBER%g
s%@NEED_OWN_SNPRINTF_TRUE@%$NEED_OWN_SNPRINTF_TRUE%g
s%@NEED_OWN_SNPRINTF_FALSE@%$NEED_OWN_SNPRINTF_FALSE%g
+s%@NEED_OWN_STRNSTR_TRUE@%$NEED_OWN_STRNSTR_TRUE%g
+s%@NEED_OWN_STRNSTR_FALSE@%$NEED_OWN_STRNSTR_FALSE%g
+s%@NEED_OWN_STRCASESTR_TRUE@%$NEED_OWN_STRCASESTR_TRUE%g
+s%@NEED_OWN_STRCASESTR_FALSE@%$NEED_OWN_STRCASESTR_FALSE%g
s%@REGEXLIB@%$REGEXLIB%g
s%@LIBREGEX@%$LIBREGEX%g
s%@LIBOBJS@%$LIBOBJS%g
--- include/autoconf.h.in.orig Tue Sep 13 02:12:34 2005
+++ include/autoconf.h.in Sat Dec 17 17:45:21 2005
@@ -124,6 +124,11 @@
*/
#undef DELAY_POOLS
+/*
+ * ICAP - Internet Content Adaptation Protocol
+ */
+#undef HS_FEAT_ICAP
+
/*
* If you want to log User-Agent request header values, define this.
* By default, they are written to useragent.log in the Squid log
@@ -574,6 +579,12 @@
/* Define if you have the statfs function. */
#undef HAVE_STATFS
+
+/* Define if you have the strcasestr function. */
+#undef HAVE_STRCASESTR
+
+/* Define if you have the strnstr function. */
+#undef HAVE_STRNSTR
/* Define if you have the strerror function. */
#undef HAVE_STRERROR
--- lib/Makefile.in.orig Wed Sep 28 22:57:20 2005
+++ lib/Makefile.in Sat Dec 17 17:45:21 2005
@@ -123,6 +123,13 @@
@NEED_OWN_SNPRINTF_TRUE@SNPRINTFSOURCE = snprintf.c
@NEED_OWN_SNPRINTF_FALSE@SNPRINTFSOURCE =
+
+@NEED_OWN_STRNSTR_TRUE@STRNSTRSOURCE = strnstr.c
+@NEED_OWN_STRNSTR_FALSE@STRNSTRSOURCE =
+
+@NEED_OWN_STRCASESTR_TRUE@STRCASESTRSOURCE = strcasestr.c
+@NEED_OWN_STRCASESTR_FALSE@STRCASESTRSOURCE =
+
@NEED_OWN_MD5_TRUE@MD5SOURCE = md5.c
@NEED_OWN_MD5_FALSE@MD5SOURCE =
@@ -158,6 +165,8 @@
$(SNPRINTFSOURCE) \
splay.c \
Stack.c \
+ $(STRNSTRSOURCE) \
+ $(STRCASESTRSOURCE) \
stub_memaccount.c \
util.c \
uudecode.c
@@ -196,13 +205,18 @@
@NEED_OWN_MD5_FALSE@am__objects_1 =
@NEED_OWN_SNPRINTF_FALSE@am__objects_2 =
@NEED_OWN_SNPRINTF_TRUE@am__objects_2 = snprintf.$(OBJEXT)
+@NEED_OWN_STRNSTR_FALSE@am__objects_3 =
+@NEED_OWN_STRNSTR_TRUE@am__objects_3 = strnstr.$(OBJEXT)
+@NEED_OWN_STRCASESTR_TRUE@am__objects_4 = strcasestr.$(OBJEXT)
+@NEED_OWN_STRCASESTR_FALSE@am__objects_4 =
am_libmiscutil_a_OBJECTS = Array.$(OBJEXT) base64.$(OBJEXT) \
getfullhostname.$(OBJEXT) hash.$(OBJEXT) heap.$(OBJEXT) \
html_quote.$(OBJEXT) iso3307.$(OBJEXT) $(am__objects_1) \
radix.$(OBJEXT) rfc1035.$(OBJEXT) rfc1123.$(OBJEXT) \
rfc1738.$(OBJEXT) rfc2617.$(OBJEXT) safe_inet_addr.$(OBJEXT) \
$(am__objects_2) splay.$(OBJEXT) Stack.$(OBJEXT) \
- stub_memaccount.$(OBJEXT) util.$(OBJEXT) uudecode.$(OBJEXT)
+ $(am__objects_3) $(am__objects_4) stub_memaccount.$(OBJEXT) \
+ util.$(OBJEXT) uudecode.$(OBJEXT)
libmiscutil_a_OBJECTS = $(am_libmiscutil_a_OBJECTS)
libntlmauth_a_AR = $(AR) cru
libntlmauth_a_DEPENDENCIES = @LIBOBJS@
@@ -224,15 +238,16 @@
@AMDEP_TRUE@ $(DEPDIR)/dlmalloc.Po $(DEPDIR)/drand48.Po \
@AMDEP_TRUE@ $(DEPDIR)/getfullhostname.Po $(DEPDIR)/hash.Po \
@AMDEP_TRUE@ $(DEPDIR)/heap.Po $(DEPDIR)/html_quote.Po \
-@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/initgroups.Po \
-@AMDEP_TRUE@ $(DEPDIR)/iso3307.Po $(DEPDIR)/md5.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ntlmauth.Po $(DEPDIR)/radix.Po \
-@AMDEP_TRUE@ $(DEPDIR)/rfc1035.Po $(DEPDIR)/rfc1123.Po \
-@AMDEP_TRUE@ $(DEPDIR)/rfc1738.Po $(DEPDIR)/rfc2617.Po \
-@AMDEP_TRUE@ $(DEPDIR)/safe_inet_addr.Po $(DEPDIR)/snprintf.Po \
-@AMDEP_TRUE@ $(DEPDIR)/splay.Po $(DEPDIR)/strerror.Po \
-@AMDEP_TRUE@ $(DEPDIR)/stub_memaccount.Po $(DEPDIR)/tempnam.Po \
-@AMDEP_TRUE@ $(DEPDIR)/util.Po $(DEPDIR)/uudecode.Po
+@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/iso3307.Po \
+@AMDEP_TRUE@ $(DEPDIR)/md5.Po $(DEPDIR)/ntlmauth.Po \
+@AMDEP_TRUE@ $(DEPDIR)/radix.Po $(DEPDIR)/rfc1035.Po \
+@AMDEP_TRUE@ $(DEPDIR)/rfc1123.Po $(DEPDIR)/rfc1738.Po \
+@AMDEP_TRUE@ $(DEPDIR)/rfc2617.Po $(DEPDIR)/safe_inet_addr.Po \
+@AMDEP_TRUE@ $(DEPDIR)/snprintf.Po $(DEPDIR)/splay.Po \
+@AMDEP_TRUE@ $(DEPDIR)/strcasestr.Po $(DEPDIR)/strerror.Po \
+@AMDEP_TRUE@ $(DEPDIR)/strnstr.Po $(DEPDIR)/stub_memaccount.Po \
+@AMDEP_TRUE@ $(DEPDIR)/tempnam.Po $(DEPDIR)/util.Po \
+@AMDEP_TRUE@ $(DEPDIR)/uudecode.Po
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
@@ -241,8 +256,8 @@
DIST_SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) \
$(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) \
$(libregex_a_SOURCES)
-DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c \
- initgroups.c strerror.c tempnam.c
+DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c strerror.c \
+ tempnam.c
SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) $(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) $(libregex_a_SOURCES)
all: all-am
@@ -295,7 +310,6 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/heap.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/html_quote.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_ntoa.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/initgroups.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/iso3307.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/md5.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ntlmauth.Po@am__quote@
@@ -307,7 +321,9 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/safe_inet_addr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/snprintf.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/splay.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strcasestr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strerror.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strnstr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/stub_memaccount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tempnam.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/util.Po@am__quote@
--- src/Makefile.in.orig Wed Sep 28 22:57:21 2005
+++ src/Makefile.in Sat Dec 17 17:45:21 2005
@@ -125,6 +125,9 @@
install_sh = @install_sh@
makesnmplib = @makesnmplib@
+@USE_ICAP_TRUE@ICAPSOURCE = icap_common.c icap_reqmod.c icap_respmod.c icap_opt.c
+@USE_ICAP_FALSE@ICAPSOURCE =
+
@USE_DNSSERVER_TRUE@DNSSOURCE = dns.c
@USE_DNSSERVER_FALSE@DNSSOURCE = dns_internal.c
@USE_DNSSERVER_TRUE@DNSSERVER = dnsserver
@@ -249,6 +252,7 @@
HttpMsg.c \
HttpReply.c \
HttpRequest.c \
+ $(ICAPSOURCE) \
icmp.c \
icp_v2.c \
icp_v3.c \
@@ -468,54 +472,58 @@
pinger_LDADD = $(LDADD)
pinger_DEPENDENCIES =
pinger_LDFLAGS =
-@USE_DELAY_POOLS_TRUE@am__objects_3 = delay_pools.$(OBJEXT)
-@USE_DELAY_POOLS_FALSE@am__objects_3 =
-@USE_DNSSERVER_FALSE@am__objects_4 = dns_internal.$(OBJEXT)
-@USE_DNSSERVER_TRUE@am__objects_4 = dns.$(OBJEXT)
-@ENABLE_HTCP_TRUE@am__objects_5 = htcp.$(OBJEXT)
-@MAKE_LEAKFINDER_FALSE@am__objects_6 =
-@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
-@USE_SNMP_TRUE@am__objects_7 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
-@USE_SNMP_FALSE@am__objects_7 =
-@ENABLE_SSL_TRUE@am__objects_8 = ssl_support.$(OBJEXT)
-@ENABLE_SSL_FALSE@am__objects_8 =
-@ENABLE_UNLINKD_FALSE@am__objects_9 =
-@ENABLE_UNLINKD_TRUE@am__objects_9 = unlinkd.$(OBJEXT)
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_10 = win32.$(OBJEXT)
-@ENABLE_WIN32SPECIFIC_FALSE@am__objects_10 =
+@USE_DELAY_POOLS_FALSE@am__objects_5 =
+@USE_DELAY_POOLS_TRUE@am__objects_5 = delay_pools.$(OBJEXT)
+@USE_DNSSERVER_FALSE@am__objects_6 = dns_internal.$(OBJEXT)
+@USE_DNSSERVER_TRUE@am__objects_6 = dns.$(OBJEXT)
+@ENABLE_HTCP_TRUE@am__objects_7 = htcp.$(OBJEXT)
+@USE_ICAP_TRUE@am__objects_8 = icap_common.$(OBJEXT) \
+@USE_ICAP_TRUE@ icap_reqmod.$(OBJEXT) icap_respmod.$(OBJEXT) \
+@USE_ICAP_TRUE@ icap_opt.$(OBJEXT)
+@USE_ICAP_FALSE@am__objects_8 =
+@MAKE_LEAKFINDER_TRUE@am__objects_9 = leakfinder.$(OBJEXT)
+@MAKE_LEAKFINDER_FALSE@am__objects_9 =
+@USE_SNMP_TRUE@am__objects_10 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
+@USE_SNMP_FALSE@am__objects_10 =
+@ENABLE_SSL_FALSE@am__objects_11 =
+@ENABLE_SSL_TRUE@am__objects_11 = ssl_support.$(OBJEXT)
+@ENABLE_UNLINKD_TRUE@am__objects_12 = unlinkd.$(OBJEXT)
+@ENABLE_UNLINKD_FALSE@am__objects_12 =
+@ENABLE_WIN32SPECIFIC_FALSE@am__objects_13 =
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_13 = win32.$(OBJEXT)
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) asn.$(OBJEXT) \
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) CacheDigest.$(OBJEXT) \
cache_manager.$(OBJEXT) carp.$(OBJEXT) cbdata.$(OBJEXT) \
client_db.$(OBJEXT) client_side.$(OBJEXT) comm.$(OBJEXT) \
- comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_3) \
- disk.$(OBJEXT) $(am__objects_4) errorpage.$(OBJEXT) \
+ comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_5) \
+ disk.$(OBJEXT) $(am__objects_6) errorpage.$(OBJEXT) \
ETag.$(OBJEXT) event.$(OBJEXT) external_acl.$(OBJEXT) \
fd.$(OBJEXT) filemap.$(OBJEXT) forward.$(OBJEXT) \
fqdncache.$(OBJEXT) ftp.$(OBJEXT) gopher.$(OBJEXT) \
- helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \
+ helper.$(OBJEXT) $(am__objects_7) http.$(OBJEXT) \
HttpStatusLine.$(OBJEXT) HttpHdrCc.$(OBJEXT) \
HttpHdrRange.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \
HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \
HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) HttpReply.$(OBJEXT) \
- HttpRequest.$(OBJEXT) icmp.$(OBJEXT) icp_v2.$(OBJEXT) \
- icp_v3.$(OBJEXT) ident.$(OBJEXT) internal.$(OBJEXT) \
- ipc.$(OBJEXT) ipcache.$(OBJEXT) $(am__objects_6) \
- logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
+ HttpRequest.$(OBJEXT) $(am__objects_8) icmp.$(OBJEXT) \
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) ident.$(OBJEXT) \
+ internal.$(OBJEXT) ipc.$(OBJEXT) ipcache.$(OBJEXT) \
+ $(am__objects_9) logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
MemPool.$(OBJEXT) MemBuf.$(OBJEXT) mime.$(OBJEXT) \
multicast.$(OBJEXT) neighbors.$(OBJEXT) net_db.$(OBJEXT) \
Packer.$(OBJEXT) pconn.$(OBJEXT) peer_digest.$(OBJEXT) \
peer_select.$(OBJEXT) redirect.$(OBJEXT) referer.$(OBJEXT) \
- refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_7) \
- ssl.$(OBJEXT) $(am__objects_8) stat.$(OBJEXT) \
+ refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_10) \
+ ssl.$(OBJEXT) $(am__objects_11) stat.$(OBJEXT) \
StatHist.$(OBJEXT) String.$(OBJEXT) stmem.$(OBJEXT) \
store.$(OBJEXT) store_io.$(OBJEXT) store_client.$(OBJEXT) \
store_digest.$(OBJEXT) store_dir.$(OBJEXT) \
store_key_md5.$(OBJEXT) store_log.$(OBJEXT) \
store_rebuild.$(OBJEXT) store_swapin.$(OBJEXT) \
store_swapmeta.$(OBJEXT) store_swapout.$(OBJEXT) \
- tools.$(OBJEXT) $(am__objects_9) url.$(OBJEXT) urn.$(OBJEXT) \
+ tools.$(OBJEXT) $(am__objects_12) url.$(OBJEXT) urn.$(OBJEXT) \
useragent.$(OBJEXT) wais.$(OBJEXT) wccp.$(OBJEXT) \
- whois.$(OBJEXT) $(am__objects_10)
+ whois.$(OBJEXT) $(am__objects_13)
nodist_squid_OBJECTS = repl_modules.$(OBJEXT) auth_modules.$(OBJEXT) \
store_modules.$(OBJEXT) globals.$(OBJEXT) \
string_arrays.$(OBJEXT)
@@ -563,7 +571,9 @@
@AMDEP_TRUE@ $(DEPDIR)/fqdncache.Po $(DEPDIR)/ftp.Po \
@AMDEP_TRUE@ $(DEPDIR)/globals.Po $(DEPDIR)/gopher.Po \
@AMDEP_TRUE@ $(DEPDIR)/helper.Po $(DEPDIR)/htcp.Po \
-@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icmp.Po \
+@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icap_common.Po \
+@AMDEP_TRUE@ $(DEPDIR)/icap_opt.Po $(DEPDIR)/icap_reqmod.Po \
+@AMDEP_TRUE@ $(DEPDIR)/icap_respmod.Po $(DEPDIR)/icmp.Po \
@AMDEP_TRUE@ $(DEPDIR)/icp_v2.Po $(DEPDIR)/icp_v3.Po \
@AMDEP_TRUE@ $(DEPDIR)/ident.Po $(DEPDIR)/internal.Po \
@AMDEP_TRUE@ $(DEPDIR)/ipc.Po $(DEPDIR)/ipcache.Po \
@@ -777,6 +787,10 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/helper.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/htcp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/http.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_common.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_opt.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_reqmod.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_respmod.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v2.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v3.Po@am__quote@

7137
www/squid30/files/icap-2.5-core.patch
View File

File diff suppressed because it is too large Load Diff

0
www/squid27/files/icap-2.6-bootstrap.patch → www/squid30/files/icap-2.6-bootstrap.patch
View File

0
www/squid27/files/icap-2.6-core.patch → www/squid30/files/icap-2.6-core.patch
View File

28
www/squid30/files/patch-src-cf.data.pre
View File

@ -1,6 +1,28 @@
--- src/cf.data.pre.orig Fri Aug 20 16:23:18 2004
+++ src/cf.data.pre Fri Aug 20 16:25:23 2004
@@ -2396,12 +2396,12 @@
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
@@ -1183,6 +1183,21 @@
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
(hard coded at 1 MB).
+
+ Note for FreeBSD users:
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
+ support for the aufs storage type, COSS will use POSIX AIO.
+ This means that you need to add the line
+
+ options VFS_AIO
+
+ to your kernel configuration in order to use COSS.
+
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
+ necessarily need to recompile your kernel.
+
+ If you compiled Squid with both support for aufs and COSS, COSS
+ will use aufs' routines and does not need special kernel support.
DOC_END
NAME: logformat
@@ -3280,12 +3295,12 @@
NAME: cache_effective_user
TYPE: string

24
www/squid30/files/patch-src-ftp.c
View File

@ -1,24 +0,0 @@
Patch for Squid bug #1857, obtained from Squid bugzilla 2007-01-15.
--- src/ftp.c.orig Sun Feb 26 00:34:13 2006
+++ src/ftp.c Mon Jan 15 19:46:29 2007
@@ -441,7 +441,7 @@
ftpState->flags.dir_slash ? rfc1738_escape_part(ftpState->old_filepath) : ".");
} else if (ftpState->typecode == 'D') {
const char *path = ftpState->flags.dir_slash ? ftpState->filepath : ".";
- storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", html_quote(path));
+ storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", rfc1738_escape_part(path));
}
storeAppendPrintf(e, "<HR noshade size=\"1px\">\n");
storeAppendPrintf(e, "<ADDRESS>\n");
@@ -689,8 +689,8 @@
snprintf(html, 8192, "%s\n", line);
return html;
}
- if (ftpState->flags.dir_slash)
- snprintf(prefix, sizeof(prefix), "%s/", rfc1738_escape_part(ftpState->dirpath));
+ if (ftpState->flags.dir_slash && ftpState->dirpath && ftpState->typecode != 'D' )
+ snprintf(prefix, 2048, "%s/", rfc1738_escape_part(ftpState->dirpath));
else
prefix[0] = '\0';
/* Handle builtin <dirup> */

0
www/squid27/files/patch-tools-Makefile.in → www/squid30/files/patch-tools-Makefile.in
View File

7
www/squid30/files/pkg-deinstall.in
View File

@ -21,12 +21,11 @@ POST-DEINSTALL)
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
echo " created by a default installation of this package, run"
echo ""
echo " pw userdel -r -n %%SQUID_UID%% -u 100"
echo ""
echo " pw userdel -n %%SQUID_UID%% -u 100"
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
echo ""
echo " To ease updates, the cache and log directories and"
echo " all configuration files modified by you were preserved."
echo " In order to ease updates the cache and log directories"
echo " and all configuration files modified by you were preserved."
echo ""
echo " Please remove them manually if you do not want to use"
echo " Squid any longer."

61
www/squid30/files/pkg-install.in
View File

@ -16,18 +16,11 @@ squid_user="%%SQUID_UID%%"
squid_group="%%SQUID_GID%%"
squid_gid=100
squid_uid=100
# Try to catch the case where the $squid_user might have been created with an
# id greater than or equal 3128. The valid exception is "nobody".
nobody_uid=65534
nobody_gid=65534
squid_oldgid=3128
squid_olduid=3128
unset wrong_id
case $2 in
PRE-INSTALL)
echo "===> Pre-installation configuration for ${pkgname}"
if ! pw groupshow ${squid_group} -q >/dev/null ; then
echo "There is no group '${squid_group}' on this system, so I will try to create it:"
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
echo "Failed to create group \"${squid_group}\"!" >&2
echo "Please create it manually." >&2
@ -37,16 +30,11 @@ PRE-INSTALL)
fi
else
echo "I will use the existing group '${squid_group}':"
current_gid=`pw groupshow ${squid_group}|cut -f 3 -d :`
if [ ${current_gid} -ge ${squid_oldgid} \
-a ${current_gid} -ne ${nobody_gid} ]; then
wrong_id=1
fi
fi
pw groupshow ${squid_group}
if ! pw usershow ${squid_user} -q >/dev/null ; then
echo "There is no account '${squid_user}' on this system, so I will try to create it:"
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
if ! pw useradd -q -n ${squid_user} \
-u ${squid_uid} -g ${squid_group} \
-c "Squid caching-proxy pseudo user" \
@ -60,53 +48,8 @@ PRE-INSTALL)
fi
else
echo "I will use the existing user '${squid_user}':"
current_uid=`id -u ${squid_user}`
if [ ${current_uid} -ge ${squid_olduid} \
-a ${current_uid} -ne ${nobody_uid} ];
then
wrong_id=1
fi
fi
pw usershow ${squid_user}
if [ "${wrong_id}" ]; then
echo ""
echo " * NOTICE *"
echo ""
echo "The Squid pseudo-user's uid and/or gid have been found"
echo "to be greater than or equal 3128."
echo ""
echo "This is not a problem as such, but violates the FreeBSD"
echo "ports' principle that a ports must not claim a uid greater"
echo "than 999."
echo ""
echo "Since version 2.5.4_11, the Squid user is thus created"
echo "with an id of ${squid_uid}:${squid_gid} while earlier versions of this"
echo "port used the first unused uid/gid greater than or"
echo "equal 3128."
echo ""
echo "If you want to change the existing Squid user's id, run"
echo "'make changeuser' after the installation has completed."
echo "If you installed this port via a package, issue the"
echo "following commands as root:"
echo ""
echo "pw userdel -u ${current_uid}"
echo "pw groupadd -n ${squid_group} -g ${squid_gid}"
echo "pw useradd -n ${squid_user} -u ${squid_uid} \\"
echo " -c \"Squid caching-proxy pseudo user\" \\"
echo " -g ${squid_group} -d ${squid_base} -s /sbin/nologin \\"
echo " -h -"
echo "find -H ${PKG_PREFIX} -user ${current_uid} -exec chown ${squid_user} {} \\;"
echo "find -H ${PKG_PREFIX} -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
echo ""
echo "In case you have installed third party software for Squid"
echo "like squidGuard, you should additionally run:"
echo "find -H /var -user ${current_uid} -exec chown ${squid_user} {} \\;"
echo "find -H /var -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
echo ""
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
sleep 30
fi
fi
for dir in cache logs; do
if [ ! -d ${squid_base}/${dir} ]; then
echo "Creating ${squid_base}/${dir}..."

21
www/squid30/files/pkg-message.in
View File

@ -1,24 +1,31 @@
o You can find the configuration files for this package in the
directory %%PREFIX%%/etc/squid.
o A cache directory has been created in %%PREFIX%%/squid/cache.
Log files will be written to %%PREFIX%%/squid/logs.
Note:
You must initialize new cache directories before you can start
Squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
If your cache directories are already initialized (e.g. after an
upgrade of Squid) you do not need to initialize them again.
upgrade of squid) you do not need to initialize them again.
o The default configuration will deny everyone access to the
proxy service. Edit the "http_access" directives in
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
--begin rcng
Please note that the Squid start script is an rc.d style script.
This means that Squid will not start automatically at boot time.
This means that Squid will not start automatically at boot
time unless it is explicitly enabled.
To enable Squid, set squid_enable=yes in either
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
--end rcng
Note:
If you just updated your Squid installation from 2.5 or earlier,
make sure to check your Squid configuration against the 2.6 default
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
Additionally, you should check your configuration by calling
'squid -f /path/to/squid.conf -k parse' before starting Squid.

2
www/squid26/files/squid.in → www/squid30/files/squid.in
View File

@ -5,7 +5,7 @@
# PROVIDE: squid
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
#
# Note:
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
# /etc/rc.conf.d/squid to make this script actually do something. There

88
www/squid30/files/squid.sh.in
View File

@ -1,88 +0,0 @@
#!/bin/sh
#
# $FreeBSD$
#
# --begin rcng
# PROVIDE: squid
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Note:
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
# /etc/rc.conf.d/squid to make this script actually do something. There
# you can also set squid_chdir, squid_user, and squid_flags.
#
# Please see squid(8), rc.conf(5) and rc(8) for further details.
#
# --end rcng
name=squid
command=%%PREFIX%%/sbin/squid
# --begin rcng
extra_commands=reload
reload_cmd="${command} ${squid_flags} -k reconfigure"
# --end rcng
stop_cmd="squid_stop"
squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
# --begin rcng
squid_enable=${squid_enable:-"NO"}
# --end rcng
squid_flags=${squid_flags-"-D"}
squid_user=${squid_user:-%%SQUID_UID%%}
default_config=%%PREFIX%%/etc/squid/squid.conf
# --begin rcold
squid_stop() {
echo -n " ${name}"
${command} -k shutdown
while ps -xcU ${squid_user} | grep -q squid; do
sleep 2
done
}
# --end rcold
# --begin rcng
squid_stop() {
echo "Stopping ${name}."
${command} ${squid_flags} -k shutdown
run_rc_command poll
}
. %%RC_SUBR%%
rcvar=`set_rcvar`
load_rc_config ${name}
# squid(8) will not start if ${default_config} is not present so try
# to catch that beforehand via ${required_files} rather than make
# squid(8) crash.
# If you remove the default configuration file make sure to add
# '-f /path/to/your/squid.conf' to squid_flags
if [ -z "${squid_flags}" ]; then
required_files=${default_config}
fi
required_dirs=${squid_chdir}
run_rc_command "$1"
# --end rcng
# --begin rcold
case $1 in
start)
if [ -x "${command}" -a \
\( -f "${default_config}" -o "${squid_flags}" \) ]; then
echo -n " ${name}"
(cd ${squid_chdir} && exec su -fm ${squid_user} -c \
"${command} ${squid_flags}")
fi
;;
stop)
if [ -x "${command}" ]; then
${stop_cmd}
fi
;;
*)
echo "usage: ${0##*/} {start|stop}" >&2
exit 64
;;
esac
exit 0
# --end rcold

246
www/squid31/Makefile
View File

@ -9,15 +9,11 @@
# Which user/group Squid should run as (default: squid/squid).
# The user and group will be created if they do not already exist using
# a uid:gid of 100:100.
# NOTE: before version 2.5.4_6, these settings defaulted to
# nobody/nogroup.
# If you wish to keep these settings, please define SQUID_UID=nobody and
# SQUID_GID=nogroup in your make environment before you start the update.
# NOTE2:
# Before version 2.5.4_11 the numerical id chosen for SQUID_UID (and
# SQUID_GID respectively) was the first free id greater than or equal 3128.
# If you wish to move your squid user to id 100:100, run "make changeuser",
# please see the changeuser target's definition for further information.
# NOTE: older versions of Squid defaulted to nobody/nogroup.
# If you wish to run Squid as "nobody" (which is not recommended), please
# define SQUID_UID=nobody and SQUID_GID=nogroup in your make environment
# before you start the update or installation of this port.
#
# SQUID_LANGUAGES
# A list of languages for which error page files should be installed
# (default: all)
@ -39,7 +35,7 @@
# `make SQUID_CONFIGURE_ARGS="--enable-dlmalloc --enable-truncate" install'
#
# The list below may be incomplete, please see the configure script
# in the squid source distribution for the complete list of additional
# in the Squid source distribution for the complete list of additional
# options.
# Note that you probably do not need to worry about these options in most
# cases, they are included in case you want to experiment with them.
@ -47,11 +43,10 @@
# --enable-dlmalloc
# Compile and use the malloc package from Doug Lea
# --enable-gnuregex
# Compile and use the supplied GNUregex routines instead of BSD regex.
# Compile and use the supplied GNUregex routines instead of BSD regex
# (not recommended).
# --enable-xmalloc-statistics
# Show malloc statistics in status page
# --enable-time-hack
# Optimize time updates to one per second rather than calling gettimeofday()
# --enable-cachemgr-hostname=some.hostname
# Set an explicit hostname in cachemgr.cgi
# --enable-truncate
@ -69,39 +64,53 @@
# --enable-ntlm-fail-open
# Enable NTLM fail open, where a helper that fails one of the
# Authentication steps can allow Squid to still authenticate the user
#
# --enable-x-accelerator-vary
# Enable support for the X-Accelerator-Vary HTTP header. Can be used
# to indicate variance within an accelerator setup. Typically used
# together with other code that adds custom HTTP headers to the
# requests.
# --enable-forward-log
# Enable experimental forward_log directive.
# --enable-multicast-miss
# Enable experimental multicast notification of cachemisses.
PORTNAME= squid
PORTVERSION= 2.5.14
PORTREVISION= 4
PORTVERSION= 2.6.9
CATEGORIES= www
MASTER_SITES= http://www.squid-cache.org/%SUBDIR%/ \
MASTER_SITES= ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.vistech.net/pub/squid/%SUBDIR%/ \
ftp://mirrors.24-7-solutions.net/pub/squid/%SUBDIR%/ \
ftp://sunsite.auc.dk/pub/infosystems/squid/%SUBDIR%/ \
ftp://ftp.nl.uu.net/pub/unix/www/squid/%SUBDIR%/ \
ftp://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/%SUBDIR%/ \
ftp://ftp.ntua.gr/pub/www/Squid/%SUBDIR%/ \
ftp://ftp.ccs.neu.edu/pub/mirrors/squid.nlanr.net/pub/%SUBDIR%/ \
${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid/&,}
MASTER_SITE_SUBDIR= squid-2/STABLE
DISTNAME= squid-2.6.STABLE9
DIST_SUBDIR= squid2.6
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
http://www2.us.squid-cache.org/%SUBDIR%/ \
http://www3.us.squid-cache.org/%SUBDIR%/ \
http://www1.at.squid-cache.org/%SUBDIR%/ \
http://www2.nl.squid-cache.org/%SUBDIR%/ \
http://www1.ru.squid-cache.org/%SUBDIR%/ \
http://www1.uk.squid-cache.org/%SUBDIR%/ \
http://www1.gr.squid-cache.org/%SUBDIR%/ \
http://www1.jp.squid-cache.org/%SUBDIR%/ \
http://www1.tw.squid-cache.org/%SUBDIR%/
MASTER_SITE_SUBDIR= Versions/v2/2.5
DISTNAME= squid-2.5.STABLE14
DIST_SUBDIR= squid2.5
PATCH_SITES= ${MASTER_SITES}
PATCH_SITE_SUBDIR= Versions/v2/2.5/bugs
PATCHFILES= squid-2.5.STABLE14-httpReplyDestroy.patch \
squid-2.5.STABLE14-hierarchy_tag.patch
PATCH_SITE_SUBDIR= Versions/v2/2.6/changesets
PATCHFILES=
PATCH_DIST_STRIP= -p1
MAINTAINER= tmseck@netcologne.de
COMMENT= HTTP Caching Proxy
CONFLICTS= squid-2.[^5]*
CONFLICTS= squid-2.[^6]*
GNU_CONFIGURE= yes
USE_BZIP2= yes
USE_PERL5= yes
USE_RC_SUBR= squid
SQUID_UID?= squid
SQUID_GID?= squid
@ -116,20 +125,19 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_SASL_AUTH "Install SASL authentication helpers" off \
SQUID_DELAY_POOLS "Enable delay pools" off \
SQUID_SNMP "Enable SNMP support" off \
SQUID_CARP "Enable CARP support" off \
SQUID_CARP "Enable CARP support" on \
SQUID_SSL "Enable SSL support for reverse proxies" off \
SQUID_PINGER "Install the icmp helper" off \
SQUID_DNS_HELPER "Use the old 'dnsserver' helper" off \
SQUID_HTCP "Enable HTCP support" off \
SQUID_VIA_DB "Enable forward/via database" off \
SQUID_CACHE_DIGESTS "Enable cache digests" off \
SQUID_WCCP "Enable Web Cache Coordination Protocol" on \
SQUID_UNDERSCORES "Allow underscores in hostnames" on \
SQUID_CHECK_HOSTNAME "Do hostname checking" on \
SQUID_WCCP "Enable Web Cache Coordination Prot. v1" on \
SQUID_WCCPV2 "Enable Web Cache Coordination Prot. v2" off \
SQUID_STRICT_HTTP "Be strictly HTTP compliant" off \
SQUID_IDENT "Enable ident (RFC 931) lookups" on \
SQUID_REFERER_LOG "Enable Referer-header logging" off \
SQUID_USERAGENT_LOG "Enable User-Agent-header logging" off \
SQUID_CUSTOM_LOG "Enable custom log format" off \
SQUID_ARP_ACL "Enable ACLs based on ethernet address" off \
SQUID_PF "Enable transparent proxying with PF" off \
SQUID_IPFILTER "Enable transp. proxying with IPFilter" off \
@ -137,9 +145,9 @@ OPTIONS= SQUID_LDAP_AUTH "Install LDAP authentication helpers" off \
SQUID_ICAP "Enable ICAP client functionality" off \
SQUID_AUFS "Enable the aufs storage scheme" off \
SQUID_COSS "Enable the COSS storage scheme" off \
SQUID_KQUEUE "Use kqueue(2) instead of poll(2)" on \
SQUID_LARGEFILE "Support log and cache files >2GB" off \
SQUID_STACKTRACES "Create backtraces on fatal errors" off \
SQUID_RCNG "Install an rc.d style startup script" on
SQUID_STACKTRACES "Create backtraces on fatal errors" off
etc_files= squid/cachemgr.conf.default \
squid/mib.txt squid/mime.conf.default \
@ -167,37 +175,44 @@ error_files= ERR_ACCESS_DENIED ERR_CACHE_ACCESS_DENIED \
ERR_SOCKET_FAILURE ERR_TOO_BIG ERR_UNSUP_REQ \
ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT
libexec= cachemgr.cgi digest_pw_auth diskd ip_user_check \
libexec= cachemgr.cgi digest_pw_auth diskd-daemon ip_user_check \
msnt_auth ncsa_auth ntlm_auth \
pam_auth smb_auth smb_auth.sh squid_unix_group \
wb_auth wb_group wb_ntlmauth wbinfo_group.pl
pam_auth smb_auth smb_auth.sh squid_session squid_unix_group \
wbinfo_group.pl
.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
libexec+= unlinkd
.endif
sbin= RunAccel RunCache squidclient squid
sbin= RunCache squidclient squid
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \
CONFIGURE_ARGS= --bindir=${PREFIX}/sbin \
--sbindir=${PREFIX}/sbin \
--datadir=${PREFIX}/etc/squid \
--libexecdir=${PREFIX}/libexec/squid \
--localstatedir=${PREFIX}/squid \
--enable-removal-policies="lru heap"
--sysconfdir=${PREFIX}/etc/squid \
--enable-removal-policies="lru heap" \
--disable-linux-netfilter \
--disable-linux-tproxy \
--disable-epoll
.include <bsd.port.pre.mk>
# Authentication methods and modules:
basic_auth= NCSA PAM MSNT SMB winbind
external_acl= ip_user unix_group wbinfo_group winbind_group
MAN8+= pam_auth.8 squid_unix_group.8
basic_auth= NCSA PAM MSNT SMB
digest_auth= password
external_acl= ip_user session unix_group wbinfo_group
MAN8+= ncsa_auth.8 pam_auth.8 squid_session.8 squid_unix_group.8
.if defined(WITH_SQUID_LDAP_AUTH)
USE_OPENLDAP= yes
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
MAN8+= squid_ldap_auth.8 squid_ldap_group.8
basic_auth+= LDAP
digest_auth+= ldap
external_acl+= ldap_group
libexec+= squid_ldap_auth squid_ldap_group
libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group
.endif
.if defined(WITH_SQUID_SASL_AUTH)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
@ -213,23 +228,33 @@ libexec+= yp_auth
.endif
CONFIGURE_ARGS+= --enable-auth="basic ntlm digest" \
--enable-basic-auth-helpers="${basic_auth}" \
--enable-digest-auth-helpers="password" \
--enable-digest-auth-helpers="${digest_auth}" \
--enable-external-acl-helpers="${external_acl}" \
--enable-ntlm-auth-helpers="SMB winbind"
--enable-ntlm-auth-helpers="SMB"
# Selection of storage schemes:
# Storage schemes:
storage_schemes= ufs diskd null
.if defined(WITH_SQUID_AUFS)
storage_schemes+= aufs
.if ${OSVERSION}>=501000
# Only document libmap.conf where it is available:
EXTRA_PATCHES+= ${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
.endif
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS
CONFIGURE_ARGS+= --enable-async-io \
--with-pthreads
CONFIGURE_ARGS+= --with-pthreads
CFLAGS+= ${PTHREAD_CFLAGS}
.endif
.if defined(WITH_SQUID_COSS)
storage_schemes+= coss
CONFIGURE_ARGS+= --with-aio
.if !defined(WITH_SQUID_AUFS)
# use Posix AIO instead of aufs' AIO; note that you then need the kernel to
# supply AIO support, either by loading the aio(4) module (n/a on 4.x) or by
# adding the option VFS_AIO to your kernel configuration if you want to
# actually use COSS storage:
CONFIGURE_ARGS+= --enable-coss-aio-ops
.endif
sbin+= cossdump
.endif
CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}"
@ -241,13 +266,14 @@ CONFIGURE_ARGS+= --enable-delay-pools
.if defined(WITH_SQUID_SNMP)
CONFIGURE_ARGS+= --enable-snmp
.endif
.if defined(WITH_SQUID_CARP)
CONFIGURE_ARGS+= --enable-carp
.if defined(WITHOUT_SQUID_CARP)
CONFIGURE_ARGS+= --disable-carp
.endif
.if defined(WITH_SQUID_SSL)
# we need to .include bsd.openssl.mk manually here because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included and this is
# not possible when using OPTIONS
# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
# works when it is defined before bsd.port{.pre}.mk is .included.
# This makes it currently impossible to combine this macro with OPTIONS to
# conditionally include OpenSSL support.
.include "${PORTSDIR}/Mk/bsd.openssl.mk"
CONFIGURE_ARGS+= --enable-ssl \
--with-openssl="${OPENSSLBASE}"
@ -274,11 +300,8 @@ CONFIGURE_ARGS+= --enable-cache-digests
.if defined(WITHOUT_SQUID_WCCP)
CONFIGURE_ARGS+= --disable-wccp
.endif
.if !defined(WITHOUT_SQUID_UNDERSCORES)
CONFIGURE_ARGS+= --enable-underscores
.endif
.if defined(WITHOUT_SQUID_CHECK_HOSTNAME)
CONFIGURE_ARGS+= --disable-hostname-checks
.if defined(WITH_SQUID_WCCPV2)
CONFIGURE_ARGS+= --enable-wccpv2
.endif
.if defined(WITH_SQUID_STRICT_HTTP)
CONFIGURE_ARGS+= --disable-http-violations
@ -286,12 +309,12 @@ CONFIGURE_ARGS+= --disable-http-violations
.if defined(WITHOUT_SQUID_IDENT)
CONFIGURE_ARGS+= --disable-ident-lookups
.endif
.if defined(WITH_SQUID_REFERER_LOG)
CONFIGURE_ARGS+= --enable-referer-log
.endif
.if defined(WITH_SQUID_USERAGENT_LOG)
CONFIGURE_ARGS+= --enable-useragent-log
.endif
.if defined(WITH_SQUID_CUSTOM_LOG)
EXTRA_PATCHES+= ${PATCHDIR}/customlog-2.5.patch
.endif
.if defined(WITH_SQUID_ARP_ACL)
CONFIGURE_ARGS+= --enable-arp-acl
.endif
@ -315,45 +338,39 @@ CONFIGURE_ARGS+= --enable-ipf-transparent
.endif
.endif
.if defined(WITH_SQUID_FOLLOW_XFF)
EXTRA_PATCHES+= ${PATCHDIR}/follow_xff-2.5.patch \
${PATCHDIR}/follow_xff-configure.patch
CONFIGURE_ARGS+= --enable-follow-x-forwarded-for
.endif
.if defined(WITH_SQUID_ICAP)
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.5-core.patch \
${PATCHDIR}/icap-2.5-bootstrap.patch
EXTRA_PATCHES+= ${PATCHDIR}/icap-2.6-bootstrap.patch \
${PATCHDIR}/icap-2.6-core.patch
CONFIGURE_ARGS+= --enable-icap-support
error_files+= ERR_ICAP_FAILURE
.endif
.if !defined(WITHOUT_SQUID_KQUEUE)
CONFIGURE_ARGS+= --enable-kqueue
.else
CONFIGURE_ARGS+= --disable-kqueue
.endif
.if defined(WITH_SQUID_LARGEFILE)
CONFIGURE_ARGS+= --with-large-files --enable-large-cache-files
.endif
.if defined(WITH_SQUID_STACKTRACES)
.if defined(WITH_SQUID_STACKTRACES) || defined(WITH_DEBUG)
CONFIGURE_ARGS+= --enable-stacktraces
CFLAGS+= -g
STRIP= ""
.endif
.if !defined(WITHOUT_SQUID_RCNG)
USE_RC_SUBR= squid.sh
rc_del= rcold
rc_state= rcng
.else
SUB_FILES+= squid.sh
etc_files+= rc.d/squid.sh
rc_del= rcng
rc_state= rcold
.endif
# Languages:
#
# If you do not define SQUID_LANGUAGES yourself, all available language files
# will be installed; the default language will be English.
SQUID_LANGUAGES?= \
Azerbaijani Bulgarian Catalan Czech Danish Dutch English Estonian Finnish \
French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r Serbian \
Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turkish
SQUID_LANGUAGES?= Azerbaijani Bulgarian Catalan Czech Danish Dutch \
English Estonian Finnish French German Greek Hebrew \
Hungarian Italian Japanese Korean Lithuanian \
Polish Portuguese Romanian Russian-1251 Russian-koi8-r \
Serbian Simplify_Chinese Slovak Spanish Swedish \
Traditional_Chinese Turkish
SQUID_DEFAULT_LANG?= English
CONFIGURE_ARGS+= --enable-err-languages="${SQUID_LANGUAGES}" \
--enable-default-err-language=${SQUID_DEFAULT_LANG}
@ -378,7 +395,8 @@ PLIST_DIRS+= etc/squid/errors etc/squid squid/logs squid/cache squid
post-patch:
@${REINPLACE_CMD} -e 's|-lpthread|${PTHREAD_LIBS}|g' ${WRKSRC}/configure
@${REINPLACE_CMD} -e 's|%%SQUID_UID%%|${SQUID_UID}|g' \
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' ${WRKSRC}/src/cf.data.pre
-e 's|%%SQUID_GID%%|${SQUID_GID}|g' \
-e 's|%%PREFIX%%|${PREFIX}|g' ${WRKSRC}/src/cf.data.pre
@${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \
${WRKSRC}/helpers/basic_auth/SMB/Makefile.in \
${WRKSRC}/helpers/basic_auth/SMB/smb_auth.sh
@ -387,31 +405,16 @@ pre-install:
# Prevent installation of .orig files by deleting them.
@${FIND} ${WRKSRC} -name '*.bak' -delete
@${FIND} ${WRKSRC} -name '*.orig' -delete
# create the start script:
@${REINPLACE_CMD} \
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
-e '/--.*${rc_state}/d' ${WRKDIR}/squid.sh
# create variable information in pkg-message:
@${REINPLACE_CMD} \
-e '/--begin ${rc_del}/,/--end ${rc_del}/d' \
-e '/--.*${rc_state}/d' ${PKGMESSAGE}
pre-su-install:
@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
# Create cachemgr.conf.default manually since squid's install routine
# unfortunately fails to do so:
${INSTALL_DATA} ${WRKSRC}/src/cachemgr.conf \
${PREFIX}/etc/squid/cachemgr.conf.default
.if defined(WITH_SQUID_PINGER)
${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
${CHGRP} ${SQUID_GID} ${PREFIX}/libexec/squid/pinger
.endif
.if defined(WITHOUT_SQUID_RCNG)
${INSTALL_SCRIPT} ${WRKDIR}/squid.sh ${PREFIX}/etc/rc.d/
.endif
.if !defined(NOPORTDOCS)
@${MKDIR} ${DOCSDIR}
cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
@ -423,50 +426,5 @@ post-install:
@${ECHO_CMD} ""
@${CAT} ${PKGMESSAGE}
@${ECHO_CMD} ""
changeuser:
# Recover from the problem that earlier versions of this port created the
# squid pseudo-user with an id greater than 999 which is not allowed in
# FreeBSD's ports system. The port now uses id 100:100.
# NOTE:
# This target assumes that SQUID_GID is the primary group of SQUID_UID. If you
# have a different setup, do not run this target!
.if ${SQUID_UID:L} == nobody
@${ECHO_CMD} "'nobody' is a system user, you do not need to execute"; \
${ECHO_CMD} "this target!"
${FALSE}
.endif
@if [ `${ID} -u` -ne 0 ]; \
then ${ECHO_CMD} "Sorry, you must be root to use this target."; ${FALSE}; fi; \
current_uid=`id -u ${SQUID_UID}`; \
current_gid=`pw groupshow ${SQUID_GID}|cut -f 3 -d :`; \
${ECHO_CMD} "I will remove this user:"; \
${ID} -P $${current_uid}; \
${ECHO_CMD} "and this group:"; \
pw groupshow ${SQUID_GID}; \
${ECHO_CMD} "I will then re-create them with a user and group id of 100."; \
${ECHO_CMD} "Then all files and directories under ${PREFIX} and /var that"; \
${ECHO_CMD} "are owned by uid $${current_uid} will be chown(1)'ed."; \
${ECHO_CMD} "After that, all files and directories that were accessible"; \
${ECHO_CMD} "by group $${current_gid} will chgrp(1)'ed respectively."; \
${ECHO_CMD} "Note that this assumes group '${SQUID_GID}' to be the primary"; \
${ECHO_CMD} "group of user '${SQUID_UID}'. If you have a different setup"; \
${ECHO_CMD} "please abort this target now."; \
read -p "Press RETURN to continue or CTRL-C to abort:" dummy ; \
${ECHO_CMD} "OK, here we go:"; \
${ECHO_CMD} "deleting user $${current_uid} and his primary group..."; \
pw userdel -u $${current_uid}; \
${ECHO_CMD} "adding user ${SQUID_UID} with id 100..."; \
pw groupadd -n ${SQUID_GID} -g 100; \
pw useradd -n ${SQUID_UID} -u 100 -c "squid caching-proxy pseudo user" \
-d ${PREFIX}/squid -s /sbin/nologin -h - ; \
${ECHO_CMD} "chown(1)'ing everything under ${PREFIX} from $${current_uid} to 100..."; \
${FIND} -H ${PREFIX} -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
${ECHO_CMD} "chgrp(1)'ing everything under ${PREFIX} from $${current_gid} to 100..."; \
${FIND} -H ${PREFIX} -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
${ECHO_CMD} "chown(1)'ing everything under /var from $${current_uid} to 100..."; \
${FIND} -H /var -user $${current_uid} -exec ${CHOWN} 100 {} \; ; \
${ECHO_CMD} "chgrp(1)'ing everything under /var from $${current_gid} to 100..."; \
${FIND} -H /var -group $${current_gid} -exec ${CHOWN} :100 {} \; ; \
${ECHO_CMD} "Finished."
.include <bsd.port.post.mk>

12
www/squid31/distinfo
View File

@ -1,9 +1,3 @@
MD5 (squid2.5/squid-2.5.STABLE14.tar.bz2) = f413e0b887a5f9b2a75350243ed5564c
SHA256 (squid2.5/squid-2.5.STABLE14.tar.bz2) = c4eaee0e5ee42f46060217df9a88d628d244c0a543feab8296e44269e57ec7bd
SIZE (squid2.5/squid-2.5.STABLE14.tar.bz2) = 1073745
MD5 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1529f8b0170e24b26353578778435bd4
SHA256 (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 9e99132b8efb07e3465d5e33749aa450daecfa3acde73755b6a3589d09d19285
SIZE (squid2.5/squid-2.5.STABLE14-httpReplyDestroy.patch) = 1277
MD5 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 9abe563ca3d01dc58502737edc6f3c60
SHA256 (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 6c98f1f2351b79cfc3f956ed1c46d86c7a53aac0ba28203a33f2dadc7d1e96fe
SIZE (squid2.5/squid-2.5.STABLE14-hierarchy_tag.patch) = 1319
MD5 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 95997d6cb38fdb562ecb790c553f9cfc
SHA256 (squid2.6/squid-2.6.STABLE9.tar.bz2) = 9cc204d41091642e480277af09872ae36097f9325cf62711d0a8ba125408b7ab
SIZE (squid2.6/squid-2.6.STABLE9.tar.bz2) = 1263060

1597
www/squid31/files/customlog-2.5.patch
View File

File diff suppressed because it is too large Load Diff

20
www/squid31/files/extra-patch-src-cf.data.pre.aufs Normal file
View File

@ -0,0 +1,20 @@
--- src/cf.data.pre.orig Wed Nov 1 15:12:02 2006
+++ src/cf.data.pre Wed Nov 1 15:12:17 2006
@@ -1097,6 +1100,17 @@
see argument descriptions under ufs above
+ Note:
+ By default, FreeBSD uses the pthread(3) M:N threading library.
+ You can, however, map the thread library to the 1:1 libthr(3)
+ implementation by inserting the following lines into
+ /etc/libmap.conf and see whether this performs better on your
+ system:
+
+ [%%PREFIX%%/sbin/squid]
+ libpthread.so.1 libthr.so.1
+ libpthread.so.2 libthr.so.2
+
The diskd store type:
"diskd" uses the same storage format as "ufs", utilizing a

411
www/squid31/files/follow_xff-2.5.patch
View File

@ -1,411 +0,0 @@
! This is a reduced part of the original follow-XFF patchset from
! devel.squid-cache.org for use with the FreeBSD squid-2.5 port.
Index: src/acl.c
--- src/acl.c 13 May 2003 02:14:12 -0000 1.43.2.16
+++ src/acl.c 23 Nov 2003 14:20:12 -0000
@@ -2001,6 +2001,11 @@
cbdataLock(A);
if (request != NULL) {
checklist->request = requestLink(request);
+#if FOLLOW_X_FORWARDED_FOR
+ if (Config.onoff.acl_uses_indirect_client) {
+ checklist->src_addr = request->indirect_client_addr;
+ } else
+#endif /* FOLLOW_X_FORWARDED_FOR */
checklist->src_addr = request->client_addr;
checklist->my_addr = request->my_addr;
checklist->my_port = request->my_port;
Index: src/cf.data.pre
--- src/cf.data.pre 7 Nov 2003 03:14:30 -0000 1.49.2.46
+++ src/cf.data.pre 23 Nov 2003 14:20:17 -0000
@@ -2065,6 +2065,92 @@
NOCOMMENT_END
DOC_END
+NAME: follow_x_forwarded_for
+TYPE: acl_access
+IFDEF: FOLLOW_X_FORWARDED_FOR
+LOC: Config.accessList.followXFF
+DEFAULT: none
+DEFAULT_IF_NONE: deny all
+DOC_START
+ Allowing or Denying the X-Forwarded-For header to be followed to
+ find the original source of a request.
+
+ Requests may pass through a chain of several other proxies
+ before reaching us. The X-Forwarded-For header will contain a
+ comma-separated list of the IP addresses in the chain, with the
+ rightmost address being the most recent.
+
+ If a request reaches us from a source that is allowed by this
+ configuration item, then we consult the X-Forwarded-For header
+ to see where that host received the request from. If the
+ X-Forwarded-For header contains multiple addresses, and if
+ acl_uses_indirect_client is on, then we continue backtracking
+ until we reach an address for which we are not allowed to
+ follow the X-Forwarded-For header, or until we reach the first
+ address in the list. (If acl_uses_indirect_client is off, then
+ it's impossible to backtrack through more than one level of
+ X-Forwarded-For addresses.)
+
+ The end result of this process is an IP address that we will
+ refer to as the indirect client address. This address may
+ be treated as the client address for access control, delay
+ pools and logging, depending on the acl_uses_indirect_client,
+ delay_pool_uses_indirect_client and log_uses_indirect_client
+ options.
+
+ SECURITY CONSIDERATIONS:
+
+ Any host for which we follow the X-Forwarded-For header
+ can place incorrect information in the header, and Squid
+ will use the incorrect information as if it were the
+ source address of the request. This may enable remote
+ hosts to bypass any access control restrictions that are
+ based on the client's source addresses.
+
+ For example:
+
+ acl localhost src 127.0.0.1
+ acl my_other_proxy srcdomain .proxy.example.com
+ follow_x_forwarded_for allow localhost
+ follow_x_forwarded_for allow my_other_proxy
+DOC_END
+
+NAME: acl_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR
+DEFAULT: on
+LOC: Config.onoff.acl_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in acl matching.
+DOC_END
+
+NAME: delay_pool_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR && DELAY_POOLS
+DEFAULT: on
+LOC: Config.onoff.delay_pool_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in delay pools.
+DOC_END
+
+NAME: log_uses_indirect_client
+COMMENT: on|off
+TYPE: onoff
+IFDEF: FOLLOW_X_FORWARDED_FOR
+DEFAULT: on
+LOC: Config.onoff.log_uses_indirect_client
+DOC_START
+ Controls whether the indirect client address
+ (see follow_x_forwarded_for) is used instead of the
+ direct client address in the access log.
+DOC_END
+
NAME: http_access
TYPE: acl_access
LOC: Config.accessList.http
Index: src/client_side.c
--- src/client_side.c 2 Sep 2003 02:13:45 -0000 1.47.2.39
+++ src/client_side.c 23 Nov 2003 14:20:22 -0000
@@ -109,6 +109,11 @@
#if USE_IDENT
static IDCB clientIdentDone;
#endif
+#if FOLLOW_X_FORWARDED_FOR
+static void clientFollowXForwardedForStart(void *data);
+static void clientFollowXForwardedForNext(void *data);
+static void clientFollowXForwardedForDone(int answer, void *data);
+#endif /* FOLLOW_X_FORWARDED_FOR */
static int clientOnlyIfCached(clientHttpRequest * http);
static STCB clientSendMoreData;
static STCB clientCacheHit;
@@ -177,10 +182,179 @@
return ch;
}
+#if FOLLOW_X_FORWARDED_FOR
+/*
+ * clientFollowXForwardedForStart() copies the X-Forwarded-For
+ * header into x_forwarded_for_iterator and passes control to
+ * clientFollowXForwardedForNext().
+ *
+ * clientFollowXForwardedForNext() checks the indirect_client_addr
+ * against the followXFF ACL and passes the result to
+ * clientFollowXForwardedForDone().
+ *
+ * clientFollowXForwardedForDone() either grabs the next address
+ * from the tail of x_forwarded_for_iterator and loops back to
+ * clientFollowXForwardedForNext(), or cleans up and passes control to
+ * clientAccessCheck().
+ */
+
+static void
+clientFollowXForwardedForStart(void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ if (Config.accessList.followXFF
+ && httpHeaderHas(&request->header, HDR_X_FORWARDED_FOR))
+ {
+ request->x_forwarded_for_iterator = httpHeaderGetList(
+ &request->header, HDR_X_FORWARDED_FOR);
+ debug(33, 5) ("clientFollowXForwardedForStart: indirect_client_addr=%s XFF='%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ strBuf(request->x_forwarded_for_iterator));
+ clientFollowXForwardedForNext(http);
+ } else {
+ /* not configured to follow X-Forwarded-For, or nothing to follow */
+ debug(33, 5) ("clientFollowXForwardedForStart: nothing to do\n");
+ clientFollowXForwardedForDone(-1, http);
+ }
+}
+
+static void
+clientFollowXForwardedForNext(void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ debug(33, 5) ("clientFollowXForwardedForNext: indirect_client_addr=%s XFF='%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ strBuf(request->x_forwarded_for_iterator));
+ if (strLen(request->x_forwarded_for_iterator) != 0) {
+ /* check the acl to see whether to believe the X-Forwarded-For header */
+ http->acl_checklist = clientAclChecklistCreate(
+ Config.accessList.followXFF, http);
+ aclNBCheck(http->acl_checklist, clientFollowXForwardedForDone, http);
+ } else {
+ /* nothing left to follow */
+ debug(33, 5) ("clientFollowXForwardedForNext: nothing more to do\n");
+ clientFollowXForwardedForDone(-1, http);
+ }
+}
+
+static void
+clientFollowXForwardedForDone(int answer, void *data)
+{
+ clientHttpRequest *http = data;
+ request_t *request = http->request;
+ /*
+ * answer should be be ACCESS_ALLOWED or ACCESS_DENIED if we are
+ * called as a result of ACL checks, or -1 if we are called when
+ * there's nothing left to do.
+ */
+ if (answer == ACCESS_ALLOWED) {
+ /*
+ * The IP address currently in request->indirect_client_addr
+ * is trusted to use X-Forwarded-For. Remove the last
+ * comma-delimited element from x_forwarded_for_iterator and use
+ * it to to replace indirect_client_addr, then repeat the cycle.
+ */
+ const char *p;
+ const char *asciiaddr;
+ int l;
+ struct in_addr addr;
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s is trusted\n",
+ inet_ntoa(request->indirect_client_addr));
+ p = strBuf(request->x_forwarded_for_iterator);
+ l = strLen(request->x_forwarded_for_iterator);
+
+ /*
+ * XXX x_forwarded_for_iterator should really be a list of
+ * IP addresses, but it's a String instead. We have to
+ * walk backwards through the String, biting off the last
+ * comma-delimited part each time. As long as the data is in
+ * a String, we should probably implement and use a variant of
+ * strListGetItem() that walks backwards instead of forwards
+ * through a comma-separated list. But we don't even do that;
+ * we just do the work in-line here.
+ */
+ /* skip trailing space and commas */
+ while (l > 0 && (p[l-1] == ',' || xisspace(p[l-1])))
+ l--;
+ strCut(request->x_forwarded_for_iterator, l);
+ /* look for start of last item in list */
+ while (l > 0 && ! (p[l-1] == ',' || xisspace(p[l-1])))
+ l--;
+ asciiaddr = p+l;
+ if (inet_aton(asciiaddr, &addr) == 0) {
+ /* the address is not well formed; do not use it */
+ debug(33, 3) ("clientFollowXForwardedForDone: malformed address '%s'\n",
+ asciiaddr);
+ goto done;
+ }
+ debug(33, 3) ("clientFollowXForwardedForDone: changing indirect_client_addr from %s to '%s'\n",
+ inet_ntoa(request->indirect_client_addr),
+ asciiaddr);
+ request->indirect_client_addr = addr;
+ strCut(request->x_forwarded_for_iterator, l);
+ if (! Config.onoff.acl_uses_indirect_client) {
+ /*
+ * If acl_uses_indirect_client is off, then it's impossible
+ * to follow more than one level of X-Forwarded-For.
+ */
+ goto done;
+ }
+ clientFollowXForwardedForNext(http);
+ return;
+ } else if (answer == ACCESS_DENIED) {
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s not trusted\n",
+ inet_ntoa(request->indirect_client_addr));
+ } else {
+ debug(33, 5) ("clientFollowXForwardedForDone: indirect_client_addr=%s nothing more to do\n",
+ inet_ntoa(request->indirect_client_addr));
+ }
+done:
+ /* clean up, and pass control to clientAccessCheck */
+ debug(33, 6) ("clientFollowXForwardedForDone: cleanup\n");
+ if (Config.onoff.log_uses_indirect_client) {
+ /*
+ * Ensure that the access log shows the indirect client
+ * instead of the direct client.
+ */
+ ConnStateData *conn = http->conn;
+ conn->log_addr = request->indirect_client_addr;
+ conn->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr;
+ debug(33, 3) ("clientFollowXForwardedForDone: setting log_addr=%s\n",
+ inet_ntoa(conn->log_addr));
+ }
+ stringClean(&request->x_forwarded_for_iterator);
+ request->flags.done_follow_x_forwarded_for = 1;
+ http->acl_checklist = NULL; /* XXX do we need to aclChecklistFree() ? */
+ clientAccessCheck(http);
+}
+#endif /* FOLLOW_X_FORWARDED_FOR */
+
void
clientAccessCheck(void *data)
{
clientHttpRequest *http = data;
+#if FOLLOW_X_FORWARDED_FOR
+ if (! http->request->flags.done_follow_x_forwarded_for
+ && httpHeaderHas(&http->request->header, HDR_X_FORWARDED_FOR))
+ {
+ /*
+ * There's an X-ForwardedFor header and we haven't yet tried
+ * to follow it to find the indirect_client_addr. Follow it now.
+ * clientFollowXForwardedForDone() will eventually pass control
+ * back to us.
+ *
+ * XXX perhaps our caller should have called
+ * clientFollowXForwardedForStart instead. Then we wouldn't
+ * need to do this little dance transferring control over
+ * there and then back here, and we wouldn't need the
+ * done_follow_x_forwarded_for flag.
+ */
+ clientFollowXForwardedForStart(data);
+ return;
+ }
+#endif /* FOLLOW_X_FORWARDED_FOR */
if (checkAccelOnly(http)) {
/* deny proxy requests in accel_only mode */
debug(33, 1) ("clientAccessCheck: proxy request denied in accel_only mode\n");
@@ -325,6 +499,9 @@
new_request->http_ver = old_request->http_ver;
httpHeaderAppend(&new_request->header, &old_request->header);
new_request->client_addr = old_request->client_addr;
+#if FOLLOW_X_FORWARDED_FOR
+ new_request->indirect_client_addr = old_request->indirect_client_addr;
+#endif /* FOLLOW_X_FORWARDED_FOR */
new_request->my_addr = old_request->my_addr;
new_request->my_port = old_request->my_port;
new_request->flags.redirected = 1;
@@ -3051,6 +3228,9 @@
safe_free(http->log_uri);
http->log_uri = xstrdup(urlCanonicalClean(request));
request->client_addr = conn->peer.sin_addr;
+#if FOLLOW_X_FORWARDED_FOR
+ request->indirect_client_addr = request->client_addr;
+#endif /* FOLLOW_X_FORWARDED_FOR */
request->my_addr = conn->me.sin_addr;
request->my_port = ntohs(conn->me.sin_port);
request->http_ver = http->http_ver;
Index: src/delay_pools.c
--- src/delay_pools.c 19 Jun 2003 02:13:57 -0000 1.5.54.6
+++ src/delay_pools.c 23 Nov 2003 14:20:23 -0000
@@ -318,6 +318,11 @@
r = http->request;
memset(&ch, '\0', sizeof(ch));
+#if FOLLOW_X_FORWARDED_FOR
+ if (Config.onoff.delay_pool_uses_indirect_client) {
+ ch.src_addr = r->indirect_client_addr;
+ } else
+#endif /* FOLLOW_X_FORWARDED_FOR */
ch.src_addr = r->client_addr;
ch.my_addr = r->my_addr;
ch.my_port = r->my_port;
*** src/structs.h.orig Sun Jun 26 12:45:58 2005
--- src/structs.h Sun Jun 26 12:48:45 2005
***************
*** 610,615 ****
--- 610,620 ----
int accel_uses_host_header;
int accel_no_pmtu_disc;
int global_internal_static;
+ #if FOLLOW_X_FORWARDED_FOR
+ int acl_uses_indirect_client;
+ int delay_pool_uses_indirect_client;
+ int log_uses_indirect_client;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
} onoff;
acl *aclList;
struct {
***************
*** 631,636 ****
--- 636,644 ----
acl_access *reply;
acl_address *outgoing_address;
acl_tos *outgoing_tos;
+ #if FOLLOW_X_FORWARDED_FOR
+ acl_access *followXFF;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
} accessList;
acl_deny_info_list *denyInfoList;
struct _authConfig {
***************
*** 1623,1628 ****
--- 1631,1641 ----
unsigned int body_sent:1;
unsigned int reset_tcp:1;
unsigned int must_keepalive:1;
+ #if FOLLOW_X_FORWARDED_FOR
+ /* XXX this flag could be eliminated;
+ * see comments in clientAccessCheck */
+ unsigned int done_follow_x_forwarded_for;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
};
struct _link_list {
***************
*** 1666,1671 ****
--- 1679,1687 ----
int max_forwards;
/* these in_addr's could probably be sockaddr_in's */
struct in_addr client_addr;
+ #if FOLLOW_X_FORWARDED_FOR
+ struct in_addr indirect_client_addr; /* after following X-Forwarded-For */
+ #endif /* FOLLOW_X_FORWARDED_FOR */
struct in_addr my_addr;
unsigned short my_port;
HttpHeader header;
***************
*** 1677,1682 ****
--- 1693,1703 ----
const char *vary_headers; /* Used when varying entities are detected. Changes how the store key is calculated */
BODY_HANDLER *body_reader;
void *body_reader_data;
+ #if FOLLOW_X_FORWARDED_FOR
+ /* XXX a list of IP addresses would be a better data structure
+ * than this String */
+ String x_forwarded_for_iterator;
+ #endif /* FOLLOW_X_FORWARDED_FOR */
};
struct _cachemgr_passwd {

65
www/squid31/files/follow_xff-configure.patch
View File

@ -1,65 +0,0 @@
!Simulate the autotools bootstrap of the follow-x-forwarded-for patchset.
!
!Beware that all line number informations in configure.log greater
!than 2972 are offset by at least -29 (correcting all line numbers would have
!bloated the patch by 92kB!)
--- include/autoconf.h.in.orig Sat Jan 18 02:46:11 2003
+++ include/autoconf.h.in Thu Jun 24 13:19:07 2004
@@ -291,6 +291,12 @@
#define USE_IDENT 1
/*
+ * Compile in support for following X-Forwarded-For headers?
+ * Enabled by default.
+ */
+#define FOLLOW_X_FORWARDED_FOR 1
+
+/*
* If your system has statvfs(), and if it actually works!
*/
#undef HAVE_STATVFS
--- configure.orig Thu Sep 22 10:16:26 2005
+++ configure Thu Sep 22 17:29:01 2005
@@ -249,6 +249,12 @@
if you build as another user who is not privileged
to use the number of filedescriptors you want the
resulting binary to support"
+ac_help="$ac_help
+ --enable-follow-x-forwarded-for
+ Enable support for following the X-Forwarded-For
+ HTTP header to try to find the IP address of the
+ original or indirect client when a request has
+ been forwarded through other proxies."
# Initialize some variables set by options.
# The variables have the same names as the options, with
@@ -3255,6 +3261,29 @@
fi
+
+follow_xff=1
+# Check whether --enable-follow-x-forwarded-for or --disable-follow-x-forwarded-for was given.
+if test "${enable_follow_x_forwarded_for+set}" = set; then
+ enableval="$enable_follow_x_forwarded_for"
+ if test "$enableval" = "yes" ; then
+ echo "follow X-Forwarded-For enabled"
+ follow_xff=1
+ fi
+
+fi
+
+if test $follow_xff = 1; then
+ cat >> confdefs.h <<\EOF
+#define FOLLOW_X_FORWARDED_FOR 1
+EOF
+
+else
+ cat >> confdefs.h <<\EOF
+#define FOLLOW_X_FORWARDED_FOR 0
+EOF
+
+fi
# Force some compilers to use ANSI features
#

422
www/squid31/files/icap-2.5-bootstrap.patch
View File

@ -1,422 +0,0 @@
Patch 2 of 2 to integrate the icap-2_5 branch into the FreeBSD squid port.
Created by Thomas-Martin Seck <tmseck@netcologne.de>.
This patch simulates the autotools bootstrap necessary after applying the
ICAP patchset.
Please see icap-2.5-core.patch for further information.
Patch last updated: 2005-12-17
--- configure.orig Sat Oct 22 11:56:01 2005
+++ configure Sat Dec 17 17:45:21 2005
@@ -70,6 +70,8 @@
ac_help="$ac_help
--enable-delay-pools Enable delay pools to limit bandwidth usage"
ac_help="$ac_help
+ --enable-icap-support Enable iCAP client capability"
+ac_help="$ac_help
--enable-useragent-log Enable logging of User-Agent header"
ac_help="$ac_help
--enable-referer-log Enable logging of Referer header"
@@ -2170,6 +2172,38 @@
+
+if false; then
+ USE_ICAP_TRUE=
+ USE_ICAP_FALSE='#'
+else
+ USE_ICAP_TRUE='#'
+ USE_ICAP_FALSE=
+fi
+# Check whether --enable-icap-support or --disable-icap-support was given.
+if test "${enable_icap_support+set}" = set; then
+ enableval="$enable_icap_support"
+ if test "$enableval" = "yes" ; then
+ echo "ICAP support enabled"
+ cat >> confdefs.h <<\EOF
+#define HS_FEAT_ICAP 1
+EOF
+
+
+
+if true; then
+ USE_ICAP_TRUE=
+ USE_ICAP_FALSE='#'
+else
+ USE_ICAP_TRUE='#'
+ USE_ICAP_FALSE=
+fi
+ fi
+
+fi
+
+
+
# Check whether --enable-useragent-log or --disable-useragent-log was given.
if test "${enable_useragent_log+set}" = set; then
enableval="$enable_useragent_log"
@@ -7428,14 +7462,14 @@
fi
;;
esac
- echo $ac_n "checking for main in -lpthread""... $ac_c" 1>&6
-echo "configure:7433: checking for main in -lpthread" >&5
+ echo $ac_n "checking for main in -pthread""... $ac_c" 1>&6
+echo "configure:7433: checking for main in -pthread" >&5
ac_lib_var=`echo pthread'_'main | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_save_LIBS="$LIBS"
-LIBS="-lpthread $LIBS"
+LIBS="-pthread $LIBS"
cat > conftest.$ac_ext <<EOF
#line 7441 "configure"
#include "confdefs.h"
@@ -7465,7 +7499,7 @@
#define $ac_tr_lib 1
EOF
- LIBS="-lpthread $LIBS"
+ LIBS="-pthread $LIBS"
else
echo "$ac_t""no" 1>&6
@@ -7769,6 +7803,8 @@
srand48 \
srandom \
statfs \
+ strnstr \
+ strcasestr \
strtoll \
sysconf \
syslog \
@@ -7898,6 +7934,50 @@
fi
fi
+
+if false; then
+ NEED_OWN_STRNSTR_TRUE=
+ NEED_OWN_STRNSTR_FALSE='#'
+else
+ NEED_OWN_STRNSTR_TRUE='#'
+ NEED_OWN_STRNSTR_FALSE=
+fi
+if test "$ac_cv_func_strnstr" = "no" || test "$ac_cv_func_vstrnstr" = "no" ; then
+
+
+if true; then
+ NEED_OWN_STRNSTR_TRUE=
+ NEED_OWN_STRNSTR_FALSE='#'
+else
+ NEED_OWN_STRNSTR_TRUE='#'
+ NEED_OWN_STRNSTR_FALSE=
+fi
+fi
+
+
+
+if false; then
+ NEED_OWN_STRCASESTR_TRUE=
+ NEED_OWN_STRCASESTR_FALSE='#'
+else
+ NEED_OWN_STRCASESTR_TRUE='#'
+ NEED_OWN_STRCASESTR_FALSE=
+fi
+if test "$ac_cv_func_strcasestr" = "no" || test "$ac_cv_func_vstrcasestr" = "no"; then
+
+
+if true; then
+ NEED_OWN_STRCASESTR_TRUE=
+ NEED_OWN_STRCASESTR_FALSE='#'
+else
+ NEED_OWN_STRCASESTR_TRUE='#'
+ NEED_OWN_STRCASESTR_FALSE=
+fi
+fi
+
+
+
+
echo $ac_n "checking if va_copy is implemented""... $ac_c" 1>&6
echo "configure:7903: checking if va_copy is implemented" >&5
if eval "test \"`echo '$''{'ac_cv_func_va_copy'+set}'`\" = set"; then
@@ -9072,6 +9152,8 @@
s%@ENABLE_PINGER_FALSE@%$ENABLE_PINGER_FALSE%g
s%@USE_DELAY_POOLS_TRUE@%$USE_DELAY_POOLS_TRUE%g
s%@USE_DELAY_POOLS_FALSE@%$USE_DELAY_POOLS_FALSE%g
+s%@USE_ICAP_TRUE@%$USE_ICAP_TRUE%g
+s%@USE_ICAP_FALSE@%$USE_ICAP_FALSE%g
s%@USE_SNMP_TRUE@%$USE_SNMP_TRUE%g
s%@USE_SNMP_FALSE@%$USE_SNMP_FALSE%g
s%@SNMPLIB@%$SNMPLIB%g
@@ -9118,6 +9200,10 @@
s%@LIB_LBER@%$LIB_LBER%g
s%@NEED_OWN_SNPRINTF_TRUE@%$NEED_OWN_SNPRINTF_TRUE%g
s%@NEED_OWN_SNPRINTF_FALSE@%$NEED_OWN_SNPRINTF_FALSE%g
+s%@NEED_OWN_STRNSTR_TRUE@%$NEED_OWN_STRNSTR_TRUE%g
+s%@NEED_OWN_STRNSTR_FALSE@%$NEED_OWN_STRNSTR_FALSE%g
+s%@NEED_OWN_STRCASESTR_TRUE@%$NEED_OWN_STRCASESTR_TRUE%g
+s%@NEED_OWN_STRCASESTR_FALSE@%$NEED_OWN_STRCASESTR_FALSE%g
s%@REGEXLIB@%$REGEXLIB%g
s%@LIBREGEX@%$LIBREGEX%g
s%@LIBOBJS@%$LIBOBJS%g
--- include/autoconf.h.in.orig Tue Sep 13 02:12:34 2005
+++ include/autoconf.h.in Sat Dec 17 17:45:21 2005
@@ -124,6 +124,11 @@
*/
#undef DELAY_POOLS
+/*
+ * ICAP - Internet Content Adaptation Protocol
+ */
+#undef HS_FEAT_ICAP
+
/*
* If you want to log User-Agent request header values, define this.
* By default, they are written to useragent.log in the Squid log
@@ -574,6 +579,12 @@
/* Define if you have the statfs function. */
#undef HAVE_STATFS
+
+/* Define if you have the strcasestr function. */
+#undef HAVE_STRCASESTR
+
+/* Define if you have the strnstr function. */
+#undef HAVE_STRNSTR
/* Define if you have the strerror function. */
#undef HAVE_STRERROR
--- lib/Makefile.in.orig Wed Sep 28 22:57:20 2005
+++ lib/Makefile.in Sat Dec 17 17:45:21 2005
@@ -123,6 +123,13 @@
@NEED_OWN_SNPRINTF_TRUE@SNPRINTFSOURCE = snprintf.c
@NEED_OWN_SNPRINTF_FALSE@SNPRINTFSOURCE =
+
+@NEED_OWN_STRNSTR_TRUE@STRNSTRSOURCE = strnstr.c
+@NEED_OWN_STRNSTR_FALSE@STRNSTRSOURCE =
+
+@NEED_OWN_STRCASESTR_TRUE@STRCASESTRSOURCE = strcasestr.c
+@NEED_OWN_STRCASESTR_FALSE@STRCASESTRSOURCE =
+
@NEED_OWN_MD5_TRUE@MD5SOURCE = md5.c
@NEED_OWN_MD5_FALSE@MD5SOURCE =
@@ -158,6 +165,8 @@
$(SNPRINTFSOURCE) \
splay.c \
Stack.c \
+ $(STRNSTRSOURCE) \
+ $(STRCASESTRSOURCE) \
stub_memaccount.c \
util.c \
uudecode.c
@@ -196,13 +205,18 @@
@NEED_OWN_MD5_FALSE@am__objects_1 =
@NEED_OWN_SNPRINTF_FALSE@am__objects_2 =
@NEED_OWN_SNPRINTF_TRUE@am__objects_2 = snprintf.$(OBJEXT)
+@NEED_OWN_STRNSTR_FALSE@am__objects_3 =
+@NEED_OWN_STRNSTR_TRUE@am__objects_3 = strnstr.$(OBJEXT)
+@NEED_OWN_STRCASESTR_TRUE@am__objects_4 = strcasestr.$(OBJEXT)
+@NEED_OWN_STRCASESTR_FALSE@am__objects_4 =
am_libmiscutil_a_OBJECTS = Array.$(OBJEXT) base64.$(OBJEXT) \
getfullhostname.$(OBJEXT) hash.$(OBJEXT) heap.$(OBJEXT) \
html_quote.$(OBJEXT) iso3307.$(OBJEXT) $(am__objects_1) \
radix.$(OBJEXT) rfc1035.$(OBJEXT) rfc1123.$(OBJEXT) \
rfc1738.$(OBJEXT) rfc2617.$(OBJEXT) safe_inet_addr.$(OBJEXT) \
$(am__objects_2) splay.$(OBJEXT) Stack.$(OBJEXT) \
- stub_memaccount.$(OBJEXT) util.$(OBJEXT) uudecode.$(OBJEXT)
+ $(am__objects_3) $(am__objects_4) stub_memaccount.$(OBJEXT) \
+ util.$(OBJEXT) uudecode.$(OBJEXT)
libmiscutil_a_OBJECTS = $(am_libmiscutil_a_OBJECTS)
libntlmauth_a_AR = $(AR) cru
libntlmauth_a_DEPENDENCIES = @LIBOBJS@
@@ -224,15 +238,16 @@
@AMDEP_TRUE@ $(DEPDIR)/dlmalloc.Po $(DEPDIR)/drand48.Po \
@AMDEP_TRUE@ $(DEPDIR)/getfullhostname.Po $(DEPDIR)/hash.Po \
@AMDEP_TRUE@ $(DEPDIR)/heap.Po $(DEPDIR)/html_quote.Po \
-@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/initgroups.Po \
-@AMDEP_TRUE@ $(DEPDIR)/iso3307.Po $(DEPDIR)/md5.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ntlmauth.Po $(DEPDIR)/radix.Po \
-@AMDEP_TRUE@ $(DEPDIR)/rfc1035.Po $(DEPDIR)/rfc1123.Po \
-@AMDEP_TRUE@ $(DEPDIR)/rfc1738.Po $(DEPDIR)/rfc2617.Po \
-@AMDEP_TRUE@ $(DEPDIR)/safe_inet_addr.Po $(DEPDIR)/snprintf.Po \
-@AMDEP_TRUE@ $(DEPDIR)/splay.Po $(DEPDIR)/strerror.Po \
-@AMDEP_TRUE@ $(DEPDIR)/stub_memaccount.Po $(DEPDIR)/tempnam.Po \
-@AMDEP_TRUE@ $(DEPDIR)/util.Po $(DEPDIR)/uudecode.Po
+@AMDEP_TRUE@ $(DEPDIR)/inet_ntoa.Po $(DEPDIR)/iso3307.Po \
+@AMDEP_TRUE@ $(DEPDIR)/md5.Po $(DEPDIR)/ntlmauth.Po \
+@AMDEP_TRUE@ $(DEPDIR)/radix.Po $(DEPDIR)/rfc1035.Po \
+@AMDEP_TRUE@ $(DEPDIR)/rfc1123.Po $(DEPDIR)/rfc1738.Po \
+@AMDEP_TRUE@ $(DEPDIR)/rfc2617.Po $(DEPDIR)/safe_inet_addr.Po \
+@AMDEP_TRUE@ $(DEPDIR)/snprintf.Po $(DEPDIR)/splay.Po \
+@AMDEP_TRUE@ $(DEPDIR)/strcasestr.Po $(DEPDIR)/strerror.Po \
+@AMDEP_TRUE@ $(DEPDIR)/strnstr.Po $(DEPDIR)/stub_memaccount.Po \
+@AMDEP_TRUE@ $(DEPDIR)/tempnam.Po $(DEPDIR)/util.Po \
+@AMDEP_TRUE@ $(DEPDIR)/uudecode.Po
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
@@ -241,8 +256,8 @@
DIST_SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) \
$(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) \
$(libregex_a_SOURCES)
-DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c \
- initgroups.c strerror.c tempnam.c
+DIST_COMMON = Makefile.am Makefile.in drand48.c inet_ntoa.c strerror.c \
+ tempnam.c
SOURCES = $(libdlmalloc_a_SOURCES) $(libmiscutil_a_SOURCES) $(EXTRA_libmiscutil_a_SOURCES) $(libntlmauth_a_SOURCES) $(libregex_a_SOURCES)
all: all-am
@@ -295,7 +310,6 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/heap.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/html_quote.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/inet_ntoa.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/initgroups.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/iso3307.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/md5.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ntlmauth.Po@am__quote@
@@ -307,7 +321,9 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/safe_inet_addr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/snprintf.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/splay.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strcasestr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strerror.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/strnstr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/stub_memaccount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tempnam.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/util.Po@am__quote@
--- src/Makefile.in.orig Wed Sep 28 22:57:21 2005
+++ src/Makefile.in Sat Dec 17 17:45:21 2005
@@ -125,6 +125,9 @@
install_sh = @install_sh@
makesnmplib = @makesnmplib@
+@USE_ICAP_TRUE@ICAPSOURCE = icap_common.c icap_reqmod.c icap_respmod.c icap_opt.c
+@USE_ICAP_FALSE@ICAPSOURCE =
+
@USE_DNSSERVER_TRUE@DNSSOURCE = dns.c
@USE_DNSSERVER_FALSE@DNSSOURCE = dns_internal.c
@USE_DNSSERVER_TRUE@DNSSERVER = dnsserver
@@ -249,6 +252,7 @@
HttpMsg.c \
HttpReply.c \
HttpRequest.c \
+ $(ICAPSOURCE) \
icmp.c \
icp_v2.c \
icp_v3.c \
@@ -468,54 +472,58 @@
pinger_LDADD = $(LDADD)
pinger_DEPENDENCIES =
pinger_LDFLAGS =
-@USE_DELAY_POOLS_TRUE@am__objects_3 = delay_pools.$(OBJEXT)
-@USE_DELAY_POOLS_FALSE@am__objects_3 =
-@USE_DNSSERVER_FALSE@am__objects_4 = dns_internal.$(OBJEXT)
-@USE_DNSSERVER_TRUE@am__objects_4 = dns.$(OBJEXT)
-@ENABLE_HTCP_TRUE@am__objects_5 = htcp.$(OBJEXT)
-@MAKE_LEAKFINDER_FALSE@am__objects_6 =
-@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
-@USE_SNMP_TRUE@am__objects_7 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
-@USE_SNMP_FALSE@am__objects_7 =
-@ENABLE_SSL_TRUE@am__objects_8 = ssl_support.$(OBJEXT)
-@ENABLE_SSL_FALSE@am__objects_8 =
-@ENABLE_UNLINKD_FALSE@am__objects_9 =
-@ENABLE_UNLINKD_TRUE@am__objects_9 = unlinkd.$(OBJEXT)
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_10 = win32.$(OBJEXT)
-@ENABLE_WIN32SPECIFIC_FALSE@am__objects_10 =
+@USE_DELAY_POOLS_FALSE@am__objects_5 =
+@USE_DELAY_POOLS_TRUE@am__objects_5 = delay_pools.$(OBJEXT)
+@USE_DNSSERVER_FALSE@am__objects_6 = dns_internal.$(OBJEXT)
+@USE_DNSSERVER_TRUE@am__objects_6 = dns.$(OBJEXT)
+@ENABLE_HTCP_TRUE@am__objects_7 = htcp.$(OBJEXT)
+@USE_ICAP_TRUE@am__objects_8 = icap_common.$(OBJEXT) \
+@USE_ICAP_TRUE@ icap_reqmod.$(OBJEXT) icap_respmod.$(OBJEXT) \
+@USE_ICAP_TRUE@ icap_opt.$(OBJEXT)
+@USE_ICAP_FALSE@am__objects_8 =
+@MAKE_LEAKFINDER_TRUE@am__objects_9 = leakfinder.$(OBJEXT)
+@MAKE_LEAKFINDER_FALSE@am__objects_9 =
+@USE_SNMP_TRUE@am__objects_10 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
+@USE_SNMP_FALSE@am__objects_10 =
+@ENABLE_SSL_FALSE@am__objects_11 =
+@ENABLE_SSL_TRUE@am__objects_11 = ssl_support.$(OBJEXT)
+@ENABLE_UNLINKD_TRUE@am__objects_12 = unlinkd.$(OBJEXT)
+@ENABLE_UNLINKD_FALSE@am__objects_12 =
+@ENABLE_WIN32SPECIFIC_FALSE@am__objects_13 =
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_13 = win32.$(OBJEXT)
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) asn.$(OBJEXT) \
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) CacheDigest.$(OBJEXT) \
cache_manager.$(OBJEXT) carp.$(OBJEXT) cbdata.$(OBJEXT) \
client_db.$(OBJEXT) client_side.$(OBJEXT) comm.$(OBJEXT) \
- comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_3) \
- disk.$(OBJEXT) $(am__objects_4) errorpage.$(OBJEXT) \
+ comm_select.$(OBJEXT) debug.$(OBJEXT) $(am__objects_5) \
+ disk.$(OBJEXT) $(am__objects_6) errorpage.$(OBJEXT) \
ETag.$(OBJEXT) event.$(OBJEXT) external_acl.$(OBJEXT) \
fd.$(OBJEXT) filemap.$(OBJEXT) forward.$(OBJEXT) \
fqdncache.$(OBJEXT) ftp.$(OBJEXT) gopher.$(OBJEXT) \
- helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \
+ helper.$(OBJEXT) $(am__objects_7) http.$(OBJEXT) \
HttpStatusLine.$(OBJEXT) HttpHdrCc.$(OBJEXT) \
HttpHdrRange.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \
HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \
HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) HttpReply.$(OBJEXT) \
- HttpRequest.$(OBJEXT) icmp.$(OBJEXT) icp_v2.$(OBJEXT) \
- icp_v3.$(OBJEXT) ident.$(OBJEXT) internal.$(OBJEXT) \
- ipc.$(OBJEXT) ipcache.$(OBJEXT) $(am__objects_6) \
- logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
+ HttpRequest.$(OBJEXT) $(am__objects_8) icmp.$(OBJEXT) \
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) ident.$(OBJEXT) \
+ internal.$(OBJEXT) ipc.$(OBJEXT) ipcache.$(OBJEXT) \
+ $(am__objects_9) logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
MemPool.$(OBJEXT) MemBuf.$(OBJEXT) mime.$(OBJEXT) \
multicast.$(OBJEXT) neighbors.$(OBJEXT) net_db.$(OBJEXT) \
Packer.$(OBJEXT) pconn.$(OBJEXT) peer_digest.$(OBJEXT) \
peer_select.$(OBJEXT) redirect.$(OBJEXT) referer.$(OBJEXT) \
- refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_7) \
- ssl.$(OBJEXT) $(am__objects_8) stat.$(OBJEXT) \
+ refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_10) \
+ ssl.$(OBJEXT) $(am__objects_11) stat.$(OBJEXT) \
StatHist.$(OBJEXT) String.$(OBJEXT) stmem.$(OBJEXT) \
store.$(OBJEXT) store_io.$(OBJEXT) store_client.$(OBJEXT) \
store_digest.$(OBJEXT) store_dir.$(OBJEXT) \
store_key_md5.$(OBJEXT) store_log.$(OBJEXT) \
store_rebuild.$(OBJEXT) store_swapin.$(OBJEXT) \
store_swapmeta.$(OBJEXT) store_swapout.$(OBJEXT) \
- tools.$(OBJEXT) $(am__objects_9) url.$(OBJEXT) urn.$(OBJEXT) \
+ tools.$(OBJEXT) $(am__objects_12) url.$(OBJEXT) urn.$(OBJEXT) \
useragent.$(OBJEXT) wais.$(OBJEXT) wccp.$(OBJEXT) \
- whois.$(OBJEXT) $(am__objects_10)
+ whois.$(OBJEXT) $(am__objects_13)
nodist_squid_OBJECTS = repl_modules.$(OBJEXT) auth_modules.$(OBJEXT) \
store_modules.$(OBJEXT) globals.$(OBJEXT) \
string_arrays.$(OBJEXT)
@@ -563,7 +571,9 @@
@AMDEP_TRUE@ $(DEPDIR)/fqdncache.Po $(DEPDIR)/ftp.Po \
@AMDEP_TRUE@ $(DEPDIR)/globals.Po $(DEPDIR)/gopher.Po \
@AMDEP_TRUE@ $(DEPDIR)/helper.Po $(DEPDIR)/htcp.Po \
-@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icmp.Po \
+@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icap_common.Po \
+@AMDEP_TRUE@ $(DEPDIR)/icap_opt.Po $(DEPDIR)/icap_reqmod.Po \
+@AMDEP_TRUE@ $(DEPDIR)/icap_respmod.Po $(DEPDIR)/icmp.Po \
@AMDEP_TRUE@ $(DEPDIR)/icp_v2.Po $(DEPDIR)/icp_v3.Po \
@AMDEP_TRUE@ $(DEPDIR)/ident.Po $(DEPDIR)/internal.Po \
@AMDEP_TRUE@ $(DEPDIR)/ipc.Po $(DEPDIR)/ipcache.Po \
@@ -777,6 +787,10 @@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/helper.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/htcp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/http.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_common.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_opt.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_reqmod.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icap_respmod.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v2.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v3.Po@am__quote@

7137
www/squid31/files/icap-2.5-core.patch
View File

File diff suppressed because it is too large Load Diff

470
www/squid31/files/icap-2.6-bootstrap.patch Normal file
View File

@ -0,0 +1,470 @@
Patch 2 of 2 to integrate the icap-2_6 branch into the FreeBSD squid port.
Created by Thomas-Martin Seck <tmseck@netcologne.de>.
This patch simulates the autotools bootstrap necessary after applying the
ICAP patchset.
Please see icap-2.6-core.patch for further information.
Patch last updated: 2006-11-04
--- configure.orig Sat Nov 4 16:28:41 2006
+++ configure Sat Nov 4 16:31:58 2006
@@ -312,7 +312,7 @@
# include <unistd.h>
#endif"
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE build build_cpu build_vendor build_os host host_cpu host_vendor host_os PKGCONFIG CGIEXT ENABLE_WIN32SPECIFIC_TRUE ENABLE_WIN32SPECIFIC_FALSE ENABLE_MINGW32SPECIFIC_TRUE ENABLE_MINGW32SPECIFIC_FALSE WIN32_PSAPI CACHE_HTTP_PORT CACHE_ICP_PORT LIBDLMALLOC LIB_MALLOC STORE_OBJS STORE_LIBS STORE_MODULES NEED_DISKD_TRUE NEED_DISKD_FALSE USE_AIOPS_WIN32_TRUE USE_AIOPS_WIN32_FALSE NEED_COSSDUMP_TRUE NEED_COSSDUMP_FALSE REPL_POLICIES REPL_OBJS REPL_LIBS ENABLE_PINGER_TRUE ENABLE_PINGER_FALSE USE_DELAY_POOLS_TRUE USE_DELAY_POOLS_FALSE USE_SNMP_TRUE USE_SNMP_FALSE SNMPLIB makesnmplib ENABLE_HTCP_TRUE ENABLE_HTCP_FALSE ENABLE_SSL_TRUE ENABLE_SSL_FALSE NEED_OWN_MD5_TRUE NEED_OWN_MD5_FALSE SSLLIB ERR_DEFAULT_LANGUAGE ERR_LANGUAGES MAKE_LEAKFINDER_TRUE MAKE_LEAKFINDER_FALSE USE_DNSSERVER_TRUE USE_DNSSERVER_FALSE OPT_DEFAULT_HOSTS AUTH_MODULES AUTH_OBJS AUTH_LIBS BASIC_AUTH_HELPERS NTLM_AUTH_HELPERS DIGEST_AUTH_HELPERS NEGOTIATE_AUTH_HELPERS EXTERNAL_ACL_HELPERS CPP EGREP LIBSASL ENABLE_UNLINKD_TRUE ENABLE_UNLINKD_FALSE RANLIB ac_ct_RANLIB LN_S SH FALSE TRUE RM MV MKDIR LN PERL AR AR_R ALLOCA CRYPTLIB LIB_EPOLL LIB_LDAP LIB_LBER LIB_DB USE_POLL_TRUE USE_POLL_FALSE USE_EPOLL_TRUE USE_EPOLL_FALSE USE_SELECT_TRUE USE_SELECT_FALSE USE_SELECT_SIMPLE_TRUE USE_SELECT_SIMPLE_FALSE USE_SELECT_WIN32_TRUE USE_SELECT_WIN32_FALSE USE_KQUEUE_TRUE USE_KQUEUE_FALSE NEED_OWN_SNPRINTF_TRUE NEED_OWN_SNPRINTF_FALSE NEED_OWN_STRSEP_TRUE NEED_OWN_STRSEP_FALSE REGEXLIB LIBREGEX LIBOBJS XTRA_OBJS XTRA_LIBS LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar MAINTAINER_MODE_TRUE MAINTAINER_MODE_FALSE MAINT CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE build build_cpu build_vendor build_os host host_cpu host_vendor host_os PKGCONFIG CGIEXT ENABLE_WIN32SPECIFIC_TRUE ENABLE_WIN32SPECIFIC_FALSE ENABLE_MINGW32SPECIFIC_TRUE ENABLE_MINGW32SPECIFIC_FALSE WIN32_PSAPI CACHE_HTTP_PORT CACHE_ICP_PORT LIBDLMALLOC LIB_MALLOC STORE_OBJS STORE_LIBS STORE_MODULES NEED_DISKD_TRUE NEED_DISKD_FALSE USE_AIOPS_WIN32_TRUE USE_AIOPS_WIN32_FALSE NEED_COSSDUMP_TRUE NEED_COSSDUMP_FALSE REPL_POLICIES REPL_OBJS REPL_LIBS ENABLE_PINGER_TRUE ENABLE_PINGER_FALSE USE_DELAY_POOLS_TRUE USE_DELAY_POOLS_FALSE USE_ICAP_TRUE USE_ICAP_FALSE USE_SNMP_TRUE USE_SNMP_FALSE SNMPLIB makesnmplib ENABLE_HTCP_TRUE ENABLE_HTCP_FALSE ENABLE_SSL_TRUE ENABLE_SSL_FALSE NEED_OWN_MD5_TRUE NEED_OWN_MD5_FALSE SSLLIB ERR_DEFAULT_LANGUAGE ERR_LANGUAGES MAKE_LEAKFINDER_TRUE MAKE_LEAKFINDER_FALSE USE_DNSSERVER_TRUE USE_DNSSERVER_FALSE OPT_DEFAULT_HOSTS AUTH_MODULES AUTH_OBJS AUTH_LIBS BASIC_AUTH_HELPERS NTLM_AUTH_HELPERS DIGEST_AUTH_HELPERS NEGOTIATE_AUTH_HELPERS EXTERNAL_ACL_HELPERS CPP EGREP LIBSASL ENABLE_UNLINKD_TRUE ENABLE_UNLINKD_FALSE RANLIB ac_ct_RANLIB LN_S SH FALSE TRUE RM MV MKDIR LN PERL AR AR_R ALLOCA CRYPTLIB LIB_EPOLL LIB_LDAP LIB_LBER LIB_DB USE_POLL_TRUE USE_POLL_FALSE USE_EPOLL_TRUE USE_EPOLL_FALSE USE_SELECT_TRUE USE_SELECT_FALSE USE_SELECT_SIMPLE_TRUE USE_SELECT_SIMPLE_FALSE USE_SELECT_WIN32_TRUE USE_SELECT_WIN32_FALSE USE_KQUEUE_TRUE USE_KQUEUE_FALSE NEED_OWN_SNPRINTF_TRUE NEED_OWN_SNPRINTF_FALSE NEED_OWN_STRNSTR_TRUE NEED_OWN_STRNSTR_FALSE NEED_OWN_STRCASESTR_TRUE NEED_OWN_STRCASESTR_FALSE NEED_OWN_STRSEP_TRUE NEED_OWN_STRSEP_FALSE REGEXLIB LIBREGEX LIBOBJS XTRA_OBJS XTRA_LIBS LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@@ -890,6 +890,7 @@
to build your custom policy
--enable-icmp Enable ICMP pinging
--enable-delay-pools Enable delay pools to limit bandwidth usage
+ --enable-icap-support Enable ICAP client capability
--enable-useragent-log Enable logging of User-Agent header
--enable-referer-log Enable logging of Referer header
--disable-wccp Disable Web Cache Coordination V1 Protocol
@@ -3954,6 +3955,40 @@
fi;
+
+if false; then
+ USE_ICAP_TRUE=
+ USE_ICAP_FALSE='#'
+else
+ USE_ICAP_TRUE='#'
+ USE_ICAP_FALSE=
+fi
+
+# Check whether --enable-icap-support or --disable-icap-support was given.
+if test "${enable_icap_support+set}" = set; then
+ enableval="$enable_icap_support"
+ if test "$enableval" = "yes" ; then
+ echo "ICAP support enabled"
+
+cat >>confdefs.h <<\_ACEOF
+#define HS_FEAT_ICAP 1
+_ACEOF
+
+
+
+if true; then
+ USE_ICAP_TRUE=
+ USE_ICAP_FALSE='#'
+else
+ USE_ICAP_TRUE='#'
+ USE_ICAP_FALSE=
+fi
+
+ fi
+
+fi;
+
+
# Check whether --enable-useragent-log or --disable-useragent-log was given.
if test "${enable_useragent_log+set}" = set; then
enableval="$enable_useragent_log"
@@ -15923,6 +15958,8 @@
+
+
for ac_func in \
bcopy \
backtrace_symbols_fd \
@@ -15971,6 +16008,8 @@
srand48 \
srandom \
statfs \
+ strnstr \
+ strcasestr \
strsep \
strtoll \
sysconf \
@@ -16430,6 +16469,52 @@
if false; then
+ NEED_OWN_STRNSTR_TRUE=
+ NEED_OWN_STRNSTR_FALSE='#'
+else
+ NEED_OWN_STRNSTR_TRUE='#'
+ NEED_OWN_STRNSTR_FALSE=
+fi
+
+if test "$ac_cv_func_strnstr" = "no" || test "$ac_cv_func_vstrnstr" = "no" ; then
+
+
+if true; then
+ NEED_OWN_STRNSTR_TRUE=
+ NEED_OWN_STRNSTR_FALSE='#'
+else
+ NEED_OWN_STRNSTR_TRUE='#'
+ NEED_OWN_STRNSTR_FALSE=
+fi
+
+fi
+
+
+
+if false; then
+ NEED_OWN_STRCASESTR_TRUE=
+ NEED_OWN_STRCASESTR_FALSE='#'
+else
+ NEED_OWN_STRCASESTR_TRUE='#'
+ NEED_OWN_STRCASESTR_FALSE=
+fi
+
+if test "$ac_cv_func_strcasestr" = "no" || test "$ac_cv_func_vstrcasestr" = "no"; then
+
+
+if true; then
+ NEED_OWN_STRCASESTR_TRUE=
+ NEED_OWN_STRCASESTR_FALSE='#'
+else
+ NEED_OWN_STRCASESTR_TRUE='#'
+ NEED_OWN_STRCASESTR_FALSE=
+fi
+
+fi
+
+
+
+if false; then
NEED_OWN_STRSEP_TRUE=
NEED_OWN_STRSEP_FALSE='#'
else
@@ -17947,6 +18032,20 @@
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
+if test -z "${USE_ICAP_TRUE}" && test -z "${USE_ICAP_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"USE_ICAP\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"USE_ICAP\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${USE_ICAP_TRUE}" && test -z "${USE_ICAP_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"USE_ICAP\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"USE_ICAP\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
if test -z "${USE_SNMP_TRUE}" && test -z "${USE_SNMP_FALSE}"; then
{ { echo "$as_me:$LINENO: error: conditional \"USE_SNMP\" was never defined.
Usually this means the macro was only invoked conditionally." >&5
@@ -18101,6 +18200,34 @@
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
+if test -z "${NEED_OWN_STRNSTR_TRUE}" && test -z "${NEED_OWN_STRNSTR_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRNSTR\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"NEED_OWN_STRNSTR\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${NEED_OWN_STRNSTR_TRUE}" && test -z "${NEED_OWN_STRNSTR_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRNSTR\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"NEED_OWN_STRNSTR\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${NEED_OWN_STRCASESTR_TRUE}" && test -z "${NEED_OWN_STRCASESTR_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRCASESTR\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"NEED_OWN_STRCASESTR\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
+if test -z "${NEED_OWN_STRCASESTR_TRUE}" && test -z "${NEED_OWN_STRCASESTR_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRCASESTR\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"NEED_OWN_STRCASESTR\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
if test -z "${NEED_OWN_STRSEP_TRUE}" && test -z "${NEED_OWN_STRSEP_FALSE}"; then
{ { echo "$as_me:$LINENO: error: conditional \"NEED_OWN_STRSEP\" was never defined.
Usually this means the macro was only invoked conditionally." >&5
@@ -18766,6 +18893,8 @@
s,@ENABLE_PINGER_FALSE@,$ENABLE_PINGER_FALSE,;t t
s,@USE_DELAY_POOLS_TRUE@,$USE_DELAY_POOLS_TRUE,;t t
s,@USE_DELAY_POOLS_FALSE@,$USE_DELAY_POOLS_FALSE,;t t
+s,@USE_ICAP_TRUE@,$USE_ICAP_TRUE,;t t
+s,@USE_ICAP_FALSE@,$USE_ICAP_FALSE,;t t
s,@USE_SNMP_TRUE@,$USE_SNMP_TRUE,;t t
s,@USE_SNMP_FALSE@,$USE_SNMP_FALSE,;t t
s,@SNMPLIB@,$SNMPLIB,;t t
@@ -18599,6 +18728,10 @@
s,@USE_KQUEUE_FALSE@,$USE_KQUEUE_FALSE,;t t
s,@NEED_OWN_SNPRINTF_TRUE@,$NEED_OWN_SNPRINTF_TRUE,;t t
s,@NEED_OWN_SNPRINTF_FALSE@,$NEED_OWN_SNPRINTF_FALSE,;t t
+s,@NEED_OWN_STRNSTR_TRUE@,$NEED_OWN_STRNSTR_TRUE,;t t
+s,@NEED_OWN_STRNSTR_FALSE@,$NEED_OWN_STRNSTR_FALSE,;t t
+s,@NEED_OWN_STRCASESTR_TRUE@,$NEED_OWN_STRCASESTR_TRUE,;t t
+s,@NEED_OWN_STRCASESTR_FALSE@,$NEED_OWN_STRCASESTR_FALSE,;t t
s,@NEED_OWN_STRSEP_TRUE@,$NEED_OWN_STRSEP_TRUE,;t t
s,@NEED_OWN_STRSEP_FALSE@,$NEED_OWN_STRSEP_FALSE,;t t
s,@REGEXLIB@,$REGEXLIB,;t t
--- include/autoconf.h.in.orig Wed Jul 12 17:00:31 2006
+++ include/autoconf.h.in Sat Aug 5 16:18:25 2006
@@ -454,6 +454,9 @@
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
+/* Define to 1 if you have the `strcasestr' function. */
+#undef HAVE_STRCASESTR
+
/* Define to 1 if you have the `strerror' function. */
#undef HAVE_STRERROR
@@ -463,6 +466,9 @@
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
+/* Define to 1 if you have the `strnstr' function. */
+#undef HAVE_STRNSTR
+
/* Define to 1 if you have the `strsep' function. */
#undef HAVE_STRSEP
@@ -587,6 +593,9 @@
/* Some systems support __va_copy */
#undef HAVE___VA_COPY
+
+/* Content filtering via ICAP servers. */
+#undef HS_FEAT_ICAP
/* By default (for now anyway) Squid includes options which allows the cache
administrator to violate the HTTP protocol specification in terms of cache
--- lib/Makefile.in.orig Fri Sep 22 11:09:48 2006
+++ lib/Makefile.in Sat Sep 19 20:05:28 2006
@@ -62,20 +62,23 @@
am__libmiscutil_a_SOURCES_DIST = Array.c base64.c getfullhostname.c \
hash.c heap.c html_quote.c iso3307.c md5.c radix.c rfc1035.c \
rfc1123.c rfc1738.c rfc2617.c safe_inet_addr.c snprintf.c \
- splay.c Stack.c strsep.c stub_memaccount.c util.c uudecode.c \
- win32lib.c
+ splay.c Stack.c strnstr.c strcasestr.c strsep.c \
+ stub_memaccount.c util.c uudecode.c win32lib.c
@NEED_OWN_MD5_TRUE@am__objects_1 = md5.$(OBJEXT)
@NEED_OWN_SNPRINTF_TRUE@am__objects_2 = snprintf.$(OBJEXT)
-@NEED_OWN_STRSEP_TRUE@am__objects_3 = strsep.$(OBJEXT)
-@ENABLE_MINGW32SPECIFIC_TRUE@am__objects_4 = win32lib.$(OBJEXT)
+@NEED_OWN_STRNSTR_TRUE@am__objects_3 = strnstr.$(OBJEXT)
+@NEED_OWN_STRCASESTR_TRUE@am__objects_4 = strcasestr.$(OBJEXT)
+@NEED_OWN_STRSEP_TRUE@am__objects_5 = strsep.$(OBJEXT)
+@ENABLE_MINGW32SPECIFIC_TRUE@am__objects_6 = win32lib.$(OBJEXT)
am_libmiscutil_a_OBJECTS = Array.$(OBJEXT) base64.$(OBJEXT) \
getfullhostname.$(OBJEXT) hash.$(OBJEXT) heap.$(OBJEXT) \
html_quote.$(OBJEXT) iso3307.$(OBJEXT) $(am__objects_1) \
radix.$(OBJEXT) rfc1035.$(OBJEXT) rfc1123.$(OBJEXT) \
rfc1738.$(OBJEXT) rfc2617.$(OBJEXT) safe_inet_addr.$(OBJEXT) \
$(am__objects_2) splay.$(OBJEXT) Stack.$(OBJEXT) \
- $(am__objects_3) stub_memaccount.$(OBJEXT) util.$(OBJEXT) \
- uudecode.$(OBJEXT) $(am__objects_4)
+ $(am__objects_3) $(am__objects_4) $(am__objects_5) \
+ stub_memaccount.$(OBJEXT) util.$(OBJEXT) uudecode.$(OBJEXT) \
+ $(am__objects_6)
libmiscutil_a_OBJECTS = $(am_libmiscutil_a_OBJECTS)
libntlmauth_a_AR = $(AR) $(ARFLAGS)
libntlmauth_a_DEPENDENCIES = @LIBOBJS@
@@ -190,6 +193,10 @@
NEED_OWN_MD5_TRUE = @NEED_OWN_MD5_TRUE@
NEED_OWN_SNPRINTF_FALSE = @NEED_OWN_SNPRINTF_FALSE@
NEED_OWN_SNPRINTF_TRUE = @NEED_OWN_SNPRINTF_TRUE@
+NEED_OWN_STRCASESTR_FALSE = @NEED_OWN_STRCASESTR_FALSE@
+NEED_OWN_STRCASESTR_TRUE = @NEED_OWN_STRCASESTR_TRUE@
+NEED_OWN_STRNSTR_FALSE = @NEED_OWN_STRNSTR_FALSE@
+NEED_OWN_STRNSTR_TRUE = @NEED_OWN_STRNSTR_TRUE@
NEED_OWN_STRSEP_FALSE = @NEED_OWN_STRSEP_FALSE@
NEED_OWN_STRSEP_TRUE = @NEED_OWN_STRSEP_TRUE@
NEGOTIATE_AUTH_HELPERS = @NEGOTIATE_AUTH_HELPERS@
@@ -229,6 +236,8 @@
USE_DNSSERVER_TRUE = @USE_DNSSERVER_TRUE@
USE_EPOLL_FALSE = @USE_EPOLL_FALSE@
USE_EPOLL_TRUE = @USE_EPOLL_TRUE@
+USE_ICAP_FALSE = @USE_ICAP_FALSE@
+USE_ICAP_TRUE = @USE_ICAP_TRUE@
USE_KQUEUE_FALSE = @USE_KQUEUE_FALSE@
USE_KQUEUE_TRUE = @USE_KQUEUE_TRUE@
USE_POLL_FALSE = @USE_POLL_FALSE@
@@ -284,6 +293,10 @@
target_alias = @target_alias@
@NEED_OWN_SNPRINTF_FALSE@SNPRINTFSOURCE =
@NEED_OWN_SNPRINTF_TRUE@SNPRINTFSOURCE = snprintf.c
+@NEED_OWN_STRNSTR_FALSE@STRNSTRSOURCE =
+@NEED_OWN_STRNSTR_TRUE@STRNSTRSOURCE = strnstr.c
+@NEED_OWN_STRCASESTR_FALSE@STRCASESTRSOURCE =
+@NEED_OWN_STRCASESTR_TRUE@STRCASESTRSOURCE = strcasestr.c
@NEED_OWN_STRSEP_FALSE@STRSEPSOURCE =
@NEED_OWN_STRSEP_TRUE@STRSEPSOURCE = strsep.c
@NEED_OWN_MD5_FALSE@MD5SOURCE =
@@ -328,6 +341,8 @@
$(SNPRINTFSOURCE) \
splay.c \
Stack.c \
+ $(STRNSTRSOURCE) \
+ $(STRCASESTRSOURCE) \
$(STRSEPSOURCE) \
stub_memaccount.c \
util.c \
@@ -443,6 +458,8 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snprintf.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/splay.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sspwin32.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strcasestr.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strnstr.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/strsep.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/stub_memaccount.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/util.Po@am__quote@
-- src/Makefile.in.orig Sat Nov 4 16:36:15 2006
+++ src/Makefile.in Sat Nov 4 16:36:27 2006
@@ -91,14 +91,15 @@
globals.h gopher.c helper.c htcp.c http.c HttpStatusLine.c \
HttpHdrCc.c HttpHdrRange.c HttpHdrContRange.c HttpHeader.c \
HttpHeaderTools.c HttpBody.c HttpMsg.c HttpReply.c \
- HttpRequest.c icmp.c icp_v2.c icp_v3.c ident.c internal.c \
- ipc.c ipc_win32.c ipcache.c leakfinder.c locrewrite.c \
- logfile.c main.c mem.c MemPool.c MemBuf.c mime.c multicast.c \
- neighbors.c net_db.c Packer.c pconn.c peer_digest.c \
- peer_monitor.c peer_select.c peer_sourcehash.c peer_userhash.c \
- protos.h redirect.c referer.c refresh.c send-announce.c \
- snmp_core.c snmp_agent.c squid.h ssl.c ssl_support.c stat.c \
- StatHist.c String.c stmem.c store.c store_io.c store_client.c \
+ HttpRequest.c icap_common.c icap_reqmod.c icap_respmod.c \
+ icap_opt.c icmp.c icp_v2.c icp_v3.c ident.c internal.c ipc.c \
+ ipc_win32.c ipcache.c leakfinder.c locrewrite.c logfile.c \
+ main.c mem.c MemPool.c MemBuf.c mime.c multicast.c neighbors.c \
+ net_db.c Packer.c pconn.c peer_digest.c peer_monitor.c \
+ peer_select.c peer_sourcehash.c peer_userhash.c protos.h \
+ redirect.c referer.c refresh.c send-announce.c snmp_core.c \
+ snmp_agent.c squid.h ssl.c ssl_support.c stat.c StatHist.c \
+ String.c stmem.c store.c store_io.c store_client.c \
store_digest.c store_dir.c store_key_md5.c store_log.c \
store_rebuild.c store_swapin.c store_swapmeta.c \
store_swapout.c structs.h tools.c typedefs.h unlinkd.c url.c \
@@ -114,14 +115,17 @@
@USE_DNSSERVER_FALSE@am__objects_3 = dns_internal.$(OBJEXT)
@USE_DNSSERVER_TRUE@am__objects_3 = dns.$(OBJEXT)
@ENABLE_HTCP_TRUE@am__objects_4 = htcp.$(OBJEXT)
-@ENABLE_MINGW32SPECIFIC_FALSE@am__objects_5 = ipc.$(OBJEXT)
-@ENABLE_MINGW32SPECIFIC_TRUE@am__objects_5 = ipc_win32.$(OBJEXT)
-@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
-@USE_SNMP_TRUE@am__objects_7 = snmp_core.$(OBJEXT) \
+@USE_ICAP_TRUE@am__objects_5 = icap_common.$(OBJEXT) \
+@USE_ICAP_TRUE@ icap_reqmod.$(OBJEXT) icap_respmod.$(OBJEXT) \
+@USE_ICAP_TRUE@ icap_opt.$(OBJEXT)
+@ENABLE_MINGW32SPECIFIC_FALSE@am__objects_6 = ipc.$(OBJEXT)
+@ENABLE_MINGW32SPECIFIC_TRUE@am__objects_6 = ipc_win32.$(OBJEXT)
+@MAKE_LEAKFINDER_TRUE@am__objects_7 = leakfinder.$(OBJEXT)
+@USE_SNMP_TRUE@am__objects_8 = snmp_core.$(OBJEXT) \
@USE_SNMP_TRUE@ snmp_agent.$(OBJEXT)
-@ENABLE_SSL_TRUE@am__objects_8 = ssl_support.$(OBJEXT)
-@ENABLE_UNLINKD_TRUE@am__objects_9 = unlinkd.$(OBJEXT)
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_10 = win32.$(OBJEXT)
+@ENABLE_SSL_TRUE@am__objects_9 = ssl_support.$(OBJEXT)
+@ENABLE_UNLINKD_TRUE@am__objects_10 = unlinkd.$(OBJEXT)
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_11 = win32.$(OBJEXT)
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) asn.$(OBJEXT) \
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) \
CacheDigest.$(OBJEXT) cache_manager.$(OBJEXT) carp.$(OBJEXT) \
@@ -136,27 +140,27 @@
HttpHdrRange.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \
HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \
HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) HttpReply.$(OBJEXT) \
- HttpRequest.$(OBJEXT) icmp.$(OBJEXT) icp_v2.$(OBJEXT) \
- icp_v3.$(OBJEXT) ident.$(OBJEXT) internal.$(OBJEXT) \
- $(am__objects_5) ipcache.$(OBJEXT) $(am__objects_6) \
- locrewrite.$(OBJEXT) logfile.$(OBJEXT) main.$(OBJEXT) \
- mem.$(OBJEXT) MemPool.$(OBJEXT) MemBuf.$(OBJEXT) \
- mime.$(OBJEXT) multicast.$(OBJEXT) neighbors.$(OBJEXT) \
- net_db.$(OBJEXT) Packer.$(OBJEXT) pconn.$(OBJEXT) \
- peer_digest.$(OBJEXT) peer_monitor.$(OBJEXT) \
+ HttpRequest.$(OBJEXT) $(am__objects_5) icmp.$(OBJEXT) \
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) ident.$(OBJEXT) \
+ internal.$(OBJEXT) $(am__objects_6) ipcache.$(OBJEXT) \
+ $(am__objects_7) locrewrite.$(OBJEXT) logfile.$(OBJEXT) \
+ main.$(OBJEXT) mem.$(OBJEXT) MemPool.$(OBJEXT) \
+ MemBuf.$(OBJEXT) mime.$(OBJEXT) multicast.$(OBJEXT) \
+ neighbors.$(OBJEXT) net_db.$(OBJEXT) Packer.$(OBJEXT) \
+ pconn.$(OBJEXT) peer_digest.$(OBJEXT) peer_monitor.$(OBJEXT) \
peer_select.$(OBJEXT) peer_sourcehash.$(OBJEXT) \
peer_userhash.$(OBJEXT) redirect.$(OBJEXT) referer.$(OBJEXT) \
- refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_7) \
- ssl.$(OBJEXT) $(am__objects_8) stat.$(OBJEXT) \
+ refresh.$(OBJEXT) send-announce.$(OBJEXT) $(am__objects_8) \
+ ssl.$(OBJEXT) $(am__objects_9) stat.$(OBJEXT) \
StatHist.$(OBJEXT) String.$(OBJEXT) stmem.$(OBJEXT) \
store.$(OBJEXT) store_io.$(OBJEXT) store_client.$(OBJEXT) \
store_digest.$(OBJEXT) store_dir.$(OBJEXT) \
store_key_md5.$(OBJEXT) store_log.$(OBJEXT) \
store_rebuild.$(OBJEXT) store_swapin.$(OBJEXT) \
store_swapmeta.$(OBJEXT) store_swapout.$(OBJEXT) \
- tools.$(OBJEXT) $(am__objects_9) url.$(OBJEXT) urn.$(OBJEXT) \
+ tools.$(OBJEXT) $(am__objects_10) url.$(OBJEXT) urn.$(OBJEXT) \
useragent.$(OBJEXT) wais.$(OBJEXT) wccp.$(OBJEXT) \
- wccp2.$(OBJEXT) whois.$(OBJEXT) $(am__objects_10)
+ wccp2.$(OBJEXT) whois.$(OBJEXT) $(am__objects_11)
nodist_squid_OBJECTS = repl_modules.$(OBJEXT) auth_modules.$(OBJEXT) \
store_modules.$(OBJEXT) globals.$(OBJEXT) \
string_arrays.$(OBJEXT)
@@ -282,6 +286,10 @@
NEED_OWN_MD5_TRUE = @NEED_OWN_MD5_TRUE@
NEED_OWN_SNPRINTF_FALSE = @NEED_OWN_SNPRINTF_FALSE@
NEED_OWN_SNPRINTF_TRUE = @NEED_OWN_SNPRINTF_TRUE@
+NEED_OWN_STRCASESTR_FALSE = @NEED_OWN_STRCASESTR_FALSE@
+NEED_OWN_STRCASESTR_TRUE = @NEED_OWN_STRCASESTR_TRUE@
+NEED_OWN_STRNSTR_FALSE = @NEED_OWN_STRNSTR_FALSE@
+NEED_OWN_STRNSTR_TRUE = @NEED_OWN_STRNSTR_TRUE@
NEED_OWN_STRSEP_FALSE = @NEED_OWN_STRSEP_FALSE@
NEED_OWN_STRSEP_TRUE = @NEED_OWN_STRSEP_TRUE@
NEGOTIATE_AUTH_HELPERS = @NEGOTIATE_AUTH_HELPERS@
@@ -321,6 +329,8 @@
USE_DNSSERVER_TRUE = @USE_DNSSERVER_TRUE@
USE_EPOLL_FALSE = @USE_EPOLL_FALSE@
USE_EPOLL_TRUE = @USE_EPOLL_TRUE@
+USE_ICAP_FALSE = @USE_ICAP_FALSE@
+USE_ICAP_TRUE = @USE_ICAP_TRUE@
USE_KQUEUE_FALSE = @USE_KQUEUE_FALSE@
USE_KQUEUE_TRUE = @USE_KQUEUE_TRUE@
USE_POLL_FALSE = @USE_POLL_FALSE@
@@ -376,6 +386,8 @@
sharedstatedir = @sharedstatedir@
sysconfdir = @sysconfdir@
target_alias = @target_alias@
+@USE_ICAP_FALSE@ICAPSOURCE =
+@USE_ICAP_TRUE@ICAPSOURCE = icap_common.c icap_reqmod.c icap_respmod.c icap_opt.c
@USE_DNSSERVER_FALSE@DNSSOURCE = dns_internal.c
@USE_DNSSERVER_TRUE@DNSSOURCE = dns.c
@USE_DNSSERVER_FALSE@DNSSERVER =
@@ -479,6 +491,7 @@
HttpMsg.c \
HttpReply.c \
HttpRequest.c \
+ $(ICAPSOURCE) \
icmp.c \
icp_v2.c \
icp_v3.c \
@@ -791,6 +804,10 @@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/helper.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/htcp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/http.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icap_common.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icap_opt.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icap_reqmod.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icap_respmod.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icmp.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icp_v2.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icp_v3.Po@am__quote@

839
www/squid/files/icap-2.5-core.patch → www/squid31/files/icap-2.6-core.patch
View File

File diff suppressed because it is too large Load Diff

28
www/squid31/files/patch-src-cf.data.pre
View File

@ -1,6 +1,28 @@
--- src/cf.data.pre.orig Fri Aug 20 16:23:18 2004
+++ src/cf.data.pre Fri Aug 20 16:25:23 2004
@@ -2396,12 +2396,12 @@
--- src/cf.data.pre.orig Thu Oct 12 22:48:48 2006
+++ src/cf.data.pre Wed Nov 8 18:56:47 2006
@@ -1183,6 +1183,21 @@
Note that for coss, max-size must be less than COSS_MEMBUF_SZ
(hard coded at 1 MB).
+
+ Note for FreeBSD users:
+ COSS -- like aufs -- uses async IO so if you compiled Squid without
+ support for the aufs storage type, COSS will use POSIX AIO.
+ This means that you need to add the line
+
+ options VFS_AIO
+
+ to your kernel configuration in order to use COSS.
+
+ On FreeBSD 5 and higher you can load the aio(4) module and do not
+ necessarily need to recompile your kernel.
+
+ If you compiled Squid with both support for aufs and COSS, COSS
+ will use aufs' routines and does not need special kernel support.
DOC_END
NAME: logformat
@@ -3280,12 +3295,12 @@
NAME: cache_effective_user
TYPE: string

24
www/squid31/files/patch-src-ftp.c
View File

@ -1,24 +0,0 @@
Patch for Squid bug #1857, obtained from Squid bugzilla 2007-01-15.
--- src/ftp.c.orig Sun Feb 26 00:34:13 2006
+++ src/ftp.c Mon Jan 15 19:46:29 2007
@@ -441,7 +441,7 @@
ftpState->flags.dir_slash ? rfc1738_escape_part(ftpState->old_filepath) : ".");
} else if (ftpState->typecode == 'D') {
const char *path = ftpState->flags.dir_slash ? ftpState->filepath : ".";
- storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", html_quote(path));
+ storeAppendPrintf(e, "<A HREF=\"%s/\">[As extended directory]</A>\n", rfc1738_escape_part(path));
}
storeAppendPrintf(e, "<HR noshade size=\"1px\">\n");
storeAppendPrintf(e, "<ADDRESS>\n");
@@ -689,8 +689,8 @@
snprintf(html, 8192, "%s\n", line);
return html;
}
- if (ftpState->flags.dir_slash)
- snprintf(prefix, sizeof(prefix), "%s/", rfc1738_escape_part(ftpState->dirpath));
+ if (ftpState->flags.dir_slash && ftpState->dirpath && ftpState->typecode != 'D' )
+ snprintf(prefix, 2048, "%s/", rfc1738_escape_part(ftpState->dirpath));
else
prefix[0] = '\0';
/* Handle builtin <dirup> */

11
www/squid31/files/patch-tools-Makefile.in Normal file
View File

@ -0,0 +1,11 @@
--- tools/Makefile.in.orig Sun May 14 18:30:04 2006
+++ tools/Makefile.in Sun May 14 18:31:02 2006
@@ -297,7 +297,7 @@
EXTRA_DIST = \
cachemgr.conf
-DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf
+DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf.default
# Don't automatically uninstall config files
# @if test -f $(DESTDIR)$(DEFAULT_CONFIG_FILE) ; then \

7
www/squid31/files/pkg-deinstall.in
View File

@ -21,12 +21,11 @@ POST-DEINSTALL)
echo " To remove the '%%SQUID_UID%%' user and the '%%SQUID_GID%%' group which were"
echo " created by a default installation of this package, run"
echo ""
echo " pw userdel -r -n %%SQUID_UID%% -u 100"
echo ""
echo " pw userdel -n %%SQUID_UID%% -u 100"
if [ -d ${PKG_PREFIX}/squid -o -d ${PKG_PREFIX}/etc/squid ] ; then
echo ""
echo " To ease updates, the cache and log directories and"
echo " all configuration files modified by you were preserved."
echo " In order to ease updates the cache and log directories"
echo " and all configuration files modified by you were preserved."
echo ""
echo " Please remove them manually if you do not want to use"
echo " Squid any longer."

61
www/squid31/files/pkg-install.in
View File

@ -16,18 +16,11 @@ squid_user="%%SQUID_UID%%"
squid_group="%%SQUID_GID%%"
squid_gid=100
squid_uid=100
# Try to catch the case where the $squid_user might have been created with an
# id greater than or equal 3128. The valid exception is "nobody".
nobody_uid=65534
nobody_gid=65534
squid_oldgid=3128
squid_olduid=3128
unset wrong_id
case $2 in
PRE-INSTALL)
echo "===> Pre-installation configuration for ${pkgname}"
if ! pw groupshow ${squid_group} -q >/dev/null ; then
echo "There is no group '${squid_group}' on this system, so I will try to create it:"
echo "There is no group '${squid_group}' on this system, so I will try to create it (using group id ${squid_gid}):"
if ! pw groupadd ${squid_group} -g ${squid_gid} -q ; then
echo "Failed to create group \"${squid_group}\"!" >&2
echo "Please create it manually." >&2
@ -37,16 +30,11 @@ PRE-INSTALL)
fi
else
echo "I will use the existing group '${squid_group}':"
current_gid=`pw groupshow ${squid_group}|cut -f 3 -d :`
if [ ${current_gid} -ge ${squid_oldgid} \
-a ${current_gid} -ne ${nobody_gid} ]; then
wrong_id=1
fi
fi
pw groupshow ${squid_group}
if ! pw usershow ${squid_user} -q >/dev/null ; then
echo "There is no account '${squid_user}' on this system, so I will try to create it:"
echo "There is no account '${squid_user}' on this system, so I will try to create it (using user id ${squid_uid}):"
if ! pw useradd -q -n ${squid_user} \
-u ${squid_uid} -g ${squid_group} \
-c "Squid caching-proxy pseudo user" \
@ -60,53 +48,8 @@ PRE-INSTALL)
fi
else
echo "I will use the existing user '${squid_user}':"
current_uid=`id -u ${squid_user}`
if [ ${current_uid} -ge ${squid_olduid} \
-a ${current_uid} -ne ${nobody_uid} ];
then
wrong_id=1
fi
fi
pw usershow ${squid_user}
if [ "${wrong_id}" ]; then
echo ""
echo " * NOTICE *"
echo ""
echo "The Squid pseudo-user's uid and/or gid have been found"
echo "to be greater than or equal 3128."
echo ""
echo "This is not a problem as such, but violates the FreeBSD"
echo "ports' principle that a ports must not claim a uid greater"
echo "than 999."
echo ""
echo "Since version 2.5.4_11, the Squid user is thus created"
echo "with an id of ${squid_uid}:${squid_gid} while earlier versions of this"
echo "port used the first unused uid/gid greater than or"
echo "equal 3128."
echo ""
echo "If you want to change the existing Squid user's id, run"
echo "'make changeuser' after the installation has completed."
echo "If you installed this port via a package, issue the"
echo "following commands as root:"
echo ""
echo "pw userdel -u ${current_uid}"
echo "pw groupadd -n ${squid_group} -g ${squid_gid}"
echo "pw useradd -n ${squid_user} -u ${squid_uid} \\"
echo " -c \"Squid caching-proxy pseudo user\" \\"
echo " -g ${squid_group} -d ${squid_base} -s /sbin/nologin \\"
echo " -h -"
echo "find -H ${PKG_PREFIX} -user ${current_uid} -exec chown ${squid_user} {} \\;"
echo "find -H ${PKG_PREFIX} -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
echo ""
echo "In case you have installed third party software for Squid"
echo "like squidGuard, you should additionally run:"
echo "find -H /var -user ${current_uid} -exec chown ${squid_user} {} \\;"
echo "find -H /var -group ${current_gid} -exec chgrp ${squid_group} {} \\;"
echo ""
if [ -z "${PACKAGE_BUILDING}" -a -z "${BATCH}" ]; then
sleep 30
fi
fi
for dir in cache logs; do
if [ ! -d ${squid_base}/${dir} ]; then
echo "Creating ${squid_base}/${dir}..."

21
www/squid31/files/pkg-message.in
View File

@ -1,24 +1,31 @@
o You can find the configuration files for this package in the
directory %%PREFIX%%/etc/squid.
o A cache directory has been created in %%PREFIX%%/squid/cache.
Log files will be written to %%PREFIX%%/squid/logs.
Note:
You must initialize new cache directories before you can start
Squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
squid. Do this by running "squid -z" as 'root' or '%%SQUID_UID%%'.
If your cache directories are already initialized (e.g. after an
upgrade of Squid) you do not need to initialize them again.
upgrade of squid) you do not need to initialize them again.
o The default configuration will deny everyone access to the
proxy service. Edit the "http_access" directives in
%%PREFIX%%/etc/squid/squid.conf to suit your needs.
--begin rcng
Please note that the Squid start script is an rc.d style script.
This means that Squid will not start automatically at boot time.
This means that Squid will not start automatically at boot
time unless it is explicitly enabled.
To enable Squid, set squid_enable=yes in either
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
Please see %%PREFIX%%/etc/rc.d/squid(.sh) for further details.
--end rcng
Note:
If you just updated your Squid installation from 2.5 or earlier,
make sure to check your Squid configuration against the 2.6 default
configuration file %%PREFIX%%/etc/squid/squid.conf.default.
Additionally, you should check your configuration by calling
'squid -f /path/to/squid.conf -k parse' before starting Squid.

73
www/squid/files/squid.sh.in → www/squid31/files/squid.in
View File

@ -2,11 +2,10 @@
#
# $FreeBSD$
#
# --begin rcng
# PROVIDE: squid
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
#
# Note:
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
# /etc/rc.conf.d/squid to make this script actually do something. There
@ -14,34 +13,7 @@
#
# Please see squid(8), rc.conf(5) and rc(8) for further details.
#
# --end rcng
name=squid
command=%%PREFIX%%/sbin/squid
# --begin rcng
extra_commands=reload
reload_cmd="${command} ${squid_flags} -k reconfigure"
# --end rcng
stop_cmd="squid_stop"
squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
# --begin rcng
squid_enable=${squid_enable:-"NO"}
# --end rcng
squid_flags=${squid_flags-"-D"}
squid_user=${squid_user:-%%SQUID_UID%%}
default_config=%%PREFIX%%/etc/squid/squid.conf
# --begin rcold
squid_stop() {
echo -n " ${name}"
${command} -k shutdown
while ps -xcU ${squid_user} | grep -q squid; do
sleep 2
done
}
# --end rcold
# --begin rcng
squid_stop() {
echo "Stopping ${name}."
${command} ${squid_flags} -k shutdown
@ -49,9 +21,25 @@ squid_stop() {
}
. %%RC_SUBR%%
rcvar=`set_rcvar`
name=squid
rcvar=${name}_enable
command=%%PREFIX%%/sbin/squid
extra_commands=reload
reload_cmd="${command} ${squid_flags} -k reconfigure"
stop_cmd="squid_stop"
load_rc_config ${name}
squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
squid_enable=${squid_enable:-"NO"}
squid_flags=${squid_flags-"-D"}
squid_user=${squid_user:-%%SQUID_UID%%}
default_config=%%PREFIX%%/etc/squid/squid.conf
required_dirs=${squid_chdir}
# squid(8) will not start if ${default_config} is not present so try
# to catch that beforehand via ${required_files} rather than make
# squid(8) crash.
@ -61,28 +49,5 @@ load_rc_config ${name}
if [ -z "${squid_flags}" ]; then
required_files=${default_config}
fi
required_dirs=${squid_chdir}
run_rc_command "$1"
# --end rcng
# --begin rcold
case $1 in
start)
if [ -x "${command}" -a \
\( -f "${default_config}" -o "${squid_flags}" \) ]; then
echo -n " ${name}"
(cd ${squid_chdir} && exec su -fm ${squid_user} -c \
"${command} ${squid_flags}")
fi
;;
stop)
if [ -x "${command}" ]; then
${stop_cmd}
fi
;;
*)
echo "usage: ${0##*/} {start|stop}" >&2
exit 64
;;
esac
exit 0
# --end rcold

88
www/squid31/files/squid.sh.in
View File

@ -1,88 +0,0 @@
#!/bin/sh
#
# $FreeBSD$
#
# --begin rcng
# PROVIDE: squid
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Note:
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
# /etc/rc.conf.d/squid to make this script actually do something. There
# you can also set squid_chdir, squid_user, and squid_flags.
#
# Please see squid(8), rc.conf(5) and rc(8) for further details.
#
# --end rcng
name=squid
command=%%PREFIX%%/sbin/squid
# --begin rcng
extra_commands=reload
reload_cmd="${command} ${squid_flags} -k reconfigure"
# --end rcng
stop_cmd="squid_stop"
squid_chdir=${squid_chdir:-%%PREFIX%%/squid/logs}
# --begin rcng
squid_enable=${squid_enable:-"NO"}
# --end rcng
squid_flags=${squid_flags-"-D"}
squid_user=${squid_user:-%%SQUID_UID%%}
default_config=%%PREFIX%%/etc/squid/squid.conf
# --begin rcold
squid_stop() {
echo -n " ${name}"
${command} -k shutdown
while ps -xcU ${squid_user} | grep -q squid; do
sleep 2
done
}
# --end rcold
# --begin rcng
squid_stop() {
echo "Stopping ${name}."
${command} ${squid_flags} -k shutdown
run_rc_command poll
}
. %%RC_SUBR%%
rcvar=`set_rcvar`
load_rc_config ${name}
# squid(8) will not start if ${default_config} is not present so try
# to catch that beforehand via ${required_files} rather than make
# squid(8) crash.
# If you remove the default configuration file make sure to add
# '-f /path/to/your/squid.conf' to squid_flags
if [ -z "${squid_flags}" ]; then
required_files=${default_config}
fi
required_dirs=${squid_chdir}
run_rc_command "$1"
# --end rcng
# --begin rcold
case $1 in
start)
if [ -x "${command}" -a \
\( -f "${default_config}" -o "${squid_flags}" \) ]; then
echo -n " ${name}"
(cd ${squid_chdir} && exec su -fm ${squid_user} -c \
"${command} ${squid_flags}")
fi
;;
stop)
if [ -x "${command}" ]; then
${stop_cmd}
fi
;;
*)
echo "usage: ${0##*/} {start|stop}" >&2
exit 64
;;
esac
exit 0
# --end rcold