Update to Squid 3.2.3.

This is merged from work by myself and Matthias Pitzl @ genua, thanks to
Rodolfo Gouveia for testing with NTLM.

Flavours have been removed:

- the external helper programs for NTLM/LDAP are now in subpackages:
squid-ldap and squid-ntlm.

- SNMP support is built by default in Squid 3.x so this has moved
to the main package (no external dependencies for this).

www/squid/Makefile

@@ -1,12 +1,21 @@
-# $OpenBSD: Makefile,v 1.132 2012/08/27 06:19:48 ajacoutot Exp $
+# $OpenBSD: Makefile,v 1.133 2012/11/28 17:45:29 sthen Exp $
 
-COMMENT=	WWW and FTP proxy cache and accelerator
+MULTI_PACKAGES=	-main -ldap -ntlm
 
-DISTNAME=	squid-2.7.STABLE9
-REVISION=	20
+COMMENT-main=	WWW and FTP proxy cache and accelerator
+COMMENT-ldap=	LDAP authentication/ACL support for Squid
+COMMENT-ntlm=	NTLM authentication/ACL support for Squid
+
+V=		3.2.3
+
+DISTNAME=	squid-$V
+PKGNAME-main=	squid-$V
+PKGNAME-ldap=	squid-ldap-$V
+PKGNAME-ntlm=	squid-ntlm-$V
 CATEGORIES=	www
-MASTER_SITES=	${HOMEPAGE}/Versions/v2/2.7/
-DIST_SUBDIR=	squid
+
+# bzr repository at https://code.launchpad.net/squid
+MASTER_SITES=	${HOMEPAGE}Versions/v${V:R:R}/${V:R}/
 
 MAINTAINER=	Stuart Henderson <sthen@openbsd.org>
 
@@ -18,76 +27,97 @@ PERMIT_PACKAGE_FTP=	Yes
 PERMIT_DISTFILES_CDROM=	Yes
 PERMIT_DISTFILES_FTP=	Yes
 
-WANTLIB=	asn1 c com_err crypto krb5 gssapi m pthread ssl
+WANTLIB += c m pthread stdc++
 
+WANTLIB-main=	${WANTLIB} asn1 crypto gssapi krb5 ssl
+
+SYSCONFDIR=	${BASESYSCONFDIR}/squid
 LOCALSTATEDIR=	${BASELOCALSTATEDIR}/squid
 SUBST_VARS=	LOCALSTATEDIR
 
-FLAVORS=	ldap ntlm snmp
+PSEUDO_FLAVORS=	no_ldap
 FLAVOR?=
 
-.include <bsd.port.arch.mk>
-
-# optimization workaround for gcc 2.95
-.if ${PROPERTIES:Mgcc2}
-PATCH_LIST=     patch-* gcc-*
-.endif
-
-AUTH=		basic digest negotiate
-BASIC_AUTH=	NCSA YP
-DIGEST_AUTH=	password
-EXTERNAL_ACL=	ip_user unix_group
-STOREIO=	aufs ufs diskd null
+BASIC_AUTH=	NCSA SMB NIS radius
+DIGEST_AUTH=	file
+EXTERNAL_ACL=	file_userip session unix_group wbinfo_group
+STOREIO=	aufs ufs diskd #coss rock
 
 SEPARATE_BUILD=	Yes
-AUTOCONF_VERSION= 2.62
+AUTOCONF_VERSION= 2.68
 CONFIGURE_STYLE= autoconf
-MODGNU_CONFIG_GUESS_DIRS=${WRKSRC}/cfgaux
+MODGNU_CONFIG_GUESS_DIRS= ${WRKSRC}/cfgaux
 
-CONFIGURE_ARGS+=--datadir="${PREFIX}/share/squid" \
-		--enable-auth="${AUTH}" \
+USE_GROFF=	Yes
+USE_LIBTOOL=	Yes
+
+CONFIGURE_ARGS+= ${CONFIGURE_SHARED} \
+		--datadir="${PREFIX}/share/squid" \
+		--libexecdir="${PREFIX}/libexec/squid" \
+		--disable-loadable-modules \
 		--enable-arp-acl \
-		--enable-basic-auth-helpers="${BASIC_AUTH}" \
-		--enable-digest-auth-helpers="${DIGEST_AUTH}" \
+		--enable-auth \
+		--enable-auth-basic="${BASIC_AUTH}" \
+		--enable-auth-digest="${DIGEST_AUTH}" \
+		--enable-auth-negotiate="kerberos" \
+		--enable-auth-ntlm="fake smb_lm" \
 		--enable-delay-pools \
 		--enable-external-acl-helpers="${EXTERNAL_ACL}" \
+		--enable-follow-x-forwarded-for \
 		--enable-forw-via-db \
-		--enable-negotiate-auth-helpers="squid_kerb_auth" \
+		--enable-http-violations \
+		--enable-icap-client \
+		--enable-ipv6 \
+		--enable-referer-log \
 		--enable-removal-policies="lru heap" \
 		--enable-ssl \
 		--enable-storeio="${STOREIO}" \
+		--with-default-user="_squid" \
+		--with-filedescriptors=8192 \
+		--with-pidfile="/var/run/squid.pid" \
 		--with-pthreads \
-		--enable-follow-x-forwarded-for
-
-.if ${FLAVOR:L:Mldap}
-BASIC_AUTH+=	LDAP
-DIGEST_AUTH+=	ldap
-EXTERNAL_ACL+=	ldap_group
-WANTLIB+=	ldap lber
-LIB_DEPENDS+=	databases/openldap
+		--with-swapdir="${LOCALSTATEDIR}/cache"
+# PF transparent support requires access to /dev/pf to retrieve the original
+# source address; ipfw-transparent (which requires divert-to) uses an
+# unprivileged getsockname() call instead.
+CONFIGURE_ARGS+= --disable-pf-transparent \
+		--enable-ipfw-transparent
 CONFIGURE_ENV+=	CPPFLAGS="-I${LOCALBASE}/include" \
 		LDFLAGS="-L${LOCALBASE}/lib"
+E=		${TRUEPREFIX}/share/examples/squid
+FAKE_FLAGS=	sysconfdir=$E \
+		DEFAULT_CONFIG_FILE=$E/squid.conf \
+		DEFAULT_MIME_TABLE=$E/mime.conf
+REGRESS_DEPENDS= devel/cppunit
+
+.if !${FLAVOR:L:Mno_ldap}
+BASIC_AUTH+=	LDAP
+DIGEST_AUTH+=	LDAP
+EXTERNAL_ACL+=	LDAP_group
+RUN_DEPENDS-ldap= ${BASE_PKGPATH}
+LIB_DEPENDS-ldap= databases/openldap
+WANTLIB-ldap +=	${WANTLIB} asn1 com_err crypto gssapi krb5
+WANTLIB-ldap +=	lber-2.4 ldap-2.4 sasl2 ssl
 .endif
 
-.if ${FLAVOR:L:Mntlm}
-AUTH+=         ntlm
-BASIC_AUTH+=   SMB
-EXTERNAL_ACL+= wbinfo_group
-RUN_DEPENDS+=  net/samba,ads
-CONFIGURE_ARGS+=--enable-ntlm-auth-helpers="fakeauth SMB"
-.endif
+RUN_DEPENDS-ntlm= net/samba,ads ${BASE_PKGPATH}
 
-.if ${FLAVOR:L:Msnmp}
-CONFIGURE_ARGS+=--enable-snmp
-.endif
+post-extract:
+	@cp ${FILESDIR}/krb5-config ${WRKDIR}/bin
+	@chmod a+x ${WRKDIR}/bin/krb5-config
 
 pre-build:
-	@${SUBST_CMD} ${WRKSRC}/src/defines.h \
-		${WRKSRC}/helpers/external_acl/wbinfo_group/wbinfo_group.pl
+	@cd ${WRKSRC}; \
+	perl -pi -e 's,/usr/local,${LOCALBASE},g' \
+	    helpers/external_acl/wbinfo_group/ext_wbinfo_group_acl.pl.in \
+	    helpers/*/*/config.test \
+	    src/squid.8.in
 
 post-install:
-	@chown -R ${SHAREOWN}:${SHAREGRP} ${PREFIX}/share/examples/squid
-	@find ${PREFIX}/share/examples/squid/errors \
-		-name '*.orig' -print0 | xargs -0 rm -f
+	rm -rf ${WRKINST}/var/squid
+	cd ${PREFIX}/share/examples/squid; \
+	    rm -f mime.conf squid.conf cachemgr.conf errorpage.css
+	${INSTALL_DATA_DIR} ${PREFIX}/share/snmp/mibs
+	-cd ${PREFIX}/share; mv squid/mib.txt snmp/mibs/SQUID-MIB.txt
 
 .include <bsd.port.mk>

www/squid/distinfo

@@ -1,5 +1,2 @@
-MD5 (squid/squid-2.7.STABLE9.tar.gz) = fTuLC92jrlbkONSpWpfTsw==
-RMD160 (squid/squid-2.7.STABLE9.tar.gz) = WcYzSL7tmmcmEtSPnvXnyoH6mEA=
-SHA1 (squid/squid-2.7.STABLE9.tar.gz) = bZD+BkaLZisu79f/60e5p48Khx0=
-SHA256 (squid/squid-2.7.STABLE9.tar.gz) = 1UygSDE8S2Rgn8358ZNKcPwXAgMqXwQHMFbXSR0914E=
-SIZE (squid/squid-2.7.STABLE9.tar.gz) = 1789462
+SHA256 (squid-3.2.3.tar.gz) = 75zNqmfAehgnfLa2IdX0EDlE8tbO+dXqCv+q5p2CFwA=
+SIZE (squid-3.2.3.tar.gz) = 4103625

www/squid/files/krb5-config

@@ -0,0 +1,14 @@
+#! /bin/sh
+#
+#	$OpenBSD: krb5-config,v 1.1 2012/11/28 17:45:29 sthen Exp $
+#
+
+case x$1 in
+x--version)
+	echo 'heimdal';;
+x--libs)
+	echo '-lgssapi -lkrb5 -lasn1 -lcrypto';;
+x--cflags)
+	echo '-I/usr/include/kerberosV';;
+esac
+exit 0

www/squid/patches/gcc-patch-lib_Makefile_in

@@ -1,17 +0,0 @@
-$OpenBSD: gcc-patch-lib_Makefile_in,v 1.4 2010/05/20 08:27:33 ajacoutot Exp $
---- lib/Makefile.in.orig	Fri May  1 03:24:40 2009
-+++ lib/Makefile.in	Sat Apr 11 06:40:50 2009
-@@ -432,6 +432,13 @@ distclean-compile:
- @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- @am__fastdepCC_FALSE@	$(COMPILE) -c `$(CYGPATH_W) '$<'`
- 
-+rfc1035.$(OBJEXT):
-+@am__fastdepCC_TRUE@	if $(COMPILE) -MT $@ -MD -MP -MF "$(DEPDIR)/$*.Tpo" -O0 -c -o $@ $<; \
-+@am__fastdepCC_TRUE@	then mv -f "$(DEPDIR)/$*.Tpo" "$(DEPDIR)/$*.Po"; else rm -f "$(DEPDIR)/$*.Tpo"; exit 1; fi
-+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
-+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-+@am__fastdepCC_FALSE@  $(COMPILE) -O0 -c $<
-+
- ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
- 	list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
- 	unique=`for i in $$list; do \

www/squid/patches/patch-configure_ac

@@ -0,0 +1,20 @@
+$OpenBSD: patch-configure_ac,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- configure.ac.orig	Fri Nov  9 13:13:51 2012
++++ configure.ac	Fri Nov  9 13:14:29 2012
+@@ -571,6 +571,16 @@ for module in $squid_disk_module_candidates none; do
+               fi
+             fi
+             ;;
++          openbsd)
++            if test `echo "$squid_host_os_version" | tr -d .` -lt 52 ; then
++                AC_MSG_NOTICE(pthread library requires OpenBSD 5.2 or later)
++                squid_opt_use_diskthreads="no"
++            else
++              SQUID_CFLAGS="$SQUID_CFLAGS -D_REENTRANT"
++              SQUID_CXXFLAGS="$SQUID_CXXFLAGS -D_REENTRANT"
++              LDFLAGS="$LDFLAGS -lpthread"
++            fi
++            ;;
+           solaris)
+             if test "x$GCC" = "xyes" ; then
+               SQUID_CFLAGS="$SQUID_CFLAGS -D_REENTRANT -pthreads"

www/squid/patches/patch-configure_in

@@ -1,50 +0,0 @@
-$OpenBSD: patch-configure_in,v 1.32 2012/08/27 06:19:48 ajacoutot Exp $
---- configure.in.orig	Tue Mar 16 20:10:12 2010
-+++ configure.in	Fri Aug 17 00:44:48 2012
-@@ -17,11 +17,6 @@ AM_MAINTAINER_MODE
- PRESET_CFLAGS="$CFLAGS"
- PRESET_LDFLAGS="$LDFLAGS"
- 
--dnl Set default LDFLAGS
--if test -z "$LDFLAGS"; then
--	LDFLAGS="-g"
--fi
--
- dnl Check for GNU cc
- AC_PROG_CC
- AM_PROG_CC_C_O
-@@ -2350,18 +2345,6 @@ dnl during compile.
- 		;;
- esac
- 
--# Remove optimization for GCC 2.95.[123]
--# gcc -O[2] on *BSD and Linux (x86) causes pointers to magically become NULL
--if test "$GCC" = "yes"; then
--	GCCVER=`$CC -v 2>&1 | awk '$2 ==  "version" {print $3}'`
--	case "$GCCVER" in
--	[2.95.[123]])
--		echo "Removing -O for gcc on $host with GCC $GCCVER"
--		CFLAGS="`echo $CFLAGS | sed -e 's/-O[[0-9]]*//'`"
--		;;
--	esac
--fi
--
- # Recommended by Balint Nagy Endre <bne@CareNet.hu>
- case "$host" in
- 	*-univel-sysv4.2MP)
-@@ -2906,12 +2889,14 @@ AC_ARG_WITH(maxfd,
-     ;;
-   esac
- ])
-+
-+TLDFLAGS="$LDFLAGS"
-+
- if test -z "$SQUID_MAXFD"; then
- 
- dnl Not cached since people are likely to tune this
- AC_MSG_CHECKING(Maximum number of filedescriptors we can open)
- dnl damn! FreeBSD's pthreads breaks dup2().
--TLDFLAGS="$LDFLAGS"
- case $host in
- i386-unknown-freebsd*)
-     if echo "$LDFLAGS" | grep -q pthread; then

www/squid/patches/patch-errors_Makefile_in

@@ -1,12 +0,0 @@
-$OpenBSD: patch-errors_Makefile_in,v 1.12 2009/10/30 00:56:57 sthen Exp $
---- errors/Makefile.in.orig	Thu Apr 30 21:24:03 2009
-+++ errors/Makefile.in	Thu Oct 29 18:29:29 2009
-@@ -192,7 +192,7 @@ target_alias = @target_alias@
- top_build_prefix = @top_build_prefix@
- top_builddir = @top_builddir@
- top_srcdir = @top_srcdir@
--errordir = $(datadir)/errors
-+errordir = $(prefix)/share/examples/squid/errors
- DEFAULT_ERROR_DIR = $(errordir)
- INSTALL_LANGUAGES = @ERR_LANGUAGES@
- LANGUAGES = \

www/squid/patches/patch-helpers_basic_auth_LDAP_config_test

@@ -0,0 +1,10 @@
+$OpenBSD: patch-helpers_basic_auth_LDAP_config_test,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- helpers/basic_auth/LDAP/config.test.orig	Sat Oct  6 04:08:36 2012
++++ helpers/basic_auth/LDAP/config.test	Fri Nov  9 10:04:14 2012
+@@ -1,5 +1,5 @@
+ #!/bin/sh
+-if [ -f /usr/include/ldap.h ]; then
++if [ -f /usr/include/ldap.h -o -f /usr/local/include/ldap.h ]; then
+ 	exit 0
+ fi
+ if [ -f /usr/include/winldap.h ]; then

www/squid/patches/patch-helpers_basic_auth_MSNT_Makefile_in

@@ -1,12 +0,0 @@
-$OpenBSD: patch-helpers_basic_auth_MSNT_Makefile_in,v 1.6 2009/10/30 00:56:57 sthen Exp $
---- helpers/basic_auth/MSNT/Makefile.in.orig	Thu Apr 30 21:24:06 2009
-+++ helpers/basic_auth/MSNT/Makefile.in	Wed Oct 28 19:59:13 2009
-@@ -223,7 +223,7 @@ psdir = @psdir@
- sbindir = @sbindir@
- sharedstatedir = @sharedstatedir@
- srcdir = @srcdir@
--sysconfdir = @sysconfdir@
-+sysconfdir = @sysconfdir@/squid
- target_alias = @target_alias@
- top_build_prefix = @top_build_prefix@
- top_builddir = @top_builddir@

www/squid/patches/patch-helpers_basic_auth_SASL_config_test

@@ -0,0 +1,14 @@
+$OpenBSD: patch-helpers_basic_auth_SASL_config_test,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- helpers/basic_auth/SASL/config.test.orig	Fri Nov  9 12:43:17 2012
++++ helpers/basic_auth/SASL/config.test	Fri Nov  9 12:43:57 2012
+@@ -1,8 +1,8 @@
+ #!/bin/sh
+-if [ -f /usr/include/sasl.h ]; then
++if [ -f /usr/include/sasl.h -o -f /usr/local/include/sasl.h ]; then
+ 	exit 0
+ fi
+-if [ -f /usr/include/sasl/sasl.h ]; then
++if [ -f /usr/include/sasl/sasl.h -o -f /usr/local/include/sasl/sasl.h ]; then
+ 	exit 0
+ fi
+ exit 1

www/squid/patches/patch-helpers_basic_auth_SMB_Makefile_in

@@ -1,12 +0,0 @@
-$OpenBSD: patch-helpers_basic_auth_SMB_Makefile_in,v 1.1 2010/11/26 13:45:04 dcoppa Exp $
---- helpers/basic_auth/SMB/Makefile.in.orig	Sun Mar 14 21:27:12 2010
-+++ helpers/basic_auth/SMB/Makefile.in	Tue Nov 23 15:10:11 2010
-@@ -227,7 +227,7 @@ top_build_prefix = @top_build_prefix@
- top_builddir = @top_builddir@
- top_srcdir = @top_srcdir@
- SMB_AUTH_HELPER = smb_auth.sh
--SAMBAPREFIX = /usr/local/samba
-+SAMBAPREFIX = ${LOCALBASE}
- SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
- libexec_SCRIPTS = $(SMB_AUTH_HELPER)
- smb_auth_CFLAGS = -DSAMBAPREFIX=\"$(SAMBAPREFIX)\" -DHELPERSCRIPT=\"$(SMB_AUTH_HELPER_PATH)\"

www/squid/patches/patch-helpers_digest_auth_LDAP_config_test

@@ -0,0 +1,10 @@
+$OpenBSD: patch-helpers_digest_auth_LDAP_config_test,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- helpers/digest_auth/LDAP/config.test.orig	Fri Nov  9 14:52:51 2012
++++ helpers/digest_auth/LDAP/config.test	Fri Nov  9 14:52:59 2012
+@@ -1,5 +1,5 @@
+ #!/bin/sh
+-if [ -f /usr/include/ldap.h ]; then
++if [ -f /usr/include/ldap.h -o -f /usr/local/include/ldap.h ]; then
+ 	exit 0
+ fi
+ if [ -f /usr/include/winldap.h ]; then

www/squid/patches/patch-helpers_digest_auth_eDirectory_config_test

@@ -0,0 +1,10 @@
+$OpenBSD: patch-helpers_digest_auth_eDirectory_config_test,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- helpers/digest_auth/eDirectory/config.test.orig	Fri Nov  9 14:53:13 2012
++++ helpers/digest_auth/eDirectory/config.test	Fri Nov  9 14:53:57 2012
+@@ -1,5 +1,5 @@
+ #!/bin/sh
+-if [ -f /usr/include/ldap.h ]; then
++if [ -f /usr/include/ldap.h -o -f /usr/local/include/ldap.h ]; then
+ 	exit 0
+ fi
+ if [ -f /usr/include/winldap.h ]; then

www/squid/patches/patch-helpers_external_acl_LDAP_group_config_test

@@ -0,0 +1,10 @@
+$OpenBSD: patch-helpers_external_acl_LDAP_group_config_test,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- helpers/external_acl/LDAP_group/config.test.orig	Fri Nov  9 14:53:13 2012
++++ helpers/external_acl/LDAP_group/config.test	Fri Nov  9 14:54:13 2012
+@@ -1,5 +1,5 @@
+ #!/bin/sh
+-if [ -f /usr/include/ldap.h ]; then
++if [ -f /usr/include/ldap.h -o -f /usr/local/include/ldap.h ]; then
+ 	exit 0
+ fi
+ if [ -f /usr/include/winldap.h ]; then

www/squid/patches/patch-helpers_external_acl_eDirectory_userip_config_test

@@ -0,0 +1,11 @@
+$OpenBSD: patch-helpers_external_acl_eDirectory_userip_config_test,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- helpers/external_acl/eDirectory_userip/config.test.orig	Fri Nov  9 14:53:13 2012
++++ helpers/external_acl/eDirectory_userip/config.test	Fri Nov  9 14:54:22 2012
+@@ -1,6 +1,6 @@
+ #!/bin/sh
+ 
+-if [ -f /usr/include/ldap.h ]; then
++if [ -f /usr/include/ldap.h -o -f /usr/local/include/ldap.h ]; then
+ 	exit 0
+ fi
+ if [ -f /usr/include/winldap.h ]; then

www/squid/patches/patch-helpers_external_acl_wbinfo_group_ext_wbinfo_group_acl_pl_in

@@ -0,0 +1,22 @@
+$OpenBSD: patch-helpers_external_acl_wbinfo_group_ext_wbinfo_group_acl_pl_in,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- helpers/external_acl/wbinfo_group/ext_wbinfo_group_acl.pl.in.orig	Sat Oct 20 13:39:49 2012
++++ helpers/external_acl/wbinfo_group/ext_wbinfo_group_acl.pl.in	Fri Nov  9 21:55:59 2012
+@@ -126,14 +126,14 @@ sub check {
+ 		@tmpuser = split(/\@/, $user);
+ 		$user = "$tmpuser[1]\\$tmpuser[0]";
+ 	}
+-        $groupSID = `wbinfo -n "$group" | cut -d" " -f1`;
++        $groupSID = `/usr/local/bin/wbinfo -n "$group" | cut -d" " -f1`;
+         chop  $groupSID;
+-        $groupGID = `wbinfo -Y "$groupSID"`;
++        $groupGID = `/usr/local/bin/wbinfo -Y "$groupSID"`;
+         chop $groupGID;
+         &debug( "User:  -$user-\nGroup: -$group-\nSID:   -$groupSID-\nGID:   -$groupGID-");
+         return 'ERR' if($groupGID eq ""); # Verify if groupGID variable is empty.
+-        return 'ERR' if(`wbinfo -r \Q$user\E` eq ""); # Verify if "wbinfo -r" command returns no value.
+-        return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
++        return 'ERR' if(`/usr/local/bin/wbinfo -r \Q$user\E` eq ""); # Verify if "wbinfo -r" command returns no value.
++        return 'OK' if(`/usr/local/bin/wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
+         return 'ERR';
+ }
+ 

www/squid/patches/patch-helpers_external_acl_wbinfo_group_wbinfo_group_pl

@@ -1,22 +0,0 @@
-$OpenBSD: patch-helpers_external_acl_wbinfo_group_wbinfo_group_pl,v 1.1 2010/11/26 13:45:04 dcoppa Exp $
---- helpers/external_acl/wbinfo_group/wbinfo_group.pl.orig	Mon Nov 15 20:11:59 2010
-+++ helpers/external_acl/wbinfo_group/wbinfo_group.pl	Mon Nov 15 20:12:56 2010
-@@ -45,14 +45,14 @@ sub debug {
- #
- sub check {
-         local($user, $group) = @_;
--        $groupSID = `wbinfo -n "$group" | cut -d" " -f1`;
-+        $groupSID = `${LOCALBASE}/bin/wbinfo -n "$group" | cut -d" " -f1`;
-         chop  $groupSID;
--        $groupGID = `wbinfo -Y "$groupSID"`;
-+        $groupGID = `${LOCALBASE}/bin/wbinfo -Y "$groupSID"`;
-         chop $groupGID;
-         &debug( "User:  -$user-\nGroup: -$group-\nSID:   -$groupSID-\nGID:   -$groupGID-");
-         return 'ERR' if($groupGID eq ""); # Verify if groupGID variable is empty.
--        return 'ERR' if(`wbinfo -r \Q$user\E` eq ""); # Verify if "wbinfo -r" command returns no value.
--        return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
-+        return 'ERR' if(`${LOCALBASE}/bin/wbinfo -r \Q$user\E` eq ""); # Verify if "wbinfo -r" command returns no value.
-+        return 'OK' if(`${LOCALBASE}/bin/wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
-         return 'ERR';
- }
- 

www/squid/patches/patch-helpers_negotiate_auth_squid_kerb_auth_Makefile_in

@@ -1,20 +0,0 @@
-$OpenBSD: patch-helpers_negotiate_auth_squid_kerb_auth_Makefile_in,v 1.3 2009/10/30 00:56:57 sthen Exp $
---- helpers/negotiate_auth/squid_kerb_auth/Makefile.in.orig	Wed Sep 16 18:36:24 2009
-+++ helpers/negotiate_auth/squid_kerb_auth/Makefile.in	Wed Oct 28 19:16:46 2009
-@@ -225,12 +225,12 @@ LDADD = $(KERBLIBS)
- #-L$(top_builddir)/lib -lmiscutil $(XTRA_LIBS)
- 
- # HEIMDAL
--#KERBINC = -DHEIMDAL -I/usr/include/heimdal
--#KERBLIBS = -lgssapi -lkrb5 -lcom_err -lasn1 -lroken
-+KERBINC = -DHEIMDAL -I/usr/include/kerberosV
-+KERBLIBS = -lgssapi -lkrb5 -lcom_err -lasn1 -lcrypto
- 
- # MIT
--KERBINC = 
--KERBLIBS = -lgssapi_krb5 -lkrb5 -lcom_err
-+#KERBINC = 
-+#KERBLIBS = -lgssapi_krb5 -lkrb5 -lcom_err
- all: all-am
- 
- .SUFFIXES:

www/squid/patches/patch-helpers_negotiate_auth_squid_kerb_auth_squid_kerb_auth_c

@@ -1,12 +0,0 @@
-$OpenBSD: patch-helpers_negotiate_auth_squid_kerb_auth_squid_kerb_auth_c,v 1.1 2011/09/05 07:18:41 giovanni Exp $
---- helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c.orig	Thu Sep  1 18:24:45 2011
-+++ helpers/negotiate_auth/squid_kerb_auth/squid_kerb_auth.c	Thu Sep  1 18:25:35 2011
-@@ -114,7 +114,7 @@ char *gethost_name(void) {
-   }
- 
-   freeaddrinfo(hres);
--  hostname[MAXHOSTNAMELEN]='\0';
-+  hostname[MAXHOSTNAMELEN-1]='\0';
-   return(strdup(hostname));
- }
- 

www/squid/patches/patch-icons_Makefile_in

@@ -1,12 +0,0 @@
-$OpenBSD: patch-icons_Makefile_in,v 1.12 2009/10/30 00:56:57 sthen Exp $
---- icons/Makefile.in.orig	Thu Apr 30 21:24:39 2009
-+++ icons/Makefile.in	Wed Oct 28 19:16:47 2009
-@@ -229,7 +229,7 @@ ICON2 = anthony-bomb.gif \
- 		anthony-xbm.gif \
- 		anthony-xpm.gif
- 
--icondir = $(datadir)/icons
-+icondir = $(prefix)/share/examples/squid/icons
- icon_DATA = $(ICON1) $(ICON2)
- EXTRA_DIST = $(ICON1) $(ICON2) icons.shar
- DISTCLEANFILES = 

www/squid/patches/patch-src_Makefile_in

@@ -1,98 +0,0 @@
-$OpenBSD: patch-src_Makefile_in,v 1.17 2010/06/18 10:32:17 sthen Exp $
---- src/Makefile.in.orig	Sun Mar 14 16:27:27 2010
-+++ src/Makefile.in	Thu Jun 17 22:13:15 2010
-@@ -238,7 +238,7 @@ CPP = @CPP@
- CPPFLAGS = @CPPFLAGS@
- CRYPTLIB = @CRYPTLIB@
- CYGPATH_W = @CYGPATH_W@
--DEFS = @DEFS@ -DDEFAULT_CONFIG_FILE=\"$(DEFAULT_CONFIG_FILE)\"
-+DEFS = @DEFS@ -DDEFAULT_CONFIG_FILE=\"$(sysconfdir)/squid.conf\"
- DEPDIR = @DEPDIR@
- DIGEST_AUTH_HELPERS = @DIGEST_AUTH_HELPERS@
- ECHO_C = @ECHO_C@
-@@ -354,7 +354,7 @@ psdir = @psdir@
- sbindir = @sbindir@
- sharedstatedir = @sharedstatedir@
- srcdir = @srcdir@
--sysconfdir = @sysconfdir@
-+sysconfdir = @sysconfdir@/squid
- target_alias = @target_alias@
- top_build_prefix = @top_build_prefix@
- top_builddir = @top_builddir@
-@@ -609,8 +609,8 @@ EXTRA_DIST = \
- DEFAULT_HTTP_PORT = @CACHE_HTTP_PORT@
- DEFAULT_ICP_PORT = @CACHE_ICP_PORT@
- DEFAULT_PREFIX = $(prefix)
--DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf
--DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf
-+DEFAULT_CONFIG_FILE = $(prefix)/share/examples/squid/squid.conf
-+DEFAULT_MIME_TABLE = $(prefix)/share/examples/squid/mime.conf
- DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
- DEFAULT_LOG_PREFIX = $(localstatedir)/logs
- DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
-@@ -884,37 +884,37 @@ distclean-compile:
- @am__fastdepCC_FALSE@	$(COMPILE) -c `$(CYGPATH_W) '$<'`
- install-dataDATA: $(data_DATA)
- 	@$(NORMAL_INSTALL)
--	test -z "$(datadir)" || $(MKDIR_P) "$(DESTDIR)$(datadir)"
-+	test -z "$(datadir)" || $(MKDIR_P) "$(DESTDIR)$(prefix)/share/examples/squid"
- 	@list='$(data_DATA)'; for p in $$list; do \
- 	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
- 	  f=$(am__strip_dir) \
--	  echo " $(dataDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(datadir)/$$f'"; \
--	  $(dataDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(datadir)/$$f"; \
-+	  echo " $(dataDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(prefix)/share/examples/squid/$$f'"; \
-+	  $(dataDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(prefix)/share/examples/squid/$$f"; \
- 	done
- 
- uninstall-dataDATA:
- 	@$(NORMAL_UNINSTALL)
- 	@list='$(data_DATA)'; for p in $$list; do \
- 	  f=$(am__strip_dir) \
--	  echo " rm -f '$(DESTDIR)$(datadir)/$$f'"; \
--	  rm -f "$(DESTDIR)$(datadir)/$$f"; \
-+	  echo " rm -f '$(DESTDIR)$(prefix)/share/examples/squid/$$f'"; \
-+	  rm -f "$(DESTDIR)$(prefix)/share/examples/squid/$$f"; \
- 	done
- install-sysconfDATA: $(sysconf_DATA)
- 	@$(NORMAL_INSTALL)
--	test -z "$(sysconfdir)" || $(MKDIR_P) "$(DESTDIR)$(sysconfdir)"
-+	test -z "$(sysconfdir)" || $(MKDIR_P) "$(DESTDIR)$(prefix)/share/examples/squid"
- 	@list='$(sysconf_DATA)'; for p in $$list; do \
- 	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
- 	  f=$(am__strip_dir) \
--	  echo " $(sysconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(sysconfdir)/$$f'"; \
--	  $(sysconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(sysconfdir)/$$f"; \
-+	  echo " $(sysconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(prefix)/share/examples/squid/$$f'"; \
-+	  $(sysconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(prefix)/share/examples/squid/$$f"; \
- 	done
- 
- uninstall-sysconfDATA:
- 	@$(NORMAL_UNINSTALL)
- 	@list='$(sysconf_DATA)'; for p in $$list; do \
- 	  f=$(am__strip_dir) \
--	  echo " rm -f '$(DESTDIR)$(sysconfdir)/$$f'"; \
--	  rm -f "$(DESTDIR)$(sysconfdir)/$$f"; \
-+	  echo " rm -f '$(DESTDIR)$(prefix)/share/examples/squid/$$f'"; \
-+	  rm -f "$(DESTDIR)$(prefix)/share/examples/squid/$$f"; \
- 	done
- 
- # This directory's subdirectories are mostly independent; you can cd
-@@ -1096,7 +1096,7 @@ check: $(BUILT_SOURCES)
- all-am: Makefile $(PROGRAMS) $(DATA)
- installdirs: installdirs-recursive
- installdirs-am:
--	for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(datadir)" "$(DESTDIR)$(sysconfdir)"; do \
-+	for dir in "$(DESTDIR)$(libexecdir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(prefix)/share/examples/squid"; do \
- 	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
- 	done
- install: $(BUILT_SOURCES)
-@@ -1243,7 +1243,7 @@ cf.data: cf.data.pre Makefile
- 	sed "\
- 	s%@DEFAULT_HTTP_PORT@%$(DEFAULT_HTTP_PORT)%g;\
- 	s%@DEFAULT_ICP_PORT@%$(DEFAULT_ICP_PORT)%g;\
--	s%@DEFAULT_MIME_TABLE@%$(DEFAULT_MIME_TABLE)%g;\
-+	s%@DEFAULT_MIME_TABLE@%$(sysconfdir)/mime.conf%g;\
- 	s%@DEFAULT_DNSSERVER@%$(DEFAULT_DNSSERVER)%g;\
- 	s%@DEFAULT_UNLINKD@%$(DEFAULT_UNLINKD)%g;\
- 	s%@DEFAULT_PINGER@%$(DEFAULT_PINGER)%g;\

www/squid/patches/patch-src_cf_data_pre

@@ -1,7 +1,10 @@
-$OpenBSD: patch-src_cf_data_pre,v 1.32 2011/05/30 20:56:30 sthen Exp $
---- src/cf.data.pre.orig	Mon Nov  9 17:38:57 2009
-+++ src/cf.data.pre	Sun May 29 16:36:32 2011
-@@ -3738,7 +3738,7 @@ NAME: shutdown_lifetime
+$OpenBSD: patch-src_cf_data_pre,v 1.33 2012/11/28 17:45:29 sthen Exp $
+
+30 seconds is too slow for rc.d
+
+--- src/cf.data.pre.orig	Sat Oct 20 13:39:49 2012
++++ src/cf.data.pre	Fri Nov  9 10:14:31 2012
+@@ -4765,7 +4765,7 @@ NAME: shutdown_lifetime
  COMMENT: time-units
  TYPE: time_t
  LOC: Config.shutdownLifetime
@@ -10,21 +13,3 @@ $OpenBSD: patch-src_cf_data_pre,v 1.32 2011/05/30 20:56:30 sthen Exp $
  DOC_START
  	When SIGTERM or SIGHUP is received, the cache is put into
  	"shutdown pending" mode until all active sockets are closed.
-@@ -3787,7 +3787,7 @@ DOC_END
- 
- NAME: cache_effective_user
- TYPE: string
--DEFAULT: nobody
-+DEFAULT: _squid
- LOC: Config.effectiveUser
- DOC_START
- 	If you start Squid as root, it will change its effective/real
-@@ -3801,7 +3801,7 @@ DOC_END
- 
- NAME: cache_effective_group
- TYPE: string
--DEFAULT: none
-+DEFAULT: _squid
- LOC: Config.effectiveGroup
- DOC_START
- 	If you want Squid to run with a specific GID regardless of

www/squid/patches/patch-src_defines_h

@@ -1,12 +0,0 @@
-$OpenBSD: patch-src_defines_h,v 1.1 2010/11/26 13:45:04 dcoppa Exp $
---- src/defines.h.orig	Tue Nov 23 15:08:29 2010
-+++ src/defines.h	Tue Nov 23 15:09:48 2010
-@@ -259,7 +259,7 @@
- 
- /* were to look for errors if config path fails */
- #ifndef DEFAULT_SQUID_ERROR_DIR
--#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors"
-+#define DEFAULT_SQUID_ERROR_DIR "${PREFIX}/share/squid/errors"
- #endif
- 
- /* gb_type operations */

www/squid/patches/patch-src_squid_8_in

@@ -0,0 +1,18 @@
+$OpenBSD: patch-src_squid_8_in,v 1.1 2012/11/28 17:45:29 sthen Exp $
+--- src/squid.8.in.orig	Fri Nov  9 20:43:41 2012
++++ src/squid.8.in	Fri Nov  9 20:45:15 2012
+@@ -180,12 +180,14 @@ Some packaging distributions block even that.
+ .if !'po4a'hide' .IP "squid.conf.default"
+ Reference copy of the configuration file. Always kept up to date with
+ the version of Squid you are using.
++Located in /usr/local/share/examples/squid in the OpenBSD package.
+ .IP
+ Use this to look up the default configuration settings and syntax after upgrading.
+ .
+ .if !'po4a'hide' .IP "squid.conf.documented"
+ Reference copy of the configuration file. Always kept up to date with
+ the version of Squid you are using.
++Located in /usr/local/share/examples/squid in the OpenBSD package.
+ .IP
+ Use this to read the documentation for configuration options available in
+ your build of Squid. The online configuration manual is also available for

www/squid/patches/patch-src_ssl_support_c

@@ -1,34 +0,0 @@
-$OpenBSD: patch-src_ssl_support_c,v 1.2 2012/06/30 09:32:28 sthen Exp $
-
-Allow building against OpenSSL without SSLv2 support.
-
---- src/ssl_support.c.orig	Sun Mar 14 13:20:45 2010
-+++ src/ssl_support.c	Wed Jun 20 18:27:57 2012
-@@ -447,8 +447,13 @@ sslCreateServerContext(const char *certfile, const cha
-     debug(83, 1) ("Initialising SSL.\n");
-     switch (version) {
-     case 2:
-+#ifndef OPENSSL_NO_SSL2
- 	debug(83, 5) ("Using SSLv2.\n");
- 	method = SSLv2_server_method();
-+#else
-+	debug(83, 1) ("SSLv2 is not available in this Proxy.\n");
-+	return NULL;
-+#endif
- 	break;
-     case 3:
- 	debug(83, 5) ("Using SSLv3.\n");
-@@ -610,8 +615,13 @@ sslCreateClientContext(const char *certfile, const cha
-     debug(83, 1) ("Initialising SSL.\n");
-     switch (version) {
-     case 2:
-+#ifndef OPENSSL_NO_SSL2
- 	debug(83, 5) ("Using SSLv2.\n");
- 	method = SSLv2_client_method();
-+#else
-+	debug(83, 1) ("SSLv2 is not available in this Proxy.\n");
-+	return NULL;
-+#endif
- 	break;
-     case 3:
- 	debug(83, 5) ("Using SSLv3.\n");

www/squid/patches/patch-tools_Makefile_in

@@ -1,11 +1,23 @@
-$OpenBSD: patch-tools_Makefile_in,v 1.3 2009/10/30 00:56:57 sthen Exp $
---- tools/Makefile.in.orig	Thu Apr 30 21:24:45 2009
-+++ tools/Makefile.in	Wed Oct 28 19:16:47 2009
-@@ -62,6 +62,7 @@ PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS)
- am_cachemgr__CGIEXT__OBJECTS = cachemgr__CGIEXT_-cachemgr.$(OBJEXT)
- cachemgr__CGIEXT__OBJECTS = $(am_cachemgr__CGIEXT__OBJECTS)
- cachemgr__CGIEXT__LDADD = $(LDADD)
-+cachemgr__CGIEXT__LDFLAGS = -static
- am__DEPENDENCIES_1 =
- cachemgr__CGIEXT__DEPENDENCIES = $(am__DEPENDENCIES_1)
- cachemgr__CGIEXT__LINK = $(CCLD) $(cachemgr__CGIEXT__CFLAGS) $(CFLAGS) \
+$OpenBSD: patch-tools_Makefile_in,v 1.4 2012/11/28 17:45:29 sthen Exp $
+
+## intending to link a static cachemgr.cgi, but this is not enough.
+
+--- tools/Makefile.in.orig	Sat Oct 20 13:40:24 2012
++++ tools/Makefile.in	Fri Nov  9 22:42:29 2012
+@@ -84,6 +84,7 @@ cachemgr__CGIEXT__DEPENDENCIES = $(top_builddir)/src/i
+ 	$(am__DEPENDENCIES_3) $(am__DEPENDENCIES_3)
+ cachemgr__CGIEXT__LINK = $(LIBTOOL) --tag=CXX $(AM_LIBTOOLFLAGS) \
+ 	$(LIBTOOLFLAGS) --mode=link $(CXXLD) \
++	-nopie -static \
+ 	$(cachemgr__CGIEXT__CXXFLAGS) $(CXXFLAGS) $(AM_LDFLAGS) \
+ 	$(LDFLAGS) -o $@
+ am_squidclient_OBJECTS = squidclient.$(OBJEXT) stub_debug.$(OBJEXT) \
+@@ -438,7 +439,7 @@ cachemgr__CGIEXT__SOURCES = cachemgr.cc \
+ 	test_tools.cc \
+ 	time.cc
+ 
+-cachemgr__CGIEXT__CXXFLAGS = -DDEFAULT_CACHEMGR_CONFIG=\"$(DEFAULT_CACHEMGR_CONFIG)\" $(AM_CXXFLAGS)
++cachemgr__CGIEXT__CXXFLAGS = -fno-pie -DDEFAULT_CACHEMGR_CONFIG=\"$(DEFAULT_CACHEMGR_CONFIG)\" $(AM_CXXFLAGS)
+ all: all-recursive
+ 
+ .SUFFIXES:

www/squid/pkg/DESCR-ldap

@@ -0,0 +1 @@
+This package provides LDAP authentication and ACL helpers for Squid.

www/squid/pkg/DESCR-main

@@ -10,8 +10,3 @@ caching of failed requests.
 Squid supports SSL, extensive access controls, and full request logging.
 By using the lightweight Internet Cache Protocol, Squid caches can be
 arranged in a hierarchy or mesh for additional bandwidth savings.
-
-Flavors:
-	ldap - Support for LDAP
-	ntlm - Support for NTLM
-	snmp - Support for SNMP

www/squid/pkg/DESCR-ntlm

@@ -0,0 +1 @@
+This package provides NTLM authentication and ACL helpers for Squid.

www/squid/pkg/PFRAG.ldap

@@ -1,6 +0,0 @@
-@comment $OpenBSD: PFRAG.ldap,v 1.2 2008/07/16 21:18:28 brad Exp $
-@bin libexec/digest_ldap_auth
-@bin libexec/squid_ldap_auth
-@bin libexec/squid_ldap_group
-@man man/man8/squid_ldap_auth.8
-@man man/man8/squid_ldap_group.8

www/squid/pkg/PFRAG.ntlm

@@ -1,6 +0,0 @@
-@comment $OpenBSD: PFRAG.ntlm,v 1.1 2010/11/26 13:45:04 dcoppa Exp $
-@bin libexec/fakeauth_auth
-@bin libexec/ntlm_auth
-@bin libexec/smb_auth
-libexec/smb_auth.sh
-libexec/wbinfo_group.pl

www/squid/pkg/PLIST-ldap

@@ -0,0 +1,7 @@
+@comment $OpenBSD: PLIST-ldap,v 1.1 2012/11/28 17:45:29 sthen Exp $
+@conflict squid-<3
+@bin libexec/squid/basic_ldap_auth
+@bin libexec/squid/digest_ldap_auth
+@bin libexec/squid/ext_ldap_group_acl
+@man man/man8/basic_ldap_auth.8
+@man man/man8/ext_ldap_group_acl.8

www/squid/pkg/PLIST-ntlm

@@ -0,0 +1,8 @@
+@comment $OpenBSD: PLIST-ntlm,v 1.1 2012/11/28 17:45:29 sthen Exp $
+@conflict squid-<3
+@bin libexec/squid/basic_smb_auth
+libexec/squid/basic_smb_auth.sh
+libexec/squid/ext_wbinfo_group_acl
+@bin libexec/squid/ntlm_fake_auth
+@bin libexec/squid/ntlm_smb_lm_auth
+@man man/man8/ext_wbinfo_group_acl.8

www/squid/pkg/README-main

@@ -1,22 +1,26 @@
-$OpenBSD: README,v 1.6 2012/06/20 07:10:39 ajacoutot Exp $
+$OpenBSD: README-main,v 1.1 2012/11/28 17:45:29 sthen Exp $
 
 +-----------------------------------------------------------------------
 | Running ${FULLPKGNAME} on OpenBSD
 +-----------------------------------------------------------------------
 
-The local (OpenBSD) differences are:
-- configuration files are in		${SYSCONFDIR}/squid
-- sample configuration files are in	${TRUEPREFIX}/share/examples/squid
-- error message files are in		${TRUEPREFIX}/share/squid/errors
-- sample error message files are in	${TRUEPREFIX}/share/examples/squid/errors
-- icons are in				${TRUEPREFIX}/share/squid/icons
-- sample icons are in			${TRUEPREFIX}/share/examples/squid/icons
-- the cache is in			${LOCALSTATEDIR}/cache
-- logs are stored in			${LOCALSTATEDIR}/logs
-- the ugid squid runs as is		_squid:_squid
+The sample configuration in ${SYSCONFDIR}/squid.conf is a simple version
+with only the most essential options. By default, only RAM-based cache is
+used, un-comment the cache_dir line to enable a persistent disk cache
+("swap"); this is normally kept in ${LOCALSTATEDIR}/cache and must be
+initialized with "squid -z" before starting the daemon. If you need to
+place it elsewhere, create the directory and make sure it is owned and
+writable by user _squid, group _squid.
 
-Please remember to initialize the cache by running "squid -z" before
-trying to run Squid for the first time.
+Logs are stored in ${LOCALSTATEDIR}/logs; access logs on a busy cache will
+grow rapidly so rotate them as necessary (use "squid -k rotate").
+
+See ${TRUEPREFIX}/share/examples/squid/squid.conf.documented for a complete
+annotated file, similar to the standard squid.conf in previous versions
+of Squid, however in many cases the defaults will suffice.
+
+The HTML error pages can be easily themed by editing the style-sheet in
+${SYSCONFDIR}/errorpage.css.
 
 Transparent Proxying with PF
 ============================