2020-01-21 21:40:46 +00:00

155 lines
4.6 KiB
Makefile

# $OpenBSD: Makefile,v 1.221 2020/01/21 21:40:46 sthen Exp $
COMMENT-main= WWW and FTP proxy cache and accelerator
COMMENT-ldap= LDAP authentication/ACL support for Squid
COMMENT-ntlm= NTLM authentication/ACL support for Squid
V= 4.10
DISTNAME= squid-$V
EXTRACT_SUFX= .tar.xz
PKGNAME-main= squid-$V
PKGNAME-ldap= squid-ldap-$V
PKGNAME-ntlm= squid-ntlm-$V
CATEGORIES= www
HOMEPAGE= http://www.squid-cache.org/
MAINTAINER= Stuart Henderson <sthen@openbsd.org>
# GPLv2+
PERMIT_PACKAGE= Yes
WANTLIB += c m nettle pthread
cWANTLIB= ${WANTLIB} ${COMPILER_LIBCXX} ffi gmp gnutls hogweed
cWANTLIB+= iconv idn2 intl p11-kit tasn1 unistring
# repo at https://github.com/squid-cache/squid
MASTER_SITES= ${HOMEPAGE}Versions/v${V:R}/ \
https://ftp.mirrorservice.org/sites/ftp.squid-cache.org/pub/archive/${V:R}/
# C++11
COMPILER = base-clang ports-gcc
LIB_DEPENDS+= security/gnutls
BUILD_DEPENDS+= devel/cppunit
SEPARATE_BUILD= Yes
CONFIGURE_STYLE= autoconf
AUTOCONF_VERSION= 2.69
MODGNU_CONFIG_GUESS_DIRS= ${WRKSRC}/cfgaux
CONFIGURE_ARGS= --disable-strict-error-checking \
--disable-arch-native \
--enable-ssl-crtd
EXTERNAL_ACL= SQL_session file_userip time_quota \
unix_group wbinfo_group # kerberos_ldap_group (sasl/gssapi)
WANTLIB-main += ${cWANTLIB} crypto db expat lzma ssl xml2 z
LIB_DEPENDS-main += ${LIB_DEPENDS} \
databases/db/v4 \
devel/gettext,-runtime \
security/libnettle \
textproc/libxml
SYSCONFDIR= ${BASESYSCONFDIR}/squid
LOCALSTATEDIR= ${BASELOCALSTATEDIR}/squid
MULTI_PACKAGES= -main -ldap -ntlm
PSEUDO_FLAVORS= no_ldap no_ntlm
FLAVOR?=
.include <bsd.port.arch.mk>
CONFIGURE_ARGS+= --datadir="${PREFIX}/share/squid" \
--libexecdir="${PREFIX}/libexec/squid" \
--disable-loadable-modules \
--enable-arp-acl \
--enable-auth \
--enable-delay-pools \
--enable-digest \
--enable-follow-x-forwarded-for \
--enable-forw-via-db \
--enable-http-violations \
--enable-icap-client \
--enable-ipv6 \
--enable-referer-log \
--enable-removal-policies="lru heap" \
--enable-ssl \
--enable-ssl-crtd \
--with-openssl \
--enable-storeio="aufs ufs diskd" \
--with-default-user="_squid" \
--with-filedescriptors=8192 \
--with-krb5-config=no \
--with-pidfile="/var/run/squid.pid" \
--with-pthreads \
--with-swapdir="${LOCALSTATEDIR}/cache"
# "rock" not in --enable-storeio list due to an error at startup:
# FATAL: Rock cache_dir at /var/squid/rock/rock failed to open db file: (40) Message too long"
# PF transparent support requires access to /dev/pf to retrieve the original
# source address; ipfw-transparent (which requires divert-to) uses an
# unprivileged getsockname() call instead.
CONFIGURE_ARGS+= --disable-pf-transparent \
--enable-ipfw-transparent
# not just defaulting to build all external-acl-helpers as
# kerberos_ldap_group fails
CONFIGURE_ARGS+= --enable-external-acl-helpers="${EXTERNAL_ACL}"
CONFIGURE_ENV+= CPPFLAGS="-I${LOCALBASE}/include" \
LDFLAGS="-L${LOCALBASE}/lib" \
ac_cv_header_et_com_err_h=false \
ac_cv_header_security_pam_appl_h=false \
ac_cv_header_execinfo_h=false
E= ${TRUEPREFIX}/share/examples/squid
FAKE_FLAGS= sysconfdir=$E \
DEFAULT_CONFIG_FILE=$E/squid.conf \
DEFAULT_MIME_TABLE=$E/mime.conf
TEST_DEPENDS= devel/cppunit
.if ${BUILD_PACKAGES:M-ldap}
EXTERNAL_ACL+= LDAP_group eDirectory_userip
.endif
RUN_DEPENDS-ldap= ${BASE_PKGPATH}
LIB_DEPENDS-ldap+= ${LIB_DEPENDS} databases/openldap
WANTLIB-ldap += ${cWANTLIB} crypto lber ldap sasl2 ssl
RUN_DEPENDS-ntlm= net/samba ${BASE_PKGPATH}
LIB_DEPENDS-ntlm += security/libnettle
WANTLIB-ntlm= ${WANTLIB} ${COMPILER_LIBCXX}
.if ${MACHINE_ARCH} == "powerpc"
WANTLIB += atomic
# The test in configure doesn't want atomic builtins, bypass it, but
# 'make test' uses the flag from LIBS.
CONFIGURE_ENV += LIBS=-latomic \
ac_cv_search___atomic_load_8=-latomic
.endif
pre-build:
@cd ${WRKSRC}; \
perl -pi -e 's,/usr/local,${LOCALBASE},g' \
helpers/external_acl/wbinfo_group/ext_wbinfo_group_acl.pl.in \
helpers/*/*/config.test \
src/squid.8.in
post-install:
rm -rf ${WRKINST}/var/squid
cd ${PREFIX}/share/examples/squid; \
rm -f mime.conf squid.conf cachemgr.conf errorpage.css msntauth.conf
@# remove unwanted auth helpers; msnt_multi_domain needs Authen::Smb
@# (not ported), others are risky (typically accessing master.passwd
@# which needs root).
.for i in basic_msnt_multi_domain_auth basic_getpwnam_auth basic_pam_auth basic_sasl_auth
rm -f ${PREFIX}/libexec/squid/$i ${PREFIX}/man/man8/$i.8
.endfor
${INSTALL_DATA_DIR} ${PREFIX}/share/snmp/mibs
-cd ${PREFIX}/share; mv squid/mib.txt snmp/mibs/SQUID-MIB.txt
.include <bsd.port.mk>