Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-proxy/squid/files
diff options
context:
space:
mode:
authorAlin Năstac <mrness@gentoo.org>2008-11-30 19:20:44 +0000
committerAlin Năstac <mrness@gentoo.org>2008-11-30 19:20:44 +0000
commitd273f0c8cd6268f44576379525e1368fb185afb1 (patch)
tree6ea581e66ebae7a3b24d1adeb1122b95051fe1b4 /net-proxy/squid/files
parentsparc stable wrt #245692 (diff)
downloadgentoo-2-d273f0c8cd6268f44576379525e1368fb185afb1.tar.gz
gentoo-2-d273f0c8cd6268f44576379525e1368fb185afb1.tar.bz2
gentoo-2-d273f0c8cd6268f44576379525e1368fb185afb1.zip
Remove obsolete versions.
Remove qos USE flag. Add epoll and kqueue USE flags (#247488). Add init script support for Kerberos keytab file (#242060). (Portage version: 2.1.4.4)
Diffstat (limited to 'net-proxy/squid/files')
-rw-r--r--net-proxy/squid/files/squid-2.7.3-gentoo.patch307
-rw-r--r--net-proxy/squid/files/squid-3.0.9-gentoo.patch226
-rw-r--r--net-proxy/squid/files/squid-3.0.9-heimdal.patch18
-rw-r--r--net-proxy/squid/files/squid-3.0.9-zph.patch202
-rw-r--r--net-proxy/squid/files/squid.confd5
-rw-r--r--net-proxy/squid/files/squid.initd4
-rw-r--r--net-proxy/squid/files/squid.initd-logrotate4
7 files changed, 8 insertions, 758 deletions
diff --git a/net-proxy/squid/files/squid-2.7.3-gentoo.patch b/net-proxy/squid/files/squid-2.7.3-gentoo.patch
deleted file mode 100644
index 688f093597a4..000000000000
--- a/net-proxy/squid/files/squid-2.7.3-gentoo.patch
+++ /dev/null
@@ -1,307 +0,0 @@
-diff -Nru squid-2.7.STABLE3.orig/configure.in squid-2.7.STABLE3/configure.in
---- squid-2.7.STABLE3.orig/configure.in 2008-06-26 00:18:55.000000000 +0200
-+++ squid-2.7.STABLE3/configure.in 2008-06-26 20:37:08.000000000 +0200
-@@ -18,9 +18,9 @@
- PRESET_LDFLAGS="$LDFLAGS"
-
- dnl Set default LDFLAGS
--if test -z "$LDFLAGS"; then
-- LDFLAGS="-g"
--fi
-+dnl if test -z "$LDFLAGS"; then
-+dnl LDFLAGS="-g"
-+dnl fi
-
- dnl Check for GNU cc
- AC_PROG_CC
-diff -Nru squid-2.7.STABLE3.orig/helpers/basic_auth/MSNT/confload.c squid-2.7.STABLE3/helpers/basic_auth/MSNT/confload.c
---- squid-2.7.STABLE3.orig/helpers/basic_auth/MSNT/confload.c 2002-06-26 21:09:48.000000000 +0200
-+++ squid-2.7.STABLE3/helpers/basic_auth/MSNT/confload.c 2008-06-26 20:37:08.000000000 +0200
-@@ -24,7 +24,7 @@
-
- /* Path to configuration file */
- #ifndef SYSCONFDIR
--#define SYSCONFDIR "/usr/local/squid/etc"
-+#define SYSCONFDIR "/etc/squid"
- #endif
- #define CONFIGFILE SYSCONFDIR "/msntauth.conf"
-
-diff -Nru squid-2.7.STABLE3.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-2.7.STABLE3/helpers/basic_auth/MSNT/msntauth.conf.default
---- squid-2.7.STABLE3.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2002-06-26 20:44:28.000000000 +0200
-+++ squid-2.7.STABLE3/helpers/basic_auth/MSNT/msntauth.conf.default 2008-06-26 20:37:08.000000000 +0200
-@@ -8,6 +8,6 @@
- server other_PDC other_BDC otherdomain
-
- # Denied and allowed users. Comment these if not needed.
--#denyusers /usr/local/squid/etc/msntauth.denyusers
--#allowusers /usr/local/squid/etc/msntauth.allowusers
-+#denyusers /etc/squid/msntauth.denyusers
-+#allowusers /etc/squid/msntauth.allowusers
-
-diff -Nru squid-2.7.STABLE3.orig/helpers/basic_auth/SMB/Makefile.am squid-2.7.STABLE3/helpers/basic_auth/SMB/Makefile.am
---- squid-2.7.STABLE3.orig/helpers/basic_auth/SMB/Makefile.am 2005-05-17 18:56:26.000000000 +0200
-+++ squid-2.7.STABLE3/helpers/basic_auth/SMB/Makefile.am 2008-06-26 20:37:08.000000000 +0200
-@@ -14,7 +14,7 @@
- ## FIXME: autoconf should test for the samba path.
-
- SMB_AUTH_HELPER = smb_auth.sh
--SAMBAPREFIX=/usr/local/samba
-+SAMBAPREFIX=/usr
- SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
-
- libexec_SCRIPTS = $(SMB_AUTH_HELPER)
-diff -Nru squid-2.7.STABLE3.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.7.STABLE3/helpers/basic_auth/SMB/smb_auth.sh
---- squid-2.7.STABLE3.orig/helpers/basic_auth/SMB/smb_auth.sh 2001-01-08 00:36:46.000000000 +0100
-+++ squid-2.7.STABLE3/helpers/basic_auth/SMB/smb_auth.sh 2008-06-26 20:37:08.000000000 +0200
-@@ -24,7 +24,7 @@
- read AUTHSHARE
- read AUTHFILE
- read SMBUSER
--read SMBPASS
-+read -r SMBPASS
-
- # Find domain controller
- echo "Domain name: $DOMAINNAME"
-@@ -47,7 +47,7 @@
- addropt=""
- fi
- echo "Query address options: $addropt"
--dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
-+dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
- echo "Domain controller IP address: $dcip"
- [ -n "$dcip" ] || exit 1
-
-diff -Nru squid-2.7.STABLE3.orig/helpers/external_acl/session/squid_session.8 squid-2.7.STABLE3/helpers/external_acl/session/squid_session.8
---- squid-2.7.STABLE3.orig/helpers/external_acl/session/squid_session.8 2007-01-06 18:28:35.000000000 +0100
-+++ squid-2.7.STABLE3/helpers/external_acl/session/squid_session.8 2008-06-26 20:37:08.000000000 +0200
-@@ -35,7 +35,7 @@
- .P
- Configuration example using the default automatic mode
- .IP
--external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session
-+external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session
- .IP
- acl session external session
- .IP
-diff -Nru squid-2.7.STABLE3.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-2.7.STABLE3/helpers/external_acl/unix_group/squid_unix_group.8
---- squid-2.7.STABLE3.orig/helpers/external_acl/unix_group/squid_unix_group.8 2006-05-14 17:07:24.000000000 +0200
-+++ squid-2.7.STABLE3/helpers/external_acl/unix_group/squid_unix_group.8 2008-06-26 20:37:08.000000000 +0200
-@@ -27,7 +27,7 @@
- This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2
- matches users in group2 or group3
- .IP
--external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p
-+external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p
- .IP
- acl usergroup1 external unix_group group1
- .IP
-diff -Nru squid-2.7.STABLE3.orig/src/access_log.c squid-2.7.STABLE3/src/access_log.c
---- squid-2.7.STABLE3.orig/src/access_log.c 2008-03-18 03:48:43.000000000 +0100
-+++ squid-2.7.STABLE3/src/access_log.c 2008-06-26 20:37:08.000000000 +0200
-@@ -1261,7 +1261,7 @@
- LogfileStatus = LOG_ENABLE;
- }
- #if HEADERS_LOG
-- headerslog = logfileOpen("/usr/local/squid/logs/headers.log", MAX_URL << 1, 0);
-+ headerslog = logfileOpen("/var/log/squid/headers.log", MAX_URL << 1, 0);
- assert(NULL != headerslog);
- #endif
- #if FORW_VIA_DB
-diff -Nru squid-2.7.STABLE3.orig/src/cf.data.pre squid-2.7.STABLE3/src/cf.data.pre
---- squid-2.7.STABLE3.orig/src/cf.data.pre 2008-06-25 00:54:18.000000000 +0200
-+++ squid-2.7.STABLE3/src/cf.data.pre 2008-06-26 20:37:08.000000000 +0200
-@@ -676,6 +676,8 @@
- acl Safe_ports port 488 # gss-http
- acl Safe_ports port 591 # filemaker
- acl Safe_ports port 777 # multiling http
-+acl Safe_ports port 901 # SWAT
-+acl purge method PURGE
- acl CONNECT method CONNECT
- NOCOMMENT_END
- DOC_END
-@@ -709,6 +711,9 @@
- # Only allow cachemgr access from localhost
- http_access allow manager localhost
- http_access deny manager
-+# Only allow purge requests from localhost
-+http_access allow purge localhost
-+http_access deny purge
- # Deny requests to unknown ports
- http_access deny !Safe_ports
- # Deny CONNECT to other than SSL ports
-@@ -726,6 +731,9 @@
- # from where browsing should be allowed
- http_access allow localnet
-
-+# Allow the localhost to have access by default
-+http_access allow localhost
-+
- # And finally deny all other access to this proxy
- http_access deny all
- NOCOMMENT_END
-@@ -3720,11 +3728,11 @@
-
- NAME: cache_mgr
- TYPE: string
--DEFAULT: webmaster
-+DEFAULT: root
- LOC: Config.adminEmail
- DOC_START
- Email-address of local cache manager who will receive
-- mail if the cache dies. The default is "webmaster".
-+ mail if the cache dies. The default is "root".
- DOC_END
-
- NAME: mail_from
-@@ -3753,12 +3761,12 @@
-
- NAME: cache_effective_user
- TYPE: string
--DEFAULT: nobody
-+DEFAULT: squid
- LOC: Config.effectiveUser
- DOC_START
- If you start Squid as root, it will change its effective/real
- UID/GID to the user specified below. The default is to change
-- to UID to nobody. If you define cache_effective_user, but not
-+ to UID to squid. If you define cache_effective_user, but not
- cache_effective_group, Squid sets the GID to the effective
- user's default group ID (taken from the password file) and
- supplementary group list from the from groups membership of
-@@ -4395,12 +4403,12 @@
- NAME: snmp_port
- TYPE: ushort
- LOC: Config.Port.snmp
--DEFAULT: 3401
-+DEFAULT: 0
- IFDEF: SQUID_SNMP
- DOC_START
- Squid can now serve statistics and status information via SNMP.
-- By default it listens to port 3401 on the machine. If you don't
-- wish to use SNMP, set this to "0".
-+ By default snmp_port is disabled. If you wish to use SNMP,
-+ set this to "3401" (or any other number you like).
- DOC_END
-
- NAME: snmp_access
-@@ -4471,12 +4479,12 @@
- NAME: htcp_port
- IFDEF: USE_HTCP
- TYPE: ushort
--DEFAULT: 4827
-+DEFAULT: 0
- LOC: Config.Port.htcp
- DOC_START
- The port number where Squid sends and receives HTCP queries to
-- and from neighbor caches. Default is 4827. To disable use
-- "0".
-+ and from neighbor caches. To turn it on you want to set it to
-+ 4827. By default it is set to "0" (disabled).
- DOC_END
-
- NAME: log_icp_queries
-@@ -5373,6 +5381,9 @@
- If you disable this, it will appear as
-
- X-Forwarded-For: unknown
-+NOCOMMENT_START
-+forwarded_for off
-+NOCOMMENT_END
- DOC_END
-
- NAME: cachemgr_passwd
-diff -Nru squid-2.7.STABLE3.orig/src/client_side.c squid-2.7.STABLE3/src/client_side.c
---- squid-2.7.STABLE3.orig/src/client_side.c 2008-06-25 00:54:47.000000000 +0200
-+++ squid-2.7.STABLE3/src/client_side.c 2008-06-26 20:37:08.000000000 +0200
-@@ -4678,14 +4678,7 @@
- debug(83, 2) ("clientNegotiateSSL: Session %p reused on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port);
- } else {
- if (do_debug(83, 4)) {
-- /* Write out the SSL session details.. actually the call below, but
-- * OpenSSL headers do strange typecasts confusing GCC.. */
-- /* PEM_write_SSL_SESSION(debug_log, SSL_get_session(ssl)); */
--#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00908000L
-- PEM_ASN1_write((i2d_of_void *) i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL);
--#else
- PEM_ASN1_write(i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL);
--#endif
- /* Note: This does not automatically fflush the log file.. */
- }
- debug(83, 2) ("clientNegotiateSSL: New session %p on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port);
-diff -Nru squid-2.7.STABLE3.orig/src/defines.h squid-2.7.STABLE3/src/defines.h
---- squid-2.7.STABLE3.orig/src/defines.h 2007-09-24 15:31:19.000000000 +0200
-+++ squid-2.7.STABLE3/src/defines.h 2008-06-26 20:37:08.000000000 +0200
-@@ -259,7 +259,7 @@
-
- /* were to look for errors if config path fails */
- #ifndef DEFAULT_SQUID_ERROR_DIR
--#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors"
-+#define DEFAULT_SQUID_ERROR_DIR "/usr/share/squid/errors/English"
- #endif
-
- /* gb_type operations */
-diff -Nru squid-2.7.STABLE3.orig/src/main.c squid-2.7.STABLE3/src/main.c
---- squid-2.7.STABLE3.orig/src/main.c 2008-05-27 01:14:30.000000000 +0200
-+++ squid-2.7.STABLE3/src/main.c 2008-06-26 20:37:08.000000000 +0200
-@@ -376,6 +376,22 @@
- asnFreeMemory();
- }
-
-+#if USE_UNLINKD
-+static int
-+needUnlinkd(void)
-+{
-+ int i;
-+ int r = 0;
-+ for (i = 0; i < Config.cacheSwap.n_configured; i++) {
-+ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 ||
-+ strcmp(Config.cacheSwap.swapDirs[i].type, "aufs") == 0 ||
-+ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0)
-+ r++;
-+ }
-+ return r;
-+}
-+#endif
-+
- static void
- mainReconfigure(void)
- {
-@@ -613,7 +629,7 @@
-
- if (!configured_once) {
- #if USE_UNLINKD
-- unlinkdInit();
-+ if (needUnlinkd()) unlinkdInit();
- #endif
- urlInitialize();
- cachemgrInit();
-@@ -636,6 +652,9 @@
- #if USE_WCCPv2
- wccp2Init();
- #endif
-+#if USE_UNLINKD
-+ if (needUnlinkd()) unlinkdInit();
-+#endif
- serverConnectionsOpen();
- neighbors_init();
- if (Config.chroot_dir)
-diff -Nru squid-2.7.STABLE3.orig/src/Makefile.am squid-2.7.STABLE3/src/Makefile.am
---- squid-2.7.STABLE3.orig/src/Makefile.am 2008-01-02 16:50:39.000000000 +0100
-+++ squid-2.7.STABLE3/src/Makefile.am 2008-06-26 20:37:08.000000000 +0200
-@@ -340,13 +340,13 @@
- DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf
- DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf
- DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
--DEFAULT_LOG_PREFIX = $(localstatedir)/logs
-+DEFAULT_LOG_PREFIX = $(localstatedir)/log/squid
- DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
- DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log
- DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log
--DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid
-+DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid
- DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state
--DEFAULT_SWAP_DIR = $(localstatedir)/cache
-+DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid
- DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
- DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
- DEFAULT_DISKD = $(libexecdir)/`echo diskd-daemon | sed '$(transform);s/$$/$(EXEEXT)/'`
diff --git a/net-proxy/squid/files/squid-3.0.9-gentoo.patch b/net-proxy/squid/files/squid-3.0.9-gentoo.patch
deleted file mode 100644
index 9ee2886268e5..000000000000
--- a/net-proxy/squid/files/squid-3.0.9-gentoo.patch
+++ /dev/null
@@ -1,226 +0,0 @@
-diff -ru squid-3.0.STABLE9.orig/configure.in squid-3.0.STABLE9/configure.in
---- squid-3.0.STABLE9.orig/configure.in 2008-09-09 16:06:45.000000000 +0000
-+++ squid-3.0.STABLE9/configure.in 2008-09-14 07:35:54.000000000 +0000
-@@ -19,9 +19,9 @@
- PRESET_LDFLAGS="$LDFLAGS"
-
- dnl Set default LDFLAGS
--if test -z "$LDFLAGS"; then
-- LDFLAGS="-g"
--fi
-+dnl if test -z "$LDFLAGS"; then
-+dnl LDFLAGS="-g"
-+dnl fi
-
- dnl Check for GNU cc
- AC_PROG_CC
-diff -ru squid-3.0.STABLE9.orig/helpers/basic_auth/MSNT/confload.c squid-3.0.STABLE9/helpers/basic_auth/MSNT/confload.c
---- squid-3.0.STABLE9.orig/helpers/basic_auth/MSNT/confload.c 2008-09-09 16:06:40.000000000 +0000
-+++ squid-3.0.STABLE9/helpers/basic_auth/MSNT/confload.c 2008-09-14 07:35:54.000000000 +0000
-@@ -27,7 +27,7 @@
-
- /* Path to configuration file */
- #ifndef SYSCONFDIR
--#define SYSCONFDIR "/usr/local/squid/etc"
-+#define SYSCONFDIR "/etc/squid"
- #endif
- #define CONFIGFILE SYSCONFDIR "/msntauth.conf"
-
-diff -ru squid-3.0.STABLE9.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-3.0.STABLE9/helpers/basic_auth/MSNT/msntauth.conf.default
---- squid-3.0.STABLE9.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2008-09-09 16:06:40.000000000 +0000
-+++ squid-3.0.STABLE9/helpers/basic_auth/MSNT/msntauth.conf.default 2008-09-14 07:35:54.000000000 +0000
-@@ -8,6 +8,6 @@
- server other_PDC other_BDC otherdomain
-
- # Denied and allowed users. Comment these if not needed.
--#denyusers /usr/local/squid/etc/msntauth.denyusers
--#allowusers /usr/local/squid/etc/msntauth.allowusers
-+#denyusers /etc/squid/msntauth.denyusers
-+#allowusers /etc/squid/msntauth.allowusers
-
-diff -ru squid-3.0.STABLE9.orig/helpers/basic_auth/SMB/Makefile.am squid-3.0.STABLE9/helpers/basic_auth/SMB/Makefile.am
---- squid-3.0.STABLE9.orig/helpers/basic_auth/SMB/Makefile.am 2008-09-09 16:06:40.000000000 +0000
-+++ squid-3.0.STABLE9/helpers/basic_auth/SMB/Makefile.am 2008-09-14 07:35:54.000000000 +0000
-@@ -14,7 +14,7 @@
- ## FIXME: autoconf should test for the samba path.
-
- SMB_AUTH_HELPER = smb_auth.sh
--SAMBAPREFIX=/usr/local/samba
-+SAMBAPREFIX=/usr
- SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
-
- libexec_SCRIPTS = $(SMB_AUTH_HELPER)
-diff -ru squid-3.0.STABLE9.orig/helpers/basic_auth/SMB/smb_auth.sh squid-3.0.STABLE9/helpers/basic_auth/SMB/smb_auth.sh
---- squid-3.0.STABLE9.orig/helpers/basic_auth/SMB/smb_auth.sh 2008-09-09 16:06:40.000000000 +0000
-+++ squid-3.0.STABLE9/helpers/basic_auth/SMB/smb_auth.sh 2008-09-14 07:35:54.000000000 +0000
-@@ -24,7 +24,7 @@
- read AUTHSHARE
- read AUTHFILE
- read SMBUSER
--read SMBPASS
-+read -r SMBPASS
-
- # Find domain controller
- echo "Domain name: $DOMAINNAME"
-@@ -47,7 +47,7 @@
- addropt=""
- fi
- echo "Query address options: $addropt"
--dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
-+dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
- echo "Domain controller IP address: $dcip"
- [ -n "$dcip" ] || exit 1
-
-diff -ru squid-3.0.STABLE9.orig/helpers/external_acl/session/squid_session.8 squid-3.0.STABLE9/helpers/external_acl/session/squid_session.8
---- squid-3.0.STABLE9.orig/helpers/external_acl/session/squid_session.8 2008-09-09 16:06:41.000000000 +0000
-+++ squid-3.0.STABLE9/helpers/external_acl/session/squid_session.8 2008-09-14 07:35:54.000000000 +0000
-@@ -35,7 +35,7 @@
- .P
- Configuration example using the default automatic mode
- .IP
--external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session
-+external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session
- .IP
- acl session external session
- .IP
-diff -ru squid-3.0.STABLE9.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-3.0.STABLE9/helpers/external_acl/unix_group/squid_unix_group.8
---- squid-3.0.STABLE9.orig/helpers/external_acl/unix_group/squid_unix_group.8 2008-09-09 16:06:41.000000000 +0000
-+++ squid-3.0.STABLE9/helpers/external_acl/unix_group/squid_unix_group.8 2008-09-14 07:35:54.000000000 +0000
-@@ -27,7 +27,7 @@
- This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2
- matches users in group2 or group3
- .IP
--external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p
-+external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p
- .IP
- acl usergroup1 external unix_group group1
- .IP
-diff -ru squid-3.0.STABLE9.orig/src/cf.data.pre squid-3.0.STABLE9/src/cf.data.pre
---- squid-3.0.STABLE9.orig/src/cf.data.pre 2008-09-09 16:06:44.000000000 +0000
-+++ squid-3.0.STABLE9/src/cf.data.pre 2008-09-14 07:35:54.000000000 +0000
-@@ -652,6 +652,8 @@
- acl Safe_ports port 488 # gss-http
- acl Safe_ports port 591 # filemaker
- acl Safe_ports port 777 # multiling http
-+acl Safe_ports port 901 # SWAT
-+acl purge method PURGE
- acl CONNECT method CONNECT
- NOCOMMENT_END
- DOC_END
-@@ -685,6 +687,9 @@
- # Only allow cachemgr access from localhost
- http_access allow manager localhost
- http_access deny manager
-+# Only allow purge requests from localhost
-+http_access allow purge localhost
-+http_access deny purge
- # Deny requests to unknown ports
- http_access deny !Safe_ports
- # Deny CONNECT to other than SSL ports
-@@ -702,6 +707,9 @@
- # from where browsing should be allowed
- http_access allow localnet
-
-+# Allow the localhost to have access by default
-+http_access allow localhost
-+
- # And finally deny all other access to this proxy
- http_access deny all
- NOCOMMENT_END
-@@ -3254,11 +3262,11 @@
-
- NAME: cache_mgr
- TYPE: string
--DEFAULT: webmaster
-+DEFAULT: root
- LOC: Config.adminEmail
- DOC_START
- Email-address of local cache manager who will receive
-- mail if the cache dies. The default is "webmaster."
-+ mail if the cache dies. The default is "root".
- DOC_END
-
- NAME: mail_from
-@@ -5208,6 +5216,9 @@
- If you disable this, it will appear as
-
- X-Forwarded-For: unknown
-+NOCOMMENT_START
-+forwarded_for off
-+NOCOMMENT_END
- DOC_END
-
- NAME: cachemgr_passwd
-diff -ru squid-3.0.STABLE9.orig/src/debug.cc squid-3.0.STABLE9/src/debug.cc
---- squid-3.0.STABLE9.orig/src/debug.cc 2008-09-09 16:06:44.000000000 +0000
-+++ squid-3.0.STABLE9/src/debug.cc 2008-09-14 07:35:54.000000000 +0000
-@@ -465,7 +465,7 @@
- #if HAVE_SYSLOG && defined(LOG_LOCAL4)
-
- if (opt_syslog_enable)
-- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
-+ openlog(appname, LOG_PID | LOG_NDELAY, syslog_facility);
-
- #endif /* HAVE_SYSLOG */
-
-diff -ru squid-3.0.STABLE9.orig/src/defines.h squid-3.0.STABLE9/src/defines.h
---- squid-3.0.STABLE9.orig/src/defines.h 2008-09-09 16:06:44.000000000 +0000
-+++ squid-3.0.STABLE9/src/defines.h 2008-09-14 07:35:54.000000000 +0000
-@@ -219,7 +219,7 @@
-
- /* were to look for errors if config path fails */
- #ifndef DEFAULT_SQUID_ERROR_DIR
--#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors"
-+#define DEFAULT_SQUID_ERROR_DIR "/usr/share/squid/errors/English"
- #endif
-
- /* handy to determine the #elements in a static array */
-diff -ru squid-3.0.STABLE9.orig/src/main.cc squid-3.0.STABLE9/src/main.cc
---- squid-3.0.STABLE9.orig/src/main.cc 2008-09-09 16:06:44.000000000 +0000
-+++ squid-3.0.STABLE9/src/main.cc 2008-09-14 07:35:54.000000000 +0000
-@@ -1486,7 +1486,7 @@
- if (*(argv[0]) == '(')
- return;
-
-- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
-
- if ((pid = fork()) < 0)
- syslog(LOG_ALERT, "fork failed: %s", xstrerror());
-@@ -1530,7 +1530,7 @@
-
- if ((pid = fork()) == 0) {
- /* child */
-- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
- prog = xstrdup(argv[0]);
- argv[0] = xstrdup("(squid)");
- execvp(prog, argv);
-@@ -1538,7 +1538,7 @@
- }
-
- /* parent */
-- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
-
- syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid);
-
-diff -ru squid-3.0.STABLE9.orig/src/Makefile.am squid-3.0.STABLE9/src/Makefile.am
---- squid-3.0.STABLE9.orig/src/Makefile.am 2008-09-09 16:06:43.000000000 +0000
-+++ squid-3.0.STABLE9/src/Makefile.am 2008-09-14 07:35:54.000000000 +0000
-@@ -992,12 +992,12 @@
- DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf
- DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf
- DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
--DEFAULT_LOG_PREFIX = $(localstatedir)/logs
-+DEFAULT_LOG_PREFIX = $(localstatedir)/log/squid
- DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
- DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log
- DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log
--DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid
--DEFAULT_SWAP_DIR = $(localstatedir)/cache
-+DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid
-+DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid
- DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
- DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
- DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'`
diff --git a/net-proxy/squid/files/squid-3.0.9-heimdal.patch b/net-proxy/squid/files/squid-3.0.9-heimdal.patch
deleted file mode 100644
index f2fd39fe1121..000000000000
--- a/net-proxy/squid/files/squid-3.0.9-heimdal.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-diff -ru squid-3.0.STABLE9.orig/helpers/negotiate_auth/squid_kerb_auth/Makefile.am squid-3.0.STABLE9/helpers/negotiate_auth/squid_kerb_auth/Makefile.am
---- squid-3.0.STABLE9.orig/helpers/negotiate_auth/squid_kerb_auth/Makefile.am 2008-10-17 15:43:40.000000000 +0200
-+++ squid-3.0.STABLE9/helpers/negotiate_auth/squid_kerb_auth/Makefile.am 2008-10-17 15:57:02.000000000 +0200
-@@ -18,10 +18,10 @@
- #-L$(top_builddir)/lib -lmiscutil $(XTRA_LIBS)
-
- # HEIMDAL
--#KERBINC = -DHEIMDAL -I/usr/include/heimdal
--#KERBLIBS = -lgssapi -lkrb5 -lcom_err -lasn1 -lroken
-+KERBINC = -DHEIMDAL -I/usr/include/heimdal
-+KERBLIBS = -lgssapi -lkrb5 -lcom_err -lasn1 -lroken
-
- # MIT
--KERBINC =
--KERBLIBS = -lgssapi_krb5 -lkrb5 -lcom_err
-+#KERBINC =
-+#KERBLIBS = -lgssapi_krb5 -lkrb5 -lcom_err
-
diff --git a/net-proxy/squid/files/squid-3.0.9-zph.patch b/net-proxy/squid/files/squid-3.0.9-zph.patch
deleted file mode 100644
index 5a1ea96ca198..000000000000
--- a/net-proxy/squid/files/squid-3.0.9-zph.patch
+++ /dev/null
@@ -1,202 +0,0 @@
-diff -ru squid-3.0.STABLE9.orig/src/cf.data.pre squid-3.0.STABLE9/src/cf.data.pre
---- squid-3.0.STABLE9.orig/src/cf.data.pre 2008-09-14 07:38:23.000000000 +0000
-+++ squid-3.0.STABLE9/src/cf.data.pre 2008-09-14 07:44:46.000000000 +0000
-@@ -1127,6 +1127,60 @@
- making the request.
- DOC_END
-
-+NAME: zph_tos_local
-+TYPE: int
-+DEFAULT: 0
-+LOC: Config.zph_tos_local
-+DOC_START
-+ Allows you to select a TOS/Diffserv value to mark local hits. Read above
-+ (tcp_outgoing_tos) for details/requirements about TOS.
-+ Default: 0 (disabled).
-+DOC_END
-+
-+NAME: zph_tos_peer
-+TYPE: int
-+DEFAULT: 0
-+LOC: Config.zph_tos_peer
-+DOC_START
-+ Allows you to select a TOS/Diffserv value to mark peer hits. Read above
-+ (tcp_outgoing_tos) for details/requirements about TOS.
-+ Default: 0 (disabled).
-+DOC_END
-+
-+NAME: zph_tos_parent
-+COMMENT: on|off
-+TYPE: onoff
-+LOC: Config.onoff.zph_tos_parent
-+DEFAULT: on
-+DOC_START
-+ Set this to off if you want only sibling hits to be marked.
-+ If set to on (default), parent hits are being marked too.
-+DOC_END
-+
-+NAME: zph_preserve_miss_tos
-+COMMENT: on|off
-+TYPE: onoff
-+LOC: Config.onoff.zph_preserve_miss_tos
-+DEFAULT: on
-+DOC_START
-+ If set to on (default), any HTTP response towards clients will
-+ have the TOS value of the response comming from the remote
-+ server masked with the value of zph_preserve_miss_tos_mask.
-+ For this to work correctly, you will need to patch your linux
-+ kernel with the TOS preserving ZPH patch.
-+DOC_END
-+
-+NAME: zph_preserve_miss_tos_mask
-+TYPE: int
-+DEFAULT: 255
-+LOC: Config.zph_preserve_miss_tos_mask
-+DOC_START
-+ Allows you to mask certain bits in the TOS received from the
-+ remote server, before copying the value to the TOS send towards
-+ clients.
-+ Default: 255 (TOS from server is not changed).
-+DOC_END
-+
- NAME: tcp_outgoing_address
- TYPE: acl_address
- DEFAULT: none
-diff -ru squid-3.0.STABLE9.orig/src/client_side_reply.cc squid-3.0.STABLE9/src/client_side_reply.cc
---- squid-3.0.STABLE9.orig/src/client_side_reply.cc 2008-09-09 16:06:44.000000000 +0000
-+++ squid-3.0.STABLE9/src/client_side_reply.cc 2008-09-14 07:44:46.000000000 +0000
-@@ -48,6 +48,7 @@
- #include "ESI.h"
- #endif
- #include "MemObject.h"
-+#include "fde.h"
- #include "ACLChecklist.h"
- #include "ACL.h"
- #if DELAY_POOLS
-@@ -1548,6 +1549,11 @@
- /* guarantee nothing has been sent yet! */
- assert(http->out.size == 0);
- assert(http->out.offset == 0);
-+ if (Config.zph_tos_local)
-+ {
-+ debugs(33, 1, "ZPH hit hier.code=" << http->request->hier.code <<" TOS="<<Config.zph_tos_local);
-+ comm_set_tos(http->getConn()->fd,Config.zph_tos_local);
-+ }
- tempBuffer.offset = reqofs;
- tempBuffer.length = getNextNode()->readBuffer.length;
- tempBuffer.data = getNextNode()->readBuffer.data;
-@@ -1827,6 +1833,24 @@
- char *buf = next()->readBuffer.data;
-
- char *body_buf = buf;
-+
-+ if (reqofs==0 && !logTypeIsATcpHit(http->logType))
-+ {
-+ int tos = 0;
-+ if (Config.zph_tos_peer &&
-+ (http->request->hier.code==SIBLING_HIT ||
-+ Config.onoff.zph_tos_parent && http->request->hier.code==PARENT_HIT))
-+ {
-+ tos = Config.zph_tos_peer;
-+ debugs(33, 1, "ZPH: Peer hit, TOS="<<tos<<" hier.code="<<http->request->hier.code);
-+ }
-+ else if (Config.onoff.zph_preserve_miss_tos && Config.zph_preserve_miss_tos_mask)
-+ {
-+ tos = fd_table[fd].upstreamTOS & Config.zph_preserve_miss_tos_mask;
-+ debugs(33, 1, "ZPH: Preserving TOS on miss, TOS="<<tos);
-+ }
-+ comm_set_tos(fd,tos);
-+ }
-
- if (buf != result.data) {
- /* we've got to copy some data */
-diff -ru squid-3.0.STABLE9.orig/src/fde.h squid-3.0.STABLE9/src/fde.h
---- squid-3.0.STABLE9.orig/src/fde.h 2008-09-09 16:06:44.000000000 +0000
-+++ squid-3.0.STABLE9/src/fde.h 2008-09-14 07:44:46.000000000 +0000
-@@ -106,7 +106,7 @@
- long handle;
- } win32;
- #endif
--
-+ unsigned char upstreamTOS; /* see FwdState::dispatch() */
- };
-
- #endif /* SQUID_FDE_H */
-diff -ru squid-3.0.STABLE9.orig/src/forward.cc squid-3.0.STABLE9/src/forward.cc
---- squid-3.0.STABLE9.orig/src/forward.cc 2008-09-09 16:06:44.000000000 +0000
-+++ squid-3.0.STABLE9/src/forward.cc 2008-09-14 07:44:46.000000000 +0000
-@@ -964,6 +964,52 @@
-
- netdbPingSite(request->host);
-
-+ /* Retrieves remote server TOS value, and stores it as part of the
-+ * original client request FD object. It is later used to forward
-+ * remote server's TOS in the response to the client in case of a MISS.
-+ */
-+ fde * clientFde = &fd_table[client_fd];
-+ if (clientFde)
-+ {
-+ int tos = 1;
-+ int tos_len = sizeof(tos);
-+ clientFde->upstreamTOS = 0;
-+ if (setsockopt(server_fd,SOL_IP,IP_RECVTOS,&tos,tos_len)==0)
-+ {
-+ unsigned char buf[512];
-+ int len = 512;
-+ if (getsockopt(server_fd,SOL_IP,IP_PKTOPTIONS,buf,(socklen_t*)&len) == 0)
-+ {
-+ /* Parse the PKTOPTIONS structure to locate the TOS data message
-+ * prepared in the kernel by the ZPH incoming TCP TOS preserving
-+ * patch.
-+ */
-+ unsigned char * p = buf;
-+ while (p-buf < len)
-+ {
-+ struct cmsghdr *o = (struct cmsghdr*)p;
-+ if (o->cmsg_len<=0)
-+ break;
-+
-+ if (o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS)
-+ {
-+ clientFde->upstreamTOS = (unsigned char)(*(int*)CMSG_DATA(o));
-+ break;
-+ }
-+ p += CMSG_LEN(o->cmsg_len);
-+ }
-+ }
-+ else
-+ {
-+ debugs(33, 1, "ZPH: error in getsockopt(IP_PKTOPTIONS) on FD "<<server_fd<<" "<<xstrerror());
-+ }
-+ }
-+ else
-+ {
-+ debugs(33, 1, "ZPH: error in setsockopt(IP_RECVTOS) on FD "<<server_fd<<" "<<xstrerror());
-+ }
-+ }
-+
- if (servers && (p = servers->_peer)) {
- p->stats.fetches++;
- request->peer_login = p->login;
-diff -ru squid-3.0.STABLE9.orig/src/structs.h squid-3.0.STABLE9/src/structs.h
---- squid-3.0.STABLE9.orig/src/structs.h 2008-09-09 16:06:45.000000000 +0000
-+++ squid-3.0.STABLE9/src/structs.h 2008-09-14 07:44:46.000000000 +0000
-@@ -553,6 +553,8 @@
- int emailErrData;
- int httpd_suppress_version_string;
- int global_internal_static;
-+ int zph_tos_parent;
-+ int zph_preserve_miss_tos;
- int debug_override_X;
- int WIN32_IpAddrChangeMonitor;
- }
-@@ -721,6 +723,9 @@
- int sleep_after_fork; /* microseconds */
- time_t minimum_expiry_time; /* seconds */
- external_acl *externalAclHelperList;
-+ int zph_tos_local;
-+ int zph_tos_peer;
-+ int zph_preserve_miss_tos_mask;
- #if USE_SSL
-
- struct
diff --git a/net-proxy/squid/files/squid.confd b/net-proxy/squid/files/squid.confd
index 75cebd0abab1..a27ecd388f0e 100644
--- a/net-proxy/squid/files/squid.confd
+++ b/net-proxy/squid/files/squid.confd
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.confd,v 1.1 2005/04/22 19:15:11 mrness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.confd,v 1.2 2008/11/30 19:20:44 mrness Exp $
# Config file for /etc/init.d/squid
@@ -9,3 +9,6 @@ SQUID_OPTS="-DYC"
# Max. number of filedescriptors to use. You can increase this on a busy
# cache to a maximum of (currently) 8192 filedescriptors. Default is 1024.
SQUID_MAXFD=1024
+
+# Kerberos keytab file to use. This is required if you enable kerberos authentication.
+SQUID_KEYTAB=""
diff --git a/net-proxy/squid/files/squid.initd b/net-proxy/squid/files/squid.initd
index 0cdaad8540fa..2c6b36f9f21a 100644
--- a/net-proxy/squid/files/squid.initd
+++ b/net-proxy/squid/files/squid.initd
@@ -1,7 +1,7 @@
#!/sbin/runscript
# Copyright 1999-2006 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd,v 1.9 2008/04/14 05:45:06 mrness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd,v 1.10 2008/11/30 19:20:44 mrness Exp $
opts="${opts} reload rotate"
@@ -53,7 +53,7 @@ checkconfig() {
start() {
checkconfig || return 1
ebegin "Starting squid"
- /usr/sbin/squid ${SQUID_OPTS}
+ KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS}
eend $? && sleep 1
}
diff --git a/net-proxy/squid/files/squid.initd-logrotate b/net-proxy/squid/files/squid.initd-logrotate
index e1062981546f..6c3e719e85f1 100644
--- a/net-proxy/squid/files/squid.initd-logrotate
+++ b/net-proxy/squid/files/squid.initd-logrotate
@@ -1,7 +1,7 @@
#!/sbin/runscript
# Copyright 1999-2006 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd-logrotate,v 1.7 2008/04/14 05:45:06 mrness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/files/squid.initd-logrotate,v 1.8 2008/11/30 19:20:44 mrness Exp $
opts="${opts} reload"
@@ -53,7 +53,7 @@ checkconfig() {
start() {
checkconfig || return 1
ebegin "Starting squid"
- /usr/sbin/squid ${SQUID_OPTS}
+ KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS}
eend $? && sleep 1
}