Version bump to STABLE7 + bug #67167 DoS fix

author: Andrew Bevitt <cyfred@gentoo.org> 2004-10-17 02:26:27 +0000
committer: Andrew Bevitt <cyfred@gentoo.org> 2004-10-17 02:26:27 +0000
commit: 7d1ba1722f9d7a176b2e0e60aecc992382d39382 (patch)
tree: 7cd49860b30ed5a3f2e0eb453a8130bd555e9515 /www-proxy
parent: Fixing digest issues and removing ia64 KEYWORD as per Bug #67836. (diff)
download: historical-7d1ba1722f9d7a176b2e0e60aecc992382d39382.tar.gz
historical-7d1ba1722f9d7a176b2e0e60aecc992382d39382.tar.bz2
historical-7d1ba1722f9d7a176b2e0e60aecc992382d39382.zip
5 files changed, 525 insertions, 2 deletions
diff --git a/www-proxy/squid/ChangeLog b/www-proxy/squid/ChangeLog
index 7488f24d7910..64cd2de4891c 100644
--- a/www-proxy/squid/ChangeLog
+++ b/www-proxy/squid/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for www-proxy/squid
 # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/ChangeLog,v 1.13 2004/10/11 23:07:15 cyfred Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/ChangeLog,v 1.14 2004/10/17 02:26:27 cyfred Exp $
+
+*squid-2.5.7 (17 Oct 2004)
+
+  17 Oct 2004; Andrew Bevitt <cyfred@gentoo.org>;
+  +files/squid-2.5.7-gentoo.diff, +squid-2.5.7.ebuild:
+  Version bump to STABLE7 + bug #67167 DoS fix
 
   12 Oct 2004; Andrew Bevitt <cyfred@gentoo.org>; squid-2.4.7.ebuild,
   -squid-2.5.5-r2.ebuild, squid-2.5.5-r3.ebuild, -squid-2.5.6-r1.ebuild,
diff --git a/www-proxy/squid/Manifest b/www-proxy/squid/Manifest
index 79043dbb5426..91f66c580e45 100644
--- a/www-proxy/squid/Manifest
+++ b/www-proxy/squid/Manifest
@@ -1,14 +1,16 @@
 MD5 81a38c1c8b9bde45861c616a3d06621a squid-2.5.5-r3.ebuild 5383
 MD5 30ae77f62cc477f3e340346ba5040170 squid-2.5.6-r2.ebuild 5767
 MD5 e4a8135ed447b72a7271fade6c06e9cc squid-2.4.7.ebuild 4000
-MD5 f31cfd516560284abf5a9c5d71b4d864 ChangeLog 10600
+MD5 dc26f977898ed9ef47b03105ee8dc567 ChangeLog 10781
 MD5 d7dd06078d4f3a44b46709294cc7bc21 metadata.xml 249
+MD5 551b45650f9240928a8ad5ea4542f008 squid-2.5.7.ebuild 5767
 MD5 60b9ab4d53c4485a214baa7c8f9a2cc0 files/squid-2.4.7-gentoo.diff 1828
 MD5 a188814c2113dcd28c55672dbe58df8c files/squid-2.5.5-ntml-auth-fix.patch 2354
 MD5 45bf3c4b37515fe4da4ed6d39904132d files/digest-squid-2.5.5-r3 147
 MD5 3f83edef485d5ba24d3819daee026aeb files/digest-squid-2.5.6-r2 156
 MD5 6e37fe3047234060fc63d5c16a4b7853 files/squid.confd 437
 MD5 1ee97d797645814f5ad77c98ad10eef2 files/squid.cron 41
+MD5 469070d468395f998ae41ff8a788d2eb files/squid-2.5.7-gentoo.diff 11242
 MD5 0c7867dce4b8bef078a93bf717196b0e files/squid-2.5.3-gentoo.diff 11534
 MD5 626914d5b07105602773bf8a1534a3ae files/squid-2.4.7-debian.diff 12078
 MD5 6f30a7f5c48ec35a7044acb189c858c5 files/squid-r1.cron 133
@@ -16,3 +18,4 @@ MD5 bea1d2ef8cb2f1590f89bf37f28b9268 files/squid.pam 505
 MD5 1b391c390c547ef3a249aee590e654d8 files/squid.rc6 1980
 MD5 26a4ab522a2469f805f746bcdbe0109c files/squid-2.5.6-ufs-no-valid-dir.patch 566
 MD5 4995c4c8c3365f121620ea78d6ca8794 files/digest-squid-2.4.7 222
+MD5 c2438c7f5202f2247361c752ba322806 files/digest-squid-2.5.7 71
diff --git a/www-proxy/squid/files/digest-squid-2.5.7 b/www-proxy/squid/files/digest-squid-2.5.7
new file mode 100644
index 000000000000..35271b33ca53
--- /dev/null
+++ b/www-proxy/squid/files/digest-squid-2.5.7
@@ -0,0 +1 @@
+MD5 bf63e34906c68d716896eec0351108dc squid-2.5.STABLE7.tar.bz2 1051830
diff --git a/www-proxy/squid/files/squid-2.5.7-gentoo.diff b/www-proxy/squid/files/squid-2.5.7-gentoo.diff
new file mode 100644
index 000000000000..2b751a7b198a
--- /dev/null
+++ b/www-proxy/squid/files/squid-2.5.7-gentoo.diff
@@ -0,0 +1,327 @@
+diff -uNr squid-2.5.STABLE7.orig/errors/Makefile.in squid-2.5.STABLE7/errors/Makefile.in
+--- squid-2.5.STABLE7.orig/errors/Makefile.in	2003-02-11 21:02:09.000000000 -0500
++++ squid-2.5.STABLE7/errors/Makefile.in	2003-06-03 01:23:51.000000000 -0400
+@@ -116,7 +116,7 @@
+ install_sh = @install_sh@
+ makesnmplib = @makesnmplib@
+ 
+-errordir = $(datadir)/errors
++errordir = $(libexecdir)/errors
+ 
+ DEFAULT_ERROR_DIR = $(errordir)
+ 
+diff -uNr squid-2.5.STABLE7.orig/helpers/basic_auth/SMB/Makefile.in squid-2.5.STABLE7/helpers/basic_auth/SMB/Makefile.in
+--- squid-2.5.STABLE7.orig/helpers/basic_auth/SMB/Makefile.in	2003-02-11 21:02:25.000000000 -0500
++++ squid-2.5.STABLE7/helpers/basic_auth/SMB/Makefile.in	2003-06-03 01:23:51.000000000 -0400
+@@ -126,7 +126,7 @@
+ makesnmplib = @makesnmplib@
+ 
+ SMB_AUTH_HELPER = smb_auth.sh
+-SAMBAPREFIX = /usr/local/samba
++SAMBAPREFIX = /usr
+ SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
+ 
+ libexec_SCRIPTS = $(SMB_AUTH_HELPER)
+diff -uNr squid-2.5.STABLE7.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.5.STABLE7/helpers/basic_auth/SMB/smb_auth.sh
+--- squid-2.5.STABLE7.orig/helpers/basic_auth/SMB/smb_auth.sh	2001-01-07 18:36:46.000000000 -0500
++++ squid-2.5.STABLE7/helpers/basic_auth/SMB/smb_auth.sh	2003-06-03 01:23:51.000000000 -0400
+@@ -24,7 +24,7 @@
+ read AUTHSHARE
+ read AUTHFILE
+ read SMBUSER
+-read SMBPASS
++read -r SMBPASS
+ 
+ # Find domain controller
+ echo "Domain name: $DOMAINNAME"
+@@ -47,7 +47,7 @@
+   addropt=""
+ fi
+ echo "Query address options: $addropt"
+-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
+ echo "Domain controller IP address: $dcip"
+ [ -n "$dcip" ] || exit 1
+ 
+diff -uNr squid-2.5.STABLE7.orig/icons/Makefile.in squid-2.5.STABLE7/icons/Makefile.in
+--- squid-2.5.STABLE7.orig/icons/Makefile.in	2003-05-21 20:15:40.000000000 -0400
++++ squid-2.5.STABLE7/icons/Makefile.in	2003-06-03 01:23:51.000000000 -0400
+@@ -144,7 +144,7 @@
+ 		anthony-xpm.gif
+ 
+ 
+-icondir = $(datadir)/icons
++icondir = $(libexecdir)/icons
+ icon_DATA = $(ICON1) $(ICON2)
+ EXTRA_DIST = $(ICON1) $(ICON2) icons.shar
+ DISTCLEANFILES = 
+diff -uNr squid-2.5.STABLE7.orig/src/Makefile.in squid-2.5.STABLE7/src/Makefile.in
+--- squid-2.5.STABLE7.orig/src/Makefile.in	2003-02-11 21:03:14.000000000 -0500
++++ squid-2.5.STABLE7/src/Makefile.in	2003-06-03 01:23:51.000000000 -0400
+@@ -374,18 +374,18 @@
+ DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf
+ DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf
+ DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
+-DEFAULT_LOG_PREFIX = $(localstatedir)/logs
+-DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
+-DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log
+-DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log
+-DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid
+-DEFAULT_SWAP_DIR = $(localstatedir)/cache
++DEFAULT_LOG_PREFIX = $(localstatedir)/log
++DEFAULT_CACHE_LOG = $(localstatedir)/log/squid/cache.log
++DEFAULT_ACCESS_LOG = $(localstatedir)/log/squid/access.log
++DEFAULT_STORE_LOG = $(localstatedir)/log/squid/store.log
++DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid
++DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid
+ DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'`
+-DEFAULT_ICON_DIR = $(datadir)/icons
+-DEFAULT_ERROR_DIR = $(datadir)/errors/@ERR_DEFAULT_LANGUAGE@
+-DEFAULT_MIB_PATH = $(datadir)/mib.txt
++DEFAULT_ICON_DIR = $(libexecdir)/icons
++DEFAULT_ERROR_DIR = $(sysconfdir)/errors
++DEFAULT_MIB_PATH = $(libexecdir)/mib.txt
+ 
+ DEFS = @DEFS@ -DDEFAULT_CONFIG_FILE=\"$(DEFAULT_CONFIG_FILE)\"
+ 
+@@ -836,12 +836,12 @@
+ uninstall-info-am:
+ install-dataDATA: $(data_DATA)
+ 	@$(NORMAL_INSTALL)
+-	$(mkinstalldirs) $(DESTDIR)$(datadir)
++	$(mkinstalldirs) $(DESTDIR)$(libexecdir)
+ 	@list='$(data_DATA)'; for p in $$list; do \
+ 	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ 	  f="`echo $$p | sed -e 's|^.*/||'`"; \
+-	  echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(datadir)/$$f"; \
+-	  $(INSTALL_DATA) $$d$$p $(DESTDIR)$(datadir)/$$f; \
++	  echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(libexecdir)/$$f"; \
++	  $(INSTALL_DATA) $$d$$p $(DESTDIR)$(libexecdir)/$$f; \
+ 	done
+ 
+ uninstall-dataDATA:
+diff -uNr squid-2.5.STABLE7.orig/src/debug.c squid-2.5.STABLE7/src/debug.c
+--- squid-2.5.STABLE7.orig/src/debug.c	2001-12-17 13:01:54.000000000 -0500
++++ squid-2.5.STABLE7/src/debug.c	2003-06-03 01:23:51.000000000 -0400
+@@ -200,9 +200,9 @@
+     }
+     debugOpenLog(logfile);
+ 
+-#if HAVE_SYSLOG && defined(LOG_LOCAL4)
++#if HAVE_SYSLOG
+     if (opt_syslog_enable)
+-	openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++	openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ #endif /* HAVE_SYSLOG */
+ 
+ }
+diff -uNr squid-2.5.STABLE7.orig/src/defines.h squid-2.5.STABLE7/src/defines.h
+--- squid-2.5.STABLE7.orig/src/defines.h	2002-08-08 16:17:39.000000000 -0400
++++ squid-2.5.STABLE7/src/defines.h	2003-06-03 01:23:51.000000000 -0400
+@@ -219,7 +219,7 @@
+ 
+ /* were to look for errors if config path fails */
+ #ifndef DEFAULT_SQUID_ERROR_DIR
+-#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors"
++#define DEFAULT_SQUID_ERROR_DIR "/usr/lib/squid/errors/English"
+ #endif
+ 
+ /* gb_type operations */
+diff -uNr squid-2.5.STABLE7.orig/src/main.c squid-2.5.STABLE7/src/main.c
+--- squid-2.5.STABLE7.orig/src/main.c	2003-05-05 20:24:14.000000000 -0400
++++ squid-2.5.STABLE7/src/main.c	2003-06-03 01:23:51.000000000 -0400
+@@ -326,6 +326,21 @@
+     asnFreeMemory();
+ }
+ 
++#if USE_UNLINKD
++static int
++needUnlinkd(void)
++{
++    int i;
++    int r = 0;
++    for (i = 0; i < Config.cacheSwap.n_configured; i++) {
++       if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 ||
++           strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0)
++          r++;
++    }
++    return r;
++}
++#endif
++
+ static void
+ mainReconfigure(void)
+ {
+@@ -351,6 +366,7 @@
+     redirectShutdown();
+     authenticateShutdown();
+     externalAclShutdown();
++    unlinkdClose();
+     storeDirCloseSwapLogs();
+     storeLogClose();
+     accessLogClose();
+@@ -381,6 +397,9 @@
+ #if USE_WCCP
+     wccpInit();
+ #endif
++#if USE_UNLINKD
++    if (needUnlinkd()) unlinkdInit();
++#endif
+     serverConnectionsOpen();
+     if (theOutIcpConnection >= 0) {
+ 	if (!Config2.Accel.on || Config.onoff.accel_with_proxy)
+@@ -524,7 +543,7 @@
+ 
+     if (!configured_once) {
+ #if USE_UNLINKD
+-	unlinkdInit();
++	if (needUnlinkd()) unlinkdInit();
+ #endif
+ 	urlInitialize();
+ 	cachemgrInit();
+@@ -858,7 +877,7 @@
+     int nullfd;
+     if (*(argv[0]) == '(')
+ 	return;
+-    openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++    openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+     if ((pid = fork()) < 0)
+ 	syslog(LOG_ALERT, "fork failed: %s", xstrerror());
+     else if (pid > 0)
+@@ -893,14 +912,14 @@
+ 	mainStartScript(argv[0]);
+ 	if ((pid = fork()) == 0) {
+ 	    /* child */
+-	    openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++	    openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ 	    prog = xstrdup(argv[0]);
+ 	    argv[0] = xstrdup("(squid)");
+ 	    execvp(prog, argv);
+ 	    syslog(LOG_ALERT, "execvp failed: %s", xstrerror());
+ 	}
+ 	/* parent */
+-	openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++	openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ 	syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid);
+ 	time(&start);
+ 	squid_signal(SIGINT, SIG_IGN, SA_RESTART);
+diff -uNr squid-2.5.STABLE7.orig/src/url.c squid-2.5.STABLE7/src/url.c
+--- squid-2.5.STABLE7.orig/src/url.c	2003-01-18 09:16:49.000000000 -0500
++++ squid-2.5.STABLE7/src/url.c	2003-06-03 01:23:51.000000000 -0400
+@@ -312,8 +312,8 @@
+ 	return NULL;
+     }
+ #endif
+-    if (Config.appendDomain && !strchr(host, '.'))
+-	strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN);
++    if (Config.appendDomain && !strchr(host, '.') && strcasecmp(host, "localhost") != 0)
++        strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN);
+     /* remove trailing dots from hostnames */
+     while ((l = strlen(host)) > 0 && host[--l] == '.')
+ 	host[l] = '\0';
+--- squid-2.5.STABLE7.orig/src/cf.data.pre	2004-10-09 03:41:10.000000000 +1000
++++ squid-2.5.STABLE7/cf.data.pre	2004-10-17 12:19:41.902629720 +1000
+@@ -156,12 +156,12 @@
+ NAME: htcp_port
+ IFDEF: USE_HTCP
+ TYPE: ushort
+-DEFAULT: 4827
++DEFAULT: 0
+ LOC: Config.Port.htcp
+ DOC_START
+ 	The port number where Squid sends and receives HTCP queries to
+-	and from neighbor caches.  Default is 4827.  To disable use
+-	"0".
++	and from neighbor caches.  To turn it on you want to set it to
++	4827.  By default it is set to "0" (disabled).
+ DOC_END
+ 
+ 
+@@ -2140,6 +2140,8 @@
+ acl Safe_ports port 488		# gss-http
+ acl Safe_ports port 591		# filemaker
+ acl Safe_ports port 777		# multiling http
++acl Safe_ports port 901		# SWAT
++acl purge method PURGE
+ acl CONNECT method CONNECT
+ NOCOMMENT_END
+ DOC_END
+@@ -2173,6 +2175,9 @@
+ # Only allow cachemgr access from localhost
+ http_access allow manager localhost
+ http_access deny manager
++# Only allow purge requests from localhost
++http_access allow purge localhost
++http_access deny purge
+ # Deny requests to unknown ports
+ http_access deny !Safe_ports
+ # Deny CONNECT to other than SSL ports
+@@ -2191,6 +2196,9 @@
+ #acl our_networks src 192.168.1.0/24 192.168.2.0/24
+ #http_access allow our_networks
+ 
++# Allow the localhost to have access by default
++http_access allow localhost
++
+ # And finally deny all other access to this proxy
+ http_access deny all
+ NOCOMMENT_END
+@@ -2415,7 +2423,7 @@
+ 
+ NAME: cache_mgr
+ TYPE: string
+-DEFAULT: webmaster
++DEFAULT: root
+ LOC: Config.adminEmail
+ DOC_START
+ 	Email-address of local cache manager who will receive
+@@ -2425,7 +2433,7 @@
+ 
+ NAME: cache_effective_user
+ TYPE: string
+-DEFAULT: nobody
++DEFAULT: squid 
+ LOC: Config.effectiveUser
+ DOC_START
+ 	If you start Squid as root, it will change its effective/real
+@@ -2440,7 +2448,7 @@
+ 
+ NAME: cache_effective_group
+ TYPE: string
+-DEFAULT: none
++DEFAULT: squid
+ LOC: Config.effectiveGroup
+ DOC_START
+ 	If you want Squid to run with a specific GID regardless of
+@@ -3214,7 +3222,11 @@
+ 	If you wish to create your own versions of the default
+ 	(English) error files, either to customize them to suit your
+ 	language or company copy the template English files to another
+-	directory and point this tag at them.
++	directory where the error files are read from.
++	/usr/lib/squid/errors contains sets of error files
++	in different languages. The default error directory
++	is /etc/squid/errors, which is a link to one of these
++	error sets.
+ DOC_END
+ 
+ NAME: maximum_single_addr_tries
+@@ -3237,12 +3249,15 @@
+ NAME: snmp_port
+ TYPE: ushort
+ LOC: Config.Port.snmp
+-DEFAULT: 3401
++DEFAULT: 0
+ IFDEF: SQUID_SNMP
+ DOC_START
+ 	Squid can now serve statistics and status information via SNMP.
+ 	By default it listens to port 3401 on the machine. If you don't
+ 	wish to use SNMP, set this to "0".
++
++	Note: on Gentoo Linux, the default is zero - you need to
++	set it to 3401 to enable it.
+ DOC_END
+ 
+ NAME: snmp_access
diff --git a/www-proxy/squid/squid-2.5.7.ebuild b/www-proxy/squid/squid-2.5.7.ebuild
new file mode 100644
index 000000000000..898f050298ba
--- /dev/null
+++ b/www-proxy/squid/squid-2.5.7.ebuild
@@ -0,0 +1,186 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/squid-2.5.7.ebuild,v 1.1 2004/10/17 02:26:27 cyfred Exp $
+
+inherit eutils
+
+IUSE="pam ldap ssl sasl snmp debug uclibc selinux"
+
+#lame archive versioning scheme..
+S_PV=${PV%.*}
+S_PL=${PV##*.}
+S_PP=${PN}-${S_PV}.STABLE${S_PL}
+
+DESCRIPTION="A caching web proxy, with advanced features"
+HOMEPAGE="http://www.squid-cache.org/"
+
+S=${WORKDIR}/${S_PP}
+SRC_URI="ftp://ftp.squid-cache.org/pub/squid-2/STABLE/${S_PP}.tar.bz2"
+#	http://dev.gentoo.org/~cyfred/distfiles/squid-2.5.STABLE6-patches-20040823.tar.gz"
+
+RDEPEND="virtual/libc
+	pam? ( >=sys-libs/pam-0.75 )
+	ldap? ( >=net-nds/openldap-2.1.26 )
+	ssl? ( >=dev-libs/openssl-0.9.6m )
+	sasl? ( >=dev-libs/cyrus-sasl-1.5.27 )
+	selinux? ( sec-policy/selinux-squid )"
+DEPEND="${RDEPEND} dev-lang/perl"
+LICENSE="GPL-2"
+KEYWORDS="x86 amd64 alpha ppc sparc hppa ppc64"
+SLOT="0"
+
+src_unpack() {
+	unpack ${A} || die
+	cd ${S} || die
+
+	#do NOT just remove this patch.  yes, it's here for a reason.
+	#woodchip@gentoo.org (07 Nov 2002)
+	patch -p1 <${FILESDIR}/squid-2.5.7-gentoo.diff || die
+
+	# Do bulk patching from squids bug fix list for stable 6 see #57081
+	#EPATCH_SUFFIX="patch" epatch ${WORKDIR}/patch
+
+	#hmm #10865
+	cd helpers/external_acl/ldap_group
+	cp Makefile.in Makefile.in.orig
+	sed -e 's%^\(LINK =.*\)\(-o.*\)%\1\$(XTRA_LIBS) \2%' \
+		Makefile.in.orig > Makefile.in
+
+	if ! use debug
+	then
+		cd ${S}
+		mv configure.in configure.in.orig
+		sed -e 's%LDFLAGS="-g"%LDFLAGS=""%' configure.in.orig > configure.in
+		export WANT_AUTOCONF=2.1
+		autoconf || die
+	fi
+}
+
+src_compile() {
+	# Support for uclibc #61175
+	if use uclibc; then
+		local basic_modules="getpwnam,NCSA,SMB,MSNT,multi-domain-NTLM,winbind"
+	else
+		local basic_modules="getpwnam,YP,NCSA,SMB,MSNT,multi-domain-NTLM,winbind"
+	fi
+
+	use ldap && basic_modules="LDAP,${basic_modules}"
+	use pam && basic_modules="PAM,${basic_modules}"
+	use sasl && basic_modules="SASL,${basic_modules}"
+	# SASL 1 / 2 Supported Natively
+
+	local ext_helpers="ip_user,unix_group,wbinfo_group,winbind_group"
+	use ldap && ext_helpers="ldap_group,${ext_helpers}"
+
+	local myconf=""
+	use snmp && myconf="${myconf} --enable-snmp" || myconf="${myconf} --disable-snmp"
+	use ssl && myconf="${myconf} --enable-ssl" || myconf="${myconf} --disable-ssl"
+
+	use amd64 && myconf="${myconf} --disable-internal-dns "
+
+	if use underscores; then
+		ewarn "Enabling underscores in domain names will result in dns resolution"
+		ewarn "failure if your local DNS client (probably bind) is not compatible."
+		myconf="${myconf} --enable-underscores"
+	fi
+
+	# Support for uclibc #61175
+	if use uclibc; then
+		myconf="${myconf} --enable-storeio='ufs,diskd,aufs,null' "
+		myconf="${myconf} --disable-async-io "
+	else
+		myconf="${myconf} --enable-storeio='ufs,diskd,coss,aufs,null' "
+		myconf="${myconf} --enable-async-io "
+	fi
+
+	./configure \
+		--prefix=/usr \
+		--bindir=/usr/bin \
+		--exec-prefix=/usr \
+		--sbindir=/usr/sbin \
+		--localstatedir=/var \
+		--mandir=/usr/share/man \
+		--sysconfdir=/etc/squid \
+		--libexecdir=/usr/lib/squid \
+		\
+		--enable-auth="basic,digest,ntlm" \
+		--enable-removal-policies="lru,heap" \
+		--enable-digest-auth-helpers="password" \
+		--enable-basic-auth-helpers=${basic_modules} \
+		--enable-external-acl-helpers=${ext_helpers} \
+		--enable-ntlm-auth-helpers="SMB,fakeauth,no_check,winbind" \
+		--enable-linux-netfilter \
+		--enable-ident-lookups \
+		--enable-useragent-log \
+		--enable-cache-digests \
+		--enable-delay-pools \
+		--enable-referer-log \
+		--enable-truncate \
+		--enable-arp-acl \
+		--with-pthreads \
+		--enable-htcp \
+		--enable-carp \
+		--enable-poll \
+		--host=${CHOST} ${myconf} || die "bad ./configure"
+		#--enable-icmp
+
+	mv include/autoconf.h include/autoconf.h.orig
+	sed -e "s:^#define SQUID_MAXFD.*:#define SQUID_MAXFD 4096:" \
+		include/autoconf.h.orig > include/autoconf.h
+
+#	if [ "${ARCH}" = "hppa" ]
+#	then
+#		mv include/autoconf.h include/autoconf.h.orig
+#		sed -e "s:^#define HAVE_MALLOPT 1:#undef HAVE_MALLOPT:" \
+#			include/autoconf.h.orig > include/autoconf.h
+#	fi
+
+	emake || die "compile problem"
+}
+
+src_install() {
+	make DESTDIR=${D} install || die
+
+	#--enable-icmp
+	#make -C src install-pinger libexecdir=${D}/usr/lib/squid || die
+	#chown root:squid ${D}/usr/lib/squid/pinger
+	#chmod 4750 ${D}/usr/lib/squid/pinger
+
+	#need suid root for looking into /etc/shadow
+	chown root:squid ${D}/usr/lib/squid/ncsa_auth
+	chown root:squid ${D}/usr/lib/squid/pam_auth
+	chmod 4750 ${D}/usr/lib/squid/ncsa_auth
+	chmod 4750 ${D}/usr/lib/squid/pam_auth
+
+	#some clean ups
+	rm -rf ${D}/var
+	mv ${D}/usr/bin/Run* ${D}/usr/lib/squid
+
+	#simply switch this symlink to choose the desired language..
+	dosym /usr/lib/squid/errors/English /etc/squid/errors
+
+	dodoc CONTRIBUTORS COPYING COPYRIGHT CREDITS \
+		ChangeLog QUICKSTART SPONSORS doc/*.txt \
+		helpers/ntlm_auth/no_check/README.no_check_ntlm_auth
+	newdoc helpers/basic_auth/SMB/README README.auth_smb
+	dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html
+	newdoc helpers/basic_auth/LDAP/README README.auth_ldap
+	doman helpers/basic_auth/LDAP/*.8
+	dodoc helpers/basic_auth/SASL/squid_sasl_auth*
+
+	insinto /etc/pam.d ; newins ${FILESDIR}/squid.pam squid
+	exeinto /etc/init.d ; newexe ${FILESDIR}/squid.rc6 squid
+	insinto /etc/conf.d ; newins ${FILESDIR}/squid.confd squid
+	exeinto /etc/cron.weekly ; newexe ${FILESDIR}/squid-r1.cron squid.cron
+}
+
+pkg_postinst() {
+	# empty dirs..
+	install -m0755 -o squid -g squid -d ${ROOT}/var/cache/squid
+	install -m0755 -o squid -g squid -d ${ROOT}/var/log/squid
+
+	echo
+	ewarn "Squid authentication helpers have been installed suid root"
+	ewarn "This allows shadow based authentication, see bug #52977 for more"
+	echo
+}
author	Andrew Bevitt <cyfred@gentoo.org>	2004-10-17 02:26:27 +0000
committer	Andrew Bevitt <cyfred@gentoo.org>	2004-10-17 02:26:27 +0000
commit	7d1ba1722f9d7a176b2e0e60aecc992382d39382 (patch)
tree	7cd49860b30ed5a3f2e0eb453a8130bd555e9515 /www-proxy
parent	Fixing digest issues and removing ia64 KEYWORD as per Bug #67836. (diff)
download	historical-7d1ba1722f9d7a176b2e0e60aecc992382d39382.tar.gz historical-7d1ba1722f9d7a176b2e0e60aecc992382d39382.tar.bz2 historical-7d1ba1722f9d7a176b2e0e60aecc992382d39382.zip