diff options
| author |   Alin Năstac <mrness@gentoo.org> | 2008-08-15 06:16:50 +0000 |
|---|---|---|
| committer | Alin Năstac <mrness@gentoo.org> | 2008-08-15 06:16:50 +0000 |
| commit | 6d83c37896e0d15100b4e4b03582e85b2faaa0d1 (patch) | |
| tree | 3e6415e1828b4f2723b2d16994c209ad8f655ec8 /net-proxy | |
| parent | DESCRIPTION has to be below inherit (diff) | |
| download | gentoo-2-6d83c37896e0d15100b4e4b03582e85b2faaa0d1.tar.gz gentoo-2-6d83c37896e0d15100b4e4b03582e85b2faaa0d1.tar.bz2 gentoo-2-6d83c37896e0d15100b4e4b03582e85b2faaa0d1.zip | |
Remove obsolete versions.
Fix conf file: replace UTF-8 German minus char with its ASCII corespondent (#234528).
(Portage version: 2.1.4.4)
Diffstat (limited to 'net-proxy')
| -rw-r--r-- | net-proxy/squid/ChangeLog | 16 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.6.19-ToS_Hit_ToS_Preserve.patch | 216 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.6.19-gentoo.patch | 298 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.6.19-qos.patch | 322 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.6.19-tcp_outg-x_fwd_for.patch | 31 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.6.20-ToS_Hit_ToS_Preserve.patch | 216 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.6.20-gentoo.patch | 298 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.6.20-lincapver.patch | 21 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.6.20-qos.patch | 322 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid-2.7.4-charset.patch | 21 | ||||
| -rw-r--r-- | net-proxy/squid/squid-2.6.19-r1.ebuild | 180 | ||||
| -rw-r--r-- | net-proxy/squid/squid-2.6.20-r1.ebuild | 181 | ||||
| -rw-r--r-- | net-proxy/squid/squid-2.7.4-r1.ebuild (renamed from net-proxy/squid/squid-2.7.4.ebuild) | 3 |
13 files changed, 38 insertions, 2087 deletions
diff --git a/net-proxy/squid/ChangeLog b/net-proxy/squid/ChangeLog index d036b112219d..71209f25e53d 100644 --- a/net-proxy/squid/ChangeLog +++ b/net-proxy/squid/ChangeLog @@ -1,6 +1,20 @@ # ChangeLog for net-proxy/squid # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.199 2008/08/14 17:12:26 nixnut Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.200 2008/08/15 06:16:49 mrness Exp $ + +*squid-2.7.4-r1 (15 Aug 2008) + + 15 Aug 2008; Alin Năstac <mrness@gentoo.org> + -files/squid-2.6.19-ToS_Hit_ToS_Preserve.patch, + -files/squid-2.6.19-gentoo.patch, -files/squid-2.6.19-qos.patch, + -files/squid-2.6.19-tcp_outg-x_fwd_for.patch, + -files/squid-2.6.20-ToS_Hit_ToS_Preserve.patch, + -files/squid-2.6.20-gentoo.patch, -files/squid-2.6.20-lincapver.patch, + -files/squid-2.6.20-qos.patch, +files/squid-2.7.4-charset.patch, + -squid-2.6.19-r1.ebuild, -squid-2.6.20-r1.ebuild, -squid-2.7.4.ebuild, + +squid-2.7.4-r1.ebuild: + Remove obsolete versions. Fix conf file: replace UTF-8 German minus char + with its ASCII corespondent (#234528). 14 Aug 2008; nixnut <nixnut@gentoo.org> squid-2.7.3.ebuild: Stable on ppc wrt bug 233650 diff --git a/net-proxy/squid/files/squid-2.6.19-ToS_Hit_ToS_Preserve.patch b/net-proxy/squid/files/squid-2.6.19-ToS_Hit_ToS_Preserve.patch deleted file mode 100644 index 6736cffc6825..000000000000 --- a/net-proxy/squid/files/squid-2.6.19-ToS_Hit_ToS_Preserve.patch +++ /dev/null @@ -1,216 +0,0 @@ -diff -Nru squid-2.6.STABLE19.orig/src/cf.data.pre squid-2.6.STABLE19/src/cf.data.pre ---- squid-2.6.STABLE19.orig/src/cf.data.pre 2008-04-11 23:15:19.000000000 +0300 -+++ squid-2.6.STABLE19/src/cf.data.pre 2008-04-11 23:19:47.000000000 +0300 -@@ -1181,6 +1181,64 @@ - to off when using this directive in such configurations. - DOC_END - -+NAME: zph_tos_local -+TYPE: int -+DEFAULT: 0 -+LOC: Config.zph_tos_local -+DOC_START -+ Allows you to select a TOS/Diffserv value to mark local hits. Read above -+ (tcp_outgoing_tos) for details/requirements about TOS. -+ Default: 0 (disabled). -+DOC_END -+ -+NAME: zph_tos_peer -+TYPE: int -+DEFAULT: 0 -+LOC: Config.zph_tos_peer -+DOC_START -+ Allows you to select a TOS/Diffserv value to mark peer hits. Read above -+ (tcp_outgoing_tos) for details/requirements about TOS. -+ Default: 0 (disabled). -+DOC_END -+ -+NAME: zph_tos_parent -+COMMENT: on|off -+TYPE: onoff -+LOC: Config.onoff.zph_tos_parent -+DEFAULT: on -+DOC_START -+ Set this to off if you want only sibling hits to be marked. -+ If set to on (default), parent hits are being marked too. -+DOC_END -+ -+NAME: zph_preserve_miss_tos -+COMMENT: on|off -+TYPE: onoff -+LOC: Config.onoff.zph_preserve_miss_tos -+DEFAULT: on -+DOC_START -+ If set to on (default), any HTTP response towards clients will -+ have the TOS value of the response comming from the remote -+ server masked with the value of zph_preserve_miss_tos_mask. -+ For this to work correctly, you will need to patch your linux -+ kernel with the TOS preserving ZPH patch. -+ Has no effect under FreeBSD, works only under linux ZPH patched -+ kernels. -+DOC_END -+ -+NAME: zph_preserve_miss_tos_mask -+TYPE: int -+DEFAULT: 255 -+LOC: Config.zph_preserve_miss_tos_mask -+DOC_START -+ Allows you to mask certain bits in the TOS received from the -+ remote server, before copying the value to the TOS send towards -+ clients. -+ See zph_preserve_miss_tos for details. -+ -+ Default: 255 (TOS from server is not changed). -+DOC_END -+ - NAME: tcp_outgoing_address - TYPE: acl_address - DEFAULT: none -diff -Nru squid-2.6.STABLE19.orig/src/client_side.c squid-2.6.STABLE19/src/client_side.c ---- squid-2.6.STABLE19.orig/src/client_side.c 2008-04-11 23:15:19.000000000 +0300 -+++ squid-2.6.STABLE19/src/client_side.c 2008-04-11 23:19:47.000000000 +0300 -@@ -2632,6 +2632,55 @@ - return; - } - assert(http->out.offset == 0); -+ -+ if ( Config.zph_tos_local || Config.zph_tos_peer || -+ (Config.onoff.zph_preserve_miss_tos && Config.zph_preserve_miss_tos_mask) ) -+ { -+ int need_change = 0; -+ int hit = 0; -+ int tos = 0; -+ int tos_old = 0; -+ int tos_len = sizeof(tos_old); -+ int res; -+ -+ if (Config.zph_tos_local && isTcpHit(http->log_type)) { /* local hit */ -+ hit = 1; -+ tos = Config.zph_tos_local; -+ } else if (Config.zph_tos_peer && -+ (http->request->hier.code == SIBLING_HIT || /* sibling hit */ -+ (Config.onoff.zph_tos_parent && -+ http->request->hier.code == PARENT_HIT))) { /* parent hit */ -+ hit = 1; -+ tos = Config.zph_tos_peer; -+ } -+ if (http->request->flags.proxy_keepalive) { -+ if (getsockopt(fd, IPPROTO_IP, IP_TOS, &tos_old, &tos_len) < 0) { -+ debug(33, 1) ("ZPH: getsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror()); -+ } else if (hit && tos_old != tos) { /* HIT: 1-st request, or previous was MISS, */ -+ need_change = 1; /* or local/parent hit change */ -+ } else if (!hit && (tos_old || /* MISS: previous was HIT */ -+ Config.onoff.zph_preserve_miss_tos)) { /* TOS copying is on */ -+#if defined(_SQUID_LINUX_) -+ if ( Config.onoff.zph_preserve_miss_tos ) { -+ tos = (entry->mem_obj != NULL) ? -+ (entry->mem_obj->recvTOS & Config.zph_preserve_miss_tos_mask):0; -+ } else tos = 0; -+#else -+ tos = 0; -+#endif -+ need_change = 1; -+ } -+ } else if (hit) { /* no keepalive */ -+ need_change = 1; -+ } -+ if (need_change) { -+ if (!hit) enter_suid(); /* Setting TOS bit6-7 is privilleged */ -+ res = setsockopt(fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); -+ if (!hit) leave_suid(); /* Setting bit5-7 is privilleged */ -+ if ( res < 0) -+ debug(33, 1) ("ZPH: setsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror()); -+ } -+ } - rep = http->reply = clientBuildReply(http, buf, size); - if (!rep) { - /* Forward as HTTP/0.9 body with no reply */ -diff -Nru squid-2.6.STABLE19.orig/src/http.c squid-2.6.STABLE19/src/http.c ---- squid-2.6.STABLE19.orig/src/http.c 2007-11-26 13:04:30.000000000 +0200 -+++ squid-2.6.STABLE19/src/http.c 2008-04-11 23:19:47.000000000 +0300 -@@ -1393,6 +1393,53 @@ - peer *p = httpState->peer; - CWCB *sendHeaderDone; - int fd = httpState->fd; -+ -+#if defined(_SQUID_LINUX_) -+/* ZPH patch starts here (M.Stavrev 25-05-2005) -+ * Retrieve connection peer's TOS value (which its SYN_ACK TCP segment -+ * was encapsulated into an IP packet) -+ */ -+ int tos, tos_len; -+ if ( entry && entry->mem_obj ) { // Is this check necessary ? Seems not, but -+ // have no time to investigate further. -+ entry->mem_obj->recvTOS = 0; -+ tos = 1; -+ tos_len = sizeof(tos); -+ if ( setsockopt(fd,SOL_IP, IP_RECVTOS, &tos, tos_len) == 0 ) { -+ unsigned char buf[128]; -+ int len = 128; -+ if (getsockopt(fd, SOL_IP, IP_PKTOPTIONS, buf, &len) == 0) -+ { -+ /* Parse the PKTOPTIONS structure to locate the TOS data message -+ * prepared in the kernel by the ZPH incoming TCP TOS preserving -+ * patch. In 99,99% the TOS should be located at buf[12], but -+ * let's do it the right way. -+ */ -+ unsigned char * p = buf; -+ while ( p-buf < len ) { -+ struct cmsghdr * o = (struct cmsghdr*)p; -+ if ( o->cmsg_len <= 0 || o->cmsg_len > 52 ) -+ break; -+ if ( o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS ) { -+ entry->mem_obj->recvTOS = (unsigned char)(*(int*) -+ (p + sizeof(struct cmsghdr))); -+ debug(11, 5) ("ZPH: Incomming TOS=%d on FD %d\n", -+ entry->mem_obj->recvTOS, fd ); -+ break; -+ } -+ p += o->cmsg_len; -+ } -+ } else { -+ debug(11, 5) ("ZPH: getsockopt(IP_PKTOPTIONS) on FD %d: %s\n", -+ fd, xstrerror()); -+ } -+ } else { -+ debug(11, 5) ("ZPH: setsockopt(IP_RECVTOS) on FD %d: %s\n", -+ fd, xstrerror()); -+ } -+ } -+/* ZPH patch ends here */ -+#endif - - debug(11, 5) ("httpSendRequest: FD %d: httpState %p.\n", fd, httpState); - -diff -Nru squid-2.6.STABLE19.orig/src/structs.h squid-2.6.STABLE19/src/structs.h ---- squid-2.6.STABLE19.orig/src/structs.h 2007-09-06 00:28:34.000000000 +0300 -+++ squid-2.6.STABLE19/src/structs.h 2008-04-11 23:19:47.000000000 +0300 -@@ -669,6 +669,8 @@ - int relaxed_header_parser; - int accel_no_pmtu_disc; - int global_internal_static; -+ int zph_tos_parent; -+ int zph_preserve_miss_tos; - int httpd_suppress_version_string; - int via; - int check_hostnames; -@@ -793,6 +795,9 @@ - int sleep_after_fork; /* microseconds */ - time_t minimum_expiry_time; /* seconds */ - external_acl *externalAclHelperList; -+ int zph_tos_local; -+ int zph_tos_peer; -+ int zph_preserve_miss_tos_mask; - errormap *errorMapList; - #if USE_SSL - struct { -@@ -1724,6 +1729,9 @@ - const char *vary_encoding; - StoreEntry *ims_entry; - time_t refresh_timestamp; -+#if defined(_SQUID_LINUX_) -+ unsigned char recvTOS; /* ZPH patch - stores remote server's TOS */ -+#endif - }; - - struct _StoreEntry { diff --git a/net-proxy/squid/files/squid-2.6.19-gentoo.patch b/net-proxy/squid/files/squid-2.6.19-gentoo.patch deleted file mode 100644 index 8e0a009024e3..000000000000 --- a/net-proxy/squid/files/squid-2.6.19-gentoo.patch +++ /dev/null @@ -1,298 +0,0 @@ -diff -Nru squid-2.6.STABLE19.orig/helpers/basic_auth/MSNT/confload.c squid-2.6.STABLE19/helpers/basic_auth/MSNT/confload.c ---- squid-2.6.STABLE19.orig/helpers/basic_auth/MSNT/confload.c 2002-06-26 22:09:48.000000000 +0300 -+++ squid-2.6.STABLE19/helpers/basic_auth/MSNT/confload.c 2008-04-11 23:06:17.000000000 +0300 -@@ -24,7 +24,7 @@ - - /* Path to configuration file */ - #ifndef SYSCONFDIR --#define SYSCONFDIR "/usr/local/squid/etc" -+#define SYSCONFDIR "/etc/squid" - #endif - #define CONFIGFILE SYSCONFDIR "/msntauth.conf" - -diff -Nru squid-2.6.STABLE19.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-2.6.STABLE19/helpers/basic_auth/MSNT/msntauth.conf.default ---- squid-2.6.STABLE19.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2002-06-26 21:44:28.000000000 +0300 -+++ squid-2.6.STABLE19/helpers/basic_auth/MSNT/msntauth.conf.default 2008-04-11 23:06:17.000000000 +0300 -@@ -8,6 +8,6 @@ - server other_PDC other_BDC otherdomain - - # Denied and allowed users. Comment these if not needed. --#denyusers /usr/local/squid/etc/msntauth.denyusers --#allowusers /usr/local/squid/etc/msntauth.allowusers -+#denyusers /etc/squid/msntauth.denyusers -+#allowusers /etc/squid/msntauth.allowusers - -diff -Nru squid-2.6.STABLE19.orig/helpers/basic_auth/SMB/Makefile.am squid-2.6.STABLE19/helpers/basic_auth/SMB/Makefile.am ---- squid-2.6.STABLE19.orig/helpers/basic_auth/SMB/Makefile.am 2005-05-17 19:56:26.000000000 +0300 -+++ squid-2.6.STABLE19/helpers/basic_auth/SMB/Makefile.am 2008-04-11 23:06:17.000000000 +0300 -@@ -14,7 +14,7 @@ - ## FIXME: autoconf should test for the samba path. - - SMB_AUTH_HELPER = smb_auth.sh --SAMBAPREFIX=/usr/local/samba -+SAMBAPREFIX=/usr - SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) - - libexec_SCRIPTS = $(SMB_AUTH_HELPER) -diff -Nru squid-2.6.STABLE19.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.6.STABLE19/helpers/basic_auth/SMB/smb_auth.sh ---- squid-2.6.STABLE19.orig/helpers/basic_auth/SMB/smb_auth.sh 2001-01-08 01:36:46.000000000 +0200 -+++ squid-2.6.STABLE19/helpers/basic_auth/SMB/smb_auth.sh 2008-04-11 23:06:17.000000000 +0300 -@@ -24,7 +24,7 @@ - read AUTHSHARE - read AUTHFILE - read SMBUSER --read SMBPASS -+read -r SMBPASS - - # Find domain controller - echo "Domain name: $DOMAINNAME" -@@ -47,7 +47,7 @@ - addropt="" - fi - echo "Query address options: $addropt" --dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` -+dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` - echo "Domain controller IP address: $dcip" - [ -n "$dcip" ] || exit 1 - -diff -Nru squid-2.6.STABLE19.orig/helpers/external_acl/session/squid_session.8 squid-2.6.STABLE19/helpers/external_acl/session/squid_session.8 ---- squid-2.6.STABLE19.orig/helpers/external_acl/session/squid_session.8 2007-01-06 19:28:35.000000000 +0200 -+++ squid-2.6.STABLE19/helpers/external_acl/session/squid_session.8 2008-04-11 23:06:17.000000000 +0300 -@@ -35,7 +35,7 @@ - .P - Configuration example using the default automatic mode - .IP --external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session -+external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session - .IP - acl session external session - .IP -diff -Nru squid-2.6.STABLE19.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-2.6.STABLE19/helpers/external_acl/unix_group/squid_unix_group.8 ---- squid-2.6.STABLE19.orig/helpers/external_acl/unix_group/squid_unix_group.8 2006-05-14 18:07:24.000000000 +0300 -+++ squid-2.6.STABLE19/helpers/external_acl/unix_group/squid_unix_group.8 2008-04-11 23:06:17.000000000 +0300 -@@ -27,7 +27,7 @@ - This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2 - matches users in group2 or group3 - .IP --external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p -+external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p - .IP - acl usergroup1 external unix_group group1 - .IP -diff -Nru squid-2.6.STABLE19.orig/src/access_log.c squid-2.6.STABLE19/src/access_log.c ---- squid-2.6.STABLE19.orig/src/access_log.c 2007-06-03 03:40:32.000000000 +0300 -+++ squid-2.6.STABLE19/src/access_log.c 2008-04-11 23:06:17.000000000 +0300 -@@ -1225,7 +1225,7 @@ - LogfileStatus = LOG_ENABLE; - } - #if HEADERS_LOG -- headerslog = logfileOpen("/usr/local/squid/logs/headers.log", MAX_URL << 1, 0); -+ headerslog = logfileOpen("/var/log/squid/headers.log", MAX_URL << 1, 0); - assert(NULL != headerslog); - #endif - #if FORW_VIA_DB -diff -Nru squid-2.6.STABLE19.orig/src/cf.data.pre squid-2.6.STABLE19/src/cf.data.pre ---- squid-2.6.STABLE19.orig/src/cf.data.pre 2008-03-18 01:34:14.000000000 +0200 -+++ squid-2.6.STABLE19/src/cf.data.pre 2008-04-11 23:06:17.000000000 +0300 -@@ -640,6 +640,8 @@ - acl Safe_ports port 488 # gss-http - acl Safe_ports port 591 # filemaker - acl Safe_ports port 777 # multiling http -+acl Safe_ports port 901 # SWAT -+acl purge method PURGE - acl CONNECT method CONNECT - NOCOMMENT_END - DOC_END -@@ -673,6 +675,9 @@ - # Only allow cachemgr access from localhost - http_access allow manager localhost - http_access deny manager -+# Only allow purge requests from localhost -+http_access allow purge localhost -+http_access deny purge - # Deny requests to unknown ports - http_access deny !Safe_ports - # Deny CONNECT to other than SSL ports -@@ -691,6 +696,9 @@ - #acl our_networks src 192.168.1.0/24 192.168.2.0/24 - #http_access allow our_networks - -+# Allow the localhost to have access by default -+http_access allow localhost -+ - # And finally deny all other access to this proxy - http_access deny all - NOCOMMENT_END -@@ -3357,11 +3365,11 @@ - - NAME: cache_mgr - TYPE: string --DEFAULT: webmaster -+DEFAULT: root - LOC: Config.adminEmail - DOC_START - Email-address of local cache manager who will receive -- mail if the cache dies. The default is "webmaster". -+ mail if the cache dies. The default is "root". - DOC_END - - NAME: mail_from -@@ -3390,12 +3398,12 @@ - - NAME: cache_effective_user - TYPE: string --DEFAULT: nobody -+DEFAULT: squid - LOC: Config.effectiveUser - DOC_START - If you start Squid as root, it will change its effective/real - UID/GID to the user specified below. The default is to change -- to UID to nobody. If you define cache_effective_user, but not -+ to UID to squid. If you define cache_effective_user, but not - cache_effective_group, Squid sets the GID to the effective - user's default group ID (taken from the password file) and - supplementary group list from the from groups membership of -@@ -4032,12 +4040,12 @@ - NAME: snmp_port - TYPE: ushort - LOC: Config.Port.snmp --DEFAULT: 3401 -+DEFAULT: 0 - IFDEF: SQUID_SNMP - DOC_START - Squid can now serve statistics and status information via SNMP. -- By default it listens to port 3401 on the machine. If you don't -- wish to use SNMP, set this to "0". -+ By default snmp_port is disabled. If you wish to use SNMP, -+ set this to "3401" (or any other number you like). - DOC_END - - NAME: snmp_access -@@ -4108,12 +4116,12 @@ - NAME: htcp_port - IFDEF: USE_HTCP - TYPE: ushort --DEFAULT: 4827 -+DEFAULT: 0 - LOC: Config.Port.htcp - DOC_START - The port number where Squid sends and receives HTCP queries to -- and from neighbor caches. Default is 4827. To disable use -- "0". -+ and from neighbor caches. To turn it on you want to set it to -+ 4827. By default it is set to "0" (disabled). - DOC_END - - NAME: log_icp_queries -@@ -4965,6 +4973,9 @@ - If you disable this, it will appear as - - X-Forwarded-For: unknown -+NOCOMMENT_START -+forwarded_for off -+NOCOMMENT_END - DOC_END - - NAME: cachemgr_passwd -diff -Nru squid-2.6.STABLE19.orig/src/client_side.c squid-2.6.STABLE19/src/client_side.c ---- squid-2.6.STABLE19.orig/src/client_side.c 2007-09-03 16:13:36.000000000 +0300 -+++ squid-2.6.STABLE19/src/client_side.c 2008-04-11 23:06:17.000000000 +0300 -@@ -4597,14 +4597,7 @@ - debug(83, 2) ("clientNegotiateSSL: Session %p reused on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port); - } else { - if (do_debug(83, 4)) { -- /* Write out the SSL session details.. actually the call below, but -- * OpenSSL headers do strange typecasts confusing GCC.. */ -- /* PEM_write_SSL_SESSION(debug_log, SSL_get_session(ssl)); */ --#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00908000L -- PEM_ASN1_write((i2d_of_void *) i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL); --#else - PEM_ASN1_write(i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL); --#endif - /* Note: This does not automatically fflush the log file.. */ - } - debug(83, 2) ("clientNegotiateSSL: New session %p on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port); -diff -Nru squid-2.6.STABLE19.orig/src/defines.h squid-2.6.STABLE19/src/defines.h ---- squid-2.6.STABLE19.orig/src/defines.h 2007-02-04 00:58:20.000000000 +0200 -+++ squid-2.6.STABLE19/src/defines.h 2008-04-11 23:06:17.000000000 +0300 -@@ -259,7 +259,7 @@ - - /* were to look for errors if config path fails */ - #ifndef DEFAULT_SQUID_ERROR_DIR --#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors" -+#define DEFAULT_SQUID_ERROR_DIR "/usr/share/squid/errors/English" - #endif - - /* gb_type operations */ -diff -Nru squid-2.6.STABLE19.orig/src/main.c squid-2.6.STABLE19/src/main.c ---- squid-2.6.STABLE19.orig/src/main.c 2007-11-26 12:47:23.000000000 +0200 -+++ squid-2.6.STABLE19/src/main.c 2008-04-11 23:06:17.000000000 +0300 -@@ -372,6 +372,22 @@ - asnFreeMemory(); - } - -+#if USE_UNLINKD -+static int -+needUnlinkd(void) -+{ -+ int i; -+ int r = 0; -+ for (i = 0; i < Config.cacheSwap.n_configured; i++) { -+ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 || -+ strcmp(Config.cacheSwap.swapDirs[i].type, "aufs") == 0 || -+ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0) -+ r++; -+ } -+ return r; -+} -+#endif -+ - static void - mainReconfigure(void) - { -@@ -395,6 +411,7 @@ - locationRewriteShutdown(); - authenticateShutdown(); - externalAclShutdown(); -+ unlinkdClose(); - storeDirCloseSwapLogs(); - storeLogClose(); - accessLogClose(); -@@ -430,6 +447,9 @@ - #if USE_WCCPv2 - wccp2Init(); - #endif -+#if USE_UNLINKD -+ if (needUnlinkd()) unlinkdInit(); -+#endif - serverConnectionsOpen(); - neighbors_init(); - storeDirOpenSwapLogs(); -@@ -593,7 +613,7 @@ - - if (!configured_once) { - #if USE_UNLINKD -- unlinkdInit(); -+ if (needUnlinkd()) unlinkdInit(); - #endif - urlInitialize(); - cachemgrInit(); -diff -Nru squid-2.6.STABLE19.orig/src/Makefile.am squid-2.6.STABLE19/src/Makefile.am ---- squid-2.6.STABLE19.orig/src/Makefile.am 2007-09-06 00:50:15.000000000 +0300 -+++ squid-2.6.STABLE19/src/Makefile.am 2008-04-11 23:06:17.000000000 +0300 -@@ -325,12 +325,12 @@ - DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf - DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf - DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'` --DEFAULT_LOG_PREFIX = $(localstatedir)/logs -+DEFAULT_LOG_PREFIX = $(localstatedir)/log/squid - DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log - DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log - DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log --DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid --DEFAULT_SWAP_DIR = $(localstatedir)/cache -+DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid -+DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid - DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` - DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` - DEFAULT_DISKD = $(libexecdir)/`echo diskd-daemon | sed '$(transform);s/$$/$(EXEEXT)/'` diff --git a/net-proxy/squid/files/squid-2.6.19-qos.patch b/net-proxy/squid/files/squid-2.6.19-qos.patch deleted file mode 100644 index 1fc1a30b93f8..000000000000 --- a/net-proxy/squid/files/squid-2.6.19-qos.patch +++ /dev/null @@ -1,322 +0,0 @@ -diff -Nru squid-2.6.STABLE19.orig/src/cache_cf.c squid-2.6.STABLE19/src/cache_cf.c ---- squid-2.6.STABLE19.orig/src/cache_cf.c 2007-08-31 16:49:54.000000000 +0300 -+++ squid-2.6.STABLE19/src/cache_cf.c 2008-04-11 23:20:50.000000000 +0300 -@@ -891,6 +891,65 @@ - } - } - -+CBDATA_TYPE(acl_priority); -+ -+static void -+dump_acl_priority(StoreEntry * entry, const char *name, acl_priority * head) -+{ -+ acl_priority *l; -+ for (l = head; l; l = l->next) { -+ if (l->priority > 0) -+ storeAppendPrintf(entry, "%s %04X:%04X", name, -+ l->priority >> 16, l->priority & 0xFFFF); -+ else -+ storeAppendPrintf(entry, "%s none", name); -+ dump_acl_list(entry, l->acl_list); -+ storeAppendPrintf(entry, "\n"); -+ } -+} -+ -+static void -+freed_acl_priority(void *data) -+{ -+ acl_priority *l = data; -+ aclDestroyAclList(&l->acl_list); -+} -+ -+static void -+parse_acl_priority(acl_priority ** head) -+{ -+ acl_priority *l; -+ acl_priority **tail = head; /* sane name below */ -+ unsigned long priority, t1, t2; -+ char junk; -+ char *token = strtok(NULL, w_space); -+ if (!token) -+ self_destruct(); -+ if (sscanf(token, "%x:%x%c", &t1, &t2, &junk) != 2) -+ self_destruct(); -+ if (t1 < 0 || t1 > 0xFFFF || t2 < 0 || t2 > 0xFFFF) -+ self_destruct(); -+ priority = t1 << 16 | t2; -+ CBDATA_INIT_TYPE_FREECB(acl_priority, freed_acl_priority); -+ l = cbdataAlloc(acl_priority); -+ l->priority = priority; -+ aclParseAclList(&l->acl_list); -+ while (*tail) -+ tail = &(*tail)->next; -+ *tail = l; -+} -+ -+static void -+free_acl_priority(acl_priority ** head) -+{ -+ while (*head) { -+ acl_priority *l = *head; -+ *head = l->next; -+ l->next = NULL; -+ cbdataFree(l); -+ } -+} -+ - #if DELAY_POOLS - - /* do nothing - free_delay_pool_count is the magic free function. -diff -Nru squid-2.6.STABLE19.orig/src/cf.data.depend squid-2.6.STABLE19/src/cf.data.depend ---- squid-2.6.STABLE19.orig/src/cf.data.depend 2007-09-06 00:50:15.000000000 +0300 -+++ squid-2.6.STABLE19/src/cf.data.depend 2008-04-11 23:20:50.000000000 +0300 -@@ -5,6 +5,7 @@ - acl_address acl - acl_b_size_t acl - acl_tos acl -+acl_priority acl - address - authparam - b_int64_t -diff -Nru squid-2.6.STABLE19.orig/src/cf.data.pre squid-2.6.STABLE19/src/cf.data.pre ---- squid-2.6.STABLE19.orig/src/cf.data.pre 2008-04-11 23:20:32.000000000 +0300 -+++ squid-2.6.STABLE19/src/cf.data.pre 2008-04-11 23:20:50.000000000 +0300 -@@ -1239,6 +1239,27 @@ - Default: 255 (TOS from server is not changed). - DOC_END - -+NAME: tcp_outgoing_priority -+TYPE: acl_priority -+DEFAULT: none -+LOC: Config.accessList.outgoing_priority -+DOC_START -+ Allows you to select the priority of the outgoing connection, -+ based on the username or source address making the request. The -+ priority can be used by Linux QoS Qdiscs for classification. -+ -+ tcp_outgoing_priority priority [!]aclname ... -+ -+ Example where requests from special_service_net are assigned -+ priority 10:100 -+ -+ acl special_service_net src 10.0.0.0/255.255.255.0 -+ tcp_outgoing_priority 10:100 special_service_net -+ -+ Processing proceeds in the order specified, and stops at first fully -+ matching line. -+DOC_END -+ - NAME: tcp_outgoing_address - TYPE: acl_address - DEFAULT: none -diff -Nru squid-2.6.STABLE19.orig/src/comm.c squid-2.6.STABLE19/src/comm.c ---- squid-2.6.STABLE19.orig/src/comm.c 2007-04-17 12:39:56.000000000 +0300 -+++ squid-2.6.STABLE19/src/comm.c 2008-04-11 23:20:50.000000000 +0300 -@@ -162,7 +162,7 @@ - int flags, - const char *note) - { -- return comm_openex(sock_type, proto, addr, port, flags, 0, note); -+ return comm_openex(sock_type, proto, addr, port, flags, 0, 0, note); - } - - -@@ -175,10 +175,12 @@ - u_short port, - int flags, - unsigned char TOS, -+ unsigned long PRIORITY, - const char *note) - { - int new_socket; - int tos = 0; -+ unsigned long priority = 0; - fde *F = NULL; - - /* Create socket for accepting new connections. */ -@@ -209,12 +211,25 @@ - debug(5, 0) ("comm_open: setsockopt(IP_TOS) not supported on this platform\n"); - #endif - } -+ if (PRIORITY) { -+#ifdef SO_PRIORITY -+ priority = PRIORITY; -+ enter_suid(); -+ if (setsockopt(new_socket, SOL_SOCKET, SO_PRIORITY, (char *) &priority, sizeof(unsigned long)) < 0) -+ debug(50, 1) ("comm_open: setsockopt(SO_PRIORITY) on FD %d: %s\n", -+ new_socket, xstrerror()); -+ leave_suid(); -+#else -+ debug(50, 0) ("comm_open: setsockopt(SO_PRIORITY) not supported on this platform\n"); -+#endif -+ } - /* update fdstat */ - debug(5, 5) ("comm_open: FD %d is a new socket\n", new_socket); - fd_open(new_socket, FD_SOCKET, note); - F = &fd_table[new_socket]; - F->local_addr = addr; - F->tos = tos; -+ F->priority = priority; - if (!(flags & COMM_NOCLOEXEC)) - commSetCloseOnExec(new_socket); - if ((flags & COMM_REUSEADDR)) -@@ -382,6 +397,15 @@ - debug(5, 1) ("commResetFD: setsockopt(IP_TOS) on FD %d: %s\n", cs->fd, xstrerror()); - } - #endif -+#ifdef SO_PRIORITY -+ if (F->priority) { -+ unsigned long priority = F->priority; -+ enter_suid(); -+ if (setsockopt(cs->fd, SOL_SOCKET, SO_PRIORITY, (char *)&priority, sizeof(unsigned long)) < 0) -+ debug(50, 1) ("commResetFD: setsockopt(SO_PRIORITY) on FD %d: %s\n", cs->fd, xstrerror()); -+ leave_suid(); -+ } -+#endif - if (F->flags.close_on_exec) - commSetCloseOnExec(cs->fd); - if (F->flags.nonblocking) -diff -Nru squid-2.6.STABLE19.orig/src/forward.c squid-2.6.STABLE19/src/forward.c ---- squid-2.6.STABLE19.orig/src/forward.c 2008-04-11 23:16:09.000000000 +0300 -+++ squid-2.6.STABLE19/src/forward.c 2008-04-11 23:20:50.000000000 +0300 -@@ -418,6 +418,17 @@ - return 0; - } - -+static unsigned long -+aclMapPriority(acl_priority * head, aclCheck_t * ch) -+{ -+ acl_priority *l; -+ for (l = head; l; l = l->next) { -+ if (aclMatchAclList(l->acl_list, ch)) -+ return l->priority; -+ } -+ return 0; -+} -+ - struct in_addr - getOutgoingAddr(request_t * request) - { -@@ -456,6 +467,20 @@ - return aclMapTOS(Config.accessList.outgoing_tos, &ch); - } - -+unsigned long -+getOutgoingPriority(request_t * request) -+{ -+ aclCheck_t ch; -+ memset(&ch, '\0', sizeof(aclCheck_t)); -+ if (request) { -+ ch.src_addr = request->client_addr; -+ ch.my_addr = request->my_addr; -+ ch.my_port = request->my_port; -+ ch.request = request; -+ } -+ return aclMapPriority(Config.accessList.outgoing_priority, &ch); -+} -+ - static void - fwdConnectStart(void *data) - { -@@ -472,6 +497,7 @@ - int ftimeout = Config.Timeout.forward - (squid_curtime - fwdState->start); - struct in_addr outgoing; - unsigned short tos; -+ unsigned long priority; - #if LINUX_TPROXY - struct in_tproxy itp; - #endif -@@ -557,15 +583,17 @@ - #endif - outgoing = getOutgoingAddr(fwdState->request); - tos = getOutgoingTOS(fwdState->request); -+ priority = getOutgoingPriority(fwdState->request); - -- debug(17, 3) ("fwdConnectStart: got addr %s, tos %d\n", -- inet_ntoa(outgoing), tos); -+ debug(17, 3) ("fwdConnectStart: got addr %s, tos %d, priority %lu\n", -+ inet_ntoa(outgoing), tos, priority); - fd = comm_openex(SOCK_STREAM, - IPPROTO_TCP, - outgoing, - 0, - COMM_NONBLOCKING, - tos, -+ priority, - url); - if (fd < 0) { - debug(50, 4) ("fwdConnectStart: %s\n", xstrerror()); -diff -Nru squid-2.6.STABLE19.orig/src/protos.h squid-2.6.STABLE19/src/protos.h ---- squid-2.6.STABLE19.orig/src/protos.h 2007-07-15 12:52:17.000000000 +0300 -+++ squid-2.6.STABLE19/src/protos.h 2008-04-11 23:20:50.000000000 +0300 -@@ -160,7 +160,7 @@ - extern void comm_init(void); - extern int comm_listen(int sock); - extern int comm_open(int, int, struct in_addr, u_short port, int, const char *note); --extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, const char *); -+extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, unsigned long PRIORITY, const char *); - extern u_short comm_local_port(int fd); - - extern void commDeferFD(int fd); -@@ -735,6 +735,7 @@ - #endif - struct in_addr getOutgoingAddr(request_t * request); - unsigned long getOutgoingTOS(request_t * request); -+unsigned long getOutgoingPriority(request_t * request); - - extern void urnStart(request_t *, StoreEntry *); - -diff -Nru squid-2.6.STABLE19.orig/src/ssl.c squid-2.6.STABLE19/src/ssl.c ---- squid-2.6.STABLE19.orig/src/ssl.c 2007-02-03 23:53:38.000000000 +0200 -+++ squid-2.6.STABLE19/src/ssl.c 2008-04-11 23:20:50.000000000 +0300 -@@ -524,6 +524,7 @@ - 0, - COMM_NONBLOCKING, - getOutgoingTOS(request), -++ getOutgoingPriority(request), - url); - if (sock == COMM_ERROR) { - debug(26, 4) ("sslStart: Failed because we're out of sockets.\n"); -diff -Nru squid-2.6.STABLE19.orig/src/structs.h squid-2.6.STABLE19/src/structs.h ---- squid-2.6.STABLE19.orig/src/structs.h 2008-04-11 23:20:32.000000000 +0300 -+++ squid-2.6.STABLE19/src/structs.h 2008-04-11 23:20:50.000000000 +0300 -@@ -296,6 +296,12 @@ - int tos; - }; - -+struct _acl_priority { -+ acl_priority *next; -+ acl_list *acl_list; -+ unsigned long priority; -+}; -+ - struct _aclCheck_t { - const acl_access *access_list; - struct in_addr src_addr; -@@ -705,6 +711,7 @@ - acl_access *reply; - acl_address *outgoing_address; - acl_tos *outgoing_tos; -+ acl_priority *outgoing_priority; - #if USE_HTCP - acl_access *htcp; - acl_access *htcp_clr; -@@ -876,6 +883,7 @@ - u_short remote_port; - struct in_addr local_addr; - unsigned char tos; -+ unsigned long priority; - char ipaddr[16]; /* dotted decimal address of peer */ - char desc[FD_DESC_SZ]; - struct { -diff -Nru squid-2.6.STABLE19.orig/src/typedefs.h squid-2.6.STABLE19/src/typedefs.h ---- squid-2.6.STABLE19.orig/src/typedefs.h 2006-09-02 17:08:42.000000000 +0300 -+++ squid-2.6.STABLE19/src/typedefs.h 2008-04-11 23:20:50.000000000 +0300 -@@ -102,6 +102,7 @@ - typedef struct _acl_access acl_access; - typedef struct _acl_address acl_address; - typedef struct _acl_tos acl_tos; -+typedef struct _acl_priority acl_priority; - typedef struct _aclCheck_t aclCheck_t; - typedef struct _wordlist wordlist; - typedef struct _intlist intlist; diff --git a/net-proxy/squid/files/squid-2.6.19-tcp_outg-x_fwd_for.patch b/net-proxy/squid/files/squid-2.6.19-tcp_outg-x_fwd_for.patch deleted file mode 100644 index a27a96a7456b..000000000000 --- a/net-proxy/squid/files/squid-2.6.19-tcp_outg-x_fwd_for.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff -Nru squid-2.6.STABLE19.orig/src/forward.c squid-2.6.STABLE19/src/forward.c ---- squid-2.6.STABLE19.orig/src/forward.c 2007-09-06 00:28:34.000000000 +0300 -+++ squid-2.6.STABLE19/src/forward.c 2008-04-11 23:15:32.000000000 +0300 -@@ -424,7 +424,12 @@ - aclCheck_t ch; - memset(&ch, '\0', sizeof(aclCheck_t)); - if (request) { -- ch.src_addr = request->client_addr; -+#if FOLLOW_X_FORWARDED_FOR -+ if (Config.onoff.acl_uses_indirect_client) { -+ ch.src_addr = request->indirect_client_addr; -+ } else -+#endif /* FOLLOW_X_FORWARDED_FOR */ -+ ch.src_addr = request->client_addr; - ch.my_addr = request->my_addr; - ch.my_port = request->my_port; - ch.request = request; -@@ -438,7 +443,12 @@ - aclCheck_t ch; - memset(&ch, '\0', sizeof(aclCheck_t)); - if (request) { -- ch.src_addr = request->client_addr; -+#if FOLLOW_X_FORWARDED_FOR -+ if (Config.onoff.acl_uses_indirect_client) { -+ ch.src_addr = request->indirect_client_addr; -+ } else -+#endif /* FOLLOW_X_FORWARDED_FOR */ -+ ch.src_addr = request->client_addr; - ch.my_addr = request->my_addr; - ch.my_port = request->my_port; - ch.request = request; diff --git a/net-proxy/squid/files/squid-2.6.20-ToS_Hit_ToS_Preserve.patch b/net-proxy/squid/files/squid-2.6.20-ToS_Hit_ToS_Preserve.patch deleted file mode 100644 index 50b6547a29c6..000000000000 --- a/net-proxy/squid/files/squid-2.6.20-ToS_Hit_ToS_Preserve.patch +++ /dev/null @@ -1,216 +0,0 @@ -diff -Nru squid-2.6.STABLE20.orig/src/cf.data.pre squid-2.6.STABLE20/src/cf.data.pre ---- squid-2.6.STABLE20.orig/src/cf.data.pre 2008-05-15 00:48:45.000000000 +0300 -+++ squid-2.6.STABLE20/src/cf.data.pre 2008-05-15 00:49:24.000000000 +0300 -@@ -1181,6 +1181,64 @@ - to off when using this directive in such configurations. - DOC_END - -+NAME: zph_tos_local -+TYPE: int -+DEFAULT: 0 -+LOC: Config.zph_tos_local -+DOC_START -+ Allows you to select a TOS/Diffserv value to mark local hits. Read above -+ (tcp_outgoing_tos) for details/requirements about TOS. -+ Default: 0 (disabled). -+DOC_END -+ -+NAME: zph_tos_peer -+TYPE: int -+DEFAULT: 0 -+LOC: Config.zph_tos_peer -+DOC_START -+ Allows you to select a TOS/Diffserv value to mark peer hits. Read above -+ (tcp_outgoing_tos) for details/requirements about TOS. -+ Default: 0 (disabled). -+DOC_END -+ -+NAME: zph_tos_parent -+COMMENT: on|off -+TYPE: onoff -+LOC: Config.onoff.zph_tos_parent -+DEFAULT: on -+DOC_START -+ Set this to off if you want only sibling hits to be marked. -+ If set to on (default), parent hits are being marked too. -+DOC_END -+ -+NAME: zph_preserve_miss_tos -+COMMENT: on|off -+TYPE: onoff -+LOC: Config.onoff.zph_preserve_miss_tos -+DEFAULT: on -+DOC_START -+ If set to on (default), any HTTP response towards clients will -+ have the TOS value of the response comming from the remote -+ server masked with the value of zph_preserve_miss_tos_mask. -+ For this to work correctly, you will need to patch your linux -+ kernel with the TOS preserving ZPH patch. -+ Has no effect under FreeBSD, works only under linux ZPH patched -+ kernels. -+DOC_END -+ -+NAME: zph_preserve_miss_tos_mask -+TYPE: int -+DEFAULT: 255 -+LOC: Config.zph_preserve_miss_tos_mask -+DOC_START -+ Allows you to mask certain bits in the TOS received from the -+ remote server, before copying the value to the TOS send towards -+ clients. -+ See zph_preserve_miss_tos for details. -+ -+ Default: 255 (TOS from server is not changed). -+DOC_END -+ - NAME: tcp_outgoing_address - TYPE: acl_address - DEFAULT: none -diff -Nru squid-2.6.STABLE20.orig/src/client_side.c squid-2.6.STABLE20/src/client_side.c ---- squid-2.6.STABLE20.orig/src/client_side.c 2008-05-15 00:48:45.000000000 +0300 -+++ squid-2.6.STABLE20/src/client_side.c 2008-05-15 00:49:24.000000000 +0300 -@@ -2632,6 +2632,55 @@ - return; - } - assert(http->out.offset == 0); -+ -+ if ( Config.zph_tos_local || Config.zph_tos_peer || -+ (Config.onoff.zph_preserve_miss_tos && Config.zph_preserve_miss_tos_mask) ) -+ { -+ int need_change = 0; -+ int hit = 0; -+ int tos = 0; -+ int tos_old = 0; -+ int tos_len = sizeof(tos_old); -+ int res; -+ -+ if (Config.zph_tos_local && isTcpHit(http->log_type)) { /* local hit */ -+ hit = 1; -+ tos = Config.zph_tos_local; -+ } else if (Config.zph_tos_peer && -+ (http->request->hier.code == SIBLING_HIT || /* sibling hit */ -+ (Config.onoff.zph_tos_parent && -+ http->request->hier.code == PARENT_HIT))) { /* parent hit */ -+ hit = 1; -+ tos = Config.zph_tos_peer; -+ } -+ if (http->request->flags.proxy_keepalive) { -+ if (getsockopt(fd, IPPROTO_IP, IP_TOS, &tos_old, &tos_len) < 0) { -+ debug(33, 1) ("ZPH: getsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror()); -+ } else if (hit && tos_old != tos) { /* HIT: 1-st request, or previous was MISS, */ -+ need_change = 1; /* or local/parent hit change */ -+ } else if (!hit && (tos_old || /* MISS: previous was HIT */ -+ Config.onoff.zph_preserve_miss_tos)) { /* TOS copying is on */ -+#if defined(_SQUID_LINUX_) -+ if ( Config.onoff.zph_preserve_miss_tos ) { -+ tos = (entry->mem_obj != NULL) ? -+ (entry->mem_obj->recvTOS & Config.zph_preserve_miss_tos_mask):0; -+ } else tos = 0; -+#else -+ tos = 0; -+#endif -+ need_change = 1; -+ } -+ } else if (hit) { /* no keepalive */ -+ need_change = 1; -+ } -+ if (need_change) { -+ if (!hit) enter_suid(); /* Setting TOS bit6-7 is privilleged */ -+ res = setsockopt(fd, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)); -+ if (!hit) leave_suid(); /* Setting bit5-7 is privilleged */ -+ if ( res < 0) -+ debug(33, 1) ("ZPH: setsockopt(IP_TOS) on FD %d: %s\n", fd, xstrerror()); -+ } -+ } - rep = http->reply = clientBuildReply(http, buf, size); - if (!rep) { - /* Forward as HTTP/0.9 body with no reply */ -diff -Nru squid-2.6.STABLE20.orig/src/http.c squid-2.6.STABLE20/src/http.c ---- squid-2.6.STABLE20.orig/src/http.c 2008-04-02 04:03:47.000000000 +0300 -+++ squid-2.6.STABLE20/src/http.c 2008-05-15 00:49:24.000000000 +0300 -@@ -1393,6 +1393,53 @@ - peer *p = httpState->peer; - CWCB *sendHeaderDone; - int fd = httpState->fd; -+ -+#if defined(_SQUID_LINUX_) -+/* ZPH patch starts here (M.Stavrev 25-05-2005) -+ * Retrieve connection peer's TOS value (which its SYN_ACK TCP segment -+ * was encapsulated into an IP packet) -+ */ -+ int tos, tos_len; -+ if ( entry && entry->mem_obj ) { // Is this check necessary ? Seems not, but -+ // have no time to investigate further. -+ entry->mem_obj->recvTOS = 0; -+ tos = 1; -+ tos_len = sizeof(tos); -+ if ( setsockopt(fd,SOL_IP, IP_RECVTOS, &tos, tos_len) == 0 ) { -+ unsigned char buf[128]; -+ int len = 128; -+ if (getsockopt(fd, SOL_IP, IP_PKTOPTIONS, buf, &len) == 0) -+ { -+ /* Parse the PKTOPTIONS structure to locate the TOS data message -+ * prepared in the kernel by the ZPH incoming TCP TOS preserving -+ * patch. In 99,99% the TOS should be located at buf[12], but -+ * let's do it the right way. -+ */ -+ unsigned char * p = buf; -+ while ( p-buf < len ) { -+ struct cmsghdr * o = (struct cmsghdr*)p; -+ if ( o->cmsg_len <= 0 || o->cmsg_len > 52 ) -+ break; -+ if ( o->cmsg_level == SOL_IP && o->cmsg_type == IP_TOS ) { -+ entry->mem_obj->recvTOS = (unsigned char)(*(int*) -+ (p + sizeof(struct cmsghdr))); -+ debug(11, 5) ("ZPH: Incomming TOS=%d on FD %d\n", -+ entry->mem_obj->recvTOS, fd ); -+ break; -+ } -+ p += o->cmsg_len; -+ } -+ } else { -+ debug(11, 5) ("ZPH: getsockopt(IP_PKTOPTIONS) on FD %d: %s\n", -+ fd, xstrerror()); -+ } -+ } else { -+ debug(11, 5) ("ZPH: setsockopt(IP_RECVTOS) on FD %d: %s\n", -+ fd, xstrerror()); -+ } -+ } -+/* ZPH patch ends here */ -+#endif - - debug(11, 5) ("httpSendRequest: FD %d: httpState %p.\n", fd, httpState); - -diff -Nru squid-2.6.STABLE20.orig/src/structs.h squid-2.6.STABLE20/src/structs.h ---- squid-2.6.STABLE20.orig/src/structs.h 2008-04-21 05:56:24.000000000 +0300 -+++ squid-2.6.STABLE20/src/structs.h 2008-05-15 00:49:24.000000000 +0300 -@@ -670,6 +670,8 @@ - int relaxed_header_parser; - int accel_no_pmtu_disc; - int global_internal_static; -+ int zph_tos_parent; -+ int zph_preserve_miss_tos; - int httpd_suppress_version_string; - int via; - int check_hostnames; -@@ -794,6 +796,9 @@ - int sleep_after_fork; /* microseconds */ - time_t minimum_expiry_time; /* seconds */ - external_acl *externalAclHelperList; -+ int zph_tos_local; -+ int zph_tos_peer; -+ int zph_preserve_miss_tos_mask; - errormap *errorMapList; - #if USE_SSL - struct { -@@ -1727,6 +1732,9 @@ - const char *vary_encoding; - StoreEntry *ims_entry; - time_t refresh_timestamp; -+#if defined(_SQUID_LINUX_) -+ unsigned char recvTOS; /* ZPH patch - stores remote server's TOS */ -+#endif - }; - - struct _StoreEntry { diff --git a/net-proxy/squid/files/squid-2.6.20-gentoo.patch b/net-proxy/squid/files/squid-2.6.20-gentoo.patch deleted file mode 100644 index 3738d1f33da6..000000000000 --- a/net-proxy/squid/files/squid-2.6.20-gentoo.patch +++ /dev/null @@ -1,298 +0,0 @@ -diff -Nru squid-2.6.STABLE20.orig/helpers/basic_auth/MSNT/confload.c squid-2.6.STABLE20/helpers/basic_auth/MSNT/confload.c ---- squid-2.6.STABLE20.orig/helpers/basic_auth/MSNT/confload.c 2002-06-26 22:09:48.000000000 +0300 -+++ squid-2.6.STABLE20/helpers/basic_auth/MSNT/confload.c 2008-05-15 00:48:08.000000000 +0300 -@@ -24,7 +24,7 @@ - - /* Path to configuration file */ - #ifndef SYSCONFDIR --#define SYSCONFDIR "/usr/local/squid/etc" -+#define SYSCONFDIR "/etc/squid" - #endif - #define CONFIGFILE SYSCONFDIR "/msntauth.conf" - -diff -Nru squid-2.6.STABLE20.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-2.6.STABLE20/helpers/basic_auth/MSNT/msntauth.conf.default ---- squid-2.6.STABLE20.orig/helpers/basic_auth/MSNT/msntauth.conf.default 2002-06-26 21:44:28.000000000 +0300 -+++ squid-2.6.STABLE20/helpers/basic_auth/MSNT/msntauth.conf.default 2008-05-15 00:48:08.000000000 +0300 -@@ -8,6 +8,6 @@ - server other_PDC other_BDC otherdomain - - # Denied and allowed users. Comment these if not needed. --#denyusers /usr/local/squid/etc/msntauth.denyusers --#allowusers /usr/local/squid/etc/msntauth.allowusers -+#denyusers /etc/squid/msntauth.denyusers -+#allowusers /etc/squid/msntauth.allowusers - -diff -Nru squid-2.6.STABLE20.orig/helpers/basic_auth/SMB/Makefile.am squid-2.6.STABLE20/helpers/basic_auth/SMB/Makefile.am ---- squid-2.6.STABLE20.orig/helpers/basic_auth/SMB/Makefile.am 2005-05-17 19:56:26.000000000 +0300 -+++ squid-2.6.STABLE20/helpers/basic_auth/SMB/Makefile.am 2008-05-15 00:48:08.000000000 +0300 -@@ -14,7 +14,7 @@ - ## FIXME: autoconf should test for the samba path. - - SMB_AUTH_HELPER = smb_auth.sh --SAMBAPREFIX=/usr/local/samba -+SAMBAPREFIX=/usr - SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER) - - libexec_SCRIPTS = $(SMB_AUTH_HELPER) -diff -Nru squid-2.6.STABLE20.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.6.STABLE20/helpers/basic_auth/SMB/smb_auth.sh ---- squid-2.6.STABLE20.orig/helpers/basic_auth/SMB/smb_auth.sh 2001-01-08 01:36:46.000000000 +0200 -+++ squid-2.6.STABLE20/helpers/basic_auth/SMB/smb_auth.sh 2008-05-15 00:48:08.000000000 +0300 -@@ -24,7 +24,7 @@ - read AUTHSHARE - read AUTHFILE - read SMBUSER --read SMBPASS -+read -r SMBPASS - - # Find domain controller - echo "Domain name: $DOMAINNAME" -@@ -47,7 +47,7 @@ - addropt="" - fi - echo "Query address options: $addropt" --dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'` -+dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'` - echo "Domain controller IP address: $dcip" - [ -n "$dcip" ] || exit 1 - -diff -Nru squid-2.6.STABLE20.orig/helpers/external_acl/session/squid_session.8 squid-2.6.STABLE20/helpers/external_acl/session/squid_session.8 ---- squid-2.6.STABLE20.orig/helpers/external_acl/session/squid_session.8 2007-01-06 19:28:35.000000000 +0200 -+++ squid-2.6.STABLE20/helpers/external_acl/session/squid_session.8 2008-05-15 00:48:08.000000000 +0300 -@@ -35,7 +35,7 @@ - .P - Configuration example using the default automatic mode - .IP --external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session -+external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session - .IP - acl session external session - .IP -diff -Nru squid-2.6.STABLE20.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-2.6.STABLE20/helpers/external_acl/unix_group/squid_unix_group.8 ---- squid-2.6.STABLE20.orig/helpers/external_acl/unix_group/squid_unix_group.8 2006-05-14 18:07:24.000000000 +0300 -+++ squid-2.6.STABLE20/helpers/external_acl/unix_group/squid_unix_group.8 2008-05-15 00:48:08.000000000 +0300 -@@ -27,7 +27,7 @@ - This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2 - matches users in group2 or group3 - .IP --external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p -+external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p - .IP - acl usergroup1 external unix_group group1 - .IP -diff -Nru squid-2.6.STABLE20.orig/src/access_log.c squid-2.6.STABLE20/src/access_log.c ---- squid-2.6.STABLE20.orig/src/access_log.c 2008-03-18 04:58:47.000000000 +0200 -+++ squid-2.6.STABLE20/src/access_log.c 2008-05-15 00:48:08.000000000 +0300 -@@ -1225,7 +1225,7 @@ - LogfileStatus = LOG_ENABLE; - } - #if HEADERS_LOG -- headerslog = logfileOpen("/usr/local/squid/logs/headers.log", MAX_URL << 1, 0); -+ headerslog = logfileOpen("/var/log/squid/headers.log", MAX_URL << 1, 0); - assert(NULL != headerslog); - #endif - #if FORW_VIA_DB -diff -Nru squid-2.6.STABLE20.orig/src/cf.data.pre squid-2.6.STABLE20/src/cf.data.pre ---- squid-2.6.STABLE20.orig/src/cf.data.pre 2008-04-21 05:56:24.000000000 +0300 -+++ squid-2.6.STABLE20/src/cf.data.pre 2008-05-15 00:48:08.000000000 +0300 -@@ -640,6 +640,8 @@ - acl Safe_ports port 488 # gss-http - acl Safe_ports port 591 # filemaker - acl Safe_ports port 777 # multiling http -+acl Safe_ports port 901 # SWAT -+acl purge method PURGE - acl CONNECT method CONNECT - NOCOMMENT_END - DOC_END -@@ -673,6 +675,9 @@ - # Only allow cachemgr access from localhost - http_access allow manager localhost - http_access deny manager -+# Only allow purge requests from localhost -+http_access allow purge localhost -+http_access deny purge - # Deny requests to unknown ports - http_access deny !Safe_ports - # Deny CONNECT to other than SSL ports -@@ -691,6 +696,9 @@ - #acl our_networks src 192.168.1.0/24 192.168.2.0/24 - #http_access allow our_networks - -+# Allow the localhost to have access by default -+http_access allow localhost -+ - # And finally deny all other access to this proxy - http_access deny all - NOCOMMENT_END -@@ -3357,11 +3365,11 @@ - - NAME: cache_mgr - TYPE: string --DEFAULT: webmaster -+DEFAULT: root - LOC: Config.adminEmail - DOC_START - Email-address of local cache manager who will receive -- mail if the cache dies. The default is "webmaster". -+ mail if the cache dies. The default is "root". - DOC_END - - NAME: mail_from -@@ -3390,12 +3398,12 @@ - - NAME: cache_effective_user - TYPE: string --DEFAULT: nobody -+DEFAULT: squid - LOC: Config.effectiveUser - DOC_START - If you start Squid as root, it will change its effective/real - UID/GID to the user specified below. The default is to change -- to UID to nobody. If you define cache_effective_user, but not -+ to UID to squid. If you define cache_effective_user, but not - cache_effective_group, Squid sets the GID to the effective - user's default group ID (taken from the password file) and - supplementary group list from the from groups membership of -@@ -4032,12 +4040,12 @@ - NAME: snmp_port - TYPE: ushort - LOC: Config.Port.snmp --DEFAULT: 3401 -+DEFAULT: 0 - IFDEF: SQUID_SNMP - DOC_START - Squid can now serve statistics and status information via SNMP. -- By default it listens to port 3401 on the machine. If you don't -- wish to use SNMP, set this to "0". -+ By default snmp_port is disabled. If you wish to use SNMP, -+ set this to "3401" (or any other number you like). - DOC_END - - NAME: snmp_access -@@ -4108,12 +4116,12 @@ - NAME: htcp_port - IFDEF: USE_HTCP - TYPE: ushort --DEFAULT: 4827 -+DEFAULT: 0 - LOC: Config.Port.htcp - DOC_START - The port number where Squid sends and receives HTCP queries to -- and from neighbor caches. Default is 4827. To disable use -- "0". -+ and from neighbor caches. To turn it on you want to set it to -+ 4827. By default it is set to "0" (disabled). - DOC_END - - NAME: log_icp_queries -@@ -4981,6 +4989,9 @@ - If you disable this, it will appear as - - X-Forwarded-For: unknown -+NOCOMMENT_START -+forwarded_for off -+NOCOMMENT_END - DOC_END - - NAME: cachemgr_passwd -diff -Nru squid-2.6.STABLE20.orig/src/client_side.c squid-2.6.STABLE20/src/client_side.c ---- squid-2.6.STABLE20.orig/src/client_side.c 2007-09-03 16:13:36.000000000 +0300 -+++ squid-2.6.STABLE20/src/client_side.c 2008-05-15 00:48:08.000000000 +0300 -@@ -4597,14 +4597,7 @@ - debug(83, 2) ("clientNegotiateSSL: Session %p reused on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port); - } else { - if (do_debug(83, 4)) { -- /* Write out the SSL session details.. actually the call below, but -- * OpenSSL headers do strange typecasts confusing GCC.. */ -- /* PEM_write_SSL_SESSION(debug_log, SSL_get_session(ssl)); */ --#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00908000L -- PEM_ASN1_write((i2d_of_void *) i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL); --#else - PEM_ASN1_write(i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL); --#endif - /* Note: This does not automatically fflush the log file.. */ - } - debug(83, 2) ("clientNegotiateSSL: New session %p on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port); -diff -Nru squid-2.6.STABLE20.orig/src/defines.h squid-2.6.STABLE20/src/defines.h ---- squid-2.6.STABLE20.orig/src/defines.h 2007-02-04 00:58:20.000000000 +0200 -+++ squid-2.6.STABLE20/src/defines.h 2008-05-15 00:48:08.000000000 +0300 -@@ -259,7 +259,7 @@ - - /* were to look for errors if config path fails */ - #ifndef DEFAULT_SQUID_ERROR_DIR --#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors" -+#define DEFAULT_SQUID_ERROR_DIR "/usr/share/squid/errors/English" - #endif - - /* gb_type operations */ -diff -Nru squid-2.6.STABLE20.orig/src/main.c squid-2.6.STABLE20/src/main.c ---- squid-2.6.STABLE20.orig/src/main.c 2007-11-26 12:47:23.000000000 +0200 -+++ squid-2.6.STABLE20/src/main.c 2008-05-15 00:48:08.000000000 +0300 -@@ -372,6 +372,22 @@ - asnFreeMemory(); - } - -+#if USE_UNLINKD -+static int -+needUnlinkd(void) -+{ -+ int i; -+ int r = 0; -+ for (i = 0; i < Config.cacheSwap.n_configured; i++) { -+ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 || -+ strcmp(Config.cacheSwap.swapDirs[i].type, "aufs") == 0 || -+ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0) -+ r++; -+ } -+ return r; -+} -+#endif -+ - static void - mainReconfigure(void) - { -@@ -395,6 +411,7 @@ - locationRewriteShutdown(); - authenticateShutdown(); - externalAclShutdown(); -+ unlinkdClose(); - storeDirCloseSwapLogs(); - storeLogClose(); - accessLogClose(); -@@ -430,6 +447,9 @@ - #if USE_WCCPv2 - wccp2Init(); - #endif -+#if USE_UNLINKD -+ if (needUnlinkd()) unlinkdInit(); -+#endif - serverConnectionsOpen(); - neighbors_init(); - storeDirOpenSwapLogs(); -@@ -593,7 +613,7 @@ - - if (!configured_once) { - #if USE_UNLINKD -- unlinkdInit(); -+ if (needUnlinkd()) unlinkdInit(); - #endif - urlInitialize(); - cachemgrInit(); -diff -Nru squid-2.6.STABLE20.orig/src/Makefile.am squid-2.6.STABLE20/src/Makefile.am ---- squid-2.6.STABLE20.orig/src/Makefile.am 2007-09-06 00:50:15.000000000 +0300 -+++ squid-2.6.STABLE20/src/Makefile.am 2008-05-15 00:48:08.000000000 +0300 -@@ -325,12 +325,12 @@ - DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf - DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf - DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'` --DEFAULT_LOG_PREFIX = $(localstatedir)/logs -+DEFAULT_LOG_PREFIX = $(localstatedir)/log/squid - DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log - DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log - DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log --DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid --DEFAULT_SWAP_DIR = $(localstatedir)/cache -+DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid -+DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid - DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` - DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` - DEFAULT_DISKD = $(libexecdir)/`echo diskd-daemon | sed '$(transform);s/$$/$(EXEEXT)/'` diff --git a/net-proxy/squid/files/squid-2.6.20-lincapver.patch b/net-proxy/squid/files/squid-2.6.20-lincapver.patch deleted file mode 100644 index 6a11e5be8514..000000000000 --- a/net-proxy/squid/files/squid-2.6.20-lincapver.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -Nru squid-2.6.STABLE20.orig/src/tools.c squid-2.6.STABLE20/src/tools.c ---- squid-2.6.STABLE20.orig/src/tools.c 2008-01-02 19:06:50.000000000 +0200 -+++ squid-2.6.STABLE20/src/tools.c 2008-05-28 22:31:28.000000000 +0300 -@@ -1337,10 +1337,15 @@ - restoreCapabilities(int keep) - { - #if defined(_SQUID_LINUX_) && HAVE_SYS_CAPABILITY_H -- cap_user_header_t head = (cap_user_header_t) xcalloc(1, sizeof(cap_user_header_t)); -- cap_user_data_t cap = (cap_user_data_t) xcalloc(1, sizeof(cap_user_data_t)); -+ cap_user_header_t head = (cap_user_header_t) xcalloc(1, sizeof(*head)); -+ cap_user_data_t cap = (cap_user_data_t) xcalloc(1, sizeof(*cap)); - -+#ifdef _LINUX_CAPABILITY_VERSION_1 -+ head->version = _LINUX_CAPABILITY_VERSION_1; -+#else - head->version = _LINUX_CAPABILITY_VERSION; -+#endif -+ - if (capget(head, cap) != 0) { - debug(50, 1) ("Can't get current capabilities\n"); - goto nocap; diff --git a/net-proxy/squid/files/squid-2.6.20-qos.patch b/net-proxy/squid/files/squid-2.6.20-qos.patch deleted file mode 100644 index 85569f5a3f51..000000000000 --- a/net-proxy/squid/files/squid-2.6.20-qos.patch +++ /dev/null @@ -1,322 +0,0 @@ -diff -Nru squid-2.6.STABLE20.orig/src/cache_cf.c squid-2.6.STABLE20/src/cache_cf.c ---- squid-2.6.STABLE20.orig/src/cache_cf.c 2007-08-31 16:49:54.000000000 +0300 -+++ squid-2.6.STABLE20/src/cache_cf.c 2008-05-15 00:50:05.000000000 +0300 -@@ -891,6 +891,65 @@ - } - } - -+CBDATA_TYPE(acl_priority); -+ -+static void -+dump_acl_priority(StoreEntry * entry, const char *name, acl_priority * head) -+{ -+ acl_priority *l; -+ for (l = head; l; l = l->next) { -+ if (l->priority > 0) -+ storeAppendPrintf(entry, "%s %04X:%04X", name, -+ l->priority >> 16, l->priority & 0xFFFF); -+ else -+ storeAppendPrintf(entry, "%s none", name); -+ dump_acl_list(entry, l->acl_list); -+ storeAppendPrintf(entry, "\n"); -+ } -+} -+ -+static void -+freed_acl_priority(void *data) -+{ -+ acl_priority *l = data; -+ aclDestroyAclList(&l->acl_list); -+} -+ -+static void -+parse_acl_priority(acl_priority ** head) -+{ -+ acl_priority *l; -+ acl_priority **tail = head; /* sane name below */ -+ unsigned long priority, t1, t2; -+ char junk; -+ char *token = strtok(NULL, w_space); -+ if (!token) -+ self_destruct(); -+ if (sscanf(token, "%x:%x%c", &t1, &t2, &junk) != 2) -+ self_destruct(); -+ if (t1 < 0 || t1 > 0xFFFF || t2 < 0 || t2 > 0xFFFF) -+ self_destruct(); -+ priority = t1 << 16 | t2; -+ CBDATA_INIT_TYPE_FREECB(acl_priority, freed_acl_priority); -+ l = cbdataAlloc(acl_priority); -+ l->priority = priority; -+ aclParseAclList(&l->acl_list); -+ while (*tail) -+ tail = &(*tail)->next; -+ *tail = l; -+} -+ -+static void -+free_acl_priority(acl_priority ** head) -+{ -+ while (*head) { -+ acl_priority *l = *head; -+ *head = l->next; -+ l->next = NULL; -+ cbdataFree(l); -+ } -+} -+ - #if DELAY_POOLS - - /* do nothing - free_delay_pool_count is the magic free function. -diff -Nru squid-2.6.STABLE20.orig/src/cf.data.depend squid-2.6.STABLE20/src/cf.data.depend ---- squid-2.6.STABLE20.orig/src/cf.data.depend 2007-09-06 00:50:15.000000000 +0300 -+++ squid-2.6.STABLE20/src/cf.data.depend 2008-05-15 00:50:05.000000000 +0300 -@@ -5,6 +5,7 @@ - acl_address acl - acl_b_size_t acl - acl_tos acl -+acl_priority acl - address - authparam - b_int64_t -diff -Nru squid-2.6.STABLE20.orig/src/cf.data.pre squid-2.6.STABLE20/src/cf.data.pre ---- squid-2.6.STABLE20.orig/src/cf.data.pre 2008-05-15 00:49:53.000000000 +0300 -+++ squid-2.6.STABLE20/src/cf.data.pre 2008-05-15 00:50:05.000000000 +0300 -@@ -1239,6 +1239,27 @@ - Default: 255 (TOS from server is not changed). - DOC_END - -+NAME: tcp_outgoing_priority -+TYPE: acl_priority -+DEFAULT: none -+LOC: Config.accessList.outgoing_priority -+DOC_START -+ Allows you to select the priority of the outgoing connection, -+ based on the username or source address making the request. The -+ priority can be used by Linux QoS Qdiscs for classification. -+ -+ tcp_outgoing_priority priority [!]aclname ... -+ -+ Example where requests from special_service_net are assigned -+ priority 10:100 -+ -+ acl special_service_net src 10.0.0.0/255.255.255.0 -+ tcp_outgoing_priority 10:100 special_service_net -+ -+ Processing proceeds in the order specified, and stops at first fully -+ matching line. -+DOC_END -+ - NAME: tcp_outgoing_address - TYPE: acl_address - DEFAULT: none -diff -Nru squid-2.6.STABLE20.orig/src/comm.c squid-2.6.STABLE20/src/comm.c ---- squid-2.6.STABLE20.orig/src/comm.c 2007-04-17 12:39:56.000000000 +0300 -+++ squid-2.6.STABLE20/src/comm.c 2008-05-15 00:50:05.000000000 +0300 -@@ -162,7 +162,7 @@ - int flags, - const char *note) - { -- return comm_openex(sock_type, proto, addr, port, flags, 0, note); -+ return comm_openex(sock_type, proto, addr, port, flags, 0, 0, note); - } - - -@@ -175,10 +175,12 @@ - u_short port, - int flags, - unsigned char TOS, -+ unsigned long PRIORITY, - const char *note) - { - int new_socket; - int tos = 0; -+ unsigned long priority = 0; - fde *F = NULL; - - /* Create socket for accepting new connections. */ -@@ -209,12 +211,25 @@ - debug(5, 0) ("comm_open: setsockopt(IP_TOS) not supported on this platform\n"); - #endif - } -+ if (PRIORITY) { -+#ifdef SO_PRIORITY -+ priority = PRIORITY; -+ enter_suid(); -+ if (setsockopt(new_socket, SOL_SOCKET, SO_PRIORITY, (char *) &priority, sizeof(unsigned long)) < 0) -+ debug(50, 1) ("comm_open: setsockopt(SO_PRIORITY) on FD %d: %s\n", -+ new_socket, xstrerror()); -+ leave_suid(); -+#else -+ debug(50, 0) ("comm_open: setsockopt(SO_PRIORITY) not supported on this platform\n"); -+#endif -+ } - /* update fdstat */ - debug(5, 5) ("comm_open: FD %d is a new socket\n", new_socket); - fd_open(new_socket, FD_SOCKET, note); - F = &fd_table[new_socket]; - F->local_addr = addr; - F->tos = tos; -+ F->priority = priority; - if (!(flags & COMM_NOCLOEXEC)) - commSetCloseOnExec(new_socket); - if ((flags & COMM_REUSEADDR)) -@@ -382,6 +397,15 @@ - debug(5, 1) ("commResetFD: setsockopt(IP_TOS) on FD %d: %s\n", cs->fd, xstrerror()); - } - #endif -+#ifdef SO_PRIORITY -+ if (F->priority) { -+ unsigned long priority = F->priority; -+ enter_suid(); -+ if (setsockopt(cs->fd, SOL_SOCKET, SO_PRIORITY, (char *)&priority, sizeof(unsigned long)) < 0) -+ debug(50, 1) ("commResetFD: setsockopt(SO_PRIORITY) on FD %d: %s\n", cs->fd, xstrerror()); -+ leave_suid(); -+ } -+#endif - if (F->flags.close_on_exec) - commSetCloseOnExec(cs->fd); - if (F->flags.nonblocking) -diff -Nru squid-2.6.STABLE20.orig/src/forward.c squid-2.6.STABLE20/src/forward.c ---- squid-2.6.STABLE20.orig/src/forward.c 2008-04-02 04:16:29.000000000 +0300 -+++ squid-2.6.STABLE20/src/forward.c 2008-05-15 00:50:05.000000000 +0300 -@@ -418,6 +418,17 @@ - return 0; - } - -+static unsigned long -+aclMapPriority(acl_priority * head, aclCheck_t * ch) -+{ -+ acl_priority *l; -+ for (l = head; l; l = l->next) { -+ if (aclMatchAclList(l->acl_list, ch)) -+ return l->priority; -+ } -+ return 0; -+} -+ - struct in_addr - getOutgoingAddr(request_t * request) - { -@@ -456,6 +467,20 @@ - return aclMapTOS(Config.accessList.outgoing_tos, &ch); - } - -+unsigned long -+getOutgoingPriority(request_t * request) -+{ -+ aclCheck_t ch; -+ memset(&ch, '\0', sizeof(aclCheck_t)); -+ if (request) { -+ ch.src_addr = request->client_addr; -+ ch.my_addr = request->my_addr; -+ ch.my_port = request->my_port; -+ ch.request = request; -+ } -+ return aclMapPriority(Config.accessList.outgoing_priority, &ch); -+} -+ - static void - fwdConnectStart(void *data) - { -@@ -472,6 +497,7 @@ - int ftimeout = Config.Timeout.forward - (squid_curtime - fwdState->start); - struct in_addr outgoing; - unsigned short tos; -+ unsigned long priority; - #if LINUX_TPROXY - struct in_tproxy itp; - #endif -@@ -557,15 +583,17 @@ - #endif - outgoing = getOutgoingAddr(fwdState->request); - tos = getOutgoingTOS(fwdState->request); -+ priority = getOutgoingPriority(fwdState->request); - -- debug(17, 3) ("fwdConnectStart: got addr %s, tos %d\n", -- inet_ntoa(outgoing), tos); -+ debug(17, 3) ("fwdConnectStart: got addr %s, tos %d, priority %lu\n", -+ inet_ntoa(outgoing), tos, priority); - fd = comm_openex(SOCK_STREAM, - IPPROTO_TCP, - outgoing, - 0, - COMM_NONBLOCKING, - tos, -+ priority, - url); - if (fd < 0) { - debug(50, 4) ("fwdConnectStart: %s\n", xstrerror()); -diff -Nru squid-2.6.STABLE20.orig/src/protos.h squid-2.6.STABLE20/src/protos.h ---- squid-2.6.STABLE20.orig/src/protos.h 2007-07-15 12:52:17.000000000 +0300 -+++ squid-2.6.STABLE20/src/protos.h 2008-05-15 00:50:05.000000000 +0300 -@@ -160,7 +160,7 @@ - extern void comm_init(void); - extern int comm_listen(int sock); - extern int comm_open(int, int, struct in_addr, u_short port, int, const char *note); --extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, const char *); -+extern int comm_openex(int, int, struct in_addr, u_short, int, unsigned char TOS, unsigned long PRIORITY, const char *); - extern u_short comm_local_port(int fd); - - extern void commDeferFD(int fd); -@@ -735,6 +735,7 @@ - #endif - struct in_addr getOutgoingAddr(request_t * request); - unsigned long getOutgoingTOS(request_t * request); -+unsigned long getOutgoingPriority(request_t * request); - - extern void urnStart(request_t *, StoreEntry *); - -diff -Nru squid-2.6.STABLE20.orig/src/ssl.c squid-2.6.STABLE20/src/ssl.c ---- squid-2.6.STABLE20.orig/src/ssl.c 2007-02-03 23:53:38.000000000 +0200 -+++ squid-2.6.STABLE20/src/ssl.c 2008-05-15 00:50:05.000000000 +0300 -@@ -524,6 +524,7 @@ - 0, - COMM_NONBLOCKING, - getOutgoingTOS(request), -++ getOutgoingPriority(request), - url); - if (sock == COMM_ERROR) { - debug(26, 4) ("sslStart: Failed because we're out of sockets.\n"); -diff -Nru squid-2.6.STABLE20.orig/src/structs.h squid-2.6.STABLE20/src/structs.h ---- squid-2.6.STABLE20.orig/src/structs.h 2008-05-15 00:49:53.000000000 +0300 -+++ squid-2.6.STABLE20/src/structs.h 2008-05-15 00:50:05.000000000 +0300 -@@ -296,6 +296,12 @@ - int tos; - }; - -+struct _acl_priority { -+ acl_priority *next; -+ acl_list *acl_list; -+ unsigned long priority; -+}; -+ - struct _aclCheck_t { - const acl_access *access_list; - struct in_addr src_addr; -@@ -706,6 +712,7 @@ - acl_access *reply; - acl_address *outgoing_address; - acl_tos *outgoing_tos; -+ acl_priority *outgoing_priority; - #if USE_HTCP - acl_access *htcp; - acl_access *htcp_clr; -@@ -877,6 +884,7 @@ - u_short remote_port; - struct in_addr local_addr; - unsigned char tos; -+ unsigned long priority; - char ipaddr[16]; /* dotted decimal address of peer */ - char desc[FD_DESC_SZ]; - struct { -diff -Nru squid-2.6.STABLE20.orig/src/typedefs.h squid-2.6.STABLE20/src/typedefs.h ---- squid-2.6.STABLE20.orig/src/typedefs.h 2006-09-02 17:08:42.000000000 +0300 -+++ squid-2.6.STABLE20/src/typedefs.h 2008-05-15 00:50:05.000000000 +0300 -@@ -102,6 +102,7 @@ - typedef struct _acl_access acl_access; - typedef struct _acl_address acl_address; - typedef struct _acl_tos acl_tos; -+typedef struct _acl_priority acl_priority; - typedef struct _aclCheck_t aclCheck_t; - typedef struct _wordlist wordlist; - typedef struct _intlist intlist; diff --git a/net-proxy/squid/files/squid-2.7.4-charset.patch b/net-proxy/squid/files/squid-2.7.4-charset.patch new file mode 100644 index 000000000000..dcca2915eb9b --- /dev/null +++ b/net-proxy/squid/files/squid-2.7.4-charset.patch @@ -0,0 +1,21 @@ +diff -ur squid-2.7.STABLE4.orig/src/cf.data.pre squid-2.7.STABLE4/src/cf.data.pre +--- squid-2.7.STABLE4.orig/src/cf.data.pre 2008-07-10 09:47:28.000000000 +0000 ++++ squid-2.7.STABLE4/src/cf.data.pre 2008-08-15 06:00:39.000000000 +0000 +@@ -3538,7 +3538,7 @@ + + When using the concurrency option, the protocol is changed by introducing + a query channel tag infront of the request/response. The query channel +- tag is a number between 0 and concurrency−1. ++ tag is a number between 0 and concurrency-1. + + FORMAT specifications: + +@@ -3570,7 +3570,7 @@ + present, the supplied value completely replaces + the cached value. + +- In the event of a helper−related error (e.g., overload), Squid ++ In the event of a helper-related error (e.g., overload), Squid + will always default to STALE. + DOC_END + diff --git a/net-proxy/squid/squid-2.6.19-r1.ebuild b/net-proxy/squid/squid-2.6.19-r1.ebuild deleted file mode 100644 index 0292dcf8dd63..000000000000 --- a/net-proxy/squid/squid-2.6.19-r1.ebuild +++ /dev/null @@ -1,180 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.6.19-r1.ebuild,v 1.6 2008/05/25 18:27:03 jer Exp $ - -WANT_AUTOCONF="latest" -WANT_AUTOMAKE="latest" - -inherit eutils pam toolchain-funcs autotools linux-info - -#lame archive versioning scheme.. -S_PMV="${PV%%.*}" -S_PV="${PV%.*}" -S_PL="${PV##*.}" -S_PL="${S_PL/_rc/-RC}" -S_PP="${PN}-${S_PV}.STABLE${S_PL}" - -DESCRIPTION="A full-featured web proxy cache" -HOMEPAGE="http://www.squid-cache.org/" -SRC_URI="http://www.squid-cache.org/Versions/v${S_PMV}/${S_PV}/${S_PP}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd" -IUSE="pam ldap samba sasl nis ssl snmp selinux logrotate qos zero-penalty-hit \ - pf-transparent ipf-transparent \ - elibc_uclibc kernel_linux" - -DEPEND="pam? ( virtual/pam ) - ldap? ( net-nds/openldap ) - ssl? ( dev-libs/openssl ) - sasl? ( dev-libs/cyrus-sasl ) - selinux? ( sec-policy/selinux-squid ) - !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) - >=sys-libs/db-4 - dev-lang/perl" -RDEPEND="${DEPEND} - samba? ( net-fs/samba )" - -S="${WORKDIR}/${S_PP}" - -pkg_setup() { - enewgroup squid 31 - enewuser squid 31 -1 /var/cache/squid squid -} - -src_unpack() { - unpack ${A} || die "unpack failed" - cd "${S}" || die "dir ${S} not found" - - epatch "${FILESDIR}"/${P}-gentoo.patch - use zero-penalty-hit && epatch "${FILESDIR}"/${P}-ToS_Hit_ToS_Preserve.patch - use qos && epatch "${FILESDIR}"/${P}-qos.patch - - sed -i -e 's%LDFLAGS="-g"%LDFLAGS=""%' configure.in - - eautoreconf -} - -src_compile() { - local basic_modules="getpwnam,NCSA,MSNT" - use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}" - use ldap && basic_modules="LDAP,${basic_modules}" - use pam && basic_modules="PAM,${basic_modules}" - use sasl && basic_modules="SASL,${basic_modules}" - use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}" - - local ext_helpers="ip_user,session,unix_group" - use samba && ext_helpers="wbinfo_group,${ext_helpers}" - use ldap && ext_helpers="ldap_group,${ext_helpers}" - - local ntlm_helpers="fakeauth" - use samba && ntlm_helpers="SMB,${ntlm_helpers}" - - local myconf="" - - # Support for uclibc #61175 - if use elibc_uclibc; then - myconf="${myconf} --enable-storeio=ufs,diskd,aufs,null" - myconf="${myconf} --disable-async-io" - else - myconf="${myconf} --enable-storeio=ufs,diskd,coss,aufs,null" - myconf="${myconf} --enable-async-io" - fi - - if use kernel_linux; then - myconf="${myconf} --enable-linux-netfilter" - if kernel_is ge 2 6 && linux_chkconfig_present EPOLL ; then - myconf="${myconf} --enable-epoll" - fi - elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then - myconf="${myconf} --enable-kqueue" - if use pf-transparent; then - myconf="${myconf} --enable-pf-transparent" - elif use ipf-transparent; then - myconf="${myconf} --enable-ipf-transparent" - fi - fi - - export CC=$(tc-getCC) - - econf \ - --sysconfdir=/etc/squid \ - --libexecdir=/usr/libexec/squid \ - --localstatedir=/var \ - --datadir=/usr/share/squid \ - --enable-auth="basic,digest,ntlm" \ - --enable-removal-policies="lru,heap" \ - --enable-digest-auth-helpers="password" \ - --enable-basic-auth-helpers="${basic_modules}" \ - --enable-external-acl-helpers="${ext_helpers}" \ - --enable-ntlm-auth-helpers="${ntlm_helpers}" \ - --enable-ident-lookups \ - --enable-useragent-log \ - --enable-cache-digests \ - --enable-delay-pools \ - --enable-referer-log \ - --enable-arp-acl \ - --with-pthreads \ - --with-large-files \ - --enable-htcp \ - --enable-carp \ - --enable-follow-x-forwarded-for \ - --with-maxfd=8192 \ - $(use_enable snmp) \ - $(use_enable ssl) \ - ${myconf} || die "econf failed" - - emake || die "emake failed" -} - -src_install() { - make DESTDIR="${D}" install || die "make install failed" - - # need suid root for looking into /etc/shadow - fowners root:squid /usr/libexec/squid/ncsa_auth - fowners root:squid /usr/libexec/squid/pam_auth - fperms 4750 /usr/libexec/squid/ncsa_auth - fperms 4750 /usr/libexec/squid/pam_auth - - # some cleanups - rm -f "${D}"/usr/bin/Run* - - dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \ - helpers/ntlm_auth/no_check/README.no_check_ntlm_auth - newdoc helpers/basic_auth/SMB/README README.auth_smb - dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html - newdoc helpers/basic_auth/LDAP/README README.auth_ldap - doman helpers/basic_auth/LDAP/*.8 - dodoc helpers/basic_auth/SASL/squid_sasl_auth* - - newpamd "${FILESDIR}/squid.pam" squid - newconfd "${FILESDIR}/squid.confd" squid - if use logrotate; then - newinitd "${FILESDIR}/squid.initd-logrotate" squid - insinto /etc/logrotate.d - newins "${FILESDIR}/squid.logrotate" squid - else - newinitd "${FILESDIR}/squid.initd" squid - exeinto /etc/cron.weekly - newexe "${FILESDIR}/squid.cron" squid.cron - fi - - rm -rf "${D}"/var - diropts -m0755 -o squid -g squid - keepdir /var/cache/squid /var/log/squid -} - -pkg_postinst() { - echo - ewarn "Squid authentication helpers have been installed suid root." - ewarn "This allows shadow based authentication (see bug #52977 for more)." - echo - ewarn "Be careful what type of cache_dir you select!" - ewarn " 'diskd' is optimized for high levels of traffic, but it might seem slow" - ewarn "when there isn't sufficient traffic to keep squid reasonably busy." - ewarn " If your traffic level is low to moderate, use 'aufs' or 'ufs'." - echo - ewarn "Squid can be configured to run in transparent mode like this:" - ewarn " ${HILITE}http_port internal-addr:3128 transparent${NORMAL}" -} diff --git a/net-proxy/squid/squid-2.6.20-r1.ebuild b/net-proxy/squid/squid-2.6.20-r1.ebuild deleted file mode 100644 index 9d14fd84fc8c..000000000000 --- a/net-proxy/squid/squid-2.6.20-r1.ebuild +++ /dev/null @@ -1,181 +0,0 @@ -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.6.20-r1.ebuild,v 1.1 2008/05/28 19:48:53 mrness Exp $ - -WANT_AUTOCONF="latest" -WANT_AUTOMAKE="latest" - -inherit eutils pam toolchain-funcs autotools linux-info - -#lame archive versioning scheme.. -S_PMV="${PV%%.*}" -S_PV="${PV%.*}" -S_PL="${PV##*.}" -S_PL="${S_PL/_rc/-RC}" -S_PP="${PN}-${S_PV}.STABLE${S_PL}" - -DESCRIPTION="A full-featured web proxy cache" -HOMEPAGE="http://www.squid-cache.org/" -SRC_URI="http://www.squid-cache.org/Versions/v${S_PMV}/${S_PV}/${S_PP}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" -IUSE="pam ldap samba sasl nis ssl snmp selinux logrotate qos zero-penalty-hit \ - pf-transparent ipf-transparent \ - elibc_uclibc kernel_linux" - -DEPEND="pam? ( virtual/pam ) - ldap? ( net-nds/openldap ) - ssl? ( dev-libs/openssl ) - sasl? ( dev-libs/cyrus-sasl ) - selinux? ( sec-policy/selinux-squid ) - !x86-fbsd? ( logrotate? ( app-admin/logrotate ) ) - >=sys-libs/db-4 - dev-lang/perl" -RDEPEND="${DEPEND} - samba? ( net-fs/samba )" - -S="${WORKDIR}/${S_PP}" - -pkg_setup() { - enewgroup squid 31 - enewuser squid 31 -1 /var/cache/squid squid -} - -src_unpack() { - unpack ${A} || die "unpack failed" - cd "${S}" || die "dir ${S} not found" - - epatch "${FILESDIR}"/${P}-gentoo.patch - epatch "${FILESDIR}"/${P}-lincapver.patch - use zero-penalty-hit && epatch "${FILESDIR}"/${P}-ToS_Hit_ToS_Preserve.patch - use qos && epatch "${FILESDIR}"/${P}-qos.patch - - sed -i -e 's%LDFLAGS="-g"%LDFLAGS=""%' configure.in - - eautoreconf -} - -src_compile() { - local basic_modules="getpwnam,NCSA,MSNT" - use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}" - use ldap && basic_modules="LDAP,${basic_modules}" - use pam && basic_modules="PAM,${basic_modules}" - use sasl && basic_modules="SASL,${basic_modules}" - use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}" - - local ext_helpers="ip_user,session,unix_group" - use samba && ext_helpers="wbinfo_group,${ext_helpers}" - use ldap && ext_helpers="ldap_group,${ext_helpers}" - - local ntlm_helpers="fakeauth" - use samba && ntlm_helpers="SMB,${ntlm_helpers}" - - local myconf="" - - # Support for uclibc #61175 - if use elibc_uclibc; then - myconf="${myconf} --enable-storeio=ufs,diskd,aufs,null" - myconf="${myconf} --disable-async-io" - else - myconf="${myconf} --enable-storeio=ufs,diskd,coss,aufs,null" - myconf="${myconf} --enable-async-io" - fi - - if use kernel_linux; then - myconf="${myconf} --enable-linux-netfilter" - if kernel_is ge 2 6 && linux_chkconfig_present EPOLL ; then - myconf="${myconf} --enable-epoll" - fi - elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then - myconf="${myconf} --enable-kqueue" - if use pf-transparent; then - myconf="${myconf} --enable-pf-transparent" - elif use ipf-transparent; then - myconf="${myconf} --enable-ipf-transparent" - fi - fi - - export CC=$(tc-getCC) - - econf \ - --sysconfdir=/etc/squid \ - --libexecdir=/usr/libexec/squid \ - --localstatedir=/var \ - --datadir=/usr/share/squid \ - --enable-auth="basic,digest,ntlm" \ - --enable-removal-policies="lru,heap" \ - --enable-digest-auth-helpers="password" \ - --enable-basic-auth-helpers="${basic_modules}" \ - --enable-external-acl-helpers="${ext_helpers}" \ - --enable-ntlm-auth-helpers="${ntlm_helpers}" \ - --enable-ident-lookups \ - --enable-useragent-log \ - --enable-cache-digests \ - --enable-delay-pools \ - --enable-referer-log \ - --enable-arp-acl \ - --with-pthreads \ - --with-large-files \ - --enable-htcp \ - --enable-carp \ - --enable-follow-x-forwarded-for \ - --with-maxfd=8192 \ - $(use_enable snmp) \ - $(use_enable ssl) \ - ${myconf} || die "econf failed" - - emake || die "emake failed" -} - -src_install() { - make DESTDIR="${D}" install || die "make install failed" - - # need suid root for looking into /etc/shadow - fowners root:squid /usr/libexec/squid/ncsa_auth - fowners root:squid /usr/libexec/squid/pam_auth - fperms 4750 /usr/libexec/squid/ncsa_auth - fperms 4750 /usr/libexec/squid/pam_auth - - # some cleanups - rm -f "${D}"/usr/bin/Run* - - dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \ - helpers/ntlm_auth/no_check/README.no_check_ntlm_auth - newdoc helpers/basic_auth/SMB/README README.auth_smb - dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html - newdoc helpers/basic_auth/LDAP/README README.auth_ldap - doman helpers/basic_auth/LDAP/*.8 - dodoc helpers/basic_auth/SASL/squid_sasl_auth* - - newpamd "${FILESDIR}/squid.pam" squid - newconfd "${FILESDIR}/squid.confd" squid - if use logrotate; then - newinitd "${FILESDIR}/squid.initd-logrotate" squid - insinto /etc/logrotate.d - newins "${FILESDIR}/squid.logrotate" squid - else - newinitd "${FILESDIR}/squid.initd" squid - exeinto /etc/cron.weekly - newexe "${FILESDIR}/squid.cron" squid.cron - fi - - rm -rf "${D}"/var - diropts -m0755 -o squid -g squid - keepdir /var/cache/squid /var/log/squid -} - -pkg_postinst() { - echo - ewarn "Squid authentication helpers have been installed suid root." - ewarn "This allows shadow based authentication (see bug #52977 for more)." - echo - ewarn "Be careful what type of cache_dir you select!" - ewarn " 'diskd' is optimized for high levels of traffic, but it might seem slow" - ewarn "when there isn't sufficient traffic to keep squid reasonably busy." - ewarn " If your traffic level is low to moderate, use 'aufs' or 'ufs'." - echo - ewarn "Squid can be configured to run in transparent mode like this:" - ewarn " ${HILITE}http_port internal-addr:3128 transparent${NORMAL}" -} diff --git a/net-proxy/squid/squid-2.7.4.ebuild b/net-proxy/squid/squid-2.7.4-r1.ebuild index 1d3e91c8d765..6207265cb541 100644 --- a/net-proxy/squid/squid-2.7.4.ebuild +++ b/net-proxy/squid/squid-2.7.4-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2008 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.7.4.ebuild,v 1.1 2008/08/09 08:24:44 mrness Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.7.4-r1.ebuild,v 1.1 2008/08/15 06:16:49 mrness Exp $ WANT_AUTOCONF="latest" WANT_AUTOMAKE="latest" @@ -59,6 +59,7 @@ src_unpack() { cd "${S}" || die "source dir not found" epatch "${FILESDIR}"/${P}-gentoo.patch + epatch "${FILESDIR}"/${P}-charset.patch eautoreconf } |