1
0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-25 09:34:11 +00:00

www/squid-devel: resurrect and upgrade to 5.0.2

- it is strongly recommended to review release notes
  http://www.squid-cache.org/Versions/v5/squid-5.0.2-RELEASENOTES.html
  if you decide to upgrade
- The most notable change for maintainer was BDB deprecation in behalf of TDB
- Know upstream issues:
  https://bugs.squid-cache.org/show_bug.cgi?id=5042

PR:		246140
Submitted by:	Pavel Timofeev <timp87@gmail.com> (maintainer)
This commit is contained in:
Kurt Jaeger 2020-05-03 16:03:29 +00:00
parent 899bcacc01
commit b596c6cda7
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=533791
19 changed files with 3107 additions and 1 deletions

1
MOVED
View File

@ -12141,7 +12141,6 @@ net/frr4|net/frr7|2019-04-16|Has expired: Upstream no longer maintained
mail/pop3proxy||2019-04-17|Has expired: no upstream and does not properly initiate SSL/TLS connections
devel/go-gocode||2019-04-17|Has expired: Unmaintained upstream and has issues with Go >= 1.10
audio/raop_play|audio/pulseaudio|2019-04-17|Has expired: Abandonware. Use module-raop-sink from audio/pulseaudio instead
www/squid-devel||2019-04-18|Removed: devel version no longer necessary
devel/py-sdl2|devel/py-pysdl2|2019-04-20|Rename to match upstream naming
www/rubygem-select2-rails3|www/rubygem-select2-rails|2019-04-23|Has expired: Use www/rubygem-select2-rails instead
www/rubygem-jquery-atwho-rails13|www/rubygem-jquery-atwho-rails|2019-04-23|Has expired: Use www/rubygem-jquery-atwho-rails instead

View File

@ -2192,6 +2192,7 @@
SUBDIR += spreadlogd
SUBDIR += sqstat
SUBDIR += squid
SUBDIR += squid-devel
SUBDIR += squid3
SUBDIR += squid_radius_auth
SUBDIR += squidanalyzer

312
www/squid-devel/Makefile Normal file
View File

@ -0,0 +1,312 @@
# $FreeBSD$
PORTNAME= squid
PORTVERSION= 5.0.2
CATEGORIES= www
MASTER_SITES= http://www.squid-cache.org/Versions/v5/ \
http://www2.us.squid-cache.org/Versions/v5/ \
http://www1.at.squid-cache.org/Versions/v5/ \
http://www.eu.squid-cache.org/Versions/v5/ \
http://www1.jp.squid-cache.org/Versions/v5/
PKGNAMESUFFIX= -devel
PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \
http://www2.us.squid-cache.org/%SUBDIR%/ \
http://www1.at.squid-cache.org/%SUBDIR%/ \
http://www.eu.squid-cache.org/%SUBDIR%/ \
http://www1.jp.squid-cache.org/%SUBDIR%/ \
http://master.squid-cache.org/~amosjeffries/patches/:nosid
PATCH_SITE_SUBDIR= Versions/v5/changesets
MAINTAINER= timp87@gmail.com
COMMENT= HTTP Caching Proxy
LICENSE= GPLv2
LICENSE_FILE= ${WRKSRC}/COPYING
USES= compiler:c++11-lib cpe perl5 shebangfix tar:xz
CONFLICTS= squid3-* squid-*
CPE_VENDOR= squid-cache
SHEBANG_FILES= scripts/*.pl contrib/*.pl tools/*.pl
GNU_CONFIGURE= yes
USE_RC_SUBR= squid
USERS= squid
GROUPS= squid
MYDOCS= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
PORTDOCS= ${MYDOCS:T}
PORTEXAMPLES= *
SUB_FILES+= pkg-install pkg-message
OPTIONS_SUB= yes
OPTIONS_GROUP= AUTH
OPTIONS_RADIO= FW
OPTIONS_GROUP_AUTH=AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB AUTH_SQL
OPTIONS_RADIO_FW=TP_IPF TP_IPFW TP_PF
OPTIONS_DEFINE= ARP_ACL TDB CACHE_DIGESTS DEBUG DELAY_POOLS DOCS ECAP ESI EXAMPLES \
FOLLOW_XFF FS_AUFS FS_DISKD FS_ROCK HTCP ICAP ICMP IDENT IPV6 \
KQUEUE LARGEFILE LAX_HTTP NETTLE PCRE SNMP SSL SSL_CRTD \
STACKTRACES VIA_DB WCCP WCCPV2
OPTIONS_SINGLE= GSSAPI
OPTIONS_SINGLE_GSSAPI= GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
OPTIONS_DEFAULT=ARP_ACL AUTH_NIS CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF FS_AUFS \
FS_DISKD FS_ROCK GSSAPI_BASE HTCP ICAP ICMP IDENT KQUEUE \
LARGEFILE LAX_HTTP PCRE SNMP SSL SSL_CRTD TP_IPFW VIA_DB WCCP \
WCCPV2
ARP_ACL_CONFIGURE_ENABLE= eui
AUTH_LDAP_CFLAGS= -I${LOCALBASE}/include
AUTH_LDAP_LDFLAGS= -L${LOCALBASE}/lib
AUTH_LDAP_USE= OPENLDAP=yes
AUTH_LDAP_VARS= BASIC_AUTH+=LDAP DIGEST_AUTH+="eDirectory LDAP" EXTERNAL_ACL+="LDAP_group eDirectory_userip"
AUTH_SASL_CFLAGS= -I${LOCALBASE}/include
AUTH_SASL_CPPFLAGS= -I${LOCALBASE}/include
AUTH_SASL_LDFLAGS= -L${LOCALBASE}/lib
AUTH_SASL_LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2
AUTH_SASL_VARS= BASIC_AUTH+=SASL
AUTH_SMB_USES= samba:run
AUTH_SMB_VARS= BASIC_AUTH+=SMB EXTERNAL_ACL+=wbinfo_group
AUTH_SQL_RUN_DEPENDS= p5-DBI>=1.08:databases/p5-DBI
AUTH_SQL_VARS= EXTERNAL_ACL+=SQL_session
TDB_CFLAGS= -I${LOCALBASE}/include
TDB_CONFIGURE_ENABLE= tdb
TDB_LDFLAGS= -L${LOCALBASE}/lib
TDB_LIB_DEPENDS= libtdb.so:databases/tdb
TDB_VARS= EXTERNAL_ACL+="time_quota session"
CACHE_DIGESTS_CONFIGURE_ENABLE= cache-digests
DELAY_POOLS_CONFIGURE_ENABLE= delay-pools
ECAP_CFLAGS= -I${LOCALBASE}/include
ECAP_CONFIGURE_ENABLE= ecap
ECAP_LDFLAGS= -L${LOCALBASE}/lib
ECAP_LIB_DEPENDS= libecap.so:www/libecap
ECAP_USES= pkgconfig:build
ESI_CFLAGS= -I${LOCALBASE}/include -I${LOCALBASE}/include/libxml2
ESI_CONFIGURE_ENABLE= esi
ESI_LDFLAGS= -L${LOCALBASE}/lib
ESI_LIB_DEPENDS= libexpat.so:textproc/expat2 \
libxml2.so:textproc/libxml2
FOLLOW_XFF_CONFIGURE_ENABLE= follow-x-forwarded-for
HTCP_CONFIGURE_ENABLE= htcp
ICAP_CONFIGURE_ENABLE= icap-client
ICMP_CONFIGURE_ENABLE= icmp
IDENT_CONFIGURE_ENABLE= ident-lookups
IPV6_CONFIGURE_ENABLE= ipv6
KQUEUE_CONFIGURE_ENABLE= kqueue
LARGEFILE_CONFIGURE_WITH= large-files
LAX_HTTP_CONFIGURE_ENABLE= http-violations
FS_AUFS_VARS= STORAGE_SCHEMES+=aufs DISKIO_MODULES+=DiskThreads
# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS,
# e.g. SQUID_CONFIGURE_ARGS=--with-aufs-threads=N
FS_AUFS_LDFLAGS= -pthread
FS_AUFS_CONFIGURE_OFF= --without-pthreads
FS_DISKD_VARS= STORAGE_SCHEMES+=diskd DISKIO_MODULES+=DiskDaemon
FS_ROCK_VARS= STORAGE_SCHEMES+=rock
NETTLE_LIB_DEPENDS= libnettle.so:security/nettle
NETTLE_CONFIGURE_OFF= --without-nettle
PCRE_LIB_DEPENDS= libpcre.so:devel/pcre
PCRE_CPPFLAGS= -I${LOCALBASE}/include
PCRE_LDFLAGS= -L${LOCALBASE}/lib -lpcreposix -lpcre
SNMP_CONFIGURE_ENABLE= snmp
SSL_CONFIGURE_ENABLE= ssl
SSL_CONFIGURE_ON= --with-openssl=${OPENSSLBASE} \
--enable-security-cert-generators="file" \
LIBOPENSSL_CFLAGS=-I${OPENSSLINC} \
LIBOPENSSL_LIBS="-lcrypto -lssl"
SSL_USES= ssl
SSL_CRTD_CONFIGURE_ENABLE= ssl-crtd
SSL_CRTD_IMPLIES= SSL
STACKTRACES_CONFIGURE_ENABLE= stacktraces
STACKTRACES_EXTRA_PATCHES= ${FILESDIR}/extra-patch-gen-stacktrace
STACKTRACES_LIB_DEPENDS= libunwind.so:devel/libunwind
STACKTRACES_CFLAGS= -g
STACKTRACES_LDFLAGS= -lunwind -L${LOCALBASE}/lib
STACKTRACES_VARS= STRIP=""
TP_IPFW_CONFIGURE_ENABLE= ipfw-transparent
TP_IPF_CONFIGURE_ENABLE= ipf-transparent
TP_PF_CONFIGURE_ENABLE= pf-transparent
TP_PF_CONFIGURE_WITH= nat-devpf
VIA_DB_CONFIGURE_ENABLE= forw-via-db
WCCPV2_CONFIGURE_ENABLE= wccpv2
WCCP_CONFIGURE_ENABLE= wccp
GSSAPI_NONE_CONFIGURE_ON= --without-heimdal-krb5 \
--without-mit-krb5 \
--without-gss
GSSAPI_BASE_USES= gssapi
GSSAPI_BASE_CONFIGURE_ON= --with-heimdal-krb5=${GSSAPIBASEDIR} \
${GSSAPI_CONFIGURE_ARGS} \
krb5_config=${GSSAPIBASEDIR}/bin/krb5-config
GSSAPI_BASE_PLIST_SUB= AUTH_KERB=""
GSSAPI_HEIMDAL_USES= gssapi:heimdal
GSSAPI_HEIMDAL_CONFIGURE_ON= --with-heimdal-krb5=${GSSAPIBASEDIR} \
${GSSAPI_CONFIGURE_ARGS} \
krb5_config=${GSSAPIBASEDIR}/bin/krb5-config
GSSAPI_HEIMDAL_PLIST_SUB= AUTH_KERB=""
GSSAPI_MIT_USES= gssapi:mit
GSSAPI_MIT_CONFIGURE_ON= --with-mit-krb5=${GSSAPIBASEDIR} \
${GSSAPI_CONFIGURE_ARGS} \
krb5_config=${GSSAPIBASEDIR}/bin/krb5-config
GSSAPI_MIT_PLIST_SUB= AUTH_KERB=""
ARP_ACL_DESC= ARP/MAC/EUI based authentification
AUTH_DESC= Authentication helpers
AUTH_LDAP_DESC= Install LDAP authentication helpers
AUTH_NIS_DESC= Install NIS/YP authentication helpers
AUTH_SASL_DESC= Install SASL authentication helpers
AUTH_SMB_DESC= Install SMB auth. helpers (req. Samba)
AUTH_SQL_DESC= Install SQL based auth
TDB_DESC= TrivialDB support required for session and time quota external helpers
CACHE_DIGESTS_DESC= Use cache digests
DEBUG_DESC= Build with extended debugging support
DELAY_POOLS_DESC= Delay pools (bandwidth limiting)
ECAP_DESC= Loadable content adaptation modules
ESI_DESC= ESI support
FOLLOW_XFF_DESC= Support for the X-Following-For header
FS_AUFS_DESC= AUFS (threaded-io) support
FS_DISKD_DESC= DISKD storage engine controlled by separate service
FS_ROCK_DESC= ROCK storage engine
HTCP_DESC= HTCP support
ICAP_DESC= the ICAP client
ICMP_DESC= ICMP pinging and network measurement
IDENT_DESC= Ident lookups (RFC 931)
KQUEUE_DESC= Kqueue(2) support
LARGEFILE_DESC= Support large (>2GB) cache and log files
NETTLE_DESC= Nettle MD5 algorithm support
SNMP_DESC= SNMP support
SSL_CRTD_DESC= Use ssl_crtd to handle SSL cert requests
SSL_DESC= SSL gatewaying support
STACKTRACES_DESC= Enable automatic backtraces on fatal errors
LAX_HTTP_DESC= Do not enforce strict HTTP compliance
TP_IPFW_DESC= Transparent proxying with IPFW
TP_IPF_DESC= Transparent proxying with IPFilter
TP_PF_DESC= Transparent proxying with PF
VIA_DB_DESC= Forward/Via database
WCCPV2_DESC= Web Cache Coordination Protocol v2
WCCP_DESC= Web Cache Coordination Protocol
change_files= ChangeLog \
contrib/nextstep/makepkg \
contrib/nextstep/post_install \
errors/Makefile.am \
errors/Makefile.in \
src/auth/basic/SMB_LM/README.html \
src/Makefile.am \
src/Makefile.in \
src/cf_gen.cc \
src/squid.8.in \
test-suite/Makefile.in \
tools/Makefile.am \
tools/Makefile.in
.if !defined(SQUID_CONFIGURE_ARGS) \
|| ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
PLIST_SUB+= UNLINKD=""
.else
PLIST_SUB+= UNLINKD="@comment "
.endif
CONFIGURE_ARGS= --with-default-user=squid \
--bindir=${PREFIX}/sbin \
--sbindir=${PREFIX}/sbin \
--datadir=${ETCDIR} \
--libexecdir=${PREFIX}/libexec/squid \
--localstatedir=/var \
--sysconfdir=${ETCDIR} \
--with-logdir=/var/log/squid \
--with-pidfile=/var/run/squid/squid.pid \
--with-swapdir=/var/squid/cache \
--without-gnutls \
--with-included-ltdl \
--enable-auth \
--enable-zph-qos \
--enable-build-info \
--enable-loadable-modules \
--enable-removal-policies="lru heap" \
--disable-epoll \
--disable-linux-netfilter \
--disable-linux-tproxy \
--disable-translation \
--disable-arch-native \
--disable-strict-error-checking
.include <bsd.port.options.mk>
# Authentication methods and modules:
BASIC_AUTH+= DB SMB_LM NCSA PAM POP3 RADIUS fake getpwnam
DIGEST_AUTH+= file
EXTERNAL_ACL+= file_userip unix_group delayer
# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
.if ${PORT_OPTIONS:MAUTH_NIS} && !defined(NO_NIS) && !defined(WITHOUT_NIS)
BASIC_AUTH+= NIS
.endif
# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
.if ${PORT_OPTIONS:MGSSAPI_NONE} || defined(NO_KERBEROS) || defined(WITHOUT_KERBEROS)
NEGOTIATE_AUTH= none
PLIST_SUB+= AUTH_KERB="@comment "
.else
# The kerberos_ldap_group external helper also depends on LDAP and SASL:
# The kerberos_sid_group external helper depends on kerberos_ldap_group meanwhile
. if ${PORT_OPTIONS:MAUTH_LDAP} && ${PORT_OPTIONS:MAUTH_SASL}
EXTERNAL_ACL+= kerberos_ldap_group kerberos_sid_group
. endif
NEGOTIATE_AUTH= kerberos wrapper
.endif
# Storage schemes:
STORAGE_SCHEMES+= ufs
DISKIO_MODULES+= AIO Blocking IpcIo Mmapped
CONFIGURE_ARGS+= --enable-auth-basic="${BASIC_AUTH}" \
--enable-auth-digest="${DIGEST_AUTH}" \
--enable-external-acl-helpers="${EXTERNAL_ACL}" \
--enable-auth-negotiate="${NEGOTIATE_AUTH}" \
--enable-auth-ntlm="fake SMB_LM" \
--enable-storeio="${STORAGE_SCHEMES}" \
--enable-disk-io="${DISKIO_MODULES}" \
--enable-log-daemon-helpers="file DB" \
--enable-url-rewrite-helpers="fake LFS" \
--enable-storeid-rewrite-helpers="file" \
--enable-security-cert-validators="fake"
# Other options set via 'make config':
.if ${PORT_OPTIONS:MDEBUG} || defined(WITH_DEBUG)
CONFIGURE_ARGS+= --disable-optimizations --enable-debug-cbdata
WITH_DEBUG?= yes
.endif
# Finally, add additional user specified configuration options:
CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS}
post-patch:
@(cd ${WRKSRC} && ${REINPLACE_CMD} \
-e 's|\.conf\.default|.conf.sample|' \
-e 's|)\.default|).sample|' \
${change_files})
@(cd ${WRKSRC} && ${MV} src/mime.conf.default src/mime.conf.sample)
post-patch-IPV6-off:
@${REINPLACE_CMD} -E -e's| ::1$$||' -e's| ::1?/128||g' \
-e'/acl localnet src f[ce][08]0::/d' \
-e's| 2001:DB8::[^[:space:]]+$$||' \
-e'/tcp_outgoing_address 2001:db8::/d' \
${WRKSRC}/src/cf.data.pre
post-install:
@${MKDIR} ${STAGEDIR}${EXAMPLESDIR}
${INSTALL_DATA} ${WRKSRC}/src/auth/basic/DB/passwd.sql \
${STAGEDIR}${EXAMPLESDIR}
@${MKDIR} ${STAGEDIR}${DOCSDIR}
(cd ${WRKSRC} && ${INSTALL_DATA} ${MYDOCS} ${STAGEDIR}${DOCSDIR})
.include <bsd.port.mk>

3
www/squid-devel/distinfo Normal file
View File

@ -0,0 +1,3 @@
TIMESTAMP = 1588325736
SHA256 (squid-5.0.2.tar.xz) = c163e8d5432198b7e5b490b72d1bdb50c953394e3123f0629ff1eb89a6dc2b96
SIZE (squid-5.0.2.tar.xz) = 2509540

View File

@ -0,0 +1,62 @@
--- src/tools.cc.orig 2014-10-31 12:36:43.000000000 +0300
+++ src/tools.cc 2014-11-21 14:11:25.000000000 +0300
@@ -71,6 +71,13 @@
#include <errno.h>
#endif
+#if PRINT_STACK_TRACE
+#ifdef __FreeBSD__
+#define UNW_LOCAL_ONLY
+#include <libunwind.h>
+#endif
+#endif
+
#define DEAD_MSG "\
The Squid Cache (version %s) died.\n\
\n\
@@ -411,6 +418,45 @@
}
#endif
+#ifdef __FreeBSD__
+ do {
+ unw_context_t unw_ctx;
+ unw_cursor_t unw_cp;
+ unw_word_t sp, ip, off;
+ int rc = 0;
+ char procname[256];
+ size_t frame;
+
+ bzero((void *)&unw_ctx, sizeof(unw_ctx));
+ bzero((void *)&unw_cp, sizeof(unw_cp));
+
+ if ((rc = unw_getcontext(&unw_ctx))) {
+ fprintf(debug_log, "Failed to trace own stack: "
+ "unw_context() said '%s'.\n", unw_strerror(rc));
+ break;
+ }
+ if ((rc = unw_init_local(&unw_cp, &unw_ctx))) {
+ fprintf(debug_log, "Failed to trace own stack: "
+ "unw_init_local() said '%s'.\n", unw_strerror(rc));
+ break;
+ }
+ frame = 0;
+ fprintf(debug_log, "Backtrace follows (deepest frame first):\n");
+ while ((rc = unw_step(&unw_cp)) > 0) {
+ frame++;
+ ip = 0; sp = 0;
+ unw_get_reg(&unw_cp, UNW_REG_IP, &ip);
+ unw_get_reg(&unw_cp, UNW_REG_SP, &sp);
+ off = 0;
+ rc = unw_get_proc_name(&unw_cp, procname, sizeof(procname), &off);
+ if (rc)
+ snprintf (procname, sizeof(procname), "[unknown]");
+ fprintf(debug_log, "#%zd: %s + 0x%zx, ip = 0x%zx, sp = 0x%zx\n",
+ frame, procname, (size_t)off, (size_t)ip, (size_t)sp);
+ }
+ fprintf(debug_log, "Use addr2line of similar to translate offsets to line information.\n");
+ } while (0);
+#endif /* __FreeBSD__ */
#endif /* PRINT_STACK_TRACE */
#if SA_RESETHAND == 0 && !_SQUID_WINDOWS_

View File

@ -0,0 +1,20 @@
--- compat/compat.h.orig 2016-12-16 10:06:20 UTC
+++ compat/compat.h
@@ -29,17 +29,6 @@
/******************************************************/
#include "compat/osdetect.h"
-/* Solaris 10 has a broken definition for minor_t in IPFilter compat.
- * We must pre-define before doing anything with OS headers so the OS
- * do not. Then un-define it before using the IPFilter *_compat.h headers.
- */
-#if IPF_TRANSPARENT && USE_SOLARIS_IPFILTER_MINOR_T_HACK
-/* But we only need do this nasty thing for src/ip/Intercept.cc */
-#if BUILDING_SQUID_IP_INTERCEPT_CC
-#define minor_t solaris_minor_t_fubar
-#endif
-#endif
-
/*****************************************************/
/* FDSETSIZE is messy and needs to be done before */
/* sys/types.h are defined. */

View File

@ -0,0 +1,11 @@
--- compat/shm.cc.orig 2016-12-16 10:06:20 UTC
+++ compat/shm.cc
@@ -29,6 +29,8 @@ shm_portable_segment_name_is_path()
size_t len = sizeof(jailed);
::sysctlbyname("security.jail.jailed", &jailed, &len, NULL, 0);
return !jailed;
+#elif defined (__DragonFly__)
+ return true;
#else
return false;
#endif

View File

@ -0,0 +1,92 @@
--- configure.orig 2020-04-19 12:08:55 UTC
+++ configure
@@ -35054,7 +35054,7 @@ done
##
BUILD_HELPER="NIS"
-for ac_header in sys/types.h rpc/rpc.h rpcsvc/ypclnt.h rpcsvc/yp_prot.h crypt.h
+for ac_header in sys/types.h rpc/rpc.h rpcsvc/ypclnt.h rpcsvc/yp_prot.h rpcsvc/crypt.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_cxx_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "
@@ -35069,8 +35069,10 @@ if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
_ACEOF
-else
- BUILD_HELPER=""
+# XXX: On FreeBSD we have to do this to make NIS work
+# until https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188247
+# is resolved.
+ BUILD_HELPER="NIS"
fi
done
@@ -35543,7 +35545,7 @@ done
# unconditionally requires crypt(3), for now
if test "x$ac_cv_func_crypt" != "x"; then
- for ac_header in unistd.h crypt.h shadow.h
+ for ac_header in unistd.h rpcsvc/crypt.h shadow.h
do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_cxx_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
@@ -38307,7 +38309,7 @@ for ac_header in \
arpa/nameser.h \
assert.h \
bstring.h \
- crypt.h \
+ rpcsvc/crypt.h \
ctype.h \
direct.h \
errno.h \
@@ -38515,6 +38517,7 @@ ac_fn_cxx_check_header_compile "$LINENO" "$ac_header"
#include <netinet/ip.h>
#endif
#if HAVE_NETINET_IP_COMPAT_H
+#include <net/if.h> /* IFNAMSIZ */
#include <netinet/ip_compat.h>
#endif
#if HAVE_NETINET_IP_FIL_H
@@ -42562,6 +42565,7 @@ if test "x$enable_ipf_transparent" != "xno" ; then
# include <sys/ioccom.h>
# include <netinet/in.h>
+# include <net/if.h> /* IFNAMSIZ */
# include <netinet/ip_compat.h>
# include <netinet/ip_fil.h>
# include <netinet/ip_nat.h>
@@ -42592,6 +42596,7 @@ else
# include <sys/ioccom.h>
# include <netinet/in.h>
#undef minor_t
+# include <net/if.h> /* IFNAMSIZ */
# include <netinet/ip_compat.h>
# include <netinet/ip_fil.h>
# include <netinet/ip_nat.h>
@@ -42636,6 +42641,7 @@ _ACEOF
ip_fil_compat.h \
ip_fil.h \
ip_nat.h \
+ net/if.h \
netinet/ip_compat.h \
netinet/ip_fil_compat.h \
netinet/ip_fil.h \
@@ -42665,6 +42671,7 @@ ac_fn_cxx_check_header_compile "$LINENO" "$ac_header"
#if HAVE_IP_COMPAT_H
#include <ip_compat.h>
#elif HAVE_NETINET_IP_COMPAT_H
+#include <net/if.h> /* IFNAMSIZ */
#include <netinet/ip_compat.h>
#endif
#if HAVE_IP_FIL_H
@@ -42728,8 +42735,7 @@ _ACEOF
fi
-ac_fn_cxx_check_member "$LINENO" "struct natlookup" "nl_realipaddr.in6"
- "ac_cv_member_struct_natlookup_nl_realipaddr_in6___" "
+ac_fn_cxx_check_member "$LINENO" "struct natlookup" "nl_realipaddr.in6" "ac_cv_member_struct_natlookup_nl_realipaddr_in6___" "
#if USE_SOLARIS_IPFILTER_MINOR_T_HACK
#define minor_t fubar
#endif

View File

@ -0,0 +1,13 @@
--- src/cf.data.pre.orig 2020-04-19 10:50:48 UTC
+++ src/cf.data.pre
@@ -5322,6 +5322,10 @@ DEFAULT: @DEFAULT_PID_FILE@
LOC: Config.pidFilename
DOC_START
A filename to write the process-id to. To disable, enter "none".
+
+ Note: If you change this setting, you need to set squid_pidfile
+ in /etc/rc.conf to reflect the new value. Please see
+ /usr/local/etc/rc.d/squid for details.
DOC_END
NAME: client_netmask

View File

@ -0,0 +1,11 @@
--- src/DiskIO/Mmapped/MmappedFile.cc.orig 2016-12-16 10:06:20 UTC
+++ src/DiskIO/Mmapped/MmappedFile.cc
@@ -236,7 +236,7 @@ Mmapping::map()
static const int pageSize = getpagesize();
delta = offset % pageSize;
- buf = mmap(NULL, length + delta, prot, flags, fd, offset - delta);
+ buf = mmap(NULL, length + delta, prot, flags | MAP_NOSYNC, fd, offset - delta);
if (buf == MAP_FAILED) {
const int errNo = errno;

View File

@ -0,0 +1,12 @@
--- src/enums.h.orig 2020-04-19 10:50:48 UTC
+++ src/enums.h
@@ -9,6 +9,9 @@
#ifndef SQUID_ENUMS_H
#define SQUID_ENUMS_H
+/* Namespace pollution from fcntl.h as of FreeBSD r345982 */
+#undef FD_NONE
+
enum fd_type {
FD_NONE_TYPE,
FD_LOG,

View File

@ -0,0 +1,15 @@
--- src/ip/Intercept.cc.orig 2018-07-02 03:26:07 UTC
+++ src/ip/Intercept.cc
@@ -215,10 +215,10 @@ Ip::Intercept::IpfInterception(const Comm::ConnectionP
newConn->remote.getInAddr(natLookup.nl_outipaddr.in4);
}
#else
- // warn once every 10 at critical level, then push down a level each repeated event
+ // warn once every million at critical level, then push down a level each repeated event
static int warningLevel = DBG_CRITICAL;
debugs(89, warningLevel, "Your IPF (IPFilter) NAT does not support IPv6. Please upgrade it.");
- warningLevel = (warningLevel + 1) % 10;
+ warningLevel = (warningLevel + 1) % 1048576;
return false;
}
newConn->local.getInAddr(natLookup.nl_inip);

View File

@ -0,0 +1,11 @@
--- src/ipc/mem/Segment.cc.orig 2016-12-16 10:06:20 UTC
+++ src/ipc/mem/Segment.cc
@@ -173,7 +173,7 @@ Ipc::Mem::Segment::attach()
assert(theSize == static_cast<off_t>(static_cast<size_t>(theSize)));
void *const p =
- mmap(NULL, theSize, PROT_READ | PROT_WRITE, MAP_SHARED, theFD, 0);
+ mmap(NULL, theSize, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_NOSYNC, theFD, 0);
if (p == MAP_FAILED) {
int xerrno = errno;
debugs(54, 5, "mmap " << theName << ": " << xstrerr(xerrno));

View File

@ -0,0 +1,11 @@
--- src/tools.cc.orig 2018-06-11 16:30:57 UTC
+++ src/tools.cc
@@ -605,7 +605,7 @@ no_suid(void)
uid = geteuid();
debugs(21, 3, "no_suid: PID " << getpid() << " giving up root privileges forever");
- if (setuid(0) < 0) {
+ if (setuid(0) < 0 && TheProcessKind != pkHelper) {
int xerrno = errno;
debugs(50, DBG_IMPORTANT, "WARNING: no_suid: setuid(0): " << xstrerr(xerrno));
}

View File

@ -0,0 +1,70 @@
#!/bin/sh
#
# $FreeBSD$
#
PATH=/bin:/usr/bin:/usr/sbin
pkgname=$1
squid_homedir="/var/squid"
squid_cache_basedir="${squid_homedir}/cache"
squid_confdir="${PKG_PREFIX:-%%PREFIX%%}/etc/squid"
squid_logdir="/var/log/squid"
# these are hardcoded, see /usr/ports/UIDs and /usr/ports/GIDs:
squid_user=squid
squid_group=squid
squid_gid=100
squid_uid=100
case $2 in
PRE-INSTALL)
echo "===> Pre-installation configuration for ${pkgname}"
;;
POST-INSTALL)
# Since we usually start the Squid master process as ${squid_user}
# instead of root make sure that ${squid_homedir} is writable for it.
if [ ! -d ${squid_homedir} ]; then
echo "Creating ${squid_homedir}..."
install -d -o root -g ${squid_group} \
-m 0775 ${squid_homedir}
else
chgrp ${squid_group} ${squid_homedir}
chmod g+w ${squid_homedir}
fi
if [ ! -d ${squid_cache_basedir} ]; then
echo "Creating ${squid_cache_basedir} ..."
install -d -o ${squid_user} -g ${squid_group} \
-m 0750 ${squid_cache_basedir}
else
chown ${squid_user} ${squid_cache_basedir}
chgrp ${squid_group} ${squid_cache_basedir}
chmod 0750 ${squid_cache_basedir}
fi
if [ ! -d ${squid_confdir} ]; then
echo "Creating ${squid_confdir}..."
install -d -o root -g ${squid_group} \
-m 0755 ${squid_confdir}
else
chgrp ${squid_group} ${squid_confdir}
fi
if [ ! -d ${squid_logdir} ]; then
echo "Creating ${squid_logdir}..."
install -d -o ${squid_user} -g ${squid_group} \
-m 0750 ${squid_logdir}
else
chown ${squid_user} ${squid_logdir}
chgrp ${squid_group} ${squid_logdir}
fi
for file in cachemgr.conf errorpage.css mime.conf msntauth.conf squid.conf; do
if [ ! -f ${squid_confdir}/${file} \
-a -f ${squid_confdir}/${file}.default ]; then
echo "Creating ${file} from default..."
install -c -o root -g ${squid_group} -m 0640 \
${squid_confdir}/${file}.default \
${squid_confdir}/${file}
fi
done
;;
*)
exit 64
;;
esac
exit 0

View File

@ -0,0 +1,53 @@
[
{ type: install
message: <<EOM
o You can find the configuration files for this package in the
directory %%PREFIX%%/etc/squid.
o The default cache directory is /var/squid/cache/.
The default log directory is /var/log/squid/.
Note:
You must initialize new cache directories before you can start
squid. Do this by running "squid -z" as 'root' or 'squid'.
If your cache directories are already initialized (e.g. after an
upgrade of squid) you do not need to initialize them again.
o When using DiskD storage scheme remember to read documentation:
http://wiki.squid-cache.org/Features/DiskDaemon
and alter your kern.ipc defaults in /boot/loader.conf. DiskD will not
work reliably without this. Last recomendations were:
kern.ipc.msgmnb=8192
kern.ipc.msgssz=64
kern.ipc.msgtql=2048
o The default configuration will deny everyone but the local host and
local networks as defined in RFC 1918 for IPv4 and RFCs 4193 and
4291 for IPv6 access to the proxy service. Edit the "http_access
allow/deny" directives in %%PREFIX%%/etc/squid/squid.conf
to suit your needs.
o If AUTH_SQL option is set, please, don't forget to install one of
following perl modules depending on database you like:
databases/p5-DBD-mysql
databases/p5-DBD-Pg
databases/p5-DBD-SQLite
To enable Squid, set squid_enable=yes in either
/etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
Please see %%PREFIX%%/etc/rc.d/squid for further details.
Note:
If you just updated your Squid installation from an earlier version,
make sure to check your Squid configuration against the 3.4 default
configuration file %%PREFIX%%/etc/squid/squid.conf.sample.
%%PREFIX%%/etc/squid/squid.conf.documented is a fully annotated
configuration file you can consult for further reference.
Additionally, you should check your configuration by calling
'squid -f /path/to/squid.conf -k parse' before starting Squid.
EOM
}
]

View File

@ -0,0 +1,158 @@
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: squid
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Note:
# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
# /etc/rc.conf.d/squid to activate Squid.
#
# Additional variables you can define in one of these files:
#
# squid_chdir: the directory into which the rc system moves into before
# starting Squid. Default: /var/squid
#
# squid_conf: The configuration file that Squid should use.
# Default: %%PREFIX%%/etc/squid/squid.conf
#
# squid_fib: The alternative routing table id that Squid should use.
# Default: none
# See setfib(1) for further details. Note that the setfib(2)
# system call is not available in FreeBSD versions prior to 7.1.
#
# squid_user: The user id that should be used to run the Squid master
# process. Default: squid.
# Note that you probably need to define "squid_user=root" if
# you want to run Squid in reverse proxy setups or if you want
# Squid to listen on a "privileged" port < 1024.
#
# squid_pidfile:
# The name (including the full path) of the Squid
# master process' PID file.
# Default: /var/run/squid/squid.pid.
# You only need to change this if you changed the
# corresponding entry in your Squid configuration.
#
# squid_flags: Additional commandline arguments for Squid you might want to
# use. See squid(8) for further details.
#
# squid_krb5_ktname:
# Alternative Kerberos 5 Key Table.
# Default: none
# squid_krb5_config:
# Alternative Kerberos 5 config file
# Default: none
. /etc/rc.subr
name=squid
rcvar=squid_enable
# Make sure that we invoke squid with "-f ${squid_conf}"; define this
# variable early so reload_cmd and stop_precmd pick it up:
extra_commands="reload configtest"
reload_cmd=squid_reload
start_precmd=squid_prestart
start_postcmd=squid_getpid
stop_precmd=squid_prestop
configtest_cmd=squid_configtest
reload_precmd=squid_configtest
restart_precmd=squid_configtest
# squid(8) will not start if ${squid_conf} is not present so try
# to catch that beforehand via ${required_files} rather than make
# squid(8) crash.
squid_load_rc_config()
{
: ${squid_chdir:=/var/squid}
: ${squid_conf:=%%PREFIX%%/etc/squid/squid.conf}
: ${squid_enable:=NO}
: ${squid_program:=%%PREFIX%%/sbin/squid}
: ${squid_pidfile:=/var/run/squid/squid.pid}
: ${squid_user:=squid}
required_args="-f ${squid_conf}"
required_dirs=$chdir
required_files=$squid_conf
command_args="${required_args} ${squid_flags}"
# We used to need it in squid3 to match pid and proc name
# procname="?squid-*"
pidfile=$squid_pidfile
}
squid_prestart()
{
# setup KRB5_KTNAME:
squid_krb5_ktname=${squid_krb5_ktname:-"NONE"}
if [ "${squid_krb5_ktname}" != "NONE" ]; then
export KRB5_KTNAME=${squid_krb5_ktname}
fi
# setup KRB5_CONFIG:
squid_krb5_config=${squid_krb5_config:-"NONE"}
if [ "${squid_krb5_config}" != "NONE" ]; then
export KRB5_CONFIG=${squid_krb5_config}
fi
# setup FIB tables:
if command -v check_namevarlist > /dev/null 2>&1; then
check_namevarlist fib && return 0
fi
${SYSCTL} net.fibs >/dev/null 2>&1 || return 0
squid_fib=${squid_fib:-"NONE"}
if [ "${squid_fib}" != "NONE" ]; then
command="setfib -F $squid_fib $command"
else
return 0
fi
squid_configtest
}
squid_reload()
{
$command $required_args $squid_flags -k reconfigure
}
squid_configtest()
{
echo "Performing sanity check on ${name} configuration."
if $command $required_args $squid_flags -k check; then
echo "Configuration for ${name} passes."
return 0
else
return $?
fi
}
squid_getpid()
{
# retrieve the PID of the Squid master process explicitly here
# in case rc.subr was unable to determine it:
if [ -z "$rc_pid" ]; then
while ! [ -f ${pidfile} ]; do
sleep 1
done
read _pid _junk <${pidfile}
[ -z "${_pid}" ] || pid=${_pid}
else
pid=${rc_pid}
fi
}
squid_prestop()
{
command_args="$command_args -k shutdown"
squid_configtest
}
load_rc_config $name
squid_load_rc_config
run_rc_command $1

View File

@ -0,0 +1,5 @@
Squid is a fully-featured HTTP/1.0 proxy which is almost (but not quite)
HTTP/1.1 compliant. Squid offers a rich access control, authorization and
logging environment to develop web proxy and content serving applications.
WWW: http://www.squid-cache.org/

2247
www/squid-devel/pkg-plist Normal file

File diff suppressed because it is too large Load Diff