From 1fca4db26fb13c520980473abebd51f620d34531 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 17 Nov 2023 16:57:03 +0000 Subject: gentoo auto-resync : 17:11:2023 - 16:57:03 --- net-proxy/Manifest.gz | Bin 5374 -> 5378 bytes net-proxy/squid/Manifest | 5 + .../squid/files/squid-6.4-gcc14-algorithm.patch | 12 + net-proxy/squid/squid-6.4.ebuild | 386 +++++++++++++++++++++ net-proxy/squid/squid-6.5.ebuild | 386 +++++++++++++++++++++ 5 files changed, 789 insertions(+) create mode 100644 net-proxy/squid/files/squid-6.4-gcc14-algorithm.patch create mode 100644 net-proxy/squid/squid-6.4.ebuild create mode 100644 net-proxy/squid/squid-6.5.ebuild (limited to 'net-proxy') diff --git a/net-proxy/Manifest.gz b/net-proxy/Manifest.gz index 386c59ab42e4..eb3d3edf0b4e 100644 Binary files a/net-proxy/Manifest.gz and b/net-proxy/Manifest.gz differ diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest index afcf124b447d..1ffcb9adc630 100644 --- a/net-proxy/squid/Manifest +++ b/net-proxy/squid/Manifest @@ -1,6 +1,7 @@ AUX squid-4.17-use-system-libltdl.patch 497 BLAKE2B 38dbd734d7a56c2d5acb508ac5ab348c81247ce20f2bb9b7a278c9b480c15b2d29f106647d58aa2abb290b864bb103f2d11deeb7a50f7574e3f619b9392353a7 SHA512 754c41b03e5627ead2b824fc9ed6e91463b51308833e4c7ad6f4e35b0cfb5e58af1a8db9a6a5f3157933f408f7d5127214efbf91db4f74a7176f2dcb8ae87ad9 AUX squid-5.3-gentoo.patch 2765 BLAKE2B 0260544df7ed59b99e6fb030b277330ad6d9ffc3130b550a8b3aee7386ba635b9848cdf655bf264fe83614c00772921eaaa5e66ed3ccefddc23a8b8f1fedfc62 SHA512 d68c1fd82a2a65cfc7bf257b7305827cfead3e37361952171cb6f5e933c607ba82025434b1430e4210ff937d58200019d66b4869a4c0d0291d19192e76105770 AUX squid-6.2-gentoo.patch 2494 BLAKE2B 8115a9ad312c6dd639ab92b8673532e61341acf9459d0c28329fbc5b97e3649ecba521607ea2f4a6daa760f022f39593af924992383c68964f3435b145baa6c8 SHA512 8034be4b3f7503ba1ef3fa029c46a7fbfb654f865e8d85851cb6bcdadc66c293b7578363921f194066f8dcdc6dcf46671a4618e75234e0c63326cbeccb98ac80 +AUX squid-6.4-gcc14-algorithm.patch 233 BLAKE2B f6be1bf9907397a3510987a235f963276da4b4f36ac4e558a1a12811c8d83c5fb327b0348f5ed92139bcbf3c973177a3f810c7b059386ceab6081047a49e5871 SHA512 42d78b26847af56a788412496ef19ccffa1c8953d8d2369900c5b1c26cb245dadeb0c3d3859f9bbcb2d72b64bf8b284ed812de7aec291e4cf6a7b2482da4c7ee AUX squid.confd-r2 707 BLAKE2B 9fce12f6c6d395448b1e70c95ef75418d1844e7409738df60bee7c1adab786ca7e504070eacdd2b6e30a35df8a7322cccdfb950e60bcde352d35d090d55c6be9 SHA512 37435f808b1dab1ca3ceecafd6cd9007c44e10d257f135ba6baf1a51b1e3408f2a76b71d85a08ce6dcb7f86b9841b7bfcd870b0d312a2365699290e28f72314a AUX squid.cron 143 BLAKE2B 17b1bccea20771a481a5b4745c9832a4b762132a500eaeb091349a59b870c14b680d8ea97e03bb7a0b2d67e1ca1d4ee1db31dc43b9dbf02be8953d15f214b033 SHA512 cec563c20799ffea8b4fb418d5015d6dc437bd38c35e7150ed01bc298dab5214132e10f4e7b8176da1966e16a7f53f423c36e8419642cb16716f5c346c30d749 AUX squid.initd-r5 4339 BLAKE2B 3529ddaab2e708215e6674514ce8e20e9d28d26e45860e19b59c7c3566550b298c71a20a9b62c2c89fd621f4ca67698d03af43586ac75cf16eee3b342c6a5a2c SHA512 e761500fb208954c92e0e83a6314688b29f1379855bf78195a72b12984c8fc7fdd09f5823729e90515bb7a382903fdcb42b79488d7f73474f8244311137b3e18 @@ -11,8 +12,12 @@ DIST squid-5.7.tar.xz 2566560 BLAKE2B 4a403ca4f94034356922ea1a4feffd5f5289e2aadb DIST squid-5.8.tar.xz 2447560 BLAKE2B c9d1ae9464e68beabdf7ae1641a70d6c614bc4d4f4bae3fc5946c2bf61510634992cbd5abe63f071104edb2fa487a6c5c7fb8fbf8f06ac723a6522ec9ade8b68 SHA512 81a9a7d1dfcb58476369e08e99feb76411dd3242a3374feb175408fa0dc8161545a9a903603219c6fa2bcfb615461901e093428e97ac74cf4c596a7065d3247d DIST squid-5.9.tar.xz 2569204 BLAKE2B 898a34357f8019291379ea37c66fa312e1a6437e8f643987dd4e54d7d52728248e16129b00195c5f6e0378c0f32c9f9ade3f98ca0ec4bb952f9f443357face82 SHA512 7dc366ef6b2a397ca6adec993c05876949de5f5e72a8a4409c9c9c52c42a8a4b37f58e85a171eebd36a166951f6c764176cfebec30019b299abe34a5adc4e5ac DIST squid-6.2.tar.xz 2546172 BLAKE2B e934371e40093b1570c88c76f9427089087d2fa0b16629e7ca3afabd17f7bc5592b2b65354da54ebc43350ab6732081dd39a39e5db712f70a48246c22b8ae45d SHA512 a2f3ad666b88708ddc52958e610222778e4f64c2ac097b821867ae4022ca35dcbe225f2c5bba42a69fa56f89feebf63764d1a936444e4debce7e55e87b7366db +DIST squid-6.4.tar.xz 2553476 BLAKE2B 0f55fb8b4bcc291b9d978c8a150d86986ca32cf7c866907ac03ff3995ad6fbce333b0ebe977827e01e51a08d7104e41300a402bb811be0692a61fa81fd160304 SHA512 7bbf759841448874090a145699ee01f67696c19da147e433b1ecc80a856095cbfae611ef910bc4f2c44218101d89f2ee13796f5b7ada2e21e95638d4dae077ab +DIST squid-6.5.tar.xz 2554492 BLAKE2B 91ed91f9b0f56f440a7f15a63bbc3e19537b60bc8b31b5bf7e16884367d0da060c5490e1721dbd7c5fce7f4a4e958fb3554d6bdc5b55f568598f907722b651de SHA512 d3a40f5f390f0042a8e981ca28755a90dd520230a06b4246ba7bec0c98025ce1cdc7426797a666f769addd60238e28e1f04d2c701ea2ef2d7329dbe87b830d70 EBUILD squid-5.7-r1.ebuild 9416 BLAKE2B 06d2d220c5d79bb6cd08e90ff3cdd131e60cbe43e7ee7d80efc7433b105d5f70b8c58d7693e7d34609fc65150668763d5a82f2193a49890aa3a726a2120d4c7a SHA512 92d96fb49886f2ef0df9ecd8b8c988b5ae8534849f42ba6ab7bba472537e5b2b7af4b9ceb1d77f596427c09642e411ccd560592a8a70222ad9a33bbd1b154224 EBUILD squid-5.8.ebuild 9528 BLAKE2B dd6c51b261cc4ac0b1d4a0b76139a0b05babfb2c0fda6dfd29020a195114423e6aaebe3a2444626cbe297b8030fd0044bfbadc47ccf71ea9cee03897bcd19665 SHA512 281c3d5e18ccc6ebfd2650b29a3f07e9d7f6ae400270670fbbc4b285827dc97c1ca2a596bc2ee1c7e8d3ad8459e344b5732267dfc2dc5155b9c66aa972279d25 EBUILD squid-5.9.ebuild 9528 BLAKE2B dd6c51b261cc4ac0b1d4a0b76139a0b05babfb2c0fda6dfd29020a195114423e6aaebe3a2444626cbe297b8030fd0044bfbadc47ccf71ea9cee03897bcd19665 SHA512 281c3d5e18ccc6ebfd2650b29a3f07e9d7f6ae400270670fbbc4b285827dc97c1ca2a596bc2ee1c7e8d3ad8459e344b5732267dfc2dc5155b9c66aa972279d25 EBUILD squid-6.2.ebuild 9538 BLAKE2B 2854372933a238a436881fe3ceb886a299cfa712b12622e04ca1ac8b8a22f083af0c8e6336d9e7796f905d095c279a7dad0d0faa094da70bb6d686dcb9035992 SHA512 8ca804b9cb18fe662a792bdbef4fd24e6b61fc93555e16d6665db9680fc24b4c5608870fa2ef694422ccc38c8779513358ed167754225c8dc0954ec9a0c2b82a +EBUILD squid-6.4.ebuild 9627 BLAKE2B 6a723a5247f18a5e8438d79cb0d8a6ce1e7f0d57aaa5604b75bf56e775fb55b7a47790dbc8a5e3ae0518a470608fa1ebd3e93249fd94933262b20f92a869043b SHA512 4894e562dfed3819657436b586ca9dae800adb477397dee1fd801a90fc372148fccaa6e9a4afdbd8bca3c06d3093292b28898191a5accd2a2de8171b3b9780a4 +EBUILD squid-6.5.ebuild 9627 BLAKE2B 6a723a5247f18a5e8438d79cb0d8a6ce1e7f0d57aaa5604b75bf56e775fb55b7a47790dbc8a5e3ae0518a470608fa1ebd3e93249fd94933262b20f92a869043b SHA512 4894e562dfed3819657436b586ca9dae800adb477397dee1fd801a90fc372148fccaa6e9a4afdbd8bca3c06d3093292b28898191a5accd2a2de8171b3b9780a4 MISC metadata.xml 1351 BLAKE2B 8a6ea8bc939b5900572bd323fb3be78e0dfa9b4d7436f2d5e27fa59905f57af5cd9b7fe9a2903f8f57859a88176aab17c1a5d507a69765aab0f5320ceec69c96 SHA512 db7a47668d220a16f10d25319ffc4cd33270209d7d00f488d45680150f094d70776c4bf3c7b203b6ec8c69be18e5ac3a78d3d4367ec90a9ffb91ffd29f66890f diff --git a/net-proxy/squid/files/squid-6.4-gcc14-algorithm.patch b/net-proxy/squid/files/squid-6.4-gcc14-algorithm.patch new file mode 100644 index 000000000000..3a509e029eb5 --- /dev/null +++ b/net-proxy/squid/files/squid-6.4-gcc14-algorithm.patch @@ -0,0 +1,12 @@ +https://bugs.gentoo.org/917161 +--- a/src/helper/Reply.cc ++++ b/src/helper/Reply.cc +@@ -17,6 +17,8 @@ + #include "rfc1738.h" + #include "SquidString.h" + ++#include ++ + Helper::Reply::Reply() : + result(Helper::Unknown) + { diff --git a/net-proxy/squid/squid-6.4.ebuild b/net-proxy/squid/squid-6.4.ebuild new file mode 100644 index 000000000000..0ecdce7be628 --- /dev/null +++ b/net-proxy/squid/squid-6.4.ebuild @@ -0,0 +1,386 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info pam systemd toolchain-funcs + +DESCRIPTION="Full-featured web proxy cache" +HOMEPAGE="http://www.squid-cache.org/" + +MY_PV_MAJOR=$(ver_cut 1) +# Upstream patch ID for the most recent bug-fixed update to the formal release. +#r=-20181117-r0022167 +r= +if [[ -z ${r} ]]; then + SRC_URI="http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}.tar.xz" +else + SRC_URI="http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}${r}.tar.bz2" + S="${S}${r}" +fi + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" +IUSE="caps gnutls pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test ecap" +IUSE+=" esi ssl-crtd mysql postgres sqlite systemd perl qos tproxy +htcp valgrind +wccp +wccpv2" +RESTRICT="!test? ( test )" +REQUIRED_USE="tproxy? ( caps ) qos? ( caps ) ssl-crtd? ( ssl )" + +DEPEND=" + acct-group/squid + acct-user/squid + dev-libs/libltdl + sys-libs/tdb + virtual/libcrypt:= + caps? ( >=sys-libs/libcap-2.16 ) + ecap? ( net-libs/libecap:1 ) + esi? ( + dev-libs/expat + dev-libs/libxml2 + ) + ldap? ( net-nds/openldap:= ) + gnutls? ( >=net-libs/gnutls-3.1.5:= ) + logrotate? ( app-admin/logrotate ) + nis? ( + net-libs/libtirpc:= + net-libs/libnsl:= + ) + kerberos? ( virtual/krb5 ) + pam? ( sys-libs/pam ) + qos? ( net-libs/libnetfilter_conntrack ) + ssl? ( + dev-libs/nettle:= + !gnutls? ( + dev-libs/openssl:= + ) + ) + sasl? ( dev-libs/cyrus-sasl ) + systemd? ( sys-apps/systemd:= ) +" +RDEPEND=" + ${DEPEND} + mysql? ( dev-perl/DBD-mysql ) + postgres? ( dev-perl/DBD-Pg ) + perl? ( dev-lang/perl ) + samba? ( net-fs/samba ) + selinux? ( sec-policy/selinux-squid ) + sqlite? ( dev-perl/DBD-SQLite ) +" +DEPEND+=" valgrind? ( dev-util/valgrind )" +BDEPEND=" + dev-lang/perl + ecap? ( virtual/pkgconfig ) + test? ( dev-util/cppunit ) +" + +PATCHES=( + "${FILESDIR}"/${PN}-6.2-gentoo.patch + "${FILESDIR}"/${PN}-4.17-use-system-libltdl.patch + "${FILESDIR}"/${PN}-6.4-gcc14-algorithm.patch +) + +pkg_pretend() { + if use tproxy; then + local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY" + linux-info_pkg_setup + fi +} + +src_prepare() { + default + + # Fixup various paths + sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \ + INSTALL QUICKSTART \ + scripts/fileno-to-pathname.pl \ + scripts/check_cache.pl \ + tools/cachemgr.cgi.8 \ + tools/purge/conffile.hh \ + tools/purge/purge.1 || die + sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \ + INSTALL QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \ + QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \ + QUICKSTART \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \ + src/acl/external/unix_group/ext_unix_group_acl.8 \ + src/acl/external/session/ext_session_acl.8 || die + sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \ + scripts/check_cache.pl || die + # /var/run/squid to /run/squid + sed -i -e 's:$(localstatedir)::' \ + src/ipc/Makefile.am || die + sed -i 's:/var/run/:/run/:g' tools/systemd/squid.service || die + + sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \ + libltdl/configure.ac || die + + eautoreconf +} + +src_configure() { + local myeconfargs=( + --cache-file="${S}"/config.cache + + --datadir=/usr/share/squid + --libexecdir=/usr/libexec/squid + --localstatedir=/var + --sysconfdir=/etc/squid + --with-default-user=squid + --with-logdir=/var/log/squid + --with-pidfile=/run/squid.pid + + --enable-build-info="Gentoo ${PF} (r: ${r:-NONE})" + --enable-log-daemon-helpers + --enable-url-rewrite-helpers + --enable-cache-digests + --enable-delay-pools + --enable-disk-io + --enable-eui + --enable-icmp + --enable-ipv6 + --enable-follow-x-forwarded-for + --enable-removal-policies="lru,heap" + --disable-strict-error-checking + --disable-arch-native + + --with-large-files + --with-build-environment=default + + --with-tdb + + --without-included-ltdl + --with-ltdl-include="${ESYSROOT}"/usr/include + --with-ltdl-lib="${ESYSROOT}"/usr/$(get_libdir) + + $(use_with caps cap) + $(use_enable snmp) + $(use_with ssl openssl) + $(use_with ssl nettle) + $(use_with gnutls) + $(use_with ldap) + $(use_enable ssl-crtd) + $(use_with systemd) + $(use_with test cppunit) + $(use_enable ecap) + $(use_enable esi) + $(use_enable esi expat) + $(use_enable esi xml2) + $(use_enable htcp) + $(use_with valgrind valgrind-debug) + $(use_enable wccp) + $(use_enable wccpv2) + ) + + # Basic modules + local basic_modules=( + NCSA + POP3 + getpwnam + + $(usev samba 'SMB') + $(usev ldap 'SMB_LM LDAP') + $(usev pam 'PAM') + $(usev sasl 'SASL') + $(usev nis 'NIS') + $(usev radius 'RADIUS') + ) + + use nis && append-cppflags "-I${ESYSROOT}/usr/include/tirpc" + + if use mysql || use postgres || use sqlite; then + basic_modules+=( DB ) + fi + + # Digests + local digest_modules=( + file + + $(usev ldap 'LDAP eDirectory') + ) + + # Kerberos + local negotiate_modules=( none ) + + myeconfargs+=( --without-mit-krb5 --without-heimdal-krb5 ) + + if use kerberos; then + # We intentionally overwrite negotiate_modules here to lose + # the 'none'. + negotiate_modules=( kerberos wrapper ) + + if has_version app-crypt/heimdal; then + myeconfargs+=( + --without-mit-krb5 + --with-heimdal-krb5 + ) + else + myeconfargs+=( + --with-mit-krb5 + --without-heimdal-krb5 + ) + fi + fi + + # NTLM modules + local ntlm_modules=( none ) + + if use samba ; then + # We intentionally overwrite ntlm_modules here to lose + # the 'none'. + ntlm_modules=( SMB_LM ) + fi + + # External helpers + local ext_helpers=( + file_userip + session + unix_group + delayer + time_quota + + $(usev samba 'wbinfo_group') + $(usev ldap 'LDAP_group eDirectory_userip') + ) + + use ldap && use kerberos && ext_helpers+=( kerberos_ldap_group ) + if use mysql || use postgres || use sqlite; then + ext_helpers+=( SQL_session ) + fi + + # Storage modules + local storeio_modules=( + aufs + diskd + rock + ufs + ) + + # + local transparent + if use kernel_linux; then + myeconfargs+=( + --enable-linux-netfilter + $(usev qos '--enable-zph-qos --with-netfilter-conntrack') + ) + fi + + tc-export_build_env BUILD_CXX + export BUILDCXX="${BUILD_CXX}" + export BUILDCXXFLAGS="${BUILD_CXXFLAGS}" + tc-export CC AR + + # Should be able to drop this workaround with newer versions. + # https://bugs.squid-cache.org/show_bug.cgi?id=4224 + tc-is-cross-compiler && export squid_cv_gnu_atomics=no + + # Bug #719662 + append-atomic-flags + + print_options_without_comma() { + # IFS as ',' will cut off any trailing commas + ( + IFS=',' + options=( $(printf "%s," "${@}") ) + echo "${options[*]}" + ) + } + + myeconfargs+=( + --enable-storeio=$(print_options_without_comma "${storeio_modules[@]}") + --enable-auth-basic=$(print_options_without_comma "${basic_modules[@]}") + --enable-auth-digest=$(print_options_without_comma "${digest_modules[@]}") + --enable-auth-ntlm=$(print_options_without_comma "${ntlm_modules[@]}") + --enable-auth-negotiate=$(print_options_without_comma "${negotiate_modules[@]}") + --enable-external-acl-helpers=$(print_options_without_comma "${ext_helpers[@]}") + ) + + econf "${myeconfargs[@]}" +} + +src_install() { + default + + systemd_dounit tools/systemd/squid.service + + # Need suid root for looking into /etc/shadow + fowners root:squid /usr/libexec/squid/basic_ncsa_auth + fperms 4750 /usr/libexec/squid/basic_ncsa_auth + + if use pam; then + fowners root:squid /usr/libexec/squid/basic_pam_auth + fperms 4750 /usr/libexec/squid/basic_pam_auth + fi + + # Pinger needs suid as well + fowners root:squid /usr/libexec/squid/pinger + fperms 4750 /usr/libexec/squid/pinger + + # These scripts depend on perl + if ! use perl; then + local perl_scripts=( + basic_pop3_auth ext_delayer_acl helper-mux + log_db_daemon security_fake_certverify + storeid_file_rewrite url_lfs_rewrite + ) + + local script + for script in "${perl_scripts[@]}"; do + rm "${ED}"/usr/libexec/squid/${script} || die + done + fi + + # Cleanup + rm -r "${D}"/run "${D}"/var/cache || die + + dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt + newdoc src/auth/negotiate/kerberos/README README.kerberos + newdoc src/auth/basic/RADIUS/README README.RADIUS + newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group + dodoc RELEASENOTES.html + + if use pam; then + newpamd "${FILESDIR}"/squid.pam squid + fi + + newconfd "${FILESDIR}"/squid.confd-r2 squid + newinitd "${FILESDIR}"/squid.initd-r6 squid + + if use logrotate ; then + insinto /etc/logrotate.d + newins "${FILESDIR}"/squid.logrotate squid + else + exeinto /etc/cron.weekly + newexe "${FILESDIR}"/squid.cron squid.cron + fi + + diropts -m0750 -o squid -g squid + keepdir /var/log/squid /etc/ssl/squid /var/lib/squid + + # Hack for bug #834503 (see also bug #664940) + # Please keep this for a few years until it's no longer plausible + # someone is upgrading from < squid 5.7. + mv "${ED}"/usr/share/squid/errors{,.new} || die +} + +pkg_preinst() { + # Remove file in EROOT that the directory collides with. + rm -rf "${EROOT}"/usr/share/squid/errors || die + + # Following the collision protection check, reverse + # src_install's rename in ED. + mv "${ED}"/usr/share/squid/errors{.new,} || die +} + +pkg_postinst() { + elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'." + + if [[ ${#r} -gt 0 ]]; then + elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support." + fi +} diff --git a/net-proxy/squid/squid-6.5.ebuild b/net-proxy/squid/squid-6.5.ebuild new file mode 100644 index 000000000000..0ecdce7be628 --- /dev/null +++ b/net-proxy/squid/squid-6.5.ebuild @@ -0,0 +1,386 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools flag-o-matic linux-info pam systemd toolchain-funcs + +DESCRIPTION="Full-featured web proxy cache" +HOMEPAGE="http://www.squid-cache.org/" + +MY_PV_MAJOR=$(ver_cut 1) +# Upstream patch ID for the most recent bug-fixed update to the formal release. +#r=-20181117-r0022167 +r= +if [[ -z ${r} ]]; then + SRC_URI="http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}.tar.xz" +else + SRC_URI="http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}${r}.tar.bz2" + S="${S}${r}" +fi + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" +IUSE="caps gnutls pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test ecap" +IUSE+=" esi ssl-crtd mysql postgres sqlite systemd perl qos tproxy +htcp valgrind +wccp +wccpv2" +RESTRICT="!test? ( test )" +REQUIRED_USE="tproxy? ( caps ) qos? ( caps ) ssl-crtd? ( ssl )" + +DEPEND=" + acct-group/squid + acct-user/squid + dev-libs/libltdl + sys-libs/tdb + virtual/libcrypt:= + caps? ( >=sys-libs/libcap-2.16 ) + ecap? ( net-libs/libecap:1 ) + esi? ( + dev-libs/expat + dev-libs/libxml2 + ) + ldap? ( net-nds/openldap:= ) + gnutls? ( >=net-libs/gnutls-3.1.5:= ) + logrotate? ( app-admin/logrotate ) + nis? ( + net-libs/libtirpc:= + net-libs/libnsl:= + ) + kerberos? ( virtual/krb5 ) + pam? ( sys-libs/pam ) + qos? ( net-libs/libnetfilter_conntrack ) + ssl? ( + dev-libs/nettle:= + !gnutls? ( + dev-libs/openssl:= + ) + ) + sasl? ( dev-libs/cyrus-sasl ) + systemd? ( sys-apps/systemd:= ) +" +RDEPEND=" + ${DEPEND} + mysql? ( dev-perl/DBD-mysql ) + postgres? ( dev-perl/DBD-Pg ) + perl? ( dev-lang/perl ) + samba? ( net-fs/samba ) + selinux? ( sec-policy/selinux-squid ) + sqlite? ( dev-perl/DBD-SQLite ) +" +DEPEND+=" valgrind? ( dev-util/valgrind )" +BDEPEND=" + dev-lang/perl + ecap? ( virtual/pkgconfig ) + test? ( dev-util/cppunit ) +" + +PATCHES=( + "${FILESDIR}"/${PN}-6.2-gentoo.patch + "${FILESDIR}"/${PN}-4.17-use-system-libltdl.patch + "${FILESDIR}"/${PN}-6.4-gcc14-algorithm.patch +) + +pkg_pretend() { + if use tproxy; then + local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY" + linux-info_pkg_setup + fi +} + +src_prepare() { + default + + # Fixup various paths + sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \ + INSTALL QUICKSTART \ + scripts/fileno-to-pathname.pl \ + scripts/check_cache.pl \ + tools/cachemgr.cgi.8 \ + tools/purge/conffile.hh \ + tools/purge/purge.1 || die + sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \ + INSTALL QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \ + QUICKSTART || die + sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \ + QUICKSTART \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \ + src/log/access_log.cc || die + sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \ + src/acl/external/unix_group/ext_unix_group_acl.8 \ + src/acl/external/session/ext_session_acl.8 || die + sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \ + scripts/check_cache.pl || die + # /var/run/squid to /run/squid + sed -i -e 's:$(localstatedir)::' \ + src/ipc/Makefile.am || die + sed -i 's:/var/run/:/run/:g' tools/systemd/squid.service || die + + sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \ + libltdl/configure.ac || die + + eautoreconf +} + +src_configure() { + local myeconfargs=( + --cache-file="${S}"/config.cache + + --datadir=/usr/share/squid + --libexecdir=/usr/libexec/squid + --localstatedir=/var + --sysconfdir=/etc/squid + --with-default-user=squid + --with-logdir=/var/log/squid + --with-pidfile=/run/squid.pid + + --enable-build-info="Gentoo ${PF} (r: ${r:-NONE})" + --enable-log-daemon-helpers + --enable-url-rewrite-helpers + --enable-cache-digests + --enable-delay-pools + --enable-disk-io + --enable-eui + --enable-icmp + --enable-ipv6 + --enable-follow-x-forwarded-for + --enable-removal-policies="lru,heap" + --disable-strict-error-checking + --disable-arch-native + + --with-large-files + --with-build-environment=default + + --with-tdb + + --without-included-ltdl + --with-ltdl-include="${ESYSROOT}"/usr/include + --with-ltdl-lib="${ESYSROOT}"/usr/$(get_libdir) + + $(use_with caps cap) + $(use_enable snmp) + $(use_with ssl openssl) + $(use_with ssl nettle) + $(use_with gnutls) + $(use_with ldap) + $(use_enable ssl-crtd) + $(use_with systemd) + $(use_with test cppunit) + $(use_enable ecap) + $(use_enable esi) + $(use_enable esi expat) + $(use_enable esi xml2) + $(use_enable htcp) + $(use_with valgrind valgrind-debug) + $(use_enable wccp) + $(use_enable wccpv2) + ) + + # Basic modules + local basic_modules=( + NCSA + POP3 + getpwnam + + $(usev samba 'SMB') + $(usev ldap 'SMB_LM LDAP') + $(usev pam 'PAM') + $(usev sasl 'SASL') + $(usev nis 'NIS') + $(usev radius 'RADIUS') + ) + + use nis && append-cppflags "-I${ESYSROOT}/usr/include/tirpc" + + if use mysql || use postgres || use sqlite; then + basic_modules+=( DB ) + fi + + # Digests + local digest_modules=( + file + + $(usev ldap 'LDAP eDirectory') + ) + + # Kerberos + local negotiate_modules=( none ) + + myeconfargs+=( --without-mit-krb5 --without-heimdal-krb5 ) + + if use kerberos; then + # We intentionally overwrite negotiate_modules here to lose + # the 'none'. + negotiate_modules=( kerberos wrapper ) + + if has_version app-crypt/heimdal; then + myeconfargs+=( + --without-mit-krb5 + --with-heimdal-krb5 + ) + else + myeconfargs+=( + --with-mit-krb5 + --without-heimdal-krb5 + ) + fi + fi + + # NTLM modules + local ntlm_modules=( none ) + + if use samba ; then + # We intentionally overwrite ntlm_modules here to lose + # the 'none'. + ntlm_modules=( SMB_LM ) + fi + + # External helpers + local ext_helpers=( + file_userip + session + unix_group + delayer + time_quota + + $(usev samba 'wbinfo_group') + $(usev ldap 'LDAP_group eDirectory_userip') + ) + + use ldap && use kerberos && ext_helpers+=( kerberos_ldap_group ) + if use mysql || use postgres || use sqlite; then + ext_helpers+=( SQL_session ) + fi + + # Storage modules + local storeio_modules=( + aufs + diskd + rock + ufs + ) + + # + local transparent + if use kernel_linux; then + myeconfargs+=( + --enable-linux-netfilter + $(usev qos '--enable-zph-qos --with-netfilter-conntrack') + ) + fi + + tc-export_build_env BUILD_CXX + export BUILDCXX="${BUILD_CXX}" + export BUILDCXXFLAGS="${BUILD_CXXFLAGS}" + tc-export CC AR + + # Should be able to drop this workaround with newer versions. + # https://bugs.squid-cache.org/show_bug.cgi?id=4224 + tc-is-cross-compiler && export squid_cv_gnu_atomics=no + + # Bug #719662 + append-atomic-flags + + print_options_without_comma() { + # IFS as ',' will cut off any trailing commas + ( + IFS=',' + options=( $(printf "%s," "${@}") ) + echo "${options[*]}" + ) + } + + myeconfargs+=( + --enable-storeio=$(print_options_without_comma "${storeio_modules[@]}") + --enable-auth-basic=$(print_options_without_comma "${basic_modules[@]}") + --enable-auth-digest=$(print_options_without_comma "${digest_modules[@]}") + --enable-auth-ntlm=$(print_options_without_comma "${ntlm_modules[@]}") + --enable-auth-negotiate=$(print_options_without_comma "${negotiate_modules[@]}") + --enable-external-acl-helpers=$(print_options_without_comma "${ext_helpers[@]}") + ) + + econf "${myeconfargs[@]}" +} + +src_install() { + default + + systemd_dounit tools/systemd/squid.service + + # Need suid root for looking into /etc/shadow + fowners root:squid /usr/libexec/squid/basic_ncsa_auth + fperms 4750 /usr/libexec/squid/basic_ncsa_auth + + if use pam; then + fowners root:squid /usr/libexec/squid/basic_pam_auth + fperms 4750 /usr/libexec/squid/basic_pam_auth + fi + + # Pinger needs suid as well + fowners root:squid /usr/libexec/squid/pinger + fperms 4750 /usr/libexec/squid/pinger + + # These scripts depend on perl + if ! use perl; then + local perl_scripts=( + basic_pop3_auth ext_delayer_acl helper-mux + log_db_daemon security_fake_certverify + storeid_file_rewrite url_lfs_rewrite + ) + + local script + for script in "${perl_scripts[@]}"; do + rm "${ED}"/usr/libexec/squid/${script} || die + done + fi + + # Cleanup + rm -r "${D}"/run "${D}"/var/cache || die + + dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt + newdoc src/auth/negotiate/kerberos/README README.kerberos + newdoc src/auth/basic/RADIUS/README README.RADIUS + newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group + dodoc RELEASENOTES.html + + if use pam; then + newpamd "${FILESDIR}"/squid.pam squid + fi + + newconfd "${FILESDIR}"/squid.confd-r2 squid + newinitd "${FILESDIR}"/squid.initd-r6 squid + + if use logrotate ; then + insinto /etc/logrotate.d + newins "${FILESDIR}"/squid.logrotate squid + else + exeinto /etc/cron.weekly + newexe "${FILESDIR}"/squid.cron squid.cron + fi + + diropts -m0750 -o squid -g squid + keepdir /var/log/squid /etc/ssl/squid /var/lib/squid + + # Hack for bug #834503 (see also bug #664940) + # Please keep this for a few years until it's no longer plausible + # someone is upgrading from < squid 5.7. + mv "${ED}"/usr/share/squid/errors{,.new} || die +} + +pkg_preinst() { + # Remove file in EROOT that the directory collides with. + rm -rf "${EROOT}"/usr/share/squid/errors || die + + # Following the collision protection check, reverse + # src_install's rename in ED. + mv "${ED}"/usr/share/squid/errors{.new,} || die +} + +pkg_postinst() { + elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'." + + if [[ ${#r} -gt 0 ]]; then + elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support." + fi +} -- cgit v1.2.3