From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/files/, net-proxy/squid/
Date: Wed, 9 Aug 2023 04:49:24 +0000 (UTC) [thread overview]
Message-ID: <1691556522.a4c66f18e813aef8df6b4846b122212126d4d7f1.sam@gentoo> (raw)
commit: a4c66f18e813aef8df6b4846b122212126d4d7f1
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Aug 9 04:16:48 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Aug 9 04:48:42 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a4c66f18
net-proxy/squid: add 6.2
Closes: https://bugs.gentoo.org/911590
Signed-off-by: Sam James <sam <AT> gentoo.org>
net-proxy/squid/Manifest | 1 +
net-proxy/squid/files/squid-6.2-gentoo.patch | 76 ++++++
net-proxy/squid/squid-6.2.ebuild | 383 +++++++++++++++++++++++++++
3 files changed, 460 insertions(+)
diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index 51802a78e06a..c003dd6b50b7 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -1,3 +1,4 @@
DIST squid-5.7.tar.xz 2566560 BLAKE2B 4a403ca4f94034356922ea1a4feffd5f5289e2aadbe1585bd04e83ee89712227ce04c53f7e05c10f7c8ac6be67a265a32b47032e7b56e929a172772fa41d5299 SHA512 624a39041a6ceda6c470dc0937616f1aa67200f3db02b4d74095d8d706ed31d6df5e0417dcacde45f6be40b617bee018849793d52c96a626aab32a2b182972aa
DIST squid-5.8.tar.xz 2447560 BLAKE2B c9d1ae9464e68beabdf7ae1641a70d6c614bc4d4f4bae3fc5946c2bf61510634992cbd5abe63f071104edb2fa487a6c5c7fb8fbf8f06ac723a6522ec9ade8b68 SHA512 81a9a7d1dfcb58476369e08e99feb76411dd3242a3374feb175408fa0dc8161545a9a903603219c6fa2bcfb615461901e093428e97ac74cf4c596a7065d3247d
DIST squid-5.9.tar.xz 2569204 BLAKE2B 898a34357f8019291379ea37c66fa312e1a6437e8f643987dd4e54d7d52728248e16129b00195c5f6e0378c0f32c9f9ade3f98ca0ec4bb952f9f443357face82 SHA512 7dc366ef6b2a397ca6adec993c05876949de5f5e72a8a4409c9c9c52c42a8a4b37f58e85a171eebd36a166951f6c764176cfebec30019b299abe34a5adc4e5ac
+DIST squid-6.2.tar.xz 2546172 BLAKE2B e934371e40093b1570c88c76f9427089087d2fa0b16629e7ca3afabd17f7bc5592b2b65354da54ebc43350ab6732081dd39a39e5db712f70a48246c22b8ae45d SHA512 a2f3ad666b88708ddc52958e610222778e4f64c2ac097b821867ae4022ca35dcbe225f2c5bba42a69fa56f89feebf63764d1a936444e4debce7e55e87b7366db
diff --git a/net-proxy/squid/files/squid-6.2-gentoo.patch b/net-proxy/squid/files/squid-6.2-gentoo.patch
new file mode 100644
index 000000000000..2444c74a71d0
--- /dev/null
+++ b/net-proxy/squid/files/squid-6.2-gentoo.patch
@@ -0,0 +1,76 @@
+--- a/configure.ac
++++ b/configure.ac
+@@ -33,9 +33,6 @@ PRESET_CFLAGS="$CFLAGS"
+ PRESET_CXXFLAGS="$CXXFLAGS"
+ PRESET_LDFLAGS="$LDFLAGS"
+
+-dnl Set default LDFLAGS
+-AS_IF([test "x$LDFLAGS" = "x"],[LDFLAGS="-g"])
+-
+ # check for host OS detail
+ AC_CANONICAL_HOST
+ AC_MSG_CHECKING([simplified host os])
+--- a/src/cf.data.pre
++++ b/src/cf.data.pre
+@@ -1669,6 +1669,7 @@ acl Safe_ports port 280 # http-mgmt
+ acl Safe_ports port 488 # gss-http
+ acl Safe_ports port 591 # filemaker
+ acl Safe_ports port 777 # multiling http
++acl Safe_ports port 901 # SWAT
+ CONFIG_END
+ DOC_END
+
+@@ -7447,11 +7448,11 @@ COMMENT_END
+
+ NAME: cache_mgr
+ TYPE: string
+-DEFAULT: webmaster
++DEFAULT: root
+ LOC: Config.adminEmail
+ DOC_START
+ Email-address of local cache manager who will receive
+- mail if the cache dies. The default is "webmaster".
++ mail if the cache dies. The default is "root".
+ DOC_END
+
+ NAME: mail_from
+--- a/src/debug/debug.cc
++++ b/src/debug/debug.cc
+@@ -1144,7 +1144,7 @@ Debug::SettleSyslog()
+ #if HAVE_SYSLOG && defined(LOG_LOCAL4)
+
+ if (Debug::log_syslog) {
+- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility);
+ Module().syslogChannel.markOpened();
+ }
+
+--- a/src/main.cc
++++ b/src/main.cc
+@@ -1867,7 +1867,7 @@ watch_child(const CommandLine &masterCommand)
+
+ enter_suid();
+
+- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+
+ if (!opt_foreground)
+ GoIntoBackground();
+@@ -1959,7 +1959,7 @@ watch_child(const CommandLine &masterCommand)
+
+ if ((pid = fork()) == 0) {
+ /* child */
+- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+ (void)execvp(masterCommand.arg0(), kidCommand.argv());
+ int xerrno = errno;
+ syslog(LOG_ALERT, "execvp failed: %s", xstrerr(xerrno));
+@@ -1971,7 +1971,7 @@ watch_child(const CommandLine &masterCommand)
+ }
+
+ /* parent */
+- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+
+ // If Squid received a signal while checking for dying kids (below) or
+ // starting new kids (above), then do a fast check for a new dying kid
diff --git a/net-proxy/squid/squid-6.2.ebuild b/net-proxy/squid/squid-6.2.ebuild
new file mode 100644
index 000000000000..0c10c03e6c44
--- /dev/null
+++ b/net-proxy/squid/squid-6.2.ebuild
@@ -0,0 +1,383 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools flag-o-matic linux-info pam systemd toolchain-funcs
+
+DESCRIPTION="Full-featured web proxy cache"
+HOMEPAGE="http://www.squid-cache.org/"
+
+MY_PV_MAJOR=$(ver_cut 1)
+# Upstream patch ID for the most recent bug-fixed update to the formal release.
+#r=-20181117-r0022167
+r=
+if [[ -z ${r} ]]; then
+ SRC_URI="http://www.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}.tar.xz"
+else
+ SRC_URI="http://www.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}${r}.tar.bz2"
+ S="${S}${r}"
+fi
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
+IUSE="caps gnutls pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test ecap"
+IUSE+=" esi ssl-crtd mysql postgres sqlite systemd perl qos tproxy +htcp valgrind +wccp +wccpv2"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="tproxy? ( caps ) qos? ( caps ) ssl-crtd? ( ssl )"
+
+DEPEND="
+ acct-group/squid
+ acct-user/squid
+ dev-libs/libltdl
+ sys-libs/tdb
+ virtual/libcrypt:=
+ caps? ( >=sys-libs/libcap-2.16 )
+ ecap? ( net-libs/libecap:1 )
+ esi? (
+ dev-libs/expat
+ dev-libs/libxml2
+ )
+ ldap? ( net-nds/openldap:= )
+ gnutls? ( >=net-libs/gnutls-3.1.5:= )
+ logrotate? ( app-admin/logrotate )
+ nis? (
+ net-libs/libtirpc:=
+ net-libs/libnsl:=
+ )
+ kerberos? ( virtual/krb5 )
+ pam? ( sys-libs/pam )
+ qos? ( net-libs/libnetfilter_conntrack )
+ ssl? (
+ dev-libs/nettle:=
+ !gnutls? (
+ dev-libs/openssl:=
+ )
+ )
+ sasl? ( dev-libs/cyrus-sasl )
+ systemd? ( sys-apps/systemd:= )
+"
+RDEPEND="
+ ${DEPEND}
+ mysql? ( dev-perl/DBD-mysql )
+ postgres? ( dev-perl/DBD-Pg )
+ perl? ( dev-lang/perl )
+ samba? ( net-fs/samba )
+ selinux? ( sec-policy/selinux-squid )
+ sqlite? ( dev-perl/DBD-SQLite )
+"
+DEPEND+=" valgrind? ( dev-util/valgrind )"
+BDEPEND="
+ dev-lang/perl
+ ecap? ( virtual/pkgconfig )
+ test? ( dev-util/cppunit )
+"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-6.2-gentoo.patch
+ "${FILESDIR}"/${PN}-4.17-use-system-libltdl.patch
+)
+
+pkg_pretend() {
+ if use tproxy; then
+ local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
+ linux-info_pkg_setup
+ fi
+}
+
+src_prepare() {
+ default
+
+ # Fixup various paths
+ sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
+ INSTALL QUICKSTART \
+ scripts/fileno-to-pathname.pl \
+ scripts/check_cache.pl \
+ tools/cachemgr.cgi.8 \
+ tools/purge/conffile.hh \
+ tools/purge/purge.1 || die
+ sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
+ INSTALL QUICKSTART || die
+ sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
+ QUICKSTART || die
+ sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
+ QUICKSTART \
+ src/log/access_log.cc || die
+ sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
+ src/log/access_log.cc || die
+ sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
+ src/acl/external/unix_group/ext_unix_group_acl.8 \
+ src/acl/external/session/ext_session_acl.8 || die
+ sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
+ scripts/check_cache.pl || die
+ # /var/run/squid to /run/squid
+ sed -i -e 's:$(localstatedir)::' \
+ src/ipc/Makefile.am || die
+ sed -i 's:/var/run/:/run/:g' tools/systemd/squid.service || die
+
+ sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
+ libltdl/configure.ac || die
+
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ --datadir=/usr/share/squid
+ --libexecdir=/usr/libexec/squid
+ --localstatedir=/var
+ --sysconfdir=/etc/squid
+ --with-default-user=squid
+ --with-logdir=/var/log/squid
+ --with-pidfile=/run/squid.pid
+
+ --enable-build-info="Gentoo ${PF} (r: ${r:-NONE})"
+ --enable-log-daemon-helpers
+ --enable-url-rewrite-helpers
+ --enable-cache-digests
+ --enable-delay-pools
+ --enable-disk-io
+ --enable-eui
+ --enable-icmp
+ --enable-ipv6
+ --enable-follow-x-forwarded-for
+ --enable-removal-policies="lru,heap"
+ --disable-strict-error-checking
+ --disable-arch-native
+
+ --with-large-files
+ --with-build-environment=default
+
+ --with-tdb
+
+ --without-included-ltdl
+ --with-ltdl-include="${ESYSROOT}"/usr/include
+ --with-ltdl-lib="${ESYSROOT}"/usr/$(get_libdir)
+
+ $(use_with caps cap)
+ $(use_enable snmp)
+ $(use_with ssl openssl)
+ $(use_with ssl nettle)
+ $(use_with gnutls)
+ $(use_with ldap)
+ $(use_enable ssl-crtd)
+ $(use_with systemd)
+ $(use_with test cppunit)
+ $(use_enable ecap)
+ $(use_enable esi)
+ $(use_enable esi expat)
+ $(use_enable esi xml2)
+ $(use_enable htcp)
+ $(use_with valgrind valgrind-debug)
+ $(use_enable wccp)
+ $(use_enable wccpv2)
+ )
+
+ # Basic modules
+ local basic_modules=(
+ NCSA
+ POP3
+ getpwnam
+
+ $(usev samba 'SMB')
+ $(usev ldap 'SMB_LM LDAP')
+ $(usev pam 'PAM')
+ $(usev sasl 'SASL')
+ $(usev nis 'NIS')
+ $(usev radius 'RADIUS')
+ )
+
+ use nis && append-cppflags "-I${ESYSROOT}/usr/include/tirpc"
+
+ if use mysql || use postgres || use sqlite; then
+ basic_modules+=( DB )
+ fi
+
+ # Digests
+ local digest_modules=(
+ file
+
+ $(usev ldap 'LDAP eDirectory')
+ )
+
+ # Kerberos
+ local negotiate_modules=( none )
+
+ myeconfargs+=( --without-mit-krb5 --without-heimdal-krb5 )
+
+ if use kerberos; then
+ # We intentionally overwrite negotiate_modules here to lose
+ # the 'none'.
+ negotiate_modules=( kerberos wrapper )
+
+ if has_version app-crypt/heimdal; then
+ myeconfargs+=(
+ --without-mit-krb5
+ --with-heimdal-krb5
+ )
+ else
+ myeconfargs+=(
+ --with-mit-krb5
+ --without-heimdal-krb5
+ )
+ fi
+ fi
+
+ # NTLM modules
+ local ntlm_modules=( none )
+
+ if use samba ; then
+ # We intentionally overwrite ntlm_modules here to lose
+ # the 'none'.
+ ntlm_modules=( SMB_LM )
+ fi
+
+ # External helpers
+ local ext_helpers=(
+ file_userip
+ session
+ unix_group
+ delayer
+ time_quota
+
+ $(usev samba 'wbinfo_group')
+ $(usev ldap 'LDAP_group eDirectory_userip')
+ )
+
+ use ldap && use kerberos && ext_helpers+=( kerberos_ldap_group )
+ if use mysql || use postgres || use sqlite; then
+ ext_helpers+=( SQL_session )
+ fi
+
+ # Storage modules
+ local storeio_modules=(
+ aufs
+ diskd
+ rock
+ ufs
+ )
+
+ #
+ local transparent
+ if use kernel_linux; then
+ myeconfargs+=(
+ --enable-linux-netfilter
+ $(usev qos '--enable-zph-qos --with-netfilter-conntrack')
+ )
+ fi
+
+ tc-export_build_env BUILD_CXX
+ export BUILDCXX="${BUILD_CXX}"
+ export BUILDCXXFLAGS="${BUILD_CXXFLAGS}"
+ tc-export CC AR
+
+ # Should be able to drop this workaround with newer versions.
+ # https://bugs.squid-cache.org/show_bug.cgi?id=4224
+ tc-is-cross-compiler && export squid_cv_gnu_atomics=no
+
+ # Bug #719662
+ append-atomic-flags
+
+ print_options_without_comma() {
+ # IFS as ',' will cut off any trailing commas
+ (
+ IFS=','
+ options=( $(printf "%s," "${@}") )
+ echo "${options[*]}"
+ )
+ }
+
+ myeconfargs+=(
+ --enable-storeio=$(print_options_without_comma "${storeio_modules[@]}")
+ --enable-auth-basic=$(print_options_without_comma "${basic_modules[@]}")
+ --enable-auth-digest=$(print_options_without_comma "${digest_modules[@]}")
+ --enable-auth-ntlm=$(print_options_without_comma "${ntlm_modules[@]}")
+ --enable-auth-negotiate=$(print_options_without_comma "${negotiate_modules[@]}")
+ --enable-external-acl-helpers=$(print_options_without_comma "${ext_helpers[@]}")
+ )
+
+ econf "${myeconfargs[@]}"
+}
+
+src_install() {
+ default
+
+ systemd_dounit tools/systemd/squid.service
+
+ # Need suid root for looking into /etc/shadow
+ fowners root:squid /usr/libexec/squid/basic_ncsa_auth
+ fperms 4750 /usr/libexec/squid/basic_ncsa_auth
+
+ if use pam; then
+ fowners root:squid /usr/libexec/squid/basic_pam_auth
+ fperms 4750 /usr/libexec/squid/basic_pam_auth
+ fi
+
+ # Pinger needs suid as well
+ fowners root:squid /usr/libexec/squid/pinger
+ fperms 4750 /usr/libexec/squid/pinger
+
+ # These scripts depend on perl
+ if ! use perl; then
+ local perl_scripts=(
+ basic_pop3_auth ext_delayer_acl helper-mux
+ log_db_daemon security_fake_certverify
+ storeid_file_rewrite url_lfs_rewrite
+ )
+
+ local script
+ for script in "${perl_scripts[@]}"; do
+ rm "${ED}"/usr/libexec/squid/${script} || die
+ done
+ fi
+
+ # Cleanup
+ rm -r "${D}"/run "${D}"/var/cache || die
+
+ dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
+ newdoc src/auth/negotiate/kerberos/README README.kerberos
+ newdoc src/auth/basic/RADIUS/README README.RADIUS
+ newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group
+ dodoc RELEASENOTES.html
+
+ if use pam; then
+ newpamd "${FILESDIR}"/squid.pam squid
+ fi
+
+ newconfd "${FILESDIR}"/squid.confd-r2 squid
+ newinitd "${FILESDIR}"/squid.initd-r6 squid
+
+ if use logrotate ; then
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}"/squid.logrotate squid
+ else
+ exeinto /etc/cron.weekly
+ newexe "${FILESDIR}"/squid.cron squid.cron
+ fi
+
+ diropts -m0750 -o squid -g squid
+ keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
+
+ # Hack for bug #834503 (see also bug #664940)
+ # Please keep this for a few years until it's no longer plausible
+ # someone is upgrading from < squid 5.7.
+ mv "${ED}"/usr/share/squid/errors{,.new} || die
+}
+
+pkg_preinst() {
+ # Remove file in EROOT that the directory collides with.
+ rm -rf "${EROOT}"/usr/share/squid/errors || die
+
+ # Following the collision protection check, reverse
+ # src_install's rename in ED.
+ mv "${ED}"/usr/share/squid/errors{.new,} || die
+}
+
+pkg_postinst() {
+ elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'."
+
+ if [[ ${#r} -gt 0 ]]; then
+ elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support."
+ fi
+}
next reply other threads:[~2023-08-09 4:49 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-09 4:49 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2023-12-07 6:21 [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/files/, net-proxy/squid/ Arthur Zamarin
2023-06-18 4:25 Sam James
2023-03-23 7:20 Sam James
2022-09-23 7:42 Sam James
2022-03-22 0:50 Sam James
2022-02-19 10:32 Mikle Kolyada
2020-05-03 15:05 Mikle Kolyada
2019-05-03 12:35 Mikle Kolyada
2017-06-16 6:26 Eray Aslan
2016-04-18 15:41 Eray Aslan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1691556522.a4c66f18e813aef8df6b4846b122212126d4d7f1.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox