Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Eray Aslan (eras)" <eras@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in net-proxy/squid: ChangeLog squid-3.1.16.ebuild
Date: Tue, 01 Nov 2011 10:59:39
Message-Id: 20111101105929.7113920033@flycatcher.gentoo.org
1 eras 11/11/01 10:59:29
2
3 Modified: ChangeLog
4 Added: squid-3.1.16.ebuild
5 Log:
6 non-maintainer version bump - security bug #389133
7
8 (Portage version: 2.1.10.31/cvs/Linux x86_64)
9
10 Revision Changes Path
11 1.329 net-proxy/squid/ChangeLog
12
13 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-proxy/squid/ChangeLog?rev=1.329&view=markup
14 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-proxy/squid/ChangeLog?rev=1.329&content-type=text/plain
15 diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-proxy/squid/ChangeLog?r1=1.328&r2=1.329
16
17 Index: ChangeLog
18 ===================================================================
19 RCS file: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v
20 retrieving revision 1.328
21 retrieving revision 1.329
22 diff -u -r1.328 -r1.329
23 --- ChangeLog 23 Oct 2011 18:45:39 -0000 1.328
24 +++ ChangeLog 1 Nov 2011 10:59:29 -0000 1.329
25 @@ -1,6 +1,11 @@
26 # ChangeLog for net-proxy/squid
27 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
28 -# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.328 2011/10/23 18:45:39 polynomial-c Exp $
29 +# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.329 2011/11/01 10:59:29 eras Exp $
30 +
31 +*squid-3.1.16 (01 Nov 2011)
32 +
33 + 01 Nov 2011; Eray Aslan <eras@g.o> +squid-3.1.16.ebuild:
34 + non-maintainer version bump - security bug #389133
35
36 23 Oct 2011; Lars Wendler <polynomial-c@g.o> files/squid.initd:
37 non-maintainer commit: Replaced deprecated opts variable in init script (bug
38
39
40
41 1.1 net-proxy/squid/squid-3.1.16.ebuild
42
43 file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-proxy/squid/squid-3.1.16.ebuild?rev=1.1&view=markup
44 plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-proxy/squid/squid-3.1.16.ebuild?rev=1.1&content-type=text/plain
45
46 Index: squid-3.1.16.ebuild
47 ===================================================================
48 # Copyright 1999-2011 Gentoo Foundation
49 # Distributed under the terms of the GNU General Public License v2
50 # $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-3.1.16.ebuild,v 1.1 2011/11/01 10:59:29 eras Exp $
51
52 EAPI=4
53
54 inherit eutils pam toolchain-funcs autotools linux-info
55
56 DESCRIPTION="A full-featured web proxy cache"
57 HOMEPAGE="http://www.squid-cache.org/"
58 SRC_URI="http://www.squid-cache.org/Versions/v3/3.1/${P}.tar.gz"
59
60 LICENSE="GPL-2"
61 SLOT="0"
62 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
63 IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
64 ecap icap-client \
65 mysql postgres sqlite \
66 zero-penalty-hit \
67 pf-transparent ipf-transparent kqueue \
68 elibc_uclibc kernel_linux +epoll tproxy"
69
70 COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
71 pam? ( virtual/pam )
72 ldap? ( net-nds/openldap )
73 kerberos? ( virtual/krb5 )
74 ssl? ( dev-libs/openssl )
75 sasl? ( dev-libs/cyrus-sasl )
76 ecap? ( net-libs/libecap )
77 selinux? ( sec-policy/selinux-squid )
78 !x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
79 >=sys-libs/db-4
80 dev-lang/perl"
81 DEPEND="${COMMON_DEPEND}
82 sys-apps/ed
83 test? ( dev-util/cppunit )"
84 RDEPEND="${COMMON_DEPEND}
85 samba? ( net-fs/samba )
86 mysql? ( dev-perl/DBD-mysql )
87 postgres? ( dev-perl/DBD-Pg )
88 sqlite? ( dev-perl/DBD-SQLite )"
89
90 REQUIRED_USE="tproxy? ( caps )"
91
92 pkg_pretend() {
93 if grep -qs '^[[:space:]]*cache_dir[[:space:]]\+coss' "${ROOT}"etc/squid/squid.conf; then
94 eerror "coss store IO has been disabled by upstream due to stability issues!"
95 eerror "If you want to install this version, switch the store type to something else"
96 eerror "before attempting to install this version again."
97
98 die "/etc/squid/squid.conf: cache_dir uses a disabled store type"
99 fi
100
101 if use tproxy; then
102 echo
103 elog "Checking kernel configuration for full Tproxy4 support"
104 local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_TPROXY ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
105 linux-info_pkg_setup
106 echo
107 fi
108 }
109
110 pkg_setup() {
111 enewgroup squid 31
112 enewuser squid 31 -1 /var/cache/squid squid
113 }
114
115 src_prepare() {
116 epatch "${FILESDIR}"/${PN}-3.1.15-gentoo.patch
117 eautoreconf
118 }
119
120 src_configure() {
121 local myconf=""
122
123 local basic_modules="getpwnam,NCSA,MSNT"
124 use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}"
125 use ldap && basic_modules="LDAP,${basic_modules}"
126 use pam && basic_modules="PAM,${basic_modules}"
127 use sasl && basic_modules="SASL,${basic_modules}"
128 use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}"
129 use radius && basic_modules="squid_radius_auth,${basic_modules}"
130 if use mysql || use postgres || use sqlite ; then
131 basic_modules="DB,${basic_modules}"
132 fi
133
134 local digest_modules="password"
135 use ldap && digest_modules="ldap,${digest_modules}"
136
137 local ext_helpers="ip_user,session,unix_group"
138 use samba && ext_helpers="wbinfo_group,${ext_helpers}"
139 use ldap && ext_helpers="ldap_group,${ext_helpers}"
140
141 local ntlm_helpers="fakeauth"
142 use samba && ntlm_helpers="smb_lm,${ntlm_helpers}"
143
144 local negotiate_helpers=
145 if use kerberos; then
146 negotiate_helpers="squid_kerb_auth"
147 if has_version app-crypt/mit-krb5; then
148 myconf="--enable-mit --disable-heimdal"
149 elif has_version app-crypt/heimdal; then
150 myconf="--disable-mit --enable-heimdal"
151 fi
152 else
153 myconf="--disable-mit --disable-heimdal"
154 fi
155
156 # coss support has been disabled
157 # If it is re-enabled again, make sure you don't enable it for elibc_uclibc (#61175)
158 myconf="${myconf} --enable-storeio=ufs,diskd,aufs"
159
160 if use kernel_linux; then
161 myconf="${myconf} --enable-linux-netfilter \
162 $(use_enable tproxy linux-tproxy) \
163 $(use_enable epoll)"
164 elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
165 myconf="${myconf} $(use_enable kqueue)"
166 if use pf-transparent; then
167 myconf="${myconf} --enable-pf-transparent"
168 elif use ipf-transparent; then
169 myconf="${myconf} --enable-ipf-transparent"
170 fi
171 fi
172
173 export CC=$(tc-getCC)
174
175 econf \
176 --sysconfdir=/etc/squid \
177 --libexecdir=/usr/libexec/squid \
178 --localstatedir=/var \
179 --with-pidfile=/var/run/squid.pid \
180 --datadir=/usr/share/squid \
181 --with-logdir=/var/log/squid \
182 --with-default-user=squid \
183 --enable-auth="basic,digest,negotiate,ntlm" \
184 --enable-removal-policies="lru,heap" \
185 --enable-digest-auth-helpers="${digest_modules}" \
186 --enable-basic-auth-helpers="${basic_modules}" \
187 --enable-external-acl-helpers="${ext_helpers}" \
188 --enable-ntlm-auth-helpers="${ntlm_helpers}" \
189 --enable-negotiate-auth-helpers="${negotiate_helpers}" \
190 --enable-useragent-log \
191 --enable-cache-digests \
192 --enable-delay-pools \
193 --enable-referer-log \
194 --enable-arp-acl \
195 --with-large-files \
196 --with-filedescriptors=8192 \
197 --disable-strict-error-checking \
198 $(use_with caps libcap) \
199 $(use_enable ipv6) \
200 $(use_enable snmp) \
201 $(use_enable ssl) \
202 $(use_enable icap-client) \
203 $(use_enable ecap) \
204 $(use_enable zero-penalty-hit zph-qos) \
205 ${myconf}
206 }
207
208 src_install() {
209 emake DESTDIR="${D}" install || die "emake install failed"
210
211 # need suid root for looking into /etc/shadow
212 fowners root:squid /usr/libexec/squid/ncsa_auth
213 fperms 4750 /usr/libexec/squid/ncsa_auth
214 if use pam; then
215 fowners root:squid /usr/libexec/squid/pam_auth
216 fperms 4750 /usr/libexec/squid/pam_auth
217 fi
218
219 # some cleanups
220 rm -f "${D}"/usr/bin/Run*
221
222 dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \
223 helpers/ntlm_auth/no_check/README.no_check_ntlm_auth
224 newdoc helpers/basic_auth/SMB/README README.auth_smb
225 dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html
226 newdoc helpers/basic_auth/LDAP/README README.auth_ldap
227 doman helpers/basic_auth/LDAP/*.8
228 dodoc helpers/basic_auth/SASL/squid_sasl_auth*
229
230 newpamd "${FILESDIR}/squid.pam" squid
231 newconfd "${FILESDIR}/squid.confd" squid
232 if use logrotate; then
233 newinitd "${FILESDIR}/squid.initd-logrotate" squid
234 insinto /etc/logrotate.d
235 newins "${FILESDIR}/squid.logrotate" squid
236 else
237 newinitd "${FILESDIR}/squid.initd" squid
238 exeinto /etc/cron.weekly
239 newexe "${FILESDIR}/squid.cron" squid.cron
240 fi
241
242 rm -rf "${D}"/var
243 diropts -m0755 -o squid -g squid
244 keepdir /var/cache/squid /var/log/squid
245 }
246
247 pkg_postinst() {
248 echo
249 elog "Squid authentication helpers have been installed suid root."
250 elog "This allows shadow based authentication (see bug #52977 for more)."
251 echo
252 elog "Be careful what type of cache_dir you select!"
253 elog " 'diskd' is optimized for high levels of traffic, but it might seem slow"
254 elog "when there isn't sufficient traffic to keep squid reasonably busy."
255 elog " If your traffic level is low to moderate, use 'aufs' or 'ufs'."
256 }
Report Message
Find on MARC Find on Google Groups