version bump - security bug #381065

Package-Manager: portage-2.1.10.11/cvs/Linux x86_64
author: Eray Aslan <eras@gentoo.org> 2011-08-31 08:10:59 +0000
committer: Eray Aslan <eras@gentoo.org> 2011-08-31 08:10:59 +0000
commit: 79932f6730be082cd669839f48eb5223ecfaa4df (patch)
tree: 333e77dc1e4fbfc47b7a26297ca7a16c577bbea8 /net-proxy
parent: Fixed defunct RDEPEND (diff)
download: historical-79932f6730be082cd669839f48eb5223ecfaa4df.tar.gz
historical-79932f6730be082cd669839f48eb5223ecfaa4df.tar.bz2
historical-79932f6730be082cd669839f48eb5223ecfaa4df.zip
4 files changed, 523 insertions, 6 deletions
diff --git a/net-proxy/squid/ChangeLog b/net-proxy/squid/ChangeLog
index 92a9b8835c62..aadf25406b67 100644
--- a/net-proxy/squid/ChangeLog
+++ b/net-proxy/squid/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-proxy/squid
 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.320 2011/04/30 12:46:52 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.321 2011/08/31 08:10:58 eras Exp $
+
+*squid-3.1.15 (31 Aug 2011)
+
+  31 Aug 2011; Eray Aslan <eras@gentoo.org> +squid-3.1.15.ebuild,
+  +files/squid-3.1.15-gentoo.patch:
+  version bump - security bug #381065
 
   30 Apr 2011; Diego E. Pettenò <flameeyes@gentoo.org> squid-3.1.12.ebuild:
   Fix install with USE=-pam.
diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index 23c8bb45e792..d7627152953e 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -1,9 +1,10 @@
 -----BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
+Hash: SHA256
 
 AUX squid-2-heimdal.patch 776 RMD160 2ced12e7682356ee2eb660d877437c3ddad6476e SHA1 3a693c2c975fe4c77ee729d8af8ef28097b11fb6 SHA256 bd0083836321c596db3fc8749152bc77d5a4bd03070d33541b7b489af59e4c25
 AUX squid-2.7.9-gentoo.patch 13118 RMD160 44d2482b9c998c1641ab3e2d5c5701a4f6fb6165 SHA1 b5007d3d2df28c35b88c814b41fd4e182ad34f2b SHA256 981588dc2d599a2b49f550a1ae111e96515b437a03c8d0dccc6f96f078009d11
 AUX squid-3.1.12-gentoo.patch 10489 RMD160 ab6366c939cbe317238ae47f3f0ee938d52d8946 SHA1 9e986c234e92742f8f07f401542065de195b0fff SHA256 b6f1db509748178889e8d4be042f07dbddbd2dfc3d354733b084dfed0245eff6
+AUX squid-3.1.15-gentoo.patch 10538 RMD160 f4ac679e89bdd8d43a2cd00b1a63d555a25b9528 SHA1 63b2c8a1767019b35b75403dd9a7bf6b33c69edc SHA256 75549600815236932f549e1c4e0286b6cbb4dc26a7e545abb96b7d29f0128ab3
 AUX squid-3.1.8-gentoo.patch 12364 RMD160 5a825dfd6d18ce8c91e16d8f0841737bc87b3d74 SHA1 29ae980d9b5ecf6b6b1481a36d2d4abb254c4a0a SHA256 bef6ba17f25aa07a5d3691c7a4af7ff478a6c0948b20a867808184a2839417b6
 AUX squid-3.1.8-libmd5.patch 588 RMD160 ae825720524b07bd2c0ae77b15b657fdd9392617 SHA1 5deb1d7a5f6c91b9a910f6460d2df6bc7b07c18e SHA256 c09de18fbcc1b5c4dda19f91c2182e179d05938a235774113a7a3af5862909d5
 AUX squid-3.1.8-qafixes.patch 2214 RMD160 ed05e224d5f392b43f88d1d72415d7539fb3e77b SHA1 4991eb402b9192e3cd18871d3cca7469d10eef35 SHA256 f02b1dbd7afca670b804b616b74e006a2f7aa0bd08988c3120b4064258754af8
@@ -18,18 +19,30 @@ AUX squid.logrotate 103 RMD160 e7e4a6bde48e2735632692a6e628955b270f30ad SHA1 6e8
 AUX squid.pam 315 RMD160 afb3f1cc36ba5ef0015c40040b6d5c18485ec828 SHA1 40933fabaaa2a9cb38d57c3acb77857082c82ae5 SHA256 68ef4282f9fb8506df710d0ae16e84e991e9b138c7f1d0af922682219c7a971f
 DIST squid-2.7.STABLE9.tar.gz 1789462 RMD160 59c63348beed9a672612d48f9ef5e7ca81fa9840 SHA1 6d90fe06468b662b2eefd7ffeb47b9a78f0a871d SHA256 d54ca048313c4b64609fcdf9f1934a70fc1702032a5f04073056d7491d3dd781
 DIST squid-3.1.12.tar.gz 3357403 RMD160 0cdba1fddd9a9510d82f1bad3a1f693c0518da4a SHA1 410f1bb080a6d07dee822f6daa7af79fa7195738 SHA256 2f662e9e42250796fc4cd4ba7742d5e28787e35acc1fa815bcd4cb331521ee40
+DIST squid-3.1.15.tar.gz 3397495 RMD160 cf5910e15ed594cde5f205206d4c1ec65aa445f3 SHA1 c0cfdf54db5ca6ffc23c3f328175ec19f6465d8c SHA256 c56207691ec6ce19f7d19805b290b8f58c63c81e2070d7cd3a824a0b49509b2b
 DIST squid-3.1.8.tar.gz 3253846 RMD160 d5264a517b57774a9f536bee7977ac9769fca63f SHA1 1b3e14e653a77462607aefa7931605a5e24829b9 SHA256 7a8bf96fb0f8245ff0ad6bd7895d6f4f79518c80deb4ef05e0c2a36b22c9b9ac
 DIST squid-3.1.9.tar.gz 3264260 RMD160 731e56d026048c2430d8860a074855c62515ec0e SHA1 53f2000e73d838f8419c5643d335e9996e51303c SHA256 3f690ff31dc4df361235c7253530624f52364ea8783eec41e3ab068c3264aff1
 EBUILD squid-2.7.9.ebuild 6175 RMD160 a235925ac773d7d569a958366923e5a03adcc17c SHA1 0dbb84b76302c265ef4ee193035f5882d46146ed SHA256 587b0f52d2fb973f2686d947893191acf3a1770d467cd8134091fa2c07f01f3d
 EBUILD squid-3.1.12.ebuild 6634 RMD160 df632e270901d6b9625c79aaa73a3082bb9587d8 SHA1 50ccad62a52157912828a30c36a18ea063e960d2 SHA256 9e7ef6c8e105f5c1595e5801a25cc586737b714e71d536e8749b595475e2968e
+EBUILD squid-3.1.15.ebuild 6627 RMD160 96150300ab42d05740b0285c116b866bd4c9f1e7 SHA1 b633bcc1b3be61740d3eb518a96cf5cf701d6cd8 SHA256 10b6e090ac3a5bccbbff260f184307ccbc0e079c65d46c8b98a00a8e6bcb1797
 EBUILD squid-3.1.8.ebuild 7018 RMD160 ebeb8889012c8a9b05813b5e1e8cd955887db0bf SHA1 48bbda8dc9d056fe98ff6024e3acf41b8fb8df99 SHA256 7f98d3bcedae6eb83455744f76951ea35fd15c39fbc270dd6b3a59fd2873e8ce
 EBUILD squid-3.1.9.ebuild 6901 RMD160 75a2da88dc484c9bb514d06b78ead88913bb14c7 SHA1 9311e92baca95e50c39f7b3592705d9999e98257 SHA256 d9a09b9bd151fde57a609ba462758cfaaf04e89dfbc01c4155cb11de122c5dfd
-MISC ChangeLog 68734 RMD160 8daa2ad78bec144bf97ad7e808e56a69c5630857 SHA1 c6dcdfd1056b1cb3787b550602da47c08d837e0a SHA256 c70491f4d7332514ea5890a60d2e606d63626adbbc53a429a5d68442cf115873
+MISC ChangeLog 68899 RMD160 0408aa0fb6878dc037307ef10c88a52168b67f23 SHA1 eefaa9d8c6bfe351e4ae3d517c78023a0f8a3a58 SHA256 2234aac7b60528b71e33fe2a4127832d4185b366ed6722314d4bd980861c3085
 MISC metadata.xml 1015 RMD160 03ac3fffc7b01e366b173a4c3bf1dc6be1bb9202 SHA1 3c1681981e2a143ee50d0ee5bc901ac81e7c5cc4 SHA256 06d8e8a7909b9140eb2e70193db754b84d864da260d6cdf9bde9fa58442ce34a
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.17 (GNU/Linux)
 
-iEYEARECAAYFAk28BLgACgkQAiZjviIA2Xir+ACfdq3l8Ok2dLtj6C6Jzu0ritYt
-JV8AoMXRUU8pxIkA5zgDHh7CicBj8bZU
-=cK/A
+iQIcBAEBCAAGBQJOXeykAAoJEHfx8XVYajsf2P0QAIefm51gRaB2BEN+Io5cwCRT
+dIy9T26x30TaeOlmKP7qOvVJDuTrecnW+pGGCy5FQCXEs/1dk5rszO3/nkjkeJQT
+Q6FWrvLp9Jkd1j87zxe0v3aV/LSnMaAsNy7Ujp6sfO465Q1CL54Wa5OOR0SMtug3
+8WDTKKrXcGNfoa5DZ0Meni2HYBCS1yqE7JoLmfZ9PCH3PDfvaw0CbNFT2RYYuHtY
+SXDq80UuWIX07OY6NpV2CQFGeu/h0s5kz1Knl1c/p0Vod3bCc3DgTsKJ/iWvQfsW
+hv8n5rAnorVp4b089xFImm7oDeOr2wemFX6QTavEaD5/AWbEavy1sla2nx1YLbPA
+PNtxli+Kt7EVGydh6yyRT7tp6vF1bqF+gZTtJU5DBjRPsA1Bn0waCJLsW8ndq8o3
++U7ILdxPuCOKP7fwHPFHc50rAZGXhhZqLe5HdNLLgV/gjv4Ow7J1F9cBahdQ0AYK
+6QpL/DXX44Fp/WVqRWOGuGvTDMyKs3yvdQgOJcsPL9/duvHyQb4pLtYnSEiIFfo1
+UR7j0Xch4As2DIMF+sRQ8VgO70Ms/5WnRbJq2NFeuqMIgw6Q+etJixmIRpCE2QtR
+oOXiqq6DNOF+82C0Q9Z+D/kd5yTrQjjIGT3fNGZiZ5mvH9NpPywyIJGBn1wxZlTC
+Wzkm58Rx9ve7wRVzi4vc
+=gXXW
 -----END PGP SIGNATURE-----
diff --git a/net-proxy/squid/files/squid-3.1.15-gentoo.patch b/net-proxy/squid/files/squid-3.1.15-gentoo.patch
new file mode 100644
index 000000000000..09c9600b6c8e
--- /dev/null
+++ b/net-proxy/squid/files/squid-3.1.15-gentoo.patch
@@ -0,0 +1,289 @@
+diff --git a/configure.ac b/configure.ac
+index 23922c0..f359a00 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -16,9 +16,9 @@ PRESET_CFLAGS="$CFLAGS"
+ PRESET_LDFLAGS="$LDFLAGS"
+ 
+ dnl Set default LDFLAGS
+-if test -z "$LDFLAGS"; then
+-        LDFLAGS="-g"
+-fi
++dnl if test -z "$LDFLAGS"; then
++dnl         LDFLAGS="-g"
++dnl fi
+ 
+ dnl Check for GNU cc
+ AC_PROG_CC
+diff --git a/helpers/basic_auth/MSNT/confload.c b/helpers/basic_auth/MSNT/confload.c
+index e04365e..7241b3f 100644
+--- a/helpers/basic_auth/MSNT/confload.c
++++ b/helpers/basic_auth/MSNT/confload.c
+@@ -27,7 +27,7 @@
+ 
+ /* Path to configuration file */
+ #ifndef SYSCONFDIR
+-#define SYSCONFDIR "/usr/local/squid/etc"
++#define SYSCONFDIR "/etc/squid"
+ #endif
+ #define CONFIGFILE   SYSCONFDIR "/msntauth.conf"
+ 
+diff --git a/helpers/basic_auth/MSNT/msntauth.conf.default b/helpers/basic_auth/MSNT/msntauth.conf.default
+index 323bc1c..c3d7d21 100644
+--- a/helpers/basic_auth/MSNT/msntauth.conf.default
++++ b/helpers/basic_auth/MSNT/msntauth.conf.default
+@@ -8,6 +8,6 @@ server my_PDC		my_BDC		my_NTdomain
+ server other_PDC	other_BDC	otherdomain
+ 
+ # Denied and allowed users. Comment these if not needed.
+-#denyusers	/usr/local/squid/etc/msntauth.denyusers
+-#allowusers	/usr/local/squid/etc/msntauth.allowusers
++#denyusers	/etc/squid/msntauth.denyusers
++#allowusers	/etc/squid/msntauth.allowusers
+ 
+diff --git a/helpers/basic_auth/SMB/smb_auth.sh b/helpers/basic_auth/SMB/smb_auth.sh
+index 2a1abb3..b3ebb7a 100755
+--- a/helpers/basic_auth/SMB/smb_auth.sh
++++ b/helpers/basic_auth/SMB/smb_auth.sh
+@@ -24,7 +24,7 @@ read NMBCAST
+ read AUTHSHARE
+ read AUTHFILE
+ read SMBUSER
+-read SMBPASS
++read -r SMBPASS
+ 
+ # Find domain controller
+ echo "Domain name: $DOMAINNAME"
+@@ -47,7 +47,7 @@ else
+   addropt=""
+ fi
+ echo "Query address options: $addropt"
+-dcip=`nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
++dcip=`nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
+ echo "Domain controller IP address: $dcip"
+ [ -n "$dcip" ] || exit 1
+ 
+diff --git a/helpers/external_acl/session/squid_session.8 b/helpers/external_acl/session/squid_session.8
+index 7808f41..d86e320 100644
+--- a/helpers/external_acl/session/squid_session.8
++++ b/helpers/external_acl/session/squid_session.8
+@@ -35,7 +35,7 @@ the first request.
+ .P
+ Configuration example using the default automatic mode
+ .IP
+-external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session
++external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session
+ .IP
+ acl session external session
+ .IP
+diff --git a/helpers/external_acl/unix_group/squid_unix_group.8 b/helpers/external_acl/unix_group/squid_unix_group.8
+index 72aa1a3..cde5f20 100644
+--- a/helpers/external_acl/unix_group/squid_unix_group.8
++++ b/helpers/external_acl/unix_group/squid_unix_group.8
+@@ -27,7 +27,7 @@ Strip NT domain name component from user names (/ or \\ separated)
+ This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2
+ matches users in group2 or group3
+ .IP
+-external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p
++external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p
+ .IP
+ acl usergroup1 external unix_group group1
+ .IP
+diff --git a/helpers/negotiate_auth/squid_kerb_auth/configure.ac b/helpers/negotiate_auth/squid_kerb_auth/configure.ac
+index e78f61e..ca6c0c2 100644
+--- a/helpers/negotiate_auth/squid_kerb_auth/configure.ac
++++ b/helpers/negotiate_auth/squid_kerb_auth/configure.ac
+@@ -17,6 +17,7 @@ dnl Process this file with autoconf to produce a configure script.
+ 
+ AC_INIT([squid_kerb_auth],[1.0.5],[markus_moeller@compuserve.com])
+ AM_INIT_AUTOMAKE(squid_kerb_auth,1.0.5)
++AM_MAINTAINER_MODE
+ AC_CONFIG_SRCDIR([squid_kerb_auth.c])
+ 
+ AC_PROG_CC
+diff --git a/src/Makefile.am b/src/Makefile.am
+index e1c0be4..423553e 100644
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -639,7 +639,6 @@ BUILT_SOURCES = \
+ 
+ sysconf_DATA = \
+ 	squid.conf.default \
+-	squid.conf.documented \
+ 	mime.conf.default
+ 
+ data_DATA = \
+@@ -724,9 +724,9 @@
+ DEFAULT_ACCESS_LOG      = $(DEFAULT_LOG_PREFIX)/access.log
+ DEFAULT_STORE_LOG       = $(DEFAULT_LOG_PREFIX)/store.log
+ DEFAULT_PID_FILE        = $(DEFAULT_PIDFILE)
+-DEFAULT_NETDB_FILE      = $(DEFAULT_LOG_PREFIX)/netdb.state
+-DEFAULT_SWAP_DIR        = $(localstatedir)/cache
+-DEFAULT_SSL_DB_DIR	= $(localstatedir)/lib/ssl_db
++DEFAULT_NETDB_FILE      = $(localstatedir)/run//netdb.state
++DEFAULT_SWAP_DIR        = $(localstatedir)/cache/squid
++DEFAULT_SSL_DB_DIR	= $(localstatedir)/lib/squid/ssl_db
+ DEFAULT_PINGER		= $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_UNLINKD		= $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_DISKD		= $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'`
+@@ -802,13 +801,11 @@ install-data-local: install-sysconfDATA install-dataDATA
+ 	@if test -f $(DESTDIR)$(DEFAULT_CONFIG_FILE) ; then \
+ 	        echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CONFIG_FILE)" ; \
+ 	else \
+-	        echo "$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE)"; \
+-	        $(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE); \
++	        echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE)"; \
++	        $(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE); \
+ 	fi
+-	echo "$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default"; \
+-	$(INSTALL_DATA) squid.conf.default $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \
+-	echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented"; \
+-	$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).documented; \
++	echo "$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).default"; \
++	$(INSTALL_DATA) squid.conf.documented $(DESTDIR)$(DEFAULT_CONFIG_FILE).default; \
+ 	$(mkinstalldirs) $(DESTDIR)$(DEFAULT_LOG_PREFIX); \
+ 	$(mkinstalldirs) $(DESTDIR)$(DEFAULT_SWAP_DIR); \
+ 	$(mkinstalldirs) $(DESTDIR)`dirname $(DEFAULT_PID_FILE)`
+diff --git a/src/cf.data.pre b/src/cf.data.pre
+index b504918..56928c4 100644
+--- a/src/cf.data.pre
++++ b/src/cf.data.pre
+@@ -768,6 +768,7 @@ acl Safe_ports port 280		# http-mgmt
+ acl Safe_ports port 488		# gss-http
+ acl Safe_ports port 591		# filemaker
+ acl Safe_ports port 777		# multiling http
++acl Safe_ports port 901		# SWAT
+ acl CONNECT method CONNECT
+ NOCOMMENT_END
+ DOC_END
+@@ -917,6 +918,9 @@ http_access deny CONNECT !SSL_ports
+ http_access allow localnet
+ http_access allow localhost
+ 
++# Allow the localhost to have access by default
++http_access allow localhost
++
+ # And finally deny all other access to this proxy
+ http_access deny all
+ NOCOMMENT_END
+@@ -4138,11 +4142,11 @@ COMMENT_END
+ 
+ NAME: cache_mgr
+ TYPE: string
+-DEFAULT: webmaster
++DEFAULT: root
+ LOC: Config.adminEmail
+ DOC_START
+ 	Email-address of local cache manager who will receive
+-	mail if the cache dies.  The default is "webmaster."
++	mail if the cache dies.  The default is "root."
+ DOC_END
+ 
+ NAME: mail_from
+@@ -6456,7 +6460,7 @@ DOC_END
+ NAME: forwarded_for
+ COMMENT: on|off|transparent|truncate|delete
+ TYPE: string
+-DEFAULT: on
++DEFAULT: delete
+ LOC: opt_forwarded_for
+ DOC_START
+ 	If set to "on", Squid will append your client's IP address
+diff --git a/src/debug.cc b/src/debug.cc
+index 32813bf..6de334a 100644
+--- a/src/debug.cc
++++ b/src/debug.cc
+@@ -452,7 +452,7 @@ _db_init(const char *logfile, const char *options)
+ #if HAVE_SYSLOG && defined(LOG_LOCAL4)
+ 
+     if (Debug::log_syslog)
+-        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
++        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility);
+ 
+ #endif /* HAVE_SYSLOG */
+ 
+diff --git a/src/main.cc b/src/main.cc
+index 941126d..71f3c3b 100644
+--- a/src/main.cc
++++ b/src/main.cc
+@@ -1555,7 +1555,7 @@ watch_child(char *argv[])
+     if (*(argv[0]) == '(')
+         return;
+ 
+-    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ 
+     if ((pid = fork()) < 0)
+         syslog(LOG_ALERT, "fork failed: %s", xstrerror());
+@@ -1599,7 +1599,7 @@ watch_child(char *argv[])
+ 
+         if ((pid = fork()) == 0) {
+             /* child */
+-            openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++            openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+             prog = xstrdup(argv[0]);
+             argv[0] = xstrdup("(squid)");
+             execvp(prog, argv);
+@@ -1607,7 +1607,7 @@ watch_child(char *argv[])
+         }
+ 
+         /* parent */
+-        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ 
+         syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid);
+ 
+commit e3f6cc6438869766751556f2d9747669b4c51fe1
+Author: Eray Aslan <eras@gentoo.org>
+Date:   Fri Apr 29 10:55:17 2011 +0000
+
+    Do not auto detect kerberos.
+    
+    No need for automagic dependencies.  We already give the necessary flags
+    to the configure script.
+
+diff --git a/helpers/negotiate_auth/squid_kerb_auth/configure.ac b/helpers/negotiate_auth/squid_kerb_auth/configure.ac
+index e78f61e..dc739b2 100644
+--- a/helpers/negotiate_auth/squid_kerb_auth/configure.ac
++++ b/helpers/negotiate_auth/squid_kerb_auth/configure.ac
+@@ -279,40 +279,6 @@ AC_ARG_ENABLE(seam-64,
+        check_seam_64
+     fi ])
+ 
+-dnl Define system default
+-if test "$enable_arg" = "no"; then
+-  dnl Autodetect system
+-  dnl Check krb5-config first
+-  AC_CHECK_PROG(ac_krb5_config,krb5-config,yes,no)
+-  case $sys in
+-           Linux) rpm -q heimdal-lib >/dev/null 2>&1
+-                  if test $? = 0 ; then
+-                    check_heimdal
+-		  else 
+-		    check_mit
+-                  fi 
+-                  ;;
+-           AIX)   lslpp -L krb5.client.rte >/dev/null 2>&1
+-                  if test $? = 0 ; then
+-                    check_nas
+-		  else 
+-		    check_mit
+-                  fi
+-                  ;;
+-           SunOS) pkginfo SUNWgss >/dev/null 2>&1
+-                  if test $? = 0 ; then
+-                    check_seam
+-		  else 
+-		    check_mit
+-                  fi
+-                  ;;
+-           FreeBSD) check_heimdal
+-                    ;;
+-           *) check_mit
+-              ;;
+-  esac
+-fi
+-
+ AC_C_BIGENDIAN
+ 
+ AC_CHECK_HEADERS( \
diff --git a/net-proxy/squid/squid-3.1.15.ebuild b/net-proxy/squid/squid-3.1.15.ebuild
new file mode 100644
index 000000000000..fd9571559e1c
--- /dev/null
+++ b/net-proxy/squid/squid-3.1.15.ebuild
@@ -0,0 +1,209 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-3.1.15.ebuild,v 1.1 2011/08/31 08:10:58 eras Exp $
+
+EAPI=4
+
+inherit eutils pam toolchain-funcs autotools linux-info
+
+DESCRIPTION="A full-featured web proxy cache"
+HOMEPAGE="http://www.squid-cache.org/"
+SRC_URI="http://www.squid-cache.org/Versions/v3/3.1/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
+	ecap icap-client \
+	mysql postgres sqlite \
+	zero-penalty-hit \
+	pf-transparent ipf-transparent kqueue \
+	elibc_uclibc kernel_linux +epoll tproxy"
+
+COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
+	pam? ( virtual/pam )
+	ldap? ( net-nds/openldap )
+	kerberos? ( virtual/krb5 )
+	ssl? ( dev-libs/openssl )
+	sasl? ( dev-libs/cyrus-sasl )
+	ecap? ( net-libs/libecap )
+	selinux? ( sec-policy/selinux-squid )
+	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
+	>=sys-libs/db-4
+	dev-lang/perl"
+DEPEND="${COMMON_DEPEND}
+	sys-apps/ed
+	test? ( dev-util/cppunit )"
+RDEPEND="${COMMON_DEPEND}
+	samba? ( net-fs/samba )
+	mysql? ( dev-perl/DBD-mysql )
+	postgres? ( dev-perl/DBD-Pg )
+	sqlite? ( dev-perl/DBD-SQLite )"
+
+REQUIRED_USE="tproxy? ( caps )"
+
+pkg_pretend() {
+	if grep -qs '^[[:space:]]*cache_dir[[:space:]]\+coss' "${ROOT}"etc/squid/squid.conf; then
+		eerror "coss store IO has been disabled by upstream due to stability issues!"
+		eerror "If you want to install this version, switch the store type to something else"
+		eerror "before attempting to install this version again."
+
+		die "/etc/squid/squid.conf: cache_dir uses a disabled store type"
+	fi
+
+	if use tproxy; then
+		echo
+		elog "Checking kernel configuration for full Tproxy4 support"
+		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_TPROXY ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
+		linux-info_pkg_setup
+		echo
+	fi
+}
+
+pkg_setup() {
+	enewgroup squid 31
+	enewuser squid 31 -1 /var/cache/squid squid
+}
+
+src_prepare() {
+	epatch "${FILESDIR}"/${P}-gentoo.patch
+	eautoreconf
+}
+
+src_configure() {
+	local myconf=""
+
+	local basic_modules="getpwnam,NCSA,MSNT"
+	use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}"
+	use ldap && basic_modules="LDAP,${basic_modules}"
+	use pam && basic_modules="PAM,${basic_modules}"
+	use sasl && basic_modules="SASL,${basic_modules}"
+	use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}"
+	use radius && basic_modules="squid_radius_auth,${basic_modules}"
+	if use mysql || use postgres || use sqlite ; then
+		basic_modules="DB,${basic_modules}"
+	fi
+
+	local digest_modules="password"
+	use ldap && digest_modules="ldap,${digest_modules}"
+
+	local ext_helpers="ip_user,session,unix_group"
+	use samba && ext_helpers="wbinfo_group,${ext_helpers}"
+	use ldap && ext_helpers="ldap_group,${ext_helpers}"
+
+	local ntlm_helpers="fakeauth"
+	use samba && ntlm_helpers="smb_lm,${ntlm_helpers}"
+
+	local negotiate_helpers=
+	if use kerberos; then
+		negotiate_helpers="squid_kerb_auth"
+		if has_version app-crypt/mit-krb5; then
+			myconf="--enable-mit --disable-heimdal"
+		elif has_version app-crypt/heimdal; then
+			myconf="--disable-mit --enable-heimdal"
+		fi
+	else
+		myconf="--disable-mit --disable-heimdal"
+	fi
+
+	# coss support has been disabled
+	# If it is re-enabled again, make sure you don't enable it for elibc_uclibc (#61175)
+	myconf="${myconf} --enable-storeio=ufs,diskd,aufs"
+
+	if use kernel_linux; then
+		myconf="${myconf} --enable-linux-netfilter \
+			$(use_enable tproxy linux-tproxy) \
+			$(use_enable epoll)"
+	elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
+		myconf="${myconf} $(use_enable kqueue)"
+		if use pf-transparent; then
+			myconf="${myconf} --enable-pf-transparent"
+		elif use ipf-transparent; then
+			myconf="${myconf} --enable-ipf-transparent"
+		fi
+	fi
+
+	export CC=$(tc-getCC)
+
+	econf \
+		--sysconfdir=/etc/squid \
+		--libexecdir=/usr/libexec/squid \
+		--localstatedir=/var \
+		--with-pidfile=/var/run/squid.pid \
+		--datadir=/usr/share/squid \
+		--with-logdir=/var/log/squid \
+		--with-default-user=squid \
+		--enable-auth="basic,digest,negotiate,ntlm" \
+		--enable-removal-policies="lru,heap" \
+		--enable-digest-auth-helpers="${digest_modules}" \
+		--enable-basic-auth-helpers="${basic_modules}" \
+		--enable-external-acl-helpers="${ext_helpers}" \
+		--enable-ntlm-auth-helpers="${ntlm_helpers}" \
+		--enable-negotiate-auth-helpers="${negotiate_helpers}" \
+		--enable-useragent-log \
+		--enable-cache-digests \
+		--enable-delay-pools \
+		--enable-referer-log \
+		--enable-arp-acl \
+		--with-large-files \
+		--with-filedescriptors=8192 \
+		--disable-strict-error-checking \
+		$(use_with caps libcap) \
+		$(use_enable ipv6) \
+		$(use_enable snmp) \
+		$(use_enable ssl) \
+		$(use_enable icap-client) \
+		$(use_enable ecap) \
+		$(use_enable zero-penalty-hit zph-qos) \
+		${myconf}
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+
+	# need suid root for looking into /etc/shadow
+	fowners root:squid /usr/libexec/squid/ncsa_auth
+	fperms 4750 /usr/libexec/squid/ncsa_auth
+	if use pam; then
+		fowners root:squid /usr/libexec/squid/pam_auth
+		fperms 4750 /usr/libexec/squid/pam_auth
+	fi
+
+	# some cleanups
+	rm -f "${D}"/usr/bin/Run*
+
+	dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \
+		helpers/ntlm_auth/no_check/README.no_check_ntlm_auth
+	newdoc helpers/basic_auth/SMB/README README.auth_smb
+	dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html
+	newdoc helpers/basic_auth/LDAP/README README.auth_ldap
+	doman helpers/basic_auth/LDAP/*.8
+	dodoc helpers/basic_auth/SASL/squid_sasl_auth*
+
+	newpamd "${FILESDIR}/squid.pam" squid
+	newconfd "${FILESDIR}/squid.confd" squid
+	if use logrotate; then
+		newinitd "${FILESDIR}/squid.initd-logrotate" squid
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/squid.logrotate" squid
+	else
+		newinitd "${FILESDIR}/squid.initd" squid
+		exeinto /etc/cron.weekly
+		newexe "${FILESDIR}/squid.cron" squid.cron
+	fi
+
+	rm -rf "${D}"/var
+	diropts -m0755 -o squid -g squid
+	keepdir /var/cache/squid /var/log/squid
+}
+
+pkg_postinst() {
+	echo
+	elog "Squid authentication helpers have been installed suid root."
+	elog "This allows shadow based authentication (see bug #52977 for more)."
+	echo
+	elog "Be careful what type of cache_dir you select!"
+	elog "   'diskd' is optimized for high levels of traffic, but it might seem slow"
+	elog "when there isn't sufficient traffic to keep squid reasonably busy."
+	elog "   If your traffic level is low to moderate, use 'aufs' or 'ufs'."
+}
author	Eray Aslan <eras@gentoo.org>	2011-08-31 08:10:59 +0000
committer	Eray Aslan <eras@gentoo.org>	2011-08-31 08:10:59 +0000
commit	79932f6730be082cd669839f48eb5223ecfaa4df (patch)
tree	333e77dc1e4fbfc47b7a26297ca7a16c577bbea8 /net-proxy
parent	Fixed defunct RDEPEND (diff)
download	historical-79932f6730be082cd669839f48eb5223ecfaa4df.tar.gz historical-79932f6730be082cd669839f48eb5223ecfaa4df.tar.bz2 historical-79932f6730be082cd669839f48eb5223ecfaa4df.zip