summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlin Năstac <mrness@gentoo.org>2005-03-03 18:37:02 +0000
committerAlin Năstac <mrness@gentoo.org>2005-03-03 18:37:02 +0000
commit5b0684f41d1849bb9355c1723302ab3602372250 (patch)
treea262971ef6a50b79ec231d47561de2b9da785aea /www-proxy/squid
parentrecommit manifest. bad epkgmove (diff)
downloadhistorical-5b0684f41d1849bb9355c1723302ab3602372250.tar.gz
historical-5b0684f41d1849bb9355c1723302ab3602372250.tar.bz2
historical-5b0684f41d1849bb9355c1723302ab3602372250.zip
security bump (#83955)
Package-Manager: portage-2.0.51-r15
Diffstat (limited to 'www-proxy/squid')
-rw-r--r--www-proxy/squid/ChangeLog8
-rw-r--r--www-proxy/squid/Manifest21
-rw-r--r--www-proxy/squid/files/digest-squid-2.5.92
-rw-r--r--www-proxy/squid/files/squid-2.5.9-gentoo.diff453
-rw-r--r--www-proxy/squid/squid-2.5.9.ebuild198
5 files changed, 672 insertions, 10 deletions
diff --git a/www-proxy/squid/ChangeLog b/www-proxy/squid/ChangeLog
index 768220cae90c..5703741320d6 100644
--- a/www-proxy/squid/ChangeLog
+++ b/www-proxy/squid/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for www-proxy/squid
# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/ChangeLog,v 1.41 2005/02/28 11:18:21 eradicator Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/ChangeLog,v 1.42 2005/03/03 18:37:02 mrness Exp $
+
+*squid-2.5.9 (03 Mar 2005)
+
+ 03 Mar 2005; Alin Nastac <mrness@gentoo.org>
+ +files/squid-2.5.9-gentoo.diff, +squid-2.5.9.ebuild:
+ Security bump (#83955).
28 Feb 2005; Jeremy Huddleston <eradicator@gentoo.org>
squid-2.5.8-r1.ebuild:
diff --git a/www-proxy/squid/Manifest b/www-proxy/squid/Manifest
index 0b4a0fb02231..cb0e832e9e4c 100644
--- a/www-proxy/squid/Manifest
+++ b/www-proxy/squid/Manifest
@@ -1,22 +1,25 @@
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
-MD5 d328e3d7b458d5903a153a71308e9dec ChangeLog 14772
-MD5 c0fd2ab16f04e5c691ca42cb5585071a metadata.xml 330
MD5 3a2538e403f25c33ed40b387976acfb9 squid-2.5.8-r1.ebuild 6107
+MD5 e732facd0f62b165ecbe3e07c9677b3c squid-2.5.9.ebuild 6026
MD5 f2881ab9b7a08ed59e6f62d772193dfb squid-2.5.8.ebuild 5893
+MD5 22db25a390a067458cdcb76c3da8259e ChangeLog 14925
+MD5 c0fd2ab16f04e5c691ca42cb5585071a metadata.xml 330
MD5 c2d230465ceefe887175cb8121d0fbc8 files/digest-squid-2.5.8-r1 156
-MD5 5286e7e73ca5687381fa09ff41dccbd1 files/squid-logrotate 101
-MD5 6f30a7f5c48ec35a7044acb189c858c5 files/squid-r1.cron 133
MD5 e4e44e57aa7d93849649c3ceb67a3a65 files/squid.confd 437
+MD5 6f30a7f5c48ec35a7044acb189c858c5 files/squid-r1.cron 133
+MD5 c3048f19a1c725e2c53f86640b752382 files/squid-2.5.8-gentoo.diff 17233
MD5 bea1d2ef8cb2f1590f89bf37f28b9268 files/squid.pam 505
MD5 20bbd41f88ddbcbe57380697c2675862 files/squid.rc6 1980
+MD5 5286e7e73ca5687381fa09ff41dccbd1 files/squid-logrotate 101
+MD5 614800a8c36c2df8967380405cc05aa9 files/squid-2.5.9-gentoo.diff 17233
MD5 b1028824f46381ebe326b5faf0e06d35 files/digest-squid-2.5.8 155
-MD5 c3048f19a1c725e2c53f86640b752382 files/squid-2.5.8-gentoo.diff 17233
+MD5 7aec9f6b933e46cb25a72c56c0993e9e files/digest-squid-2.5.9 156
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.0 (GNU/Linux)
+Version: GnuPG v1.2.6 (GNU/Linux)
-iD8DBQFCIv4MArHZZzCEUG0RAsnlAJ9WUV5exSGMgw+bNGu2Ph/YgETUggCgiAKA
-crAlTkI+293uwysTzC468MQ=
-=9hAU
+iD8DBQFCJ1lYjiC39V7gKu0RArKwAKCmeeszTnNVPa33e05N4hKPAFUpzwCbBYMI
+XeDqk42K8raxUz7SZ8J1YB0=
+=oBTz
-----END PGP SIGNATURE-----
diff --git a/www-proxy/squid/files/digest-squid-2.5.9 b/www-proxy/squid/files/digest-squid-2.5.9
new file mode 100644
index 000000000000..43eeb55a79bf
--- /dev/null
+++ b/www-proxy/squid/files/digest-squid-2.5.9
@@ -0,0 +1,2 @@
+MD5 5a34a303dcab8851c7ab20e24af69b61 squid-2.5.STABLE9.tar.bz2 1057776
+MD5 51a7419adc3f45cfdd735e4b2e5dcdb9 squid-2.5.STABLE9-patches-20050303.tar.gz 10519
diff --git a/www-proxy/squid/files/squid-2.5.9-gentoo.diff b/www-proxy/squid/files/squid-2.5.9-gentoo.diff
new file mode 100644
index 000000000000..9198aa85a9f4
--- /dev/null
+++ b/www-proxy/squid/files/squid-2.5.9-gentoo.diff
@@ -0,0 +1,453 @@
+diff -Nru squid-2.5.STABLE9.orig/errors/Makefile.in squid-2.5.STABLE9/errors/Makefile.in
+--- squid-2.5.STABLE9.orig/errors/Makefile.in 2004-07-10 15:11:41.000000000 +0300
++++ squid-2.5.STABLE9/errors/Makefile.in 2005-03-03 20:19:24.874936344 +0200
+@@ -118,7 +118,7 @@
+ install_sh = @install_sh@
+ makesnmplib = @makesnmplib@
+
+-errordir = $(datadir)/errors
++errordir = $(libexecdir)/errors
+
+ DEFAULT_ERROR_DIR = $(errordir)
+
+diff -Nru squid-2.5.STABLE9.orig/helpers/basic_auth/SMB/Makefile.in squid-2.5.STABLE9/helpers/basic_auth/SMB/Makefile.in
+--- squid-2.5.STABLE9.orig/helpers/basic_auth/SMB/Makefile.in 2004-07-10 15:11:41.000000000 +0300
++++ squid-2.5.STABLE9/helpers/basic_auth/SMB/Makefile.in 2005-03-03 20:19:24.875936192 +0200
+@@ -128,7 +128,7 @@
+ makesnmplib = @makesnmplib@
+
+ SMB_AUTH_HELPER = smb_auth.sh
+-SAMBAPREFIX = /usr/local/samba
++SAMBAPREFIX = /usr
+ SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
+
+ libexec_SCRIPTS = $(SMB_AUTH_HELPER)
+diff -Nru squid-2.5.STABLE9.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.5.STABLE9/helpers/basic_auth/SMB/smb_auth.sh
+--- squid-2.5.STABLE9.orig/helpers/basic_auth/SMB/smb_auth.sh 2001-01-08 01:36:46.000000000 +0200
++++ squid-2.5.STABLE9/helpers/basic_auth/SMB/smb_auth.sh 2005-03-03 20:19:24.876936040 +0200
+@@ -24,7 +24,7 @@
+ read AUTHSHARE
+ read AUTHFILE
+ read SMBUSER
+-read SMBPASS
++read -r SMBPASS
+
+ # Find domain controller
+ echo "Domain name: $DOMAINNAME"
+@@ -47,7 +47,7 @@
+ addropt=""
+ fi
+ echo "Query address options: $addropt"
+-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
+ echo "Domain controller IP address: $dcip"
+ [ -n "$dcip" ] || exit 1
+
+diff -Nru squid-2.5.STABLE9.orig/icons/Makefile.in squid-2.5.STABLE9/icons/Makefile.in
+--- squid-2.5.STABLE9.orig/icons/Makefile.in 2004-07-10 15:11:47.000000000 +0300
++++ squid-2.5.STABLE9/icons/Makefile.in 2005-03-03 20:19:24.876936040 +0200
+@@ -146,7 +146,7 @@
+ anthony-xpm.gif
+
+
+-icondir = $(datadir)/icons
++icondir = $(libexecdir)/icons
+ icon_DATA = $(ICON1) $(ICON2)
+ EXTRA_DIST = $(ICON1) $(ICON2) icons.shar
+ DISTCLEANFILES =
+diff -Nru squid-2.5.STABLE9.orig/snmplib/snmp_api.c squid-2.5.STABLE9/snmplib/snmp_api.c
+--- squid-2.5.STABLE9.orig/snmplib/snmp_api.c 2002-02-13 03:43:43.000000000 +0200
++++ squid-2.5.STABLE9/snmplib/snmp_api.c 2005-03-03 20:19:24.877935888 +0200
+@@ -121,7 +121,7 @@
+ }
+
+ /*
+- * Parses the packet recieved on the input session, and places the data into
++ * Parses the packet received on the input session, and places the data into
+ * the input pdu. length is the length of the input packet. If any errors
+ * are encountered, NULL is returned. If not, the community is.
+ */
+diff -Nru squid-2.5.STABLE9.orig/src/Makefile.in squid-2.5.STABLE9/src/Makefile.in
+--- squid-2.5.STABLE9.orig/src/Makefile.in 2004-09-26 00:37:59.000000000 +0300
++++ squid-2.5.STABLE9/src/Makefile.in 2005-03-03 20:19:24.878935736 +0200
+@@ -376,18 +376,18 @@
+ DEFAULT_CONFIG_FILE = $(sysconfdir)/squid.conf
+ DEFAULT_MIME_TABLE = $(sysconfdir)/mime.conf
+ DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
+-DEFAULT_LOG_PREFIX = $(localstatedir)/logs
+-DEFAULT_CACHE_LOG = $(DEFAULT_LOG_PREFIX)/cache.log
+-DEFAULT_ACCESS_LOG = $(DEFAULT_LOG_PREFIX)/access.log
+-DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log
+-DEFAULT_PID_FILE = $(DEFAULT_LOG_PREFIX)/squid.pid
+-DEFAULT_SWAP_DIR = $(localstatedir)/cache
++DEFAULT_LOG_PREFIX = $(localstatedir)/log
++DEFAULT_CACHE_LOG = $(localstatedir)/log/squid/cache.log
++DEFAULT_ACCESS_LOG = $(localstatedir)/log/squid/access.log
++DEFAULT_STORE_LOG = $(localstatedir)/log/squid/store.log
++DEFAULT_PID_FILE = $(localstatedir)/run/squid.pid
++DEFAULT_SWAP_DIR = $(localstatedir)/cache/squid
+ DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_DISKD = $(libexecdir)/`echo diskd | sed '$(transform);s/$$/$(EXEEXT)/'`
+-DEFAULT_ICON_DIR = $(datadir)/icons
+-DEFAULT_ERROR_DIR = $(datadir)/errors/@ERR_DEFAULT_LANGUAGE@
+-DEFAULT_MIB_PATH = $(datadir)/mib.txt
++DEFAULT_ICON_DIR = $(libexecdir)/icons
++DEFAULT_ERROR_DIR = $(sysconfdir)/errors
++DEFAULT_MIB_PATH = $(libexecdir)/mib.txt
+
+ DEFS = @DEFS@ -DDEFAULT_CONFIG_FILE=\"$(DEFAULT_CONFIG_FILE)\"
+
+@@ -838,12 +838,12 @@
+ uninstall-info-am:
+ install-dataDATA: $(data_DATA)
+ @$(NORMAL_INSTALL)
+- $(mkinstalldirs) $(DESTDIR)$(datadir)
++ $(mkinstalldirs) $(DESTDIR)$(libexecdir)
+ @list='$(data_DATA)'; for p in $$list; do \
+ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(datadir)/$$f"; \
+- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(datadir)/$$f; \
++ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(libexecdir)/$$f"; \
++ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(libexecdir)/$$f; \
+ done
+
+ uninstall-dataDATA:
+diff -Nru squid-2.5.STABLE9.orig/src/auth/digest/auth_digest.c squid-2.5.STABLE9/src/auth/digest/auth_digest.c
+--- squid-2.5.STABLE9.orig/src/auth/digest/auth_digest.c 2004-08-29 01:31:15.000000000 +0300
++++ squid-2.5.STABLE9/src/auth/digest/auth_digest.c 2005-03-03 20:19:24.879935584 +0200
+@@ -1252,7 +1252,7 @@
+ nonce = authenticateDigestNonceFindNonce(digest_request->nonceb64);
+ if (!nonce) {
+ /* we couldn't find a matching nonce! */
+- debug(29, 4) ("authenticateDigestDecode: Unexpected or invalid nonce recieved\n");
++ debug(29, 4) ("authenticateDigestDecode: Unexpected or invalid nonce received\n");
+ authDigestLogUsername(auth_user_request, username);
+
+ /* we don't need the scheme specific data anymore */
+@@ -1266,8 +1266,8 @@
+ /* check the qop is what we expected. Note that for compatability with
+ * RFC 2069 we should support a missing qop. Tough. */
+ if (!digest_request->qop || strcmp(digest_request->qop, QOP_AUTH)) {
+- /* we recieved a qop option we didn't send */
+- debug(29, 4) ("authenticateDigestDecode: Invalid qop option recieved\n");
++ /* we received a qop option we didn't send */
++ debug(29, 4) ("authenticateDigestDecode: Invalid qop option received\n");
+ authDigestLogUsername(auth_user_request, username);
+
+ /* we don't need the scheme specific data anymore */
+diff -Nru squid-2.5.STABLE9.orig/src/auth/ntlm/auth_ntlm.c squid-2.5.STABLE9/src/auth/ntlm/auth_ntlm.c
+--- squid-2.5.STABLE9.orig/src/auth/ntlm/auth_ntlm.c 2005-02-04 01:22:12.000000000 +0200
++++ squid-2.5.STABLE9/src/auth/ntlm/auth_ntlm.c 2005-03-03 20:19:24.880935432 +0200
+@@ -950,7 +950,7 @@
+ }
+ switch (ntlm_request->auth_state) {
+ case AUTHENTICATE_STATE_NONE:
+- /* we've recieved a negotiate request. pass to a helper */
++ /* we've received a negotiate request. pass to a helper */
+ debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state ntlm none. %s\n", proxy_auth);
+ ntlm_request->auth_state = AUTHENTICATE_STATE_NEGOTIATE;
+ ntlm_request->ntlmnegotiate = xstrdup(proxy_auth);
+@@ -969,7 +969,7 @@
+ return;
+ break;
+ case AUTHENTICATE_STATE_CHALLENGE:
+- /* we should have recieved a NTLM challenge. pass it to the same
++ /* we should have received a NTLM challenge. pass it to the same
+ * helper process */
+ debug(29, 9) ("authenticateNTLMAuthenticateUser: auth state challenge with header %s.\n", proxy_auth);
+ /* do a cache lookup here. If it matches it's a successful ntlm
+diff -Nru squid-2.5.STABLE9.orig/src/cf.data.pre squid-2.5.STABLE9/src/cf.data.pre
+--- squid-2.5.STABLE9.orig/src/cf.data.pre 2005-02-23 02:06:34.000000000 +0200
++++ squid-2.5.STABLE9/src/cf.data.pre 2005-03-03 20:19:24.883934976 +0200
+@@ -156,12 +156,12 @@
+ NAME: htcp_port
+ IFDEF: USE_HTCP
+ TYPE: ushort
+-DEFAULT: 4827
++DEFAULT: 0
+ LOC: Config.Port.htcp
+ DOC_START
+ The port number where Squid sends and receives HTCP queries to
+- and from neighbor caches. Default is 4827. To disable use
+- "0".
++ and from neighbor caches. To turn it on you want to set it to
++ 4827. By default it is set to "0" (disabled).
+ DOC_END
+
+
+@@ -2100,7 +2100,7 @@
+ # acls.
+
+ acl aclname rep_mime_type mime-type1 ...
+- # regex match against the mime type of the reply recieved by
++ # regex match against the mime type of the reply received by
+ # squid. Can be used to detect file download or some
+ # types HTTP tunelling requests.
+ # NOTE: This has no effect in http_access rules. It only has
+@@ -2140,6 +2140,8 @@
+ acl Safe_ports port 488 # gss-http
+ acl Safe_ports port 591 # filemaker
+ acl Safe_ports port 777 # multiling http
++acl Safe_ports port 901 # SWAT
++acl purge method PURGE
+ acl CONNECT method CONNECT
+ NOCOMMENT_END
+ DOC_END
+@@ -2173,6 +2175,9 @@
+ # Only allow cachemgr access from localhost
+ http_access allow manager localhost
+ http_access deny manager
++# Only allow purge requests from localhost
++http_access allow purge localhost
++http_access deny purge
+ # Deny requests to unknown ports
+ http_access deny !Safe_ports
+ # Deny CONNECT to other than SSL ports
+@@ -2191,6 +2196,9 @@
+ #acl our_networks src 192.168.1.0/24 192.168.2.0/24
+ #http_access allow our_networks
+
++# Allow the localhost to have access by default
++http_access allow localhost
++
+ # And finally deny all other access to this proxy
+ http_access deny all
+ NOCOMMENT_END
+@@ -2388,7 +2396,7 @@
+ DOC_START
+ This option specifies the maximum size of a reply body in bytes.
+ It can be used to prevent users from downloading very large files,
+- such as MP3's and movies. When the reply headers are recieved,
++ such as MP3's and movies. When the reply headers are received,
+ the reply_body_max_size lines are processed, and the first line with
+ a result of "allow" is used as the maximum body size for this reply.
+ This size is checked twice. First when we get the reply headers,
+@@ -2415,7 +2423,7 @@
+
+ NAME: cache_mgr
+ TYPE: string
+-DEFAULT: webmaster
++DEFAULT: root
+ LOC: Config.adminEmail
+ DOC_START
+ Email-address of local cache manager who will receive
+@@ -2425,7 +2433,7 @@
+
+ NAME: cache_effective_user
+ TYPE: string
+-DEFAULT: nobody
++DEFAULT: squid
+ LOC: Config.effectiveUser
+ DOC_START
+ If you start Squid as root, it will change its effective/real
+@@ -2440,7 +2448,7 @@
+
+ NAME: cache_effective_group
+ TYPE: string
+-DEFAULT: none
++DEFAULT: squid
+ LOC: Config.effectiveGroup
+ DOC_START
+ If you want Squid to run with a specific GID regardless of
+@@ -2592,7 +2600,7 @@
+ DOC_START
+ If you are running Squid as an accelerator and have a single backend
+ server set this to on. This causes Squid to forward the request
+- to this server, regardles of what any redirectors or Host headers
++ to this server, regardless of what any redirectors or Host headers
+ say.
+
+ Leave this at off if you have multiple backend servers, and use a
+@@ -3229,7 +3237,11 @@
+ If you wish to create your own versions of the default
+ (English) error files, either to customize them to suit your
+ language or company copy the template English files to another
+- directory and point this tag at them.
++ directory where the error files are read from.
++ /usr/lib/squid/errors contains sets of error files
++ in different languages. The default error directory
++ is /etc/squid/errors, which is a link to one of these
++ error sets.
+ DOC_END
+
+ NAME: maximum_single_addr_tries
+@@ -3263,12 +3275,15 @@
+ NAME: snmp_port
+ TYPE: ushort
+ LOC: Config.Port.snmp
+-DEFAULT: 3401
++DEFAULT: 0
+ IFDEF: SQUID_SNMP
+ DOC_START
+ Squid can now serve statistics and status information via SNMP.
+ By default it listens to port 3401 on the machine. If you don't
+ wish to use SNMP, set this to "0".
++
++ Note: on Gentoo Linux, the default is zero - you need to
++ set it to 3401 to enable it.
+ DOC_END
+
+ NAME: snmp_access
+diff -Nru squid-2.5.STABLE9.orig/src/debug.c squid-2.5.STABLE9/src/debug.c
+--- squid-2.5.STABLE9.orig/src/debug.c 2001-12-17 20:01:54.000000000 +0200
++++ squid-2.5.STABLE9/src/debug.c 2005-03-03 20:19:24.884934824 +0200
+@@ -200,9 +200,9 @@
+ }
+ debugOpenLog(logfile);
+
+-#if HAVE_SYSLOG && defined(LOG_LOCAL4)
++#if HAVE_SYSLOG
+ if (opt_syslog_enable)
+- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ #endif /* HAVE_SYSLOG */
+
+ }
+diff -Nru squid-2.5.STABLE9.orig/src/defines.h squid-2.5.STABLE9/src/defines.h
+--- squid-2.5.STABLE9.orig/src/defines.h 2002-08-08 23:17:39.000000000 +0300
++++ squid-2.5.STABLE9/src/defines.h 2005-03-03 20:19:24.884934824 +0200
+@@ -219,7 +219,7 @@
+
+ /* were to look for errors if config path fails */
+ #ifndef DEFAULT_SQUID_ERROR_DIR
+-#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors"
++#define DEFAULT_SQUID_ERROR_DIR "/usr/lib/squid/errors/English"
+ #endif
+
+ /* gb_type operations */
+diff -Nru squid-2.5.STABLE9.orig/src/delay_pools.c squid-2.5.STABLE9/src/delay_pools.c
+--- squid-2.5.STABLE9.orig/src/delay_pools.c 2003-06-19 02:53:35.000000000 +0300
++++ squid-2.5.STABLE9/src/delay_pools.c 2005-03-03 20:19:24.885934672 +0200
+@@ -609,7 +609,7 @@
+ }
+
+ /*
+- * this records actual bytes recieved. always recorded, even if the
++ * this records actual bytes received. always recorded, even if the
+ * class is disabled - it's more efficient to just do it than to do all
+ * the checks.
+ */
+diff -Nru squid-2.5.STABLE9.orig/src/main.c squid-2.5.STABLE9/src/main.c
+--- squid-2.5.STABLE9.orig/src/main.c 2005-02-21 04:55:04.000000000 +0200
++++ squid-2.5.STABLE9/src/main.c 2005-03-03 20:19:24.887934368 +0200
+@@ -326,6 +326,21 @@
+ asnFreeMemory();
+ }
+
++#if USE_UNLINKD
++static int
++needUnlinkd(void)
++{
++ int i;
++ int r = 0;
++ for (i = 0; i < Config.cacheSwap.n_configured; i++) {
++ if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 ||
++ strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0)
++ r++;
++ }
++ return r;
++}
++#endif
++
+ static void
+ mainReconfigure(void)
+ {
+@@ -351,6 +366,7 @@
+ redirectShutdown();
+ authenticateShutdown();
+ externalAclShutdown();
++ unlinkdClose();
+ storeDirCloseSwapLogs();
+ storeLogClose();
+ accessLogClose();
+@@ -381,6 +397,9 @@
+ #if USE_WCCP
+ wccpInit();
+ #endif
++#if USE_UNLINKD
++ if (needUnlinkd()) unlinkdInit();
++#endif
+ serverConnectionsOpen();
+ if (theOutIcpConnection >= 0) {
+ if (!Config2.Accel.on || Config.onoff.accel_with_proxy)
+@@ -525,7 +544,7 @@
+
+ if (!configured_once) {
+ #if USE_UNLINKD
+- unlinkdInit();
++ if (needUnlinkd()) unlinkdInit();
+ #endif
+ urlInitialize();
+ cachemgrInit();
+@@ -860,7 +879,7 @@
+ int nullfd;
+ if (*(argv[0]) == '(')
+ return;
+- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ if ((pid = fork()) < 0)
+ syslog(LOG_ALERT, "fork failed: %s", xstrerror());
+ else if (pid > 0)
+@@ -894,14 +913,14 @@
+ mainStartScript(argv[0]);
+ if ((pid = fork()) == 0) {
+ /* child */
+- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ prog = xstrdup(argv[0]);
+ argv[0] = xstrdup("(squid)");
+ execvp(prog, argv);
+ syslog(LOG_ALERT, "execvp failed: %s", xstrerror());
+ }
+ /* parent */
+- openlog(appname, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(appname, LOG_PID | LOG_NDELAY, LOG_DAEMON);
+ syslog(LOG_NOTICE, "Squid Parent: child process %d started", pid);
+ time(&start);
+ squid_signal(SIGINT, SIG_IGN, SA_RESTART);
+diff -Nru squid-2.5.STABLE9.orig/src/mib.txt squid-2.5.STABLE9/src/mib.txt
+--- squid-2.5.STABLE9.orig/src/mib.txt 2004-06-01 01:39:00.000000000 +0300
++++ squid-2.5.STABLE9/src/mib.txt 2005-03-03 20:19:24.887934368 +0200
+@@ -290,7 +290,7 @@
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+- " Number of HTTP KB's recieved "
++ " Number of HTTP KB's received "
+ ::= { cacheProtoAggregateStats 4 }
+
+ cacheHttpOutKb OBJECT-TYPE
+@@ -330,7 +330,7 @@
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+- " Number of ICP KB's recieved "
++ " Number of ICP KB's received "
+ ::= { cacheProtoAggregateStats 9 }
+
+ cacheServerRequests OBJECT-TYPE
+@@ -354,7 +354,7 @@
+ MAX-ACCESS read-only
+ STATUS current
+ DESCRIPTION
+- " KB's of traffic recieved from servers "
++ " KB's of traffic received from servers "
+ ::= { cacheProtoAggregateStats 12 }
+
+ cacheServerOutKb OBJECT-TYPE
+diff -Nru squid-2.5.STABLE9.orig/src/url.c squid-2.5.STABLE9/src/url.c
+--- squid-2.5.STABLE9.orig/src/url.c 2003-01-18 16:16:49.000000000 +0200
++++ squid-2.5.STABLE9/src/url.c 2005-03-03 20:19:24.888934216 +0200
+@@ -312,8 +312,8 @@
+ return NULL;
+ }
+ #endif
+- if (Config.appendDomain && !strchr(host, '.'))
+- strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN);
++ if (Config.appendDomain && !strchr(host, '.') && strcasecmp(host, "localhost") != 0)
++ strncat(host, Config.appendDomain, SQUIDHOSTNAMELEN);
+ /* remove trailing dots from hostnames */
+ while ((l = strlen(host)) > 0 && host[--l] == '.')
+ host[l] = '\0';
diff --git a/www-proxy/squid/squid-2.5.9.ebuild b/www-proxy/squid/squid-2.5.9.ebuild
new file mode 100644
index 000000000000..041bcda9345f
--- /dev/null
+++ b/www-proxy/squid/squid-2.5.9.ebuild
@@ -0,0 +1,198 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-proxy/squid/squid-2.5.9.ebuild,v 1.1 2005/03/03 18:37:02 mrness Exp $
+
+inherit eutils toolchain-funcs
+
+#lame archive versioning scheme..
+S_PV=${PV%.*}
+S_PL=${PV##*.}
+S_PP=${PN}-${S_PV}.STABLE${S_PL}
+PATCH_VERSION="20050303"
+
+DESCRIPTION="A caching web proxy, with advanced features"
+HOMEPAGE="http://www.squid-cache.org/"
+
+S=${WORKDIR}/${S_PP}
+SRC_URI="ftp://ftp.squid-cache.org/pub/squid-2/STABLE/${S_PP}.tar.bz2
+ mirror://gentoo/${S_PP}-patches-${PATCH_VERSION}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc x86 ~mips"
+IUSE="pam ldap ssl sasl snmp debug uclibc selinux underscores logrotate"
+
+RDEPEND="virtual/libc
+ pam? ( >=sys-libs/pam-0.75 )
+ ldap? ( >=net-nds/openldap-2.1.26 )
+ ssl? ( >=dev-libs/openssl-0.9.6m )
+ sasl? ( >=dev-libs/cyrus-sasl-1.5.27 )
+ selinux? ( sec-policy/selinux-squid )
+ !mips? ( logrotate? ( app-admin/logrotate ) )"
+DEPEND="${RDEPEND} dev-lang/perl"
+
+src_unpack() {
+ unpack ${A} || die "unpack failed"
+ cd ${S} || die "dir ${S} not found"
+
+ #do NOT just remove this patch. yes, it's here for a reason.
+ #woodchip@gentoo.org (07 Nov 2002)
+ patch -p1 <${FILESDIR}/squid-${PV}-gentoo.diff || die "failed to apply squid-{PV}-gentoo.diff"
+
+ # Do bulk patching from squids bug fix list for stable 6 see #57081
+ EPATCH_SUFFIX="patch" epatch ${WORKDIR}/patch
+
+ #hmm #10865
+ cd helpers/external_acl/ldap_group
+ cp Makefile.in Makefile.in.orig
+ sed -e 's%^\(LINK =.*\)\(-o.*\)%\1\$(XTRA_LIBS) \2%' \
+ Makefile.in.orig > Makefile.in
+
+ if ! use debug
+ then
+ cd ${S}
+ mv configure.in configure.in.orig
+ sed -e 's%LDFLAGS="-g"%LDFLAGS=""%' configure.in.orig > configure.in
+ export WANT_AUTOCONF=2.1
+ autoconf || die "autoconf failed"
+ fi
+}
+
+src_compile() {
+ # Support for uclibc #61175
+ if use uclibc; then
+ local basic_modules="getpwnam,NCSA,SMB,MSNT,multi-domain-NTLM,winbind"
+ else
+ local basic_modules="getpwnam,YP,NCSA,SMB,MSNT,multi-domain-NTLM,winbind"
+ fi
+
+ use ldap && basic_modules="LDAP,${basic_modules}"
+ use pam && basic_modules="PAM,${basic_modules}"
+ use sasl && basic_modules="SASL,${basic_modules}"
+ # SASL 1 / 2 Supported Natively
+
+ local ext_helpers="ip_user,unix_group,wbinfo_group,winbind_group"
+ use ldap && ext_helpers="ldap_group,${ext_helpers}"
+
+ local myconf=""
+ use snmp && myconf="${myconf} --enable-snmp" || myconf="${myconf} --disable-snmp"
+ use ssl && myconf="${myconf} --enable-ssl" || myconf="${myconf} --disable-ssl"
+
+ use amd64 && myconf="${myconf} --disable-internal-dns "
+
+ if use underscores; then
+ ewarn "Enabling underscores in domain names will result in dns resolution"
+ ewarn "failure if your local DNS client (probably bind) is not compatible."
+ myconf="${myconf} --enable-underscores"
+ fi
+
+ # Support for uclibc #61175
+ if use uclibc; then
+ myconf="${myconf} --enable-storeio='ufs,diskd,aufs,null' "
+ myconf="${myconf} --disable-async-io "
+ else
+ myconf="${myconf} --enable-storeio='ufs,diskd,coss,aufs,null' "
+ myconf="${myconf} --enable-async-io "
+ fi
+
+ export CC=$(tc-getCC)
+
+ ./configure \
+ --prefix=/usr \
+ --bindir=/usr/bin \
+ --exec-prefix=/usr \
+ --sbindir=/usr/sbin \
+ --localstatedir=/var \
+ --mandir=/usr/share/man \
+ --sysconfdir=/etc/squid \
+ --libexecdir=/usr/lib/squid \
+ \
+ --enable-auth="basic,digest,ntlm" \
+ --enable-removal-policies="lru,heap" \
+ --enable-digest-auth-helpers="password" \
+ --enable-basic-auth-helpers=${basic_modules} \
+ --enable-external-acl-helpers=${ext_helpers} \
+ --enable-ntlm-auth-helpers="SMB,fakeauth,no_check,winbind" \
+ --enable-linux-netfilter \
+ --enable-ident-lookups \
+ --enable-useragent-log \
+ --enable-cache-digests \
+ --enable-delay-pools \
+ --enable-referer-log \
+ --enable-truncate \
+ --enable-arp-acl \
+ --with-pthreads \
+ --enable-htcp \
+ --enable-carp \
+ --enable-poll \
+ --host=${CHOST} ${myconf} || die "bad ./configure"
+ #--enable-icmp
+
+ mv include/autoconf.h include/autoconf.h.orig
+ sed -e "s:^#define SQUID_MAXFD.*:#define SQUID_MAXFD 8192:" \
+ include/autoconf.h.orig > include/autoconf.h
+
+# if [ "${ARCH}" = "hppa" ]
+# then
+# mv include/autoconf.h include/autoconf.h.orig
+# sed -e "s:^#define HAVE_MALLOPT 1:#undef HAVE_MALLOPT:" \
+# include/autoconf.h.orig > include/autoconf.h
+# fi
+
+ emake || die "compile problem"
+}
+
+src_install() {
+ make DESTDIR=${D} install || die
+
+ #--enable-icmp
+ #make -C src install-pinger libexecdir=${D}/usr/lib/squid || die
+ #chown root:squid ${D}/usr/lib/squid/pinger
+ #chmod 4750 ${D}/usr/lib/squid/pinger
+
+ #need suid root for looking into /etc/shadow
+ chown root:squid ${D}/usr/lib/squid/ncsa_auth
+ chown root:squid ${D}/usr/lib/squid/pam_auth
+ chmod 4750 ${D}/usr/lib/squid/ncsa_auth
+ chmod 4750 ${D}/usr/lib/squid/pam_auth
+
+ #some clean ups
+ rm -rf ${D}/var
+ mv ${D}/usr/bin/Run* ${D}/usr/lib/squid
+
+ #simply switch this symlink to choose the desired language..
+ dosym /usr/lib/squid/errors/English /etc/squid/errors
+
+ dodoc CONTRIBUTORS COPYING COPYRIGHT CREDITS \
+ ChangeLog QUICKSTART SPONSORS doc/*.txt \
+ helpers/ntlm_auth/no_check/README.no_check_ntlm_auth
+ newdoc helpers/basic_auth/SMB/README README.auth_smb
+ dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html
+ newdoc helpers/basic_auth/LDAP/README README.auth_ldap
+ doman helpers/basic_auth/LDAP/*.8
+ dodoc helpers/basic_auth/SASL/squid_sasl_auth*
+
+ insinto /etc/pam.d
+ newins ${FILESDIR}/squid.pam squid
+ exeinto /etc/init.d
+ newexe ${FILESDIR}/squid.rc6 squid
+ insinto /etc/conf.d
+ newins ${FILESDIR}/squid.confd squid
+ if useq logrotate; then
+ insinto /etc/logrotate.d
+ newins ${FILESDIR}/squid-logrotate squid
+ else
+ exeinto /etc/cron.weekly
+ newexe ${FILESDIR}/squid-r1.cron squid.cron
+ fi
+
+ diropts -m0755 -o squid -g squid
+ dodir /var/cache/squid /var/log/squid
+}
+
+pkg_postinst() {
+ echo
+ ewarn "Squid authentication helpers have been installed suid root"
+ ewarn "This allows shadow based authentication, see bug #52977 for more"
+ echo
+}