From owner-svn-ports-all@freebsd.org Thu Mar 31 19:05:17 2016 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3DCAAAE49DD; Thu, 31 Mar 2016 19:05:17 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0A58017E0; Thu, 31 Mar 2016 19:05:16 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u2VJ5GXQ008520; Thu, 31 Mar 2016 19:05:16 GMT (envelope-from pi@FreeBSD.org) Received: (from pi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u2VJ5FDP008514; Thu, 31 Mar 2016 19:05:15 GMT (envelope-from pi@FreeBSD.org) Message-Id: <201603311905.u2VJ5FDP008514@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org using -f From: Kurt Jaeger Date: Thu, 31 Mar 2016 19:05:15 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r412287 - in head/www/squid: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Mar 2016 19:05:17 -0000 Author: pi Date: Thu Mar 31 19:05:15 2016 New Revision: 412287 URL: https://svnweb.freebsd.org/changeset/ports/412287 Log: www/squid: cleanup, adding patches 1. Turn ON all options that don't require external dependencies. 2. Split SMB options to more items to make it possible to compile squid with samba36 and samba42.* 3. Set databases/p5-DBI as a dependency for SQL option and add note to pkg-message about perl DBD drivers.* 4. Add fix for PF+IPv6.** 5. Require SSL option if SSL_CRTD is on. 6. Small fixes. 7. Add all available patches from upstream. * thanks to Alonso Cardenas Marquez! ** thanks to Orlando Bassotto! PR: 208290 Submitted by: Pavel Timofeev (maintainer) Modified: head/www/squid/Makefile head/www/squid/distinfo head/www/squid/files/patch-configure head/www/squid/files/patch-src__ip__Intercept.cc head/www/squid/files/pkg-message.in head/www/squid/files/squid.in Modified: head/www/squid/Makefile ============================================================================== --- head/www/squid/Makefile Thu Mar 31 18:58:18 2016 (r412286) +++ head/www/squid/Makefile Thu Mar 31 19:05:15 2016 (r412287) @@ -2,7 +2,7 @@ PORTNAME= squid PORTVERSION= 3.5.15 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www ipv6 MASTER_SITES= http://www.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \ http://www2.us.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \ @@ -21,7 +21,19 @@ PATCH_SITE_SUBDIR= Versions/v3/${PORTVER PATCHFILES= squid-3.5-13997.patch \ squid-3.5-13998.patch \ squid-3.5-13999.patch \ - squid-3.5-14000.patch + squid-3.5-14000.patch \ + squid-3.5-14001.patch \ + squid-3.5-14002.patch \ + squid-3.5-14003.patch \ + squid-3.5-14004.patch \ + squid-3.5-14005.patch \ + squid-3.5-14006.patch \ + squid-3.5-14007.patch \ + squid-3.5-14008.patch \ + squid-3.5-14009.patch \ + squid-3.5-14010.patch \ + squid-3.5-14011.patch \ + squid-3.5-14012.patch MAINTAINER= timp87@gmail.com COMMENT= HTTP Caching Proxy @@ -45,8 +57,11 @@ PORTEXAMPLES= * SUB_FILES+= pkg-install pkg-message OPTIONS_SUB= yes -OPTIONS_DEFINE= ARP_ACL AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB \ - AUTH_SQL CACHE_DIGESTS DEBUG DELAY_POOLS ECAP ESI \ +OPTIONS_GROUP= AUTH +OPTIONS_RADIO= SMB +OPTIONS_GROUP_AUTH=AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SQL +OPTIONS_RADIO_SMB=AUTH_SMB3 AUTH_SMB4 +OPTIONS_DEFINE= ARP_ACL CACHE_DIGESTS DEBUG DELAY_POOLS ECAP ESI \ FOLLOW_XFF FS_AUFS FS_DISKD FS_ROCK HTCP ICAP ICMP IDENT IPV6 \ KQUEUE LARGEFILE NETTLE SNMP SSL SSL_CRTD STACKTRACES LAX_HTTP \ TP_IPF TP_IPFW TP_PF VIA_DB WCCP WCCPV2 DOCS EXAMPLES @@ -54,8 +69,10 @@ OPTIONS_DEFINE= ARP_ACL AUTH_LDAP AUTH_N OPTIONS_SINGLE= GSSAPI OPTIONS_SINGLE_GSSAPI= GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT -OPTIONS_DEFAULT=GSSAPI_BASE AUTH_NIS FS_AUFS FS_DISKD HTCP IDENT KQUEUE SNMP \ - WCCP WCCPV2 +OPTIONS_DEFAULT=ARP_ACL AUTH_NIS CACHE_DIGESTS DELAY_POOLS DOCS EXAMPLES FOLLOW_XFF \ + FS_AUFS FS_DISKD FS_ROCK HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE \ + LAX_HTTP SNMP SSL SSL_CRTD TP_IPF TP_IPFW TP_PF VIA_DB WCCP WCCPV2 \ + GSSAPI_BASE ARP_ACL_CONFIGURE_ENABLE= eui AUTH_LDAP_CFLAGS= -I${LOCALBASE}/include @@ -65,10 +82,9 @@ AUTH_SASL_CFLAGS= -I${LOCALBASE}/includ AUTH_SASL_CPPFLAGS= -I${LOCALBASE}/include AUTH_SASL_LDFLAGS= -L${LOCALBASE}/lib AUTH_SASL_LIB_DEPENDS= libsasl2.so:${PORTSDIR}/security/cyrus-sasl2 -AUTH_SMB_BUILD_DEPENDS= smbclient:${PORTSDIR}/net/samba36 -AUTH_SMB_RUN_DEPENDS= smbclient:${PORTSDIR}/net/samba36 -AUTH_SQL_RUN_DEPENDS= p5-DBD-mysql>=0:${PORTSDIR}/databases/p5-DBD-mysql -AUTH_SQL_USE= MYSQL=yes +AUTH_SMB3_RUN_DEPENDS= smbclient:${PORTSDIR}/net/samba36 +AUTH_SMB4_RUN_DEPENDS= smbclient:${PORTSDIR}/net/samba42 +AUTH_SQL_RUN_DEPENDS= p5-DBI>=1.08:${PORTSDIR}/databases/p5-DBI CACHE_DIGESTS_CONFIGURE_ENABLE= cache-digests DELAY_POOLS_CONFIGURE_ENABLE= delay-pools ECAP_CFLAGS= -I${LOCALBASE}/include @@ -123,6 +139,7 @@ GSSAPI_MIT_CONFIGURE_ON= --with-mit-krb5 # add an option for external_acl/session (requires some kind of external # Berkeley DB support, unsure which one) ARP_ACL_DESC= ARP/MAC/EUI based authentification +AUTH_DESC= Authentication helpers GSSAPI_DESC= Install Kerberos authentication helpers GSSAPI_NONE_DESC= Build without Kerberos support GSSAPI_BASE_DESC= Build with Kerberos support from base @@ -131,8 +148,9 @@ GSSAPI_MIT_DESC= Build with Kerberos sup AUTH_LDAP_DESC= Install LDAP authentication helpers AUTH_NIS_DESC= Install NIS/YP authentication helpers AUTH_SASL_DESC= Install SASL authentication helpers -AUTH_SMB_DESC= Install SMB auth. helpers (req. Samba) -AUTH_SQL_DESC= Install SQL based auth (uses MySQL) +AUTH_SMB3_DESC= Install SMB3 auth. helpers (req. net/samba36) +AUTH_SMB4_DESC= Install SMB4 auth. helpers (req. net/samba42) +AUTH_SQL_DESC= Install SQL based auth CACHE_DIGESTS_DESC= Use cache digests DEBUG_DESC= Build with extended debugging support DELAY_POOLS_DESC= Delay pools (bandwidth limiting) @@ -149,6 +167,7 @@ IDENT_DESC= Ident lookups (RFC 931) KQUEUE_DESC= Kqueue(2) support LARGEFILE_DESC= Support large (>2GB) cache and log files NETTLE_DESC= Nettle MD5 algorithm support +SMB_DESC= Samba authentication helpers SNMP_DESC= SNMP support SSL_CRTD_DESC= Use ssl_crtd to handle SSL cert requests SSL_DESC= SSL gatewaying support @@ -221,9 +240,12 @@ external_acl+= LDAP_group basic_auth+= SASL .endif -.if ${PORT_OPTIONS:MAUTH_SMB} +.if ${PORT_OPTIONS:MAUTH_SMB3} || ${PORT_OPTIONS:MAUTH_SMB4} +PLIST_SUB+= AUTH_SMB="" basic_auth+= SMB external_acl+= wbinfo_group +.else +PLIST_SUB+= AUTH_SMB="@comment " .endif .if ${PORT_OPTIONS:MAUTH_SQL} @@ -312,6 +334,10 @@ CFLAGS+= -I${OPENSSLINC} LDFLAGS+= -L${OPENSSLLIB} .endif +.if ${PORT_OPTIONS:MSSL_CRTD} && !${PORT_OPTIONS:MSSL} +IGNORE=SSL_CRTD option can be used only if SSL option is enabled +.endif + .if ${PORT_OPTIONS:MSTACKTRACES} CFLAGS+= -g LDFLAGS+= -lunwind -L${LOCALBASE}/lib Modified: head/www/squid/distinfo ============================================================================== --- head/www/squid/distinfo Thu Mar 31 18:58:18 2016 (r412286) +++ head/www/squid/distinfo Thu Mar 31 19:05:15 2016 (r412287) @@ -8,3 +8,27 @@ SHA256 (squid3.5/squid-3.5-13999.patch) SIZE (squid3.5/squid-3.5-13999.patch) = 1585 SHA256 (squid3.5/squid-3.5-14000.patch) = 36578a13e87150d1604b543c68b419de1c941be3f90e80fbf464f9c23139e2de SIZE (squid3.5/squid-3.5-14000.patch) = 1676 +SHA256 (squid3.5/squid-3.5-14001.patch) = 127720c408c368070b7807092faae7980d900888f8bbaee0e2689b86573fea94 +SIZE (squid3.5/squid-3.5-14001.patch) = 14099 +SHA256 (squid3.5/squid-3.5-14002.patch) = 49c8dea344473c103fefce2b830e96fe94af14bc20640a0c244eea01ac03469d +SIZE (squid3.5/squid-3.5-14002.patch) = 2054 +SHA256 (squid3.5/squid-3.5-14003.patch) = 27ccd9aeabf4e66fbf25a914cc614c8f8020c8010e94d2b6bf499def79fce8b6 +SIZE (squid3.5/squid-3.5-14003.patch) = 1636 +SHA256 (squid3.5/squid-3.5-14004.patch) = fc515a51866d518f4ff7e57ef92f2554d2715b59f547927af63192302238690f +SIZE (squid3.5/squid-3.5-14004.patch) = 1948 +SHA256 (squid3.5/squid-3.5-14005.patch) = e7f17a11cb49742f6b535e8e4e8558e03f71335524c524f84f1ef68f71f99b93 +SIZE (squid3.5/squid-3.5-14005.patch) = 1249 +SHA256 (squid3.5/squid-3.5-14006.patch) = 88dd50a459ed68fb7c797a840f92a0ada6655b3fb92052f679088704eb1d9f32 +SIZE (squid3.5/squid-3.5-14006.patch) = 2500 +SHA256 (squid3.5/squid-3.5-14007.patch) = 1e2e14809e7ca8608300cfc3be027cd55c21fbe3084cc4568c8091adebc256c0 +SIZE (squid3.5/squid-3.5-14007.patch) = 1214 +SHA256 (squid3.5/squid-3.5-14008.patch) = 6c2f511ee33d74d1c91cae5ef0a9645facf0104067397866dd542bf3ff975255 +SIZE (squid3.5/squid-3.5-14008.patch) = 1559 +SHA256 (squid3.5/squid-3.5-14009.patch) = addc7dd78c5632b428f747eab93382195d2d4a820742afd2661ec920f1dc9a77 +SIZE (squid3.5/squid-3.5-14009.patch) = 1902 +SHA256 (squid3.5/squid-3.5-14010.patch) = bed1fb437b3f3925293d42c7032c44c7aa4e1944cc6ed17e9cc9e498a06ada7c +SIZE (squid3.5/squid-3.5-14010.patch) = 2974 +SHA256 (squid3.5/squid-3.5-14011.patch) = c87ce0edb4dcb1f0ae49fb10006009534ce1e5922a4ceb8d784386681ce4b164 +SIZE (squid3.5/squid-3.5-14011.patch) = 2400 +SHA256 (squid3.5/squid-3.5-14012.patch) = 6f749e014907150cc9692b16edcb9d9a73fdb3831c718d908bd7c48561702b3c +SIZE (squid3.5/squid-3.5-14012.patch) = 1287 Modified: head/www/squid/files/patch-configure ============================================================================== --- head/www/squid/files/patch-configure Thu Mar 31 18:58:18 2016 (r412286) +++ head/www/squid/files/patch-configure Thu Mar 31 19:05:15 2016 (r412287) @@ -1,11 +1,7 @@ --- configure.orig 2015-11-01 10:46:19 UTC +++ configure -@@ -27729,9 +27729,11 @@ - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then +@@ -27731,7 +27731,7 @@ squid_pc_krb5_name="heimdal-gssapi" -+ else -+ squid_pc_krb5_name="heimdal-gssapi" fi fi - if test "x$squid_pc_krb5_name" != "x" -a "$cross_compiling" = "no"; then @@ -13,6 +9,15 @@ # Look for krb5-config (unless cross-compiling) # Extract the first word of "krb5-config", so it can be a program name with args. set dummy krb5-config; ac_word=$2 +@@ -27777,7 +27777,7 @@ + if test "x$ac_cv_path_krb5_config" != "xno" ; then + krb5confpath="`dirname $ac_cv_path_krb5_config`" + ac_heimdal="`$ac_cv_path_krb5_config --version 2>/dev/null | grep -c -i heimdal`" +- if test "x$with_heimdal_krb5" = "xyes"; then ++ if test "x$with_heimdal_krb5" = "xyes" -a $ac_heimdal = 0; then + as_fn_error $? "Could not find pkg-config or krb5-config for Heimdal Kerberos" "$LINENO" 5 + fi + else @@ -32038,7 +32040,7 @@ done ## Modified: head/www/squid/files/patch-src__ip__Intercept.cc ============================================================================== --- head/www/squid/files/patch-src__ip__Intercept.cc Thu Mar 31 18:58:18 2016 (r412286) +++ head/www/squid/files/patch-src__ip__Intercept.cc Thu Mar 31 19:05:15 2016 (r412287) @@ -13,3 +13,41 @@ return false; #else natLookup.nl_v = 6; +@@ -323,13 +323,21 @@ + } + + memset(&nl, 0, sizeof(struct pfioc_natlook)); +- newConn->remote.getInAddr(nl.saddr.v4); ++ if (newConn->remote.isIPv4()) { ++ newConn->remote.getInAddr(nl.saddr.v4); ++ } else { ++ newConn->remote.getInAddr(nl.saddr.v6); ++ } + nl.sport = htons(newConn->remote.port()); + +- newConn->local.getInAddr(nl.daddr.v4); ++ if (newConn->local.isIPv4()) { ++ newConn->local.getInAddr(nl.daddr.v4); ++ } else { ++ newConn->local.getInAddr(nl.daddr.v6); ++ } + nl.dport = htons(newConn->local.port()); + +- nl.af = AF_INET; ++ nl.af = newConn->remote.isIPv4() ? AF_INET : AF_INET6; + nl.proto = IPPROTO_TCP; + nl.direction = PF_OUT; + +@@ -345,7 +353,11 @@ + debugs(89, 9, HERE << "address: " << newConn); + return false; + } else { +- newConn->local = nl.rdaddr.v4; ++ if (nl.af == AF_INET) { ++ newConn->local = nl.rdaddr.v4; ++ } else { ++ newConn->local = nl.rdaddr.v6; ++ } + newConn->local.port(ntohs(nl.rdport)); + debugs(89, 5, HERE << "address NAT: " << newConn); + return true; Modified: head/www/squid/files/pkg-message.in ============================================================================== --- head/www/squid/files/pkg-message.in Thu Mar 31 18:58:18 2016 (r412286) +++ head/www/squid/files/pkg-message.in Thu Mar 31 19:05:15 2016 (r412287) @@ -10,7 +10,7 @@ If your cache directories are already initialized (e.g. after an upgrade of squid) you do not need to initialize them again. - 0 When using DiskD storage scheme remember to read documentation: + o When using DiskD storage scheme remember to read documentation: http://wiki.squid-cache.org/Features/DiskDaemon and alter your kern.ipc defaults in /boot/loader.conf. DiskD will not work reliably without this. Last recomendations were: @@ -25,6 +25,12 @@ allow/deny" directives in %%PREFIX%%/etc/squid/squid.conf to suit your needs. + o If AUTH_SQL option is set, please, don't forget to install one of + following perl modules depending on database you like: + databases/p5-DBD-mysql + databases/p5-DBD-Pg + databases/p5-DBD-SQLite + To enable Squid, set squid_enable=yes in either /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid Please see %%PREFIX%%/etc/rc.d/squid for further details. Modified: head/www/squid/files/squid.in ============================================================================== --- head/www/squid/files/squid.in Thu Mar 31 18:58:18 2016 (r412286) +++ head/www/squid/files/squid.in Thu Mar 31 19:05:15 2016 (r412287) @@ -108,13 +108,11 @@ squid_prestart() squid_reload() { - $command $required_args $squid_flags -k reconfigure } squid_configtest() { - echo "Performing sanity check on ${name} configuration." if $command $required_args $squid_flags -k check; then echo "Configuration for ${name} passes." @@ -142,7 +140,7 @@ squid_getpid() squid_prestop() { command_args="$command_args -k shutdown" - $command $required_args $squid_flags -k check 2>/dev/null + squid_configtest } load_rc_config $name