Date: Sun, 1 May 2016 20:27:56 +0000 (UTC) From: Matthew Seaman <matthew@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r414422 - in head/www: . squid-devel squid-devel/files Message-ID: <201605012027.u41KRuxf091388@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: matthew Date: Sun May 1 20:27:56 2016 New Revision: 414422 URL: https://svnweb.freebsd.org/changeset/ports/414422 Log: Squid is a fully-featured HTTP/1.0 proxy which is almost (but not quite) HTTP/1.1 compliant. Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications. WWW: http://www.squid-cache.org/ PR: 203860 Submitted by: timp87@gmail.com Added: head/www/squid-devel/ head/www/squid-devel/Makefile (contents, props changed) head/www/squid-devel/distinfo (contents, props changed) head/www/squid-devel/files/ head/www/squid-devel/files/extra-patch-build-8-9 (contents, props changed) head/www/squid-devel/files/extra-patch-gen-stacktrace (contents, props changed) head/www/squid-devel/files/patch-compat_compat.h (contents, props changed) head/www/squid-devel/files/patch-compat_shm.cc (contents, props changed) head/www/squid-devel/files/patch-configure (contents, props changed) head/www/squid-devel/files/patch-src-cf.data.pre (contents, props changed) head/www/squid-devel/files/patch-src_DiskIO_Mmapped_MmappedFile.cc (contents, props changed) head/www/squid-devel/files/patch-src__ip__Intercept.cc (contents, props changed) head/www/squid-devel/files/patch-src_adaptation_ecap_ServiceRep.cc (contents, props changed) head/www/squid-devel/files/patch-src_ipc_mem_Segment.cc (contents, props changed) head/www/squid-devel/files/patch-src_tools.cc (contents, props changed) head/www/squid-devel/files/pkg-install.in (contents, props changed) head/www/squid-devel/files/pkg-message.in (contents, props changed) head/www/squid-devel/files/squid.in (contents, props changed) head/www/squid-devel/pkg-descr (contents, props changed) head/www/squid-devel/pkg-plist (contents, props changed) Modified: head/www/Makefile Modified: head/www/Makefile ============================================================================== --- head/www/Makefile Sun May 1 19:59:13 2016 (r414421) +++ head/www/Makefile Sun May 1 20:27:56 2016 (r414422) @@ -2083,6 +2083,7 @@ SUBDIR += spreadlogd SUBDIR += sqstat SUBDIR += squid + SUBDIR += squid-devel SUBDIR += squid_radius_auth SUBDIR += squidanalyzer SUBDIR += squidclamav Added: head/www/squid-devel/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/Makefile Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,378 @@ +# $FreeBSD$ + +PORTNAME= squid +PORTVERSION= 4.0.9 +CATEGORIES= www ipv6 +MASTER_SITES= http://www.squid-cache.org/Versions/v4/ \ + http://www2.us.squid-cache.org/Versions/v4/ \ + http://www1.at.squid-cache.org/Versions/v4/ \ + http://www.eu.squid-cache.org/Versions/v4/ \ + http://www1.jp.squid-cache.org/Versions/v4/ +PKGNAMESUFFIX= -devel +DIST_SUBDIR= squid${PORTVERSION:R} + +PATCH_SITES= http://www.squid-cache.org/%SUBDIR%/ \ + http://www2.us.squid-cache.org/%SUBDIR%/ \ + http://www1.at.squid-cache.org/%SUBDIR%/ \ + http://www.eu.squid-cache.org/%SUBDIR%/ \ + http://www1.jp.squid-cache.org/%SUBDIR%/ \ + http://master.squid-cache.org/~amosjeffries/patches/:nosid +PATCH_SITE_SUBDIR= Versions/v4/changesets +#PATCHFILES= + +MAINTAINER= timp87@gmail.com +COMMENT= HTTP Caching Proxy + +LICENSE= GPLv2 +LICENSE_FILE= ${WRKSRC}/COPYING + +CONFLICTS= squid*-3.* + +USES= compiler:c++11-lang cpe perl5 shebangfix tar:xz +CPE_VENDOR= squid-cache +SHEBANG_FILES= scripts/*.pl contrib/*.pl tools/*.pl +GNU_CONFIGURE= yes +USE_RC_SUBR= squid + +USERS= squid +GROUPS= squid + +MYDOCS= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt +PORTDOCS= ${MYDOCS:T} +PORTEXAMPLES= * +SUB_FILES+= pkg-install pkg-message + +OPTIONS_SUB= yes +OPTIONS_GROUP= AUTH +OPTIONS_RADIO= FW +OPTIONS_GROUP_AUTH=AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB AUTH_SQL +OPTIONS_RADIO_FW=TP_IPF TP_IPFW TP_PF +OPTIONS_DEFINE= ARP_ACL CACHE_DIGESTS DEBUG DELAY_POOLS ECAP ESI \ + FOLLOW_XFF FS_AUFS FS_DISKD FS_ROCK HTCP ICAP ICMP IDENT IPV6 \ + KQUEUE LARGEFILE NETTLE SNMP SSL SSL_CRTD STACKTRACES LAX_HTTP \ + VIA_DB WCCP WCCPV2 DOCS EXAMPLES + +OPTIONS_SINGLE= GSSAPI +OPTIONS_SINGLE_GSSAPI= GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT + +OPTIONS_DEFAULT=ARP_ACL AUTH_NIS CACHE_DIGESTS DELAY_POOLS DOCS EXAMPLES FOLLOW_XFF \ + FS_AUFS FS_DISKD FS_ROCK HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE \ + LAX_HTTP SNMP SSL SSL_CRTD TP_IPFW VIA_DB WCCP WCCPV2 GSSAPI_BASE + +ARP_ACL_CONFIGURE_ENABLE= eui +AUTH_LDAP_CFLAGS= -I${LOCALBASE}/include +AUTH_LDAP_LDFLAGS= -L${LOCALBASE}/lib +AUTH_LDAP_USE= OPENLDAP=yes +AUTH_SASL_CFLAGS= -I${LOCALBASE}/include +AUTH_SASL_CPPFLAGS= -I${LOCALBASE}/include +AUTH_SASL_LDFLAGS= -L${LOCALBASE}/lib +AUTH_SASL_LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2 +AUTH_SMB_RUN_DEPENDS= smbclient:net/samba42 +AUTH_SQL_RUN_DEPENDS= p5-DBI>=1.08:databases/p5-DBI +CACHE_DIGESTS_CONFIGURE_ENABLE= cache-digests +DELAY_POOLS_CONFIGURE_ENABLE= delay-pools +ECAP_CFLAGS= -I${LOCALBASE}/include +ECAP_CONFIGURE_ENABLE= ecap +ECAP_LDFLAGS= -L${LOCALBASE}/lib +ECAP_LIB_DEPENDS= libecap.so:www/libecap +ECAP_USES= pkgconfig:build +ESI_CFLAGS= -I${LOCALBASE}/include -I${LOCALBASE}/include/libxml2 +ESI_CONFIGURE_ENABLE= esi +ESI_LDFLAGS= -L${LOCALBASE}/lib +ESI_LIB_DEPENDS= libexpat.so:textproc/expat2 \ + libxml2.so:textproc/libxml2 +FOLLOW_XFF_CONFIGURE_ENABLE= follow-x-forwarded-for +HTCP_CONFIGURE_ENABLE= htcp +ICAP_CONFIGURE_ENABLE= icap-client +ICMP_CONFIGURE_ENABLE= icmp +IDENT_CONFIGURE_ENABLE= ident-lookups +IPV6_CONFIGURE_ENABLE= ipv6 +KQUEUE_CONFIGURE_ENABLE= kqueue +LARGEFILE_CONFIGURE_WITH= large-files +LAX_HTTP_CONFIGURE_ENABLE= http-violations +NETTLE_LIB_DEPENDS= libnettle.so:security/nettle +NETTLE_CONFIGURE_OFF= --without-nettle +SNMP_CONFIGURE_ENABLE= snmp +SSL_CONFIGURE_ENABLE= ssl +SSL_CRTD_CONFIGURE_ENABLE= ssl-crtd +STACKTRACES_CONFIGURE_ENABLE= stacktraces +STACKTRACES_LIB_DEPENDS= libunwind.so:devel/libunwind +STACKTRACES_CONFIGURE_ON= --disable-strict-error-checking +TP_IPFW_CONFIGURE_ENABLE= ipfw-transparent +TP_IPF_CONFIGURE_ENABLE= ipf-transparent +TP_PF_CONFIGURE_ENABLE= pf-transparent +TP_PF_CONFIGURE_WITH= nat-devpf +VIA_DB_CONFIGURE_ENABLE= forw-via-db +WCCPV2_CONFIGURE_ENABLE= wccpv2 +WCCP_CONFIGURE_ENABLE= wccp + +GSSAPI_NONE_CONFIGURE_ON= --without-heimdal-krb5 \ + --without-mit-krb5 \ + --without-gss + +GSSAPI_BASE_USES= gssapi +GSSAPI_BASE_CONFIGURE_ON= --with-heimdal-krb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} + +GSSAPI_HEIMDAL_USES= gssapi:heimdal +GSSAPI_HEIMDAL_CONFIGURE_ON= --with-heimdal-krb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} + +GSSAPI_MIT_USES= gssapi:mit +GSSAPI_MIT_CONFIGURE_ON= --with-mit-krb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS} + +# TODO: +# add an option for external_acl/session (requires some kind of external +# Berkeley DB support, unsure which one) +ARP_ACL_DESC= ARP/MAC/EUI based authentification +AUTH_DESC= Authentication helpers +GSSAPI_DESC= Install Kerberos authentication helpers +GSSAPI_NONE_DESC= Build without Kerberos support +GSSAPI_BASE_DESC= Build with Kerberos support from base +GSSAPI_HEIMDAL_DESC= Build with Kerberos support from security/heimdal +GSSAPI_MIT_DESC= Build with Kerberos support from security/krb5 +AUTH_LDAP_DESC= Install LDAP authentication helpers +AUTH_NIS_DESC= Install NIS/YP authentication helpers +AUTH_SASL_DESC= Install SASL authentication helpers +AUTH_SMB_DESC= Install SMB auth. helpers (req. Samba) +AUTH_SQL_DESC= Install SQL based auth +CACHE_DIGESTS_DESC= Use cache digests +DEBUG_DESC= Build with extended debugging support +DELAY_POOLS_DESC= Delay pools (bandwidth limiting) +ECAP_DESC= Loadable content adaptation modules +ESI_DESC= ESI support +FOLLOW_XFF_DESC= Support for the X-Following-For header +FS_AUFS_DESC= AUFS (threaded-io) support +FS_DISKD_DESC= DISKD storage engine controlled by separate service +FS_ROCK_DESC= ROCK storage engine +HTCP_DESC= HTCP support +ICAP_DESC= the ICAP client +ICMP_DESC= ICMP pinging and network measurement +IDENT_DESC= Ident lookups (RFC 931) +KQUEUE_DESC= Kqueue(2) support +LARGEFILE_DESC= Support large (>2GB) cache and log files +NETTLE_DESC= Nettle MD5 algorithm support +SNMP_DESC= SNMP support +SSL_CRTD_DESC= Use ssl_crtd to handle SSL cert requests +SSL_DESC= SSL gatewaying support +STACKTRACES_DESC= Enable automatic backtraces on fatal errors +LAX_HTTP_DESC= Do not enforce strict HTTP compliance +TP_IPFW_DESC= Transparent proxying with IPFW +TP_IPF_DESC= Transparent proxying with IPFilter +TP_PF_DESC= Transparent proxying with PF +VIA_DB_DESC= Forward/Via database +WCCPV2_DESC= Web Cache Coordination Protocol v2 +WCCP_DESC= Web Cache Coordination Protocol + +change_files= ChangeLog \ + contrib/nextstep/makepkg \ + contrib/nextstep/post_install \ + errors/Makefile.am \ + errors/Makefile.in \ + src/auth/basic/SMB_LM/README.html \ + src/Makefile.am \ + src/Makefile.in \ + src/cf_gen.cc \ + src/squid.8.in \ + test-suite/Makefile.in \ + tools/Makefile.am \ + tools/Makefile.in + +.if !defined(SQUID_CONFIGURE_ARGS) \ + || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == "" +PLIST_SUB+= UNLINKD="" +.else +PLIST_SUB+= UNLINKD="@comment " +.endif + +CONFIGURE_ARGS= --with-default-user=squid \ + --bindir=${PREFIX}/sbin \ + --sbindir=${PREFIX}/sbin \ + --datadir=${ETCDIR} \ + --libexecdir=${PREFIX}/libexec/squid \ + --localstatedir=/var \ + --sysconfdir=${ETCDIR} \ + --with-logdir=/var/log/squid \ + --with-pidfile=/var/run/squid/squid.pid \ + --with-swapdir=/var/squid/cache \ + --without-gnutls \ + --enable-auth \ + --enable-build-info \ + --enable-loadable-modules \ + --enable-removal-policies="lru heap" \ + --disable-epoll \ + --disable-linux-netfilter \ + --disable-linux-tproxy \ + --disable-translation \ + --disable-arch-native + +.include <bsd.port.options.mk> + +# Authentication methods and modules: + +basic_auth= DB SMB_LM NCSA PAM POP3 RADIUS fake getpwnam +digest_auth= file +external_acl= file_userip time_quota unix_group +ntlm_auth= fake SMB_LM + +.if ${PORT_OPTIONS:MAUTH_LDAP} +basic_auth+= LDAP +external_acl+= LDAP_group +.endif + +.if ${PORT_OPTIONS:MAUTH_SASL} +basic_auth+= SASL +.endif + +.if ${PORT_OPTIONS:MAUTH_SMB} +basic_auth+= SMB +external_acl+= wbinfo_group +.endif + +.if ${PORT_OPTIONS:MAUTH_SQL} +external_acl+= SQL_session +.endif + +# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too: +.if ${PORT_OPTIONS:MAUTH_NIS} && !defined(NO_NIS) && !defined(WITHOUT_NIS) +basic_auth+= NIS +.endif + +# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too: +.if ${PORT_OPTIONS:MGSSAPI_NONE} || defined(NO_KERBEROS) || defined(WITHOUT_KERBEROS) +negotiate_auth= none +PLIST_SUB+= AUTH_KERB="@comment " +.else +# The kerberos_ldap_group external helper also depends on LDAP and SASL: +. if ${PORT_OPTIONS:MAUTH_LDAP} && ${PORT_OPTIONS:MAUTH_SASL} +external_acl+= kerberos_ldap_group +. endif +negotiate_auth= kerberos wrapper +PLIST_SUB+= AUTH_KERB="" +.endif + +# Make it build on FreeBSD < 10 +.if ${PORT_OPTIONS:MGSSAPI_BASE} +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-build-8-9 +.endif + +CONFIGURE_ARGS+= --enable-auth-basic="${basic_auth}" \ + --enable-auth-digest="${digest_auth}" \ + --enable-external-acl-helpers="${external_acl}" \ + --enable-auth-negotiate="${negotiate_auth}" \ + --enable-auth-ntlm="${ntlm_auth}" + +# Storage schemes: +storage_schemes= ufs +diskio_modules= AIO Blocking IpcIo Mmapped + +.if ${PORT_OPTIONS:MFS_AUFS} +storage_schemes+= aufs +diskio_modules+= DiskThreads +# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS, +# e.g. SQUID_CONFIGURE_ARGS=--with-aufs-threads=N +LDFLAGS+= -pthread +.else +CONFIGURE_ARGS+= --without-pthreads +.endif + +.if ${PORT_OPTIONS:MFS_DISKD} +storage_schemes+= diskd +diskio_modules+= DiskDaemon +.endif + +.if ${PORT_OPTIONS:MFS_ROCK} +storage_schemes+= rock +.endif + +CONFIGURE_ARGS+= --enable-storeio="${storage_schemes}" \ + --enable-disk-io="${diskio_modules}" + +# Log daemon helpers: +logdaemon_helpers= file +CONFIGURE_ARGS+= --enable-log-daemon-helpers="${logdaemon_helpers}" + +# URL rewrite helpers: +url_rewrite_helpers= fake +CONFIGURE_ARGS+= --enable-url-rewrite-helpers="${url_rewrite_helpers}" + +# Storeid rewrite helpers: +storeid_rewrite_helpers= file +CONFIGURE_ARGS+= --enable-storeid-rewrite-helpers="${storeid_rewrite_helpers}" + +# Security certificate validator helpers: +security_cert_validators= fake +CONFIGURE_ARGS+= --enable-security-cert-validators="${security_cert_validators}" + +# Other options set via 'make config': + +.if ${PORT_OPTIONS:MSSL} +# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only +# works when it is defined before bsd.port{.pre}.mk is .included. +# This makes it currently impossible to combine this macro with OPTIONS to +# conditionally include OpenSSL support. +# XXX: is this still true with OptionsNG as of 2015-03? +#.include "${.CURDIR}/../../Mk/bsd.openssl.mk" +.include "${PORTSDIR}/Mk/bsd.openssl.mk" +CONFIGURE_ARGS+= --with-openssl="${OPENSSLBASE}" +CFLAGS+= -I${OPENSSLINC} +LDFLAGS+= -L${OPENSSLLIB} + +# Security certificate generator helpers: +security_cert_generators= file +CONFIGURE_ARGS+= --enable-security-cert-generators="${security_cert_generators}" +.endif + +.if ${PORT_OPTIONS:MSSL_CRTD} && !${PORT_OPTIONS:MSSL} +IGNORE=SSL_CRTD option can be used only if SSL option is enabled +.endif + +.if ${PORT_OPTIONS:MSTACKTRACES} +CFLAGS+= -g +LDFLAGS+= -lunwind -L${LOCALBASE}/lib +STRIP= +EXTRA_PATCHES+= ${FILESDIR}/extra-patch-gen-stacktrace +.endif + +.if ${PORT_OPTIONS:MDEBUG} || defined(WITH_DEBUG) +CONFIGURE_ARGS+= --disable-optimizations --enable-debug-cbdata +WITH_DEBUG?= yes +.endif + +# Finally, add additional user specified configuration options: +CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS} + +post-patch: + @${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' \ + ${WRKSRC}/src/cf.data.pre + @(cd ${WRKSRC} && ${REINPLACE_CMD} \ + -e 's|\.conf\.default|.conf.sample|' \ + -e 's|)\.default|).sample|' \ + ${change_files}) + @(cd ${WRKSRC} && ${MV} src/mime.conf.default src/mime.conf.sample) + +.if !${PORT_OPTIONS:MIPV6} + @${REINPLACE_CMD} -e's/ ::1//' -e's/ fc00::\/7//' \ + -e's/ fe80::\/10//' -e's/ 2001:DB8::2//' \ + -e's/ 2001:DB8::a:0\/64//' \ + -e'/tcp_outgoing_address 2001:db8::c001 good_service_net/d' \ + -e'/tcp_outgoing_address 2001:db8::beef normal_service_net/d' \ + -e'/tcp_outgoing_address 2001:db8::1/d' \ + ${WRKSRC}/src/cf.data.pre +.endif + +post-install: + @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} + ${INSTALL_DATA} ${WRKSRC}/src/auth/basic/DB/passwd.sql \ + ${STAGEDIR}${EXAMPLESDIR} + @${MKDIR} ${STAGEDIR}${DOCSDIR} + (cd ${WRKSRC} && ${INSTALL_DATA} ${MYDOCS} ${STAGEDIR}${DOCSDIR}) + +.include <bsd.port.pre.mk> + +.if ${COMPILER_TYPE} == clang +#CXXFLAGS+= -Wno-unused-private-field +.if ${COMPILER_VERSION} >= 35 +CXXFLAGS+= -Wno-undefined-bool-conversion -Wno-tautological-undefined-compare -Wno-dynamic-class-memaccess +.endif +.endif + +.include <bsd.port.post.mk> Added: head/www/squid-devel/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/distinfo Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,2 @@ +SHA256 (squid4.0/squid-4.0.9.tar.xz) = cfc42dcd3a50096f25a4514ef8ad16290098e6d150cd56d171bb481f115b95d9 +SIZE (squid4.0/squid-4.0.9.tar.xz) = 2382228 Added: head/www/squid-devel/files/extra-patch-build-8-9 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/extra-patch-build-8-9 Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,11 @@ +--- src/auth/negotiate/kerberos/negotiate_kerberos.h.orig 2015-08-01 06:08:17 UTC ++++ src/auth/negotiate/kerberos/negotiate_kerberos.h +@@ -140,7 +140,7 @@ int check_gss_err(OM_uint32 major_status + + char *gethost_name(void); + +-#if (HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT || HAVE_GSS_MAP_NAME_TO_ANY) && HAVE_KRB5_PAC ++#if (HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT || HAVE_GSS_MAP_NAME_TO_ANY) && HAVE_KRB5_PAC && __FreeBSD__ >= 10 + #define HAVE_PAC_SUPPORT 1 + #define MAX_PAC_GROUP_SIZE 200*60 + typedef struct { Added: head/www/squid-devel/files/extra-patch-gen-stacktrace ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/extra-patch-gen-stacktrace Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,62 @@ +--- src/tools.cc.orig 2014-10-31 12:36:43.000000000 +0300 ++++ src/tools.cc 2014-11-21 14:11:25.000000000 +0300 +@@ -71,6 +71,13 @@ + #include <errno.h> + #endif + ++#if PRINT_STACK_TRACE ++#ifdef __FreeBSD__ ++#define UNW_LOCAL_ONLY ++#include <libunwind.h> ++#endif ++#endif ++ + #define DEAD_MSG "\ + The Squid Cache (version %s) died.\n\ + \n\ +@@ -411,6 +418,45 @@ + } + + #endif ++#ifdef __FreeBSD__ ++ do { ++ unw_context_t unw_ctx; ++ unw_cursor_t unw_cp; ++ unw_word_t sp, ip, off; ++ int rc = 0; ++ char procname[256]; ++ size_t frame; ++ ++ bzero((void *)&unw_ctx, sizeof(unw_ctx)); ++ bzero((void *)&unw_cp, sizeof(unw_cp)); ++ ++ if ((rc = unw_getcontext(&unw_ctx))) { ++ fprintf(debug_log, "Failed to trace own stack: " ++ "unw_context() said '%s'.\n", unw_strerror(rc)); ++ break; ++ } ++ if ((rc = unw_init_local(&unw_cp, &unw_ctx))) { ++ fprintf(debug_log, "Failed to trace own stack: " ++ "unw_init_local() said '%s'.\n", unw_strerror(rc)); ++ break; ++ } ++ frame = 0; ++ fprintf(debug_log, "Backtrace follows (deepest frame first):\n"); ++ while ((rc = unw_step(&unw_cp)) > 0) { ++ frame++; ++ ip = 0; sp = 0; ++ unw_get_reg(&unw_cp, UNW_REG_IP, &ip); ++ unw_get_reg(&unw_cp, UNW_REG_SP, &sp); ++ off = 0; ++ rc = unw_get_proc_name(&unw_cp, procname, sizeof(procname), &off); ++ if (rc) ++ snprintf (procname, sizeof(procname), "[unknown]"); ++ fprintf(debug_log, "#%zd: %s + 0x%zx, ip = 0x%zx, sp = 0x%zx\n", ++ frame, procname, (size_t)off, (size_t)ip, (size_t)sp); ++ } ++ fprintf(debug_log, "Use addr2line of similar to translate offsets to line information.\n"); ++ } while (0); ++#endif /* __FreeBSD__ */ + #endif /* PRINT_STACK_TRACE */ + + #if SA_RESETHAND == 0 && !_SQUID_WINDOWS_ Added: head/www/squid-devel/files/patch-compat_compat.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-compat_compat.h Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,20 @@ +--- compat/compat.h.orig 2015-11-01 10:44:25 UTC ++++ compat/compat.h +@@ -42,17 +42,6 @@ + #endif + #endif + +-/* Solaris 10 has a broken definition for minor_t in IPFilter compat. +- * We must pre-define before doing anything with OS headers so the OS +- * do not. Then un-define it before using the IPFilter *_compat.h headers. +- */ +-#if IPF_TRANSPARENT && USE_SOLARIS_IPFILTER_MINOR_T_HACK +-/* But we only need do this nasty thing for src/ip/Intercept.cc */ +-#if BUILDING_SQUID_IP_INTERCEPT_CC +-#define minor_t solaris_minor_t_fubar +-#endif +-#endif +- + /*****************************************************/ + /* FDSETSIZE is messy and needs to be done before */ + /* sys/types.h are defined. */ Added: head/www/squid-devel/files/patch-compat_shm.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-compat_shm.cc Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,11 @@ +--- compat/shm.cc.orig 2015-11-01 10:44:25 UTC ++++ compat/shm.cc +@@ -29,6 +29,8 @@ shm_portable_segment_name_is_path() + size_t len = sizeof(jailed); + ::sysctlbyname("security.jail.jailed", &jailed, &len, NULL, 0); + return !jailed; ++#elif defined (__DragonFly__) ++ return true; + #else + return false; + #endif Added: head/www/squid-devel/files/patch-configure ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-configure Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,82 @@ +--- configure.orig 2015-11-01 10:46:19 UTC ++++ configure +@@ -32038,7 +32040,7 @@ done + ## + + BUILD_HELPER="NIS" +-for ac_header in sys/types.h rpc/rpc.h rpcsvc/ypclnt.h rpcsvc/yp_prot.h crypt.h ++for ac_header in sys/types.h rpc/rpc.h rpcsvc/ypclnt.h rpcsvc/yp_prot.h rpcsvc/crypt.h + do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` + ac_fn_cxx_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" " +@@ -32053,8 +32055,10 @@ if eval test \"x\$"$as_ac_Header"\" = x" + #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 + _ACEOF + +-else +- BUILD_HELPER="" ++# XXX: On FreeBSD we have to do this to make NIS work ++# until https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188247 ++# is resolved. ++ BUILD_HELPER="NIS" + fi + + done +@@ -32519,7 +32523,7 @@ done + + # unconditionally requires crypt(3), for now + if test "x$ac_cv_func_crypt" != "x"; then +- for ac_header in unistd.h crypt.h shadow.h ++ for ac_header in unistd.h rpcsvc/crypt.h shadow.h + do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` + ac_fn_cxx_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" +@@ -34574,7 +34578,7 @@ for ac_header in \ + arpa/nameser.h \ + assert.h \ + bstring.h \ +- crypt.h \ ++ rpcsvc/crypt.h \ + ctype.h \ + direct.h \ + errno.h \ +@@ -34785,6 +34789,7 @@ ac_fn_cxx_check_header_compile "$LINENO" + #include <netinet/ip.h> + #endif + #if HAVE_NETINET_IP_COMPAT_H ++#include <net/if.h> /* IFNAMSIZ */ + #include <netinet/ip_compat.h> + #endif + #if HAVE_NETINET_IP_FIL_H +@@ -38773,6 +38778,7 @@ if test "x$enable_ipf_transparent" != "x + # include <sys/ioccom.h> + # include <netinet/in.h> + ++# include <net/if.h> /* IFNAMSIZ */ + # include <netinet/ip_compat.h> + # include <netinet/ip_fil.h> + # include <netinet/ip_nat.h> +@@ -38803,6 +38809,7 @@ else + # include <sys/ioccom.h> + # include <netinet/in.h> + #undef minor_t ++# include <net/if.h> /* IFNAMSIZ */ + # include <netinet/ip_compat.h> + # include <netinet/ip_fil.h> + # include <netinet/ip_nat.h> +@@ -38847,6 +38854,7 @@ _ACEOF + ip_fil_compat.h \ + ip_fil.h \ + ip_nat.h \ ++ net/if.h \ + netinet/ip_compat.h \ + netinet/ip_fil_compat.h \ + netinet/ip_fil.h \ +@@ -38876,6 +38884,7 @@ ac_fn_cxx_check_header_compile "$LINENO" + #if HAVE_IP_COMPAT_H + #include <ip_compat.h> + #elif HAVE_NETINET_IP_COMPAT_H ++#include <net/if.h> /* IFNAMSIZ */ + #include <netinet/ip_compat.h> + #endif + #if HAVE_IP_FIL_H Added: head/www/squid-devel/files/patch-src-cf.data.pre ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-src-cf.data.pre Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,13 @@ +--- src/cf.data.pre.orig 2015-11-01 10:44:25 UTC ++++ src/cf.data.pre +@@ -4558,6 +4558,10 @@ DEFAULT: @DEFAULT_PID_FILE@ + LOC: Config.pidFilename + DOC_START + A filename to write the process-id to. To disable, enter "none". ++ ++ Note: If you change this setting, you need to set squid_pidfile ++ in /etc/rc.conf to reflect the new value. Please see ++ /usr/local/etc/rc.d/squid for details. + DOC_END + + NAME: client_netmask Added: head/www/squid-devel/files/patch-src_DiskIO_Mmapped_MmappedFile.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-src_DiskIO_Mmapped_MmappedFile.cc Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,11 @@ +--- src/DiskIO/Mmapped/MmappedFile.cc.orig 2015-11-01 10:44:25 UTC ++++ src/DiskIO/Mmapped/MmappedFile.cc +@@ -235,7 +235,7 @@ Mmapping::map() + static const int pageSize = getpagesize(); + delta = offset % pageSize; + +- buf = mmap(NULL, length + delta, prot, flags, fd, offset - delta); ++ buf = mmap(NULL, length + delta, prot, flags | MAP_NOSYNC, fd, offset - delta); + + if (buf == MAP_FAILED) { + const int errNo = errno; Added: head/www/squid-devel/files/patch-src__ip__Intercept.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-src__ip__Intercept.cc Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,53 @@ +--- src/ip/Intercept.cc.orig 2015-11-01 10:44:25 UTC ++++ src/ip/Intercept.cc +@@ -202,10 +202,10 @@ Ip::Intercept::IpfInterception(const Com + // for NAT lookup set local and remote IP:port's + if (newConn->remote.isIPv6()) { + #if IPFILTER_VERSION < 5000003 +- // warn once every 10 at critical level, then push down a level each repeated event ++ // warn once every million at critical level, then push down a level each repeated event + static int warningLevel = DBG_CRITICAL; + debugs(89, warningLevel, "IPF (IPFilter v4) NAT does not support IPv6. Please upgrade to IPFilter v5.1"); +- warningLevel = (warningLevel + 1) % 10; ++ warningLevel = (warningLevel + 1) % 1048576; + return false; + #else + natLookup.nl_v = 6; +@@ -323,13 +323,21 @@ + } + + memset(&nl, 0, sizeof(struct pfioc_natlook)); +- newConn->remote.getInAddr(nl.saddr.v4); ++ if (newConn->remote.isIPv4()) { ++ newConn->remote.getInAddr(nl.saddr.v4); ++ } else { ++ newConn->remote.getInAddr(nl.saddr.v6); ++ } + nl.sport = htons(newConn->remote.port()); + +- newConn->local.getInAddr(nl.daddr.v4); ++ if (newConn->local.isIPv4()) { ++ newConn->local.getInAddr(nl.daddr.v4); ++ } else { ++ newConn->local.getInAddr(nl.daddr.v6); ++ } + nl.dport = htons(newConn->local.port()); + +- nl.af = AF_INET; ++ nl.af = newConn->remote.isIPv4() ? AF_INET : AF_INET6; + nl.proto = IPPROTO_TCP; + nl.direction = PF_OUT; + +@@ -345,7 +353,11 @@ + debugs(89, 9, HERE << "address: " << newConn); + return false; + } else { +- newConn->local = nl.rdaddr.v4; ++ if (nl.af == AF_INET) { ++ newConn->local = nl.rdaddr.v4; ++ } else { ++ newConn->local = nl.rdaddr.v6; ++ } + newConn->local.port(ntohs(nl.rdport)); + debugs(89, 5, HERE << "address NAT: " << newConn); + return true; Added: head/www/squid-devel/files/patch-src_adaptation_ecap_ServiceRep.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-src_adaptation_ecap_ServiceRep.cc Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,11 @@ +--- src/adaptation/ecap/ServiceRep.cc.orig 2016-04-20 13:19:59 UTC ++++ src/adaptation/ecap/ServiceRep.cc +@@ -236,7 +236,7 @@ bool Adaptation::Ecap::ServiceRep::probe + + bool Adaptation::Ecap::ServiceRep::up() const + { +- return theService; ++ return theService != NULL; + } + + bool Adaptation::Ecap::ServiceRep::wantsUrl(const SBuf &urlPath) const Added: head/www/squid-devel/files/patch-src_ipc_mem_Segment.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-src_ipc_mem_Segment.cc Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,11 @@ +--- src/ipc/mem/Segment.cc.orig 2015-11-01 10:44:25 UTC ++++ src/ipc/mem/Segment.cc +@@ -150,7 +150,7 @@ Ipc::Mem::Segment::attach() + assert(theSize == static_cast<off_t>(static_cast<size_t>(theSize))); + + void *const p = +- mmap(NULL, theSize, PROT_READ | PROT_WRITE, MAP_SHARED, theFD, 0); ++ mmap(NULL, theSize, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_NOSYNC, theFD, 0); + if (p == MAP_FAILED) { + debugs(54, 5, HERE << "mmap " << theName << ": " << xstrerror()); + fatalf("Ipc::Mem::Segment::attach failed to mmap(%s): %s\n", Added: head/www/squid-devel/files/patch-src_tools.cc ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/patch-src_tools.cc Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,11 @@ +--- src/tools.cc.orig 2015-11-01 10:44:25 UTC ++++ src/tools.cc +@@ -603,7 +603,7 @@ no_suid(void) + uid = geteuid(); + debugs(21, 3, "no_suid: PID " << getpid() << " giving up root priveleges forever"); + +- if (setuid(0) < 0) { ++ if (setuid(0) < 0 && TheProcessKind != pkHelper) { + int xerrno = errno; + debugs(50, DBG_IMPORTANT, "WARNING: no_suid: setuid(0): " << xstrerr(xerrno)); + } Added: head/www/squid-devel/files/pkg-install.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/pkg-install.in Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,70 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +PATH=/bin:/usr/bin:/usr/sbin +pkgname=$1 +squid_homedir="/var/squid" +squid_cache_basedir="${squid_homedir}/cache" +squid_confdir="${PKG_PREFIX:-%%PREFIX%%}/etc/squid" +squid_logdir="/var/log/squid" +# these are hardcoded, see /usr/ports/UIDs and /usr/ports/GIDs: +squid_user=squid +squid_group=squid +squid_gid=100 +squid_uid=100 +case $2 in +PRE-INSTALL) + echo "===> Pre-installation configuration for ${pkgname}" + ;; +POST-INSTALL) + # Since we usually start the Squid master process as ${squid_user} + # instead of root make sure that ${squid_homedir} is writable for it. + if [ ! -d ${squid_homedir} ]; then + echo "Creating ${squid_homedir}..." + install -d -o root -g ${squid_group} \ + -m 0775 ${squid_homedir} + else + chgrp ${squid_group} ${squid_homedir} + chmod g+w ${squid_homedir} + fi + if [ ! -d ${squid_cache_basedir} ]; then + echo "Creating ${squid_cache_basedir} ..." + install -d -o ${squid_user} -g ${squid_group} \ + -m 0750 ${squid_cache_basedir} + else + chown ${squid_user} ${squid_cache_basedir} + chgrp ${squid_group} ${squid_cache_basedir} + chmod 0750 ${squid_cache_basedir} + fi + if [ ! -d ${squid_confdir} ]; then + echo "Creating ${squid_confdir}..." + install -d -o root -g ${squid_group} \ + -m 0755 ${squid_confdir} + else + chgrp ${squid_group} ${squid_confdir} + fi + if [ ! -d ${squid_logdir} ]; then + echo "Creating ${squid_logdir}..." + install -d -o ${squid_user} -g ${squid_group} \ + -m 0750 ${squid_logdir} + else + chown ${squid_user} ${squid_logdir} + chgrp ${squid_group} ${squid_logdir} + fi + for file in cachemgr.conf errorpage.css mime.conf msntauth.conf squid.conf; do + if [ ! -f ${squid_confdir}/${file} \ + -a -f ${squid_confdir}/${file}.default ]; then + echo "Creating ${file} from default..." + install -c -o root -g ${squid_group} -m 0640 \ + ${squid_confdir}/${file}.default \ + ${squid_confdir}/${file} + fi + done + ;; +*) + exit 64 + ;; +esac +exit 0 Added: head/www/squid-devel/files/pkg-message.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/pkg-message.in Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,48 @@ + o You can find the configuration files for this package in the + directory %%PREFIX%%/etc/squid. + + o The default cache directory is /var/squid/cache/. + The default log directory is /var/log/squid/. + + Note: + You must initialize new cache directories before you can start + squid. Do this by running "squid -z" as 'root' or 'squid'. + If your cache directories are already initialized (e.g. after an + upgrade of squid) you do not need to initialize them again. + + o When using DiskD storage scheme remember to read documentation: + http://wiki.squid-cache.org/Features/DiskDaemon + and alter your kern.ipc defaults in /boot/loader.conf. DiskD will not + work reliably without this. Last recomendations were: + + kern.ipc.msgmnb=8192 + kern.ipc.msgssz=64 + kern.ipc.msgtql=2048 + + o The default configuration will deny everyone but the local host and + local networks as defined in RFC 1918 for IPv4 and RFCs 4193 and + 4291 for IPv6 access to the proxy service. Edit the "http_access + allow/deny" directives in %%PREFIX%%/etc/squid/squid.conf + to suit your needs. + + o If AUTH_SQL option is set, please, don't forget to install one of + following perl modules depending on database you like: + databases/p5-DBD-mysql + databases/p5-DBD-Pg + databases/p5-DBD-SQLite + + To enable Squid, set squid_enable=yes in either + /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid + Please see %%PREFIX%%/etc/rc.d/squid for further details. + + Note: + If you just updated your Squid installation from an earlier version, + make sure to check your Squid configuration against the 3.4 default + configuration file %%PREFIX%%/etc/squid/squid.conf.sample. + + %%PREFIX%%/etc/squid/squid.conf.documented is a fully annotated + configuration file you can consult for further reference. + + Additionally, you should check your configuration by calling + 'squid -f /path/to/squid.conf -k parse' before starting Squid. + Added: head/www/squid-devel/files/squid.in ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/squid-devel/files/squid.in Sun May 1 20:27:56 2016 (r414422) @@ -0,0 +1,149 @@ +#!/bin/sh +# +# $FreeBSD$ +# +# PROVIDE: squid +# REQUIRE: LOGIN +# KEYWORD: shutdown +# +# Note: +# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or +# /etc/rc.conf.d/squid to activate Squid. +# +# Additional variables you can define in one of these files: +# +# squid_chdir: the directory into which the rc system moves into before +# starting Squid. Default: /var/squid +# +# squid_conf: The configuration file that Squid should use. +# Default: %%PREFIX%%/etc/squid/squid.conf +# +# squid_fib: The alternative routing table id that Squid should use. +# Default: none +# See setfib(1) for further details. Note that the setfib(2) +# system call is not available in FreeBSD versions prior to 7.1. +# +# squid_user: The user id that should be used to run the Squid master +# process. Default: squid. +# Note that you probably need to define "squid_user=root" if +# you want to run Squid in reverse proxy setups or if you want +# Squid to listen on a "privileged" port < 1024. +# +# squid_pidfile: +# The name (including the full path) of the Squid +# master process' PID file. +# Default: /var/run/squid/squid.pid. +# You only need to change this if you changed the +# corresponding entry in your Squid configuration. +# +# squid_flags: Additional commandline arguments for Squid you might want to +# use. See squid(8) for further details. +# +# squid_krb5_ktname: +# Alternative Kerberos 5 Key Table. +# Default: none + +. /etc/rc.subr + +name=squid +rcvar=squid_enable + +# Make sure that we invoke squid with "-f ${squid_conf}"; define this +# variable early so reload_cmd and stop_precmd pick it up: + +extra_commands="reload configtest" +reload_cmd=squid_reload +start_precmd=squid_prestart +start_postcmd=squid_getpid +stop_precmd=squid_prestop +configtest_cmd=squid_configtest +reload_precmd=squid_configtest +restart_precmd=squid_configtest + +# squid(8) will not start if ${squid_conf} is not present so try +# to catch that beforehand via ${required_files} rather than make +# squid(8) crash. + +squid_load_rc_config() +{ + : ${squid_chdir:=/var/squid} + : ${squid_conf:=%%PREFIX%%/etc/squid/squid.conf} + : ${squid_enable:=NO} + : ${squid_program:=%%PREFIX%%/sbin/squid} + : ${squid_pidfile:=/var/run/squid/squid.pid} + : ${squid_user:=squid} + + required_args="-f ${squid_conf}" + required_dirs=$chdir + required_files=$squid_conf + command_args="${required_args} ${squid_flags}" +# We used to need it in squid3 to match pid and proc name +# procname="?squid-*" + pidfile=$squid_pidfile +} + +squid_prestart() +{ + # setup KRB5_KTNAME: + squid_krb5_ktname=${squid_krb5_ktname:-"NONE"} + if [ "${squid_krb5_ktname}" != "NONE" ]; then + export KRB5_KTNAME=${squid_krb5_ktname} + fi + + # setup FIB tables: + if command -v check_namevarlist > /dev/null 2>&1; then + check_namevarlist fib && return 0 + fi + + ${SYSCTL} net.fibs >/dev/null 2>&1 || return 0 + + squid_fib=${squid_fib:-"NONE"} + if [ "${squid_fib}" != "NONE" ]; then + command="setfib -F $squid_fib $command" + else + return 0 + fi + + squid_configtest +} + +squid_reload() +{ + $command $required_args $squid_flags -k reconfigure +} + +squid_configtest() +{ + echo "Performing sanity check on ${name} configuration." + if $command $required_args $squid_flags -k check; then + echo "Configuration for ${name} passes." + return 0 + else + return $? + fi +} + +squid_getpid() +{ + # retrieve the PID of the Squid master process explicitly here + # in case rc.subr was unable to determine it: + if [ -z "$rc_pid" ]; then + while ! [ -f ${pidfile} ]; do + sleep 1 + done + read _pid _junk <${pidfile} + [ -z "${_pid}" ] || pid=${_pid} + else + pid=${rc_pid} + fi +} + +squid_prestop() +{ + command_args="$command_args -k shutdown" + squid_configtest +} + +load_rc_config $name +squid_load_rc_config *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201605012027.u41KRuxf091388>