summaryrefslogtreecommitdiff
path: root/net-proxy/squid
diff options
context:
space:
mode:
Diffstat (limited to 'net-proxy/squid')
-rw-r--r--net-proxy/squid/Manifest7
-rw-r--r--net-proxy/squid/files/squid-4.3-gentoo.patch79
-rw-r--r--net-proxy/squid/files/squid.confd-r219
-rw-r--r--net-proxy/squid/files/squid.initd-r5123
-rw-r--r--net-proxy/squid/files/squid.logrotate8
-rw-r--r--net-proxy/squid/files/squid.pam7
-rw-r--r--net-proxy/squid/squid-4.4-r1.ebuild275
7 files changed, 518 insertions, 0 deletions
diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
new file mode 100644
index 0000000..32a7ed6
--- /dev/null
+++ b/net-proxy/squid/Manifest
@@ -0,0 +1,7 @@
+AUX squid-4.3-gentoo.patch 2767 BLAKE2B fbf424bec42a8bd29f54431107e73db1d1acd7612c8acc4d38022419a72ccabc9d0287fb34cbd26e96df2b6e2aaceae929c1005ef2ad4f731cf28edf66ac569a SHA512 eaf076cef4b60c1f5e9985a69f5ae674082b04a6f70d5b484ad13e9e397a8c67cb1780960a11fd943dc2500ec9f0590192b276bf36451d3063537661200487bf
+AUX squid.confd-r2 714 BLAKE2B 9bdefb898904c28e7b64ff864fc81c8ca5a87e62fee96d438b41faa8e75335b06291688f38448f3fa2adca6dc715041136e889badab7ae2003cf460683e2a60b SHA512 df45ad0260ac9a5edddafc7d90f245c4f05957916dcfa23f2e0d6a34f9c96cf22c756add9b63599e0d2a0cff49ad358f7f6fff3a2ef21402a9f65b7376b6b6a9
+AUX squid.initd-r5 4396 BLAKE2B df063df095165c6aa4b625648388b76b1e7d9c927ad0e0e482b34762ed701825397828d03ed6f573a366bf603797022b9cc6c93c8ad935af422cd926595530b0 SHA512 b831cc709995bacc59211271316126e42440cb1ea81e3208e2e948abcf346d2bc147d9e4596eeddeaeea0d472fa95b218e6539ea9da8cc301d4cbcb18ccd9e29
+AUX squid.logrotate 103 BLAKE2B f6d190d1914b76b08d90a2c3b3b07ff9cd332cdb2e595f4849537d1f1d32d8be1386fcdfffb40d073bcdd715a62c1c44727f1e10b75cfaff69c0d042c2a7e904 SHA512 d75a667c3ffa32fdd938ef40df8813a467d9f10b2363107bf915cb0c99834fbe8d0eb502a18a816875b67b0db1b27806ed3caf620c38516040cb644b225f5a55
+AUX squid.pam 209 BLAKE2B 113fa119ce4fd96ddf34b95c1a1ca958b34aea405564076f89abdbb8d4c6a0248ec9fa1a0f5f1d6136643c9abc4c5f67e8ef75305414b374763e2055272950d5 SHA512 5501e3d9319aea99f0deed98748366d4dfbeccdde96d842474fe144a4584394d8f5563372cd7b2437a389378c49b61b646403cca1be4362c888750d027b2f594
+DIST squid-4.4.tar.xz 2436468 BLAKE2B 057fe8d679d8563dcbe6987b895041610f356d811d8fadd24914b6817e7ec167bd37d1be9e3a1772faecd96561cad533a287f2b212cbbe099bfbba7574aa4294 SHA512 8ed45abc65febf2955db11bafd49e940914a58230a8945afab9ea4926c4bafd538474a0836665b4131e23a23d6389d512a40bbe53368b8206ba4765fd71fb21f
+EBUILD squid-4.4-r1.ebuild 8376 BLAKE2B c9eb51b5a17ef54f956001eed55b21fb7ee38913eeea6d063d9f31f0b45001b633124caf0fc44df88d4dfb51718ad7cb0eb7d82077fea2879de7f43f060f14b9 SHA512 43131f6326ae7a4b536d6f7d4235b29094ab56356660e274018dd531dc1ac273ec656de9d752344bbe91caafbbd88e961052cb5d2b07027fbbc3cd916bc3d058
diff --git a/net-proxy/squid/files/squid-4.3-gentoo.patch b/net-proxy/squid/files/squid-4.3-gentoo.patch
new file mode 100644
index 0000000..f5152b8
--- /dev/null
+++ b/net-proxy/squid/files/squid-4.3-gentoo.patch
@@ -0,0 +1,79 @@
+--- a/configure.ac 2018-10-14 17:22:35.000000000 +0300
++++ b/configure.ac 2018-10-17 21:27:24.806986467 +0300
+@@ -32,9 +32,9 @@ PRESET_CXXFLAGS="$CXXFLAGS"
+ PRESET_LDFLAGS="$LDFLAGS"
+
+ dnl Set default LDFLAGS
+-if test "x$LDFLAGS" = "x" ; then
+- LDFLAGS="-g"
+-fi
++dnl if test "x$LDFLAGS" = "x" ; then
++dnl LDFLAGS="-g"
++dnl fi
+
+ # Check for GNU cc
+ AC_PROG_CC
+--- a/src/cf.data.pre 2018-10-14 08:25:34.000000000 +0300
++++ b/src/cf.data.pre 2018-10-17 21:27:24.809986705 +0300
+@@ -1520,6 +1520,7 @@ acl Safe_ports port 280 # http-mgmt
+ acl Safe_ports port 488 # gss-http
+ acl Safe_ports port 591 # filemaker
+ acl Safe_ports port 777 # multiling http
++acl Safe_ports port 901 # SWAT
+ acl CONNECT method CONNECT
+ NOCOMMENT_END
+ DOC_END
+@@ -6819,11 +6820,11 @@ COMMENT_END
+
+ NAME: cache_mgr
+ TYPE: string
+-DEFAULT: webmaster
++DEFAULT: root
+ LOC: Config.adminEmail
+ DOC_START
+ Email-address of local cache manager who will receive
+- mail if the cache dies. The default is "webmaster".
++ mail if the cache dies. The default is "root".
+ DOC_END
+
+ NAME: mail_from
+--- a/src/debug.cc 2018-10-14 08:25:34.000000000 +0300
++++ b/src/debug.cc 2018-10-17 21:27:24.807986546 +0300
+@@ -490,7 +490,7 @@ _db_init(const char *logfile, const char
+ #if HAVE_SYSLOG && defined(LOG_LOCAL4)
+
+ if (Debug::log_syslog)
+- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility);
+
+ #endif /* HAVE_SYSLOG */
+
+--- a/src/main.cc 2018-10-14 08:25:34.000000000 +0300
++++ b/src/main.cc 2018-10-17 21:28:28.632044541 +0300
+@@ -1912,7 +1912,7 @@ watch_child(const CommandLine &masterCom
+
+ enter_suid();
+
+- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+
+ if (!opt_foreground)
+ GoIntoBackground();
+@@ -2012,7 +2012,7 @@ watch_child(const CommandLine &masterCom
+
+ if ((pid = fork()) == 0) {
+ /* child */
+- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+ (void)execvp(masterCommand.arg0(), kidCommand.argv());
+ int xerrno = errno;
+ syslog(LOG_ALERT, "execvp failed: %s", xstrerr(xerrno));
+@@ -2024,7 +2024,7 @@ watch_child(const CommandLine &masterCom
+ }
+
+ /* parent */
+- openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++ openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+
+ // If Squid received a signal while checking for dying kids (below) or
+ // starting new kids (above), then do a fast check for a new dying kid
diff --git a/net-proxy/squid/files/squid.confd-r2 b/net-proxy/squid/files/squid.confd-r2
new file mode 100644
index 0000000..7088d7f
--- /dev/null
+++ b/net-proxy/squid/files/squid.confd-r2
@@ -0,0 +1,19 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+# Config file for /etc/init.d/squid
+
+SQUID_OPTS="-YC"
+
+# Kerberos keytab file to use. This is required if you enable kerberos authentication.
+SQUID_KEYTAB=""
+
+# Use max_filedescriptors setting in squid.conf to determine the maximum number
+# of filedescriptors squid can open.
+
+# Set whether Squid should receive two shutdown signals instead of one. If set to "yes",
+# Squid will skip the graceful shutdown step, and will try to immediately close all open
+# file descriptors and helpers. This is useful if you experience very long delays when
+# shutting down the caching proxy.
+SQUID_FAST_SHUTDOWN="no"
diff --git a/net-proxy/squid/files/squid.initd-r5 b/net-proxy/squid/files/squid.initd-r5
new file mode 100644
index 0000000..2e5fe8d
--- /dev/null
+++ b/net-proxy/squid/files/squid.initd-r5
@@ -0,0 +1,123 @@
+#!/sbin/openrc-run
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+extra_started_commands="reload rotate"
+
+depend() {
+ use dns net
+}
+
+checkconfig() {
+ local CONFFILES="/etc/squid/${RC_SVCNAME}.conf /etc/squid/${RC_SVCNAME}.include /etc/squid/${RC_SVCNAME}.include.*"
+ if [ ! -f /etc/squid/${RC_SVCNAME}.conf ]; then
+ eerror "You need to create /etc/squid/${RC_SVCNAME}.conf first."
+ eerror "The main configuration file and all included file names should have the following format:"
+ eerror "${CONFFILES}"
+ eerror "An example can be found in /etc/squid/squid.conf.default"
+ return 1
+ fi
+
+ local PIDFILE=$(cat ${CONFFILES} 2>/dev/null 3>/dev/null | awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }')
+ [ -z ${PIDFILE} ] && PIDFILE=/run/squid.pid
+ if [ /run/${RC_SVCNAME}.pid != ${PIDFILE} ]; then
+ eerror "/etc/squid/${RC_SVCNAME}.conf must set pid_filename to"
+ eerror " /run/${RC_SVCNAME}.pid"
+ eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than"
+ eerror " in any other instance of squid."
+ eerror "Make sure the main configuration file and all included file names have the following format:"
+ eerror "${CONFFILES}"
+ return 1
+ fi
+
+ # Maximum file descriptors squid can open is determined by:
+ # a basic default of N=1024
+ # ... altered by ./configure --with-filedescriptors=N
+ # ... overridden on production by squid.conf max_filedescriptors (if,
+ # and only if, setrlimit() RLIMIT_NOFILE is able to be built+used).
+ # Since we do not configure hard coded # of filedescriptors anymore,
+ # there is no need for ulimit calls in the init script.
+ # Use max_filedescriptors in squid.conf instead.
+
+ local CACHE_SWAP=$(cat ${CONFFILES} 2>/dev/null 3>/dev/null | awk '/^[ \t]*cache_dir[ \t]+/ { if ( $2 == "rock" ) printf "%s/rock ", $3; else if ( $2 == "coss" ) printf "%s/stripe ", $3; else printf "%s/00 ", $3; }')
+ [ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00"
+
+ local x
+ for x in $CACHE_SWAP ; do
+ if [ ! -e $x ] ; then
+ ebegin "Initializing cache directory ${x%/*}"
+ local ORIG_UMASK=$(umask)
+ umask 027
+
+ if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then
+ eend 1
+ return 1
+ fi
+
+ local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/} 2>&1)"
+ if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then
+ umask $ORIG_UMASK
+ eend 1
+ echo "$INIT_CACHE_RESPONSE"
+ return 1
+ fi
+
+ umask $ORIG_UMASK
+ eend 0
+ break
+ fi
+ done
+
+ return 0
+}
+
+start() {
+ checkconfig || return 1
+ checkpath -d -q -m 0750 -o squid:squid /run/${RC_SVCNAME}
+
+ # see https://wiki.squid-cache.org/MultipleInstances
+ ebegin "Starting ${RC_SVCNAME} (service name ${RC_SVCNAME//[^[:alnum:]]/}) with KRB5_KTNAME=\"${SQUID_KEYTAB}\" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}"
+ KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}
+ eend $? && sleep 1
+}
+
+stop() {
+ ebegin "Stopping ${RC_SVCNAME} with /usr/sbin/squid -k shutdown -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}"
+ if /usr/sbin/squid -k shutdown -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/} ; then
+ # Now we have to wait until squid has _really_ stopped.
+ sleep 1
+ if [ -f /run/${RC_SVCNAME}.pid ] ; then
+ einfon "Waiting for squid to shutdown ."
+ cnt=0
+ while [ -f /run/${RC_SVCNAME}.pid ] ; do
+ cnt=$(expr $cnt + 1)
+ if [ $cnt -gt 60 ] ; then
+ # Waited 120 seconds now. Fail.
+ echo
+ eend 1 "Failed."
+ break
+ fi
+ sleep 2
+ echo -n "."
+ done
+ echo
+ fi
+ else
+ eerror "Squid shutdown failed, probably service is already down."
+ fi
+ eend 0
+}
+
+reload() {
+ checkconfig || return 1
+ ebegin "Reloading ${RC_SVCNAME} with /usr/sbin/squid -k reconfigure -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}"
+ /usr/sbin/squid -k reconfigure -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}
+ eend $?
+}
+
+rotate() {
+ service_started ${RC_SVCNAME} || return 1
+ ebegin "Rotating ${RC_SVCNAME} logs with /usr/sbin/squid -k rotate -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}"
+ /usr/sbin/squid -k rotate -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}
+ eend $?
+}
diff --git a/net-proxy/squid/files/squid.logrotate b/net-proxy/squid/files/squid.logrotate
new file mode 100644
index 0000000..5bf2896
--- /dev/null
+++ b/net-proxy/squid/files/squid.logrotate
@@ -0,0 +1,8 @@
+/var/log/squid/*.log {
+ copytruncate
+ compress
+ notifempty
+ missingok
+ sharedscripts
+}
+
diff --git a/net-proxy/squid/files/squid.pam b/net-proxy/squid/files/squid.pam
new file mode 100644
index 0000000..75eeaa9
--- /dev/null
+++ b/net-proxy/squid/files/squid.pam
@@ -0,0 +1,7 @@
+#%PAM-1.0
+auth required pam_nologin.so
+auth include system-auth
+account include system-auth
+password include system-auth
+session optional pam_limits.so
+session include system-auth
diff --git a/net-proxy/squid/squid-4.4-r1.ebuild b/net-proxy/squid/squid-4.4-r1.ebuild
new file mode 100644
index 0000000..6e564cd
--- /dev/null
+++ b/net-proxy/squid/squid-4.4-r1.ebuild
@@ -0,0 +1,275 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+inherit autotools linux-info pam toolchain-funcs user
+
+DESCRIPTION="A full-featured web proxy cache"
+HOMEPAGE="http://www.squid-cache.org/"
+
+# Upstream patch ID for the most recent bug-fixed update to the formal release.
+r=
+#r=-20181117-r0022167
+if [ -z "$r" ]; then
+ SRC_URI="http://www.squid-cache.org/Versions/v4/${P}.tar.xz"
+else
+ SRC_URI="http://www.squid-cache.org/Versions/v4/${P}${r}.tar.bz2"
+ S="${S}${r}"
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="caps ipv6 pam ldap libressl samba sasl kerberos nis radius ssl snmp selinux logrotate test \
+ ecap esi ssl-crtd \
+ mysql postgres sqlite \
+ perl qos tproxy \
+ +htcp +wccp +wccpv2 \
+ pf-transparent ipf-transparent kqueue \
+ elibc_uclibc kernel_linux"
+
+COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
+ pam? ( virtual/pam )
+ ldap? ( net-nds/openldap )
+ kerberos? ( virtual/krb5 )
+ qos? ( net-libs/libnetfilter_conntrack )
+ ssl? (
+ libressl? ( dev-libs/libressl:0 )
+ !libressl? ( dev-libs/openssl:0 )
+ dev-libs/nettle >=net-libs/gnutls-3.1.5 )
+ sasl? ( dev-libs/cyrus-sasl )
+ ecap? ( net-libs/libecap:1 )
+ esi? ( dev-libs/expat dev-libs/libxml2 )
+ !x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
+ >=sys-libs/db-4:*
+ dev-libs/libltdl:0"
+DEPEND="${COMMON_DEPEND}
+ dev-lang/perl
+ ecap? ( virtual/pkgconfig )
+ test? ( dev-util/cppunit )"
+RDEPEND="${COMMON_DEPEND}
+ samba? ( net-fs/samba )
+ perl? ( dev-lang/perl )
+ mysql? ( dev-perl/DBD-mysql )
+ postgres? ( dev-perl/DBD-Pg )
+ selinux? ( sec-policy/selinux-squid )
+ sqlite? ( dev-perl/DBD-SQLite )
+ !<=sci-biology/meme-4.8.1-r1"
+
+REQUIRED_USE="tproxy? ( caps )
+ qos? ( caps )"
+
+pkg_pretend() {
+ if use tproxy; then
+ local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
+ linux-info_pkg_setup
+ fi
+}
+
+pkg_setup() {
+ enewgroup squid
+ enewuser squid -1 -1 /var/cache/squid squid
+}
+
+src_prepare() {
+ eapply "${FILESDIR}/${PN}-4.3-gentoo.patch"
+ sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
+ INSTALL QUICKSTART \
+ scripts/fileno-to-pathname.pl \
+ scripts/check_cache.pl \
+ tools/cachemgr.cgi.8 \
+ tools/purge/conffile.hh \
+ tools/purge/purge.1 || die
+ sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
+ INSTALL QUICKSTART || die
+ sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
+ QUICKSTART || die
+ sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
+ QUICKSTART \
+ src/log/access_log.cc || die
+ sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
+ src/log/access_log.cc || die
+ sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
+ src/acl/external/unix_group/ext_unix_group_acl.8 \
+ src/acl/external/session/ext_session_acl.8 || die
+ sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
+ scripts/check_cache.pl || die
+ # /var/run/squid to /run/squid
+ sed -i -e 's:$(localstatedir)::' \
+ src/ipc/Makefile.am || die
+ sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
+ libltdl/configure.ac || die
+
+ eapply_user
+ eautoreconf
+}
+
+src_configure() {
+ local basic_modules="NCSA,POP3,getpwnam"
+ # use perl && basic_modules+=",MSNT-multi-domain"
+ use samba && basic_modules+=",SMB"
+ use ldap && basic_modules+=",SMB_LM,LDAP"
+ use pam && basic_modules+=",PAM"
+ use sasl && basic_modules+=",SASL"
+ use nis && ! use elibc_uclibc && basic_modules+=",NIS"
+ use radius && basic_modules+=",RADIUS"
+ if use mysql || use postgres || use sqlite ; then
+ basic_modules+=",DB"
+ fi
+
+ local digest_modules="file"
+ use ldap && digest_modules+=",LDAP,eDirectory"
+
+ local negotiate_modules="none"
+ local myconf="--without-mit-krb5 --without-heimdal-krb5"
+ if use kerberos ; then
+ negotiate_modules="kerberos,wrapper"
+ if has_version app-crypt/heimdal ; then
+ myconf="--without-mit-krb5 --with-heimdal-krb5"
+ else
+ myconf="--with-mit-krb5 --without-heimdal-krb5"
+ fi
+ fi
+
+ local ntlm_modules="none"
+ use samba && ntlm_modules="SMB_LM"
+
+ local ext_helpers="file_userip,session,unix_group,delayer,time_quota"
+ use samba && ext_helpers+=",wbinfo_group"
+ use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
+ use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
+ if use mysql || use postgres || use sqlite ; then
+ ext_helpers+=",SQL_session"
+ fi
+
+ local storeio_modules="aufs,diskd,rock,ufs"
+
+ local transparent
+ if use kernel_linux ; then
+ transparent+=" --enable-linux-netfilter"
+ use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
+ fi
+
+ if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
+ transparent+=" $(use_enable kqueue)"
+ if use pf-transparent; then
+ transparent+=" --enable-pf-transparent"
+ elif use ipf-transparent; then
+ transparent+=" --enable-ipf-transparent"
+ fi
+ fi
+
+ tc-export_build_env BUILD_CXX
+ export BUILDCXX=${BUILD_CXX}
+ export BUILDCXXFLAGS=${BUILD_CXXFLAGS}
+ tc-export CC AR
+
+ # Should be able to drop this workaround with newer versions.
+ # https://bugs.squid-cache.org/show_bug.cgi?id=4224
+ tc-is-cross-compiler && export squid_cv_gnu_atomics=no
+
+ econf \
+ --sysconfdir=/etc/squid \
+ --libexecdir=/usr/libexec/squid \
+ --localstatedir=/var \
+ --with-pidfile=/run/squid.pid \
+ --datadir=/usr/share/squid \
+ --with-logdir=/var/log/squid \
+ --with-default-user=squid \
+ --enable-removal-policies="lru,heap" \
+ --enable-storeio="${storeio_modules}" \
+ --enable-disk-io \
+ --enable-auth-basic="${basic_modules}" \
+ --enable-auth-digest="${digest_modules}" \
+ --enable-auth-ntlm="${ntlm_modules}" \
+ --enable-auth-negotiate="${negotiate_modules}" \
+ --enable-external-acl-helpers="${ext_helpers}" \
+ --enable-log-daemon-helpers \
+ --enable-url-rewrite-helpers \
+ --enable-cache-digests \
+ --enable-delay-pools \
+ --enable-eui \
+ --enable-icmp \
+ --enable-follow-x-forwarded-for \
+ --with-large-files \
+ --with-build-environment=default \
+ --disable-strict-error-checking \
+ --disable-arch-native \
+ --with-included-ltdl=/usr/include \
+ --with-ltdl-libdir=/usr/$(get_libdir) \
+ $(use_with caps libcap) \
+ $(use_enable ipv6) \
+ $(use_enable snmp) \
+ $(use_with ssl openssl) \
+ $(use_with ssl nettle) \
+ $(use_with ssl gnutls) \
+ $(use_enable ssl-crtd) \
+ $(use_enable ecap) \
+ $(use_enable esi) \
+ $(use_enable htcp) \
+ $(use_enable wccp) \
+ $(use_enable wccpv2) \
+ ${transparent} \
+ ${myconf}
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ # need suid root for looking into /etc/shadow
+ fowners root:squid /usr/libexec/squid/basic_ncsa_auth
+ fperms 4750 /usr/libexec/squid/basic_ncsa_auth
+ if use pam; then
+ fowners root:squid /usr/libexec/squid/basic_pam_auth
+ fperms 4750 /usr/libexec/squid/basic_pam_auth
+ fi
+ # pinger needs suid as well
+ fowners root:squid /usr/libexec/squid/pinger
+ fperms 4750 /usr/libexec/squid/pinger
+
+ # these scripts depend on perl
+ if ! use perl; then
+ local f
+ local PERL_SCRIPTS=(
+ "${D}"/usr/libexec/squid/basic_pop3_auth
+ "${D}"/usr/libexec/squid/log_db_daemon
+ "${D}"/usr/libexec/squid/basic_msnt_multi_domain_auth
+ "${D}"/usr/libexec/squid/storeid_file_rewrite
+ "${D}"/usr/libexec/squid/helper-mux.pl
+ )
+ for f in "${PERL_SCRIPTS[@]}"; do
+ rm -v "${f}" || ewarn "Could not remove ${f}."
+ done
+ fi
+
+ # cleanup
+ rm -f "${D}"/usr/bin/Run*
+ rm -rf "${D}"/run/squid "${D}"/var/cache/squid
+
+ dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
+ newdoc src/auth/negotiate/kerberos/README README.kerberos
+ newdoc src/auth/basic/RADIUS/README README.RADIUS
+ newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group
+ dodoc RELEASENOTES.html
+
+ newpamd "${FILESDIR}/squid.pam" squid
+ newconfd "${FILESDIR}/squid.confd-r2" squid
+ newinitd "${FILESDIR}/squid.initd-r5" squid
+ if use logrotate; then
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/squid.logrotate" squid
+ else
+ exeinto /etc/cron.weekly
+ newexe "${FILESDIR}/squid.cron" squid.cron
+ fi
+
+ diropts -m0750 -o squid -g squid
+ keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
+}
+
+pkg_postinst() {
+ elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'."
+ if [ ${#r} -gt 0 ]; then
+ elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support."
+ fi
+}