diff --git a/www/squid/Makefile b/www/squid/Makefile index ec4dd826c6ee..1075ddc89314 100644 --- a/www/squid/Makefile +++ b/www/squid/Makefile @@ -1,293 +1,293 @@ PORTNAME= squid -DISTVERSION= 6.7 +DISTVERSION= 6.8 CATEGORIES= www MASTER_SITES= http://www2.pl.squid-cache.org/Versions/v6/ \ http://www1.il.squid-cache.org/Versions/v6/ \ http://www2.gr.squid-cache.org/Versions/v6/ \ http://ca2.squid-cache.org/Versions/v6/ \ http://www.squid-cache.org/Versions/v6/ PATCH_SITES= http://www2.pl.squid-cache.org/%SUBDIR%/ \ http://www1.il.squid-cache.org/%SUBDIR%/ \ http://www2.gr.squid-cache.org/%SUBDIR%/ \ http://ca2.squid-cache.org/%SUBDIR%/ \ http://www.squid-cache.org/%SUBDIR%/ PATCH_SITE_SUBDIR= Versions/v6/changesets MAINTAINER= timp87@gmail.com COMMENT= HTTP Caching Proxy WWW= http://www.squid-cache.org/ LICENSE= GPLv2 LICENSE_FILE= ${WRKSRC}/COPYING USES= compiler:c++11-lib cpe gmake localbase:ldflags perl5 shebangfix tar:xz CONFLICTS= squid-devel CPE_VENDOR= squid-cache SHEBANG_FILES= scripts/*.pl contrib/*.pl tools/*.pl GNU_CONFIGURE= yes GNU_CONFIGURE_MANPREFIX= ${PREFIX}/share USE_RC_SUBR= squid USERS= squid GROUPS= squid MYDOCS= QUICKSTART README RELEASENOTES.html doc/debug-sections.txt PORTDOCS= ${MYDOCS:T} PORTEXAMPLES= * SUB_FILES+= pkg-install pkg-message OPTIONS_SUB= yes OPTIONS_GROUP= AUTH OPTIONS_RADIO= FW OPTIONS_GROUP_AUTH=AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB AUTH_SQL OPTIONS_RADIO_FW=TP_IPF TP_IPFW TP_PF OPTIONS_DEFINE= ARP_ACL TDB CACHE_DIGESTS DEBUG DELAY_POOLS DOCS ECAP ESI EXAMPLES \ FOLLOW_XFF FS_AUFS FS_DISKD FS_ROCK HTCP ICAP ICMP IDENT IPV6 \ KQUEUE LARGEFILE LAX_HTTP NETTLE SNMP SSL SSL_CRTD \ STACKTRACES VIA_DB WCCP WCCPV2 OPTIONS_SINGLE= GSSAPI OPTIONS_SINGLE_GSSAPI= GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT OPTIONS_DEFAULT=ARP_ACL AUTH_NIS CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF FS_AUFS \ FS_DISKD FS_ROCK GSSAPI_BASE HTCP ICAP ICMP IDENT KQUEUE \ LARGEFILE LAX_HTTP SNMP SSL SSL_CRTD TP_IPFW VIA_DB WCCP \ WCCPV2 ARP_ACL_CONFIGURE_ENABLE= eui AUTH_LDAP_CONFIGURE_WITH= ldap AUTH_LDAP_USES= ldap AUTH_LDAP_VARS= BASIC_AUTH+=LDAP DIGEST_AUTH+="eDirectory LDAP" EXTERNAL_ACL+="LDAP_group eDirectory_userip" AUTH_SASL_LIB_DEPENDS= libsasl2.so:security/cyrus-sasl2 AUTH_SASL_VARS= BASIC_AUTH+=SASL AUTH_SMB_USES= samba:run AUTH_SMB_VARS= BASIC_AUTH+=SMB EXTERNAL_ACL+=wbinfo_group AUTH_SQL_RUN_DEPENDS= p5-DBI>=1.08:databases/p5-DBI AUTH_SQL_VARS= EXTERNAL_ACL+=SQL_session TDB_CONFIGURE_WITH= tdb TDB_LIB_DEPENDS= libtdb.so:databases/tdb TDB_VARS= EXTERNAL_ACL+="time_quota session" CACHE_DIGESTS_CONFIGURE_ENABLE= cache-digests DELAY_POOLS_CONFIGURE_ENABLE= delay-pools ECAP_CONFIGURE_ENABLE= ecap ECAP_LIB_DEPENDS= libecap.so:www/libecap ECAP_USES= pkgconfig:build ESI_CONFIGURE_ENABLE= esi ESI_CONFIGURE_WITH= expat xml2 ESI_LIB_DEPENDS= libexpat.so:textproc/expat2 \ libxml2.so:textproc/libxml2 FOLLOW_XFF_CONFIGURE_ENABLE= follow-x-forwarded-for HTCP_CONFIGURE_ENABLE= htcp ICAP_CONFIGURE_ENABLE= icap-client ICMP_CONFIGURE_ENABLE= icmp IDENT_CONFIGURE_ENABLE= ident-lookups IPV6_CONFIGURE_ENABLE= ipv6 KQUEUE_CONFIGURE_ENABLE= kqueue LARGEFILE_CONFIGURE_WITH= large-files LAX_HTTP_CONFIGURE_ENABLE= http-violations FS_AUFS_VARS= STORAGE_SCHEMES+=aufs DISKIO_MODULES+=DiskThreads # Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS, # e.g. SQUID_CONFIGURE_ARGS=--with-aufs-threads=N FS_AUFS_LDFLAGS= -pthread FS_AUFS_CONFIGURE_WITH= pthreads FS_DISKD_VARS= STORAGE_SCHEMES+=diskd DISKIO_MODULES+=DiskDaemon FS_ROCK_VARS= STORAGE_SCHEMES+=rock NETTLE_LIB_DEPENDS= libnettle.so:security/nettle NETTLE_CONFIGURE_WITH= nettle SNMP_CONFIGURE_ENABLE= snmp SSL_CONFIGURE_ENABLE= ssl SSL_CONFIGURE_ON= --with-openssl \ --enable-security-cert-generators="file" \ LIBOPENSSL_CFLAGS=-I${OPENSSLINC} \ LIBOPENSSL_LIBS="-lcrypto -lssl" SSL_USES= ssl SSL_CRTD_CONFIGURE_ENABLE= ssl-crtd SSL_CRTD_IMPLIES= SSL STACKTRACES_CONFIGURE_ENABLE= stacktraces STACKTRACES_EXTRA_PATCHES= ${FILESDIR}/extra-patch-gen-stacktrace STACKTRACES_LIB_DEPENDS= libunwind.so:devel/libunwind STACKTRACES_CFLAGS= -g STACKTRACES_LDFLAGS= -lunwind STACKTRACES_VARS= STRIP="" TP_IPFW_CONFIGURE_ENABLE= ipfw-transparent TP_IPF_CONFIGURE_ENABLE= ipf-transparent TP_PF_CONFIGURE_ENABLE= pf-transparent TP_PF_CONFIGURE_WITH= nat-devpf VIA_DB_CONFIGURE_ENABLE= forw-via-db WCCPV2_CONFIGURE_ENABLE= wccpv2 WCCP_CONFIGURE_ENABLE= wccp GSSAPI_NONE_CONFIGURE_ON= --without-heimdal-krb5 \ --without-mit-krb5 \ --without-gnugss GSSAPI_BASE_USES= gssapi GSSAPI_BASE_CONFIGURE_ON= --with-heimdal-krb5=${GSSAPIBASEDIR} \ ${GSSAPI_CONFIGURE_ARGS} \ krb5_config=${GSSAPIBASEDIR}/bin/krb5-config GSSAPI_BASE_PLIST_SUB= AUTH_KERB="" GSSAPI_HEIMDAL_USES= gssapi:heimdal GSSAPI_HEIMDAL_CONFIGURE_ON= --with-heimdal-krb5=${GSSAPIBASEDIR} \ ${GSSAPI_CONFIGURE_ARGS} \ krb5_config=${GSSAPIBASEDIR}/bin/krb5-config GSSAPI_HEIMDAL_PLIST_SUB= AUTH_KERB="" GSSAPI_MIT_USES= gssapi:mit GSSAPI_MIT_CONFIGURE_ON= --with-mit-krb5=${GSSAPIBASEDIR} \ ${GSSAPI_CONFIGURE_ARGS} \ krb5_config=${GSSAPIBASEDIR}/bin/krb5-config GSSAPI_MIT_PLIST_SUB= AUTH_KERB="" ARP_ACL_DESC= ARP/MAC/EUI based authentification AUTH_DESC= Authentication helpers AUTH_LDAP_DESC= Install LDAP authentication helpers AUTH_NIS_DESC= Install NIS/YP authentication helpers AUTH_SASL_DESC= Install SASL authentication helpers AUTH_SMB_DESC= Install SMB auth. helpers (req. Samba) AUTH_SQL_DESC= Install SQL based auth TDB_DESC= TrivialDB support required for session and time quota external helpers CACHE_DIGESTS_DESC= Use cache digests DEBUG_DESC= Build with extended debugging support DELAY_POOLS_DESC= Delay pools (bandwidth limiting) ECAP_DESC= Loadable content adaptation modules ESI_DESC= ESI support FOLLOW_XFF_DESC= Support for the X-Following-For header FS_AUFS_DESC= AUFS (threaded-io) support FS_DISKD_DESC= DISKD storage engine controlled by separate service FS_ROCK_DESC= ROCK storage engine HTCP_DESC= HTCP support ICAP_DESC= the ICAP client ICMP_DESC= ICMP pinging and network measurement IDENT_DESC= Ident lookups (RFC 931) KQUEUE_DESC= Kqueue(2) support LARGEFILE_DESC= Support large (>2GB) cache and log files NETTLE_DESC= Nettle MD5 algorithm support SNMP_DESC= SNMP support SSL_CRTD_DESC= Use ssl_crtd to handle SSL cert requests SSL_DESC= SSL gatewaying support STACKTRACES_DESC= Enable automatic backtraces on fatal errors LAX_HTTP_DESC= Do not enforce strict HTTP compliance TP_IPFW_DESC= Transparent proxying with IPFW TP_IPF_DESC= Transparent proxying with IPFilter TP_PF_DESC= Transparent proxying with PF VIA_DB_DESC= Forward/Via database WCCPV2_DESC= Web Cache Coordination Protocol v2 WCCP_DESC= Web Cache Coordination Protocol change_files= ChangeLog \ errors/Makefile.am \ errors/Makefile.in \ src/auth/basic/SMB_LM/README.html \ src/Makefile.am \ src/Makefile.in \ src/cf_gen.cc \ src/squid.8.in \ test-suite/Makefile.in \ tools/Makefile.am \ tools/Makefile.in .if !defined(SQUID_CONFIGURE_ARGS) \ || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == "" PLIST_SUB+= UNLINKD="" .else PLIST_SUB+= UNLINKD="@comment " .endif CONFIGURE_ARGS= --with-default-user=squid \ --bindir=${PREFIX}/sbin \ --sbindir=${PREFIX}/sbin \ --datadir=${ETCDIR} \ --libexecdir=${PREFIX}/libexec/squid \ --localstatedir=/var \ --sysconfdir=${ETCDIR} \ --with-logdir=/var/log/squid \ --with-pidfile=/var/run/squid/squid.pid \ --with-swapdir=/var/squid/cache \ --without-gnutls \ --with-included-ltdl \ --enable-build-info \ --enable-removal-policies="lru heap" \ --disable-epoll \ --disable-arch-native \ --disable-strict-error-checking \ --without-systemd \ --without-netfilter-conntrack \ --without-cap .include # Authentication methods and modules: BASIC_AUTH+= DB NCSA PAM POP3 RADIUS SMB_LM fake getpwnam DIGEST_AUTH+= file EXTERNAL_ACL+= file_userip unix_group delayer # POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too: .if ${PORT_OPTIONS:MAUTH_NIS} && !defined(NO_NIS) && !defined(WITHOUT_NIS) BASIC_AUTH+= NIS .endif # POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too: .if ${PORT_OPTIONS:MGSSAPI_NONE} || defined(NO_KERBEROS) || defined(WITHOUT_KERBEROS) NEGOTIATE_AUTH= none PLIST_SUB+= AUTH_KERB="@comment " .else # The kerberos_ldap_group external helper also depends on LDAP and SASL: # The kerberos_sid_group external helper depends on kerberos_ldap_group meanwhile . if ${PORT_OPTIONS:MAUTH_LDAP} && ${PORT_OPTIONS:MAUTH_SASL} EXTERNAL_ACL+= kerberos_ldap_group kerberos_sid_group . endif NEGOTIATE_AUTH= kerberos wrapper .endif # Storage schemes: STORAGE_SCHEMES+= ufs DISKIO_MODULES+= AIO Blocking IpcIo Mmapped CONFIGURE_ARGS+= --enable-auth-basic="${BASIC_AUTH}" \ --enable-auth-digest="${DIGEST_AUTH}" \ --enable-auth-negotiate="${NEGOTIATE_AUTH}" \ --enable-auth-ntlm="fake SMB_LM" \ --enable-log-daemon-helpers="file DB" \ --enable-external-acl-helpers="${EXTERNAL_ACL}" \ --enable-url-rewrite-helpers="fake LFS" \ --enable-security-cert-validators="fake" \ --enable-storeid-rewrite-helpers="file" \ --enable-storeio="${STORAGE_SCHEMES}" \ --enable-disk-io="${DISKIO_MODULES}" \ # Other options set via 'make config': .if ${PORT_OPTIONS:MDEBUG} || defined(WITH_DEBUG) CONFIGURE_ARGS+= --disable-optimizations WITH_DEBUG?= yes .endif # Finally, add additional user specified configuration options: CONFIGURE_ARGS+= ${SQUID_CONFIGURE_ARGS} post-patch: @(cd ${WRKSRC} && ${REINPLACE_CMD} \ -e 's|\.conf\.default|.conf.sample|' \ -e 's|)\.default|).sample|' \ ${change_files}) @(cd ${WRKSRC} && ${MV} src/mime.conf.default src/mime.conf.sample) post-patch-IPV6-off: @${REINPLACE_CMD} -E -e's| ::1$$||' -e's| ::1?/128||g' \ -e'/acl localnet src f[ce][08]0::/d' \ -e's| 2001:DB8::[^[:space:]]+$$||' \ -e'/tcp_outgoing_address 2001:db8::/d' \ ${WRKSRC}/src/cf.data.pre post-install: @${MKDIR} ${STAGEDIR}${EXAMPLESDIR} ${INSTALL_DATA} ${WRKSRC}/src/auth/basic/DB/passwd.sql \ ${STAGEDIR}${EXAMPLESDIR} @${MKDIR} ${STAGEDIR}${DOCSDIR} (cd ${WRKSRC} && ${INSTALL_DATA} ${MYDOCS} ${STAGEDIR}${DOCSDIR}) .include diff --git a/www/squid/distinfo b/www/squid/distinfo index 5898547cb4f5..de0933b2967c 100644 --- a/www/squid/distinfo +++ b/www/squid/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1708443648 -SHA256 (squid-6.7.tar.xz) = e14daa4eae41925d1ae3f08e64439a6aaa3011bdced686628b8de697d5ab8428 -SIZE (squid-6.7.tar.xz) = 2427468 +TIMESTAMP = 1710267260 +SHA256 (squid-6.8.tar.xz) = 11cc5650b51809d99483ccfae24744a2e51cd16199f5ff0c917e84fce695870f +SIZE (squid-6.8.tar.xz) = 2547796 diff --git a/www/squid/files/patch-configure b/www/squid/files/patch-configure index a5f7ac84549b..24648548bddc 100644 --- a/www/squid/files/patch-configure +++ b/www/squid/files/patch-configure @@ -1,30 +1,30 @@ ---- configure.orig 2023-02-28 09:24:52 UTC +--- configure.orig 2024-03-04 05:50:28 UTC +++ configure -@@ -44124,7 +44124,10 @@ _ACEOF +@@ -43985,7 +43985,10 @@ _ACEOF else $as_nop - BUILD_HELPER="" +# XXX: On FreeBSD we have to do this to make NIS work +# until https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188247 +# is resolved. + BUILD_HELPER="NIS" fi -@@ -50983,6 +50986,7 @@ fi +@@ -50834,6 +50837,7 @@ fi ac_fn_cxx_check_type "$LINENO" "cpu_set_t" "ac_cv_type_cpu_set_t" " #if HAVE_SCHED_H +#define _WITH_CPU_SET_T #include #endif -@@ -54169,6 +54173,7 @@ else $as_nop +@@ -54020,6 +54024,7 @@ else $as_nop # include # include #undef minor_t +# include /* IFNAMSIZ */ # include # include # include diff --git a/www/squid/files/patch-include_squid.h b/www/squid/files/patch-include_squid.h index a12c1a52aad6..c781bf0a9d3b 100644 --- a/www/squid/files/patch-include_squid.h +++ b/www/squid/files/patch-include_squid.h @@ -1,10 +1,10 @@ ---- include/squid.h.orig 2023-02-28 09:10:25 UTC +--- include/squid.h.orig 2024-03-04 05:45:51 UTC +++ include/squid.h @@ -9,6 +9,7 @@ - #ifndef SQUID_CONFIG_H - #define SQUID_CONFIG_H + #ifndef SQUID_INCLUDE_SQUID_H + #define SQUID_INCLUDE_SQUID_H +#define _WITH_CPU_SET_T #include "autoconf.h" /* For GNU autoconf variables */ #include "version.h" diff --git a/www/squid/files/patch-src-cf.data.pre b/www/squid/files/patch-src-cf.data.pre index f6acb5d213c7..bfcdb4b2bc8a 100644 --- a/www/squid/files/patch-src-cf.data.pre +++ b/www/squid/files/patch-src-cf.data.pre @@ -1,13 +1,13 @@ ---- src/cf.data.pre.orig 2023-02-28 09:10:25 UTC +--- src/cf.data.pre.orig 2024-03-04 05:45:51 UTC +++ src/cf.data.pre -@@ -5507,6 +5507,10 @@ DEFAULT: @DEFAULT_PID_FILE@ +@@ -5526,6 +5526,10 @@ DEFAULT: @DEFAULT_PID_FILE@ LOC: Config.pidFilename DOC_START A filename to write the process-id to. To disable, enter "none". + + Note: If you change this setting, you need to set squid_pidfile + in /etc/rc.conf to reflect the new value. Please see + /usr/local/etc/rc.d/squid for details. DOC_END NAME: client_netmask diff --git a/www/squid/files/patch-src_auth_basic_NIS_nis__support.h b/www/squid/files/patch-src_auth_basic_NIS_nis__support.h new file mode 100644 index 000000000000..a25672c7bbd7 --- /dev/null +++ b/www/squid/files/patch-src_auth_basic_NIS_nis__support.h @@ -0,0 +1,12 @@ +--- src/auth/basic/NIS/nis_support.h.orig 2024-03-04 05:45:51 UTC ++++ src/auth/basic/NIS/nis_support.h +@@ -8,9 +8,6 @@ + #ifndef SQUID_SRC_AUTH_BASIC_NIS_NIS_SUPPORT_H + #define SQUID_SRC_AUTH_BASIC_NIS_NIS_SUPPORT_H + +-#ifndef SQUID_SRC_AUTH_BASIC_NIS_NIS_SUPPORT_H +-#define SQUID_SRC_AUTH_BASIC_NIS_NIS_SUPPORT_H +- + extern char * get_nis_password(char *user, char *nisdomain, char *nismap); + + #endif /* SQUID_SRC_AUTH_BASIC_NIS_NIS_SUPPORT_H */ diff --git a/www/squid/files/patch-src_base_RandomUuid.cc b/www/squid/files/patch-src_base_RandomUuid.cc deleted file mode 100644 index eba0bfa8ad42..000000000000 --- a/www/squid/files/patch-src_base_RandomUuid.cc +++ /dev/null @@ -1,10 +0,0 @@ ---- src/base/RandomUuid.cc.orig 2023-02-28 09:10:25 UTC -+++ src/base/RandomUuid.cc -@@ -13,6 +13,7 @@ - #include "base/TextException.h" - #include "defines.h" - -+#include - #include - - static_assert(sizeof(RandomUuid) == 128/8, "RandomUuid has RFC 4122-prescribed 128-bit size"); diff --git a/www/squid/files/patch-src_enums.h b/www/squid/files/patch-src_enums.h index 2f26fea7e1be..caf634b523a0 100644 --- a/www/squid/files/patch-src_enums.h +++ b/www/squid/files/patch-src_enums.h @@ -1,12 +1,12 @@ ---- src/enums.h.orig 2020-04-19 10:50:48 UTC +--- src/enums.h.orig 2024-03-04 05:45:51 UTC +++ src/enums.h @@ -9,6 +9,9 @@ - #ifndef SQUID_ENUMS_H - #define SQUID_ENUMS_H + #ifndef SQUID_SRC_ENUMS_H + #define SQUID_SRC_ENUMS_H +/* Namespace pollution from fcntl.h as of FreeBSD r345982 */ +#undef FD_NONE + enum fd_type { FD_NONE_TYPE, FD_LOG, diff --git a/www/squid/files/patch-src_ip_Intercept.cc b/www/squid/files/patch-src_ip_Intercept.cc index 3ca029e6b8ea..d68f11b2655f 100644 --- a/www/squid/files/patch-src_ip_Intercept.cc +++ b/www/squid/files/patch-src_ip_Intercept.cc @@ -1,15 +1,15 @@ ---- src/ip/Intercept.cc.orig 2023-02-28 09:10:25 UTC +--- src/ip/Intercept.cc.orig 2024-03-04 05:45:51 UTC +++ src/ip/Intercept.cc -@@ -217,10 +217,10 @@ Ip::Intercept::IpfInterception(const Comm::ConnectionP +@@ -218,10 +218,10 @@ Ip::Intercept::IpfInterception(const Comm::ConnectionP newConn->remote.getInAddr(natLookup.nl_outipaddr.in4); } #else /* HAVE_STRUCT_NATLOOKUP_NL_INIPADDR_IN6 */ - // warn once every 10 at critical level, then push down a level each repeated event + // warn once every million at critical level, then push down a level each repeated event static int warningLevel = DBG_CRITICAL; debugs(89, warningLevel, "Your IPF (IPFilter) NAT does not support IPv6. Please upgrade it."); - warningLevel = (warningLevel + 1) % 10; + warningLevel = (warningLevel + 1) % 1048576; return false; } newConn->local.getInAddr(natLookup.nl_inip);