From d84a05e94570471f1c0b3b56cb20dbf8a83245e5 Mon Sep 17 00:00:00 2001 From: Jiri Skala Date: Thu, 21 Jul 2011 14:08:43 +0200 Subject: [PATCH] upgrade to squid-3.2, BZ#720445 - native unit file, SysVinitscript subpackage --- squid-3.0.STABLE7-from_manpg.patch | 80 -------- squid-3.1.11-unused.patch | 288 ----------------------------- squid-3.1.9-ltdl.patch | 14 +- squid-3.2.0.9-fpic.patch | 36 ++++ squid.spec | 87 ++++++--- 5 files changed, 102 insertions(+), 403 deletions(-) delete mode 100644 squid-3.0.STABLE7-from_manpg.patch delete mode 100644 squid-3.1.11-unused.patch create mode 100644 squid-3.2.0.9-fpic.patch diff --git a/squid-3.0.STABLE7-from_manpg.patch b/squid-3.0.STABLE7-from_manpg.patch deleted file mode 100644 index 368e634..0000000 --- a/squid-3.0.STABLE7-from_manpg.patch +++ /dev/null @@ -1,80 +0,0 @@ -diff -up squid-3.0.STABLE7/helpers/basic_auth/NCSA/ncsa_auth.8.from_manpg squid-3.0.STABLE7/helpers/basic_auth/NCSA/ncsa_auth.8 ---- squid-3.0.STABLE7/helpers/basic_auth/NCSA/ncsa_auth.8.from_manpg 2008-06-22 05:35:49.000000000 +0200 -+++ squid-3.0.STABLE7/helpers/basic_auth/NCSA/ncsa_auth.8 2007-06-06 18:25:30.000000000 +0200 -@@ -1,38 +1,38 @@ --.\" This file is distributed in the hope that it will be useful, --.\" but WITHOUT ANY WARRANTY; without even the implied warranty of --.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See --.\" the GNU General Public License for more details. --.\" --.\" You should have received a copy of the GNU General Public License --.\" along with this file; if not, write to the Free Software --.\" Foundation, Inc., 59 Temple Place, Suite 330, Boston, --.\" MA 02111-1307 USA --.\" --.\" HISTORY: --.\" 2006-05-16, created by Rodrigo Rubira Branco --.TH ncsa_auth 8 "May 16, 2006" "Squid NCSA Auth helper" --.SH NAME --ncsa_auth \- NCSA httpd-style password file authentication helper for Squid --\fB --.SH SYNOPSIS --.nf --.fam C --\fBncsa_auth\fP \fIpasswdfile\fP --.fam T --.fi --.SH DESCRIPTION --\fBncsa_auth\fP allows Squid to read and authenticate user and password information from an NCSA/Apache httpd-style password file when using basic HTTP authentication. --.PP --The only parameter is the password file. It must have permissions to be read by the user that Squid is running as (cache_effective_user in squid.conf). --.PP --This password file can be manipulated using htpasswd. --.SH OPTIONS --Only specify the password file name. --.SH EXAMPLE --\fBncsa_auth\fP /etc/squid/squid.pass --.SH SECURITY --\fBncsa_auth\fP must have access to the password file to be executed. --.SH SEE ALSO --\fBhtpasswd\fP(1), \fBsquid\fP(8) --.SH AUTHOR --Manpage written by Rodrigo Rubira Branco -+.\" This file is distributed in the hope that it will be useful, -+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of -+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See -+.\" the GNU General Public License for more details. -+.\" -+.\" You should have received a copy of the GNU General Public License -+.\" along with this file; if not, write to the Free Software -+.\" Foundation, Inc., 59 Temple Place, Suite 330, Boston, -+.\" MA 02111-1307 USA -+.\" -+.\" HISTORY: -+.\" 2006-05-16, created by Rodrigo Rubira Branco -+.TH ncsa_auth 8 "May 16, 2006" "User Manuals" "User Manuals" -+.SH NAME -+ncsa_auth \- NCSA httpd-style password file authentication helper for Squid -+\fB -+.SH SYNOPSIS -+.nf -+.fam C -+\fBncsa_auth\fP \fIpasswdfile\fP -+.fam T -+.fi -+.SH DESCRIPTION -+\fBncsa_auth\fP allows Squid to read and authenticate user and password information from an NCSA httpd-style password file when using basic HTTP authentication. -+.PP -+The only parameter is the password file. It must have permissions to be read by the user that Squid is running as. By default this user is proxy. This can be changed using the cache_effective_user directive in the squid.conf file. -+.PP -+This password file can be manipulated using htpasswd. -+.SH OPTIONS -+Only specify the password file name. -+.SH EXAMPLE -+\fBncsa_auth\fP /etc/squid/squid.pass -+.SH SECURITY -+\fBncsa_auth\fP must have access to the password file to be executed. -+.SH SEE ALSO -+\fBhtpasswd\fP(1), \fBsquid\fP(8) -+.SH AUTHOR -+Manpage written by Rodrigo Rubira Branco diff --git a/squid-3.1.11-unused.patch b/squid-3.1.11-unused.patch deleted file mode 100644 index 61ad70b..0000000 --- a/squid-3.1.11-unused.patch +++ /dev/null @@ -1,288 +0,0 @@ -diff -ur squid-3.1.12/helpers/external_acl/ldap_group/squid_ldap_group.c squid-3.1.12-fixed/helpers/external_acl/ldap_group/squid_ldap_group.c ---- squid-3.1.12/helpers/external_acl/ldap_group/squid_ldap_group.c 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/helpers/external_acl/ldap_group/squid_ldap_group.c 2011-05-03 15:47:49.120934481 +0200 -@@ -219,7 +219,6 @@ - int use_extension_dn = 0; - int strip_nt_domain = 0; - int strip_kerberos_realm = 0; -- int err = 0; - - setbuf(stdout, NULL); - -@@ -602,7 +601,6 @@ - tryagain = 1; - } - } -- err = 0; - } - if (ld) - ldap_unbind(ld); -diff -ur squid-3.1.12/helpers/ntlm_auth/fakeauth/fakeauth_auth.c squid-3.1.12-fixed/helpers/ntlm_auth/fakeauth/fakeauth_auth.c ---- squid-3.1.12/helpers/ntlm_auth/fakeauth/fakeauth_auth.c 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/helpers/ntlm_auth/fakeauth/fakeauth_auth.c 2011-05-03 15:47:49.121934482 +0200 -@@ -141,7 +141,6 @@ - { - static unsigned hash; - int r; -- char *d; - int i; - - debug("ntlmMakeChallenge: flg %08x\n", flags); -@@ -158,7 +157,6 @@ - chal->flags = flags; - chal->unknown[6] = htole16(0x003a); - -- d = (char *) chal + 48; - i = 0; - - if (authenticate_ntlm_domain != NULL) -diff -ur squid-3.1.12/src/auth/negotiate/auth_negotiate.cc squid-3.1.12-fixed/src/auth/negotiate/auth_negotiate.cc ---- squid-3.1.12/src/auth/negotiate/auth_negotiate.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/auth/negotiate/auth_negotiate.cc 2011-05-03 15:47:49.121934482 +0200 -@@ -544,7 +544,6 @@ - { - authenticateStateData *r = NULL; - static char buf[MAX_AUTHTOKEN_LEN]; -- negotiate_user_t *negotiate_user; - AuthUser *auth_user = user(); - - assert(data); -@@ -552,8 +551,6 @@ - assert(auth_user); - assert(auth_user->auth_type == AUTH_NEGOTIATE); - -- negotiate_user = dynamic_cast(user()); -- - debugs(29, 8, "AuthNegotiateUserRequest::module_start: auth state is '" << auth_state << "'"); - - if (negotiateConfig.authenticate == NULL) { -@@ -655,12 +652,10 @@ - - /** \todo rename this!! */ - AuthUser *local_auth_user; -- negotiate_user_t *negotiate_user; - - local_auth_user = user(); - assert(local_auth_user); - assert(local_auth_user->auth_type == AUTH_NEGOTIATE); -- negotiate_user = dynamic_cast(local_auth_user); - assert (this); - - /** Check that we are in the client side, where we can generate -diff -ur squid-3.1.12/src/auth/ntlm/auth_ntlm.cc squid-3.1.12-fixed/src/auth/ntlm/auth_ntlm.cc ---- squid-3.1.12/src/auth/ntlm/auth_ntlm.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/auth/ntlm/auth_ntlm.cc 2011-05-03 15:47:49.121934482 +0200 -@@ -460,7 +460,6 @@ - { - authenticateStateData *r = NULL; - static char buf[8192]; -- ntlm_user_t *ntlm_user; - AuthUser *auth_user = user(); - - assert(data); -@@ -468,8 +467,6 @@ - assert(auth_user); - assert(auth_user->auth_type == AUTH_NTLM); - -- ntlm_user = dynamic_cast(user()); -- - debugs(29, 8, "AuthNTLMUserRequest::module_start: auth state is '" << auth_state << "'"); - - if (ntlmConfig.authenticate == NULL) { -@@ -572,12 +569,10 @@ - - /* TODO: rename this!! */ - AuthUser *local_auth_user; -- ntlm_user_t *ntlm_user; - - local_auth_user = user(); - assert(local_auth_user); - assert(local_auth_user->auth_type == AUTH_NTLM); -- ntlm_user = dynamic_cast(local_auth_user); - assert (this); - - /* Check that we are in the client side, where we can generate -diff -ur squid-3.1.12/src/auth/User.cc squid-3.1.12-fixed/src/auth/User.cc ---- squid-3.1.12/src/auth/User.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/auth/User.cc 2011-05-03 15:47:49.122934483 +0200 -@@ -158,13 +158,11 @@ - */ - AuthUserHashPointer *usernamehash; - AuthUser *auth_user; -- char const *username = NULL; - debugs(29, 3, "AuthUser::CachedACLsReset: Flushing the ACL caches for all users."); - hash_first(proxy_auth_username_cache); - - while ((usernamehash = ((AuthUserHashPointer *) hash_next(proxy_auth_username_cache)))) { - auth_user = usernamehash->user(); -- username = auth_user->username(); - /* free cached acl results */ - aclCacheMatchFlush(&auth_user->proxy_match_cache); - -diff -ur squid-3.1.12/src/client_side_reply.cc squid-3.1.12-fixed/src/client_side_reply.cc ---- squid-3.1.12/src/client_side_reply.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/client_side_reply.cc 2011-05-03 15:47:49.122934483 +0200 -@@ -1056,14 +1056,6 @@ - /* haven't found end of headers yet */ - return 0; - -- int sending = SENDING_BODY; -- -- if (curReply->sline.status == HTTP_NO_CONTENT || -- curReply->sline.status == HTTP_NOT_MODIFIED || -- curReply->sline.status < HTTP_OK || -- http->request->method == METHOD_HEAD) -- sending = SENDING_HDRSONLY; -- - /* - * Figure out how much data we are supposed to send. - * If we are sending a body and we don't have a content-length, -@@ -2029,13 +2021,10 @@ - - char *buf = next()->readBuffer.data; - -- char *body_buf = buf; -- - if (buf != result.data) { - /* we've got to copy some data */ - assert(result.length <= next()->readBuffer.length); - xmemcpy(buf, result.data, result.length); -- body_buf = buf; - } - - #if USE_ZPH_QOS -Only in squid-3.1.12-fixed/src: client_side_reply.cc.orig -diff -ur squid-3.1.12/src/comm.cc squid-3.1.12-fixed/src/comm.cc ---- squid-3.1.12/src/comm.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/comm.cc 2011-05-03 15:48:48.638934477 +0200 -@@ -759,6 +759,7 @@ - /* set TOS if needed */ - if (TOS && comm_set_tos(new_socket, TOS) ) { - tos = TOS; -+ (void)tos; - } - - if ( Ip::EnableIpv6&IPV6_SPECIAL_SPLITSTACK && addr.IsIPv6() ) -diff -ur squid-3.1.12/src/DiskIO/AIO/AIODiskIOStrategy.cc squid-3.1.12-fixed/src/DiskIO/AIO/AIODiskIOStrategy.cc ---- squid-3.1.12/src/DiskIO/AIO/AIODiskIOStrategy.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/DiskIO/AIO/AIODiskIOStrategy.cc 2011-05-03 15:47:49.123934483 +0200 -@@ -123,7 +123,6 @@ - void *cbdata; - int callback_valid; - void *buf; -- int filedescriptor; - async_queue_entry_t *aqe; - async_queue_entry_type_t type; - -@@ -148,7 +147,6 @@ - /* Get the callback parameters */ - freefunc = aqe->aq_e_free; - buf = aqe->aq_e_buf; -- filedescriptor = aqe->aq_e_fd; - type = aqe->aq_e_type; - callback_valid = cbdataReferenceValidDone(aqe->aq_e_callback_data, &cbdata); - AIODiskFile * theFile = NULL; -diff -ur squid-3.1.12/src/dns_internal.cc squid-3.1.12-fixed/src/dns_internal.cc ---- squid-3.1.12/src/dns_internal.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/dns_internal.cc 2011-05-03 15:49:31.198934469 +0200 -@@ -1376,8 +1376,6 @@ - CBDATA_INIT_TYPE(idns_query); - - if (DnsSocketA < 0 && DnsSocketB < 0) { -- int port; -- - IpAddress addrA; // since we don't want to alter Config.Addrs.udp_* and dont have one of our own. - - if (!Config.Addrs.udp_outgoing.IsNoAddr()) -@@ -1413,12 +1411,12 @@ - * statement. Doing so messes up the internal Debug::level - */ - if (DnsSocketB >= 0) { -- port = comm_local_port(DnsSocketB); -+ comm_local_port(DnsSocketB); - debugs(78, 1, "DNS Socket created at " << addrB << ", FD " << DnsSocketB); - commSetSelect(DnsSocketB, COMM_SELECT_READ, idnsRead, NULL, 0); - } - if (DnsSocketA >= 0) { -- port = comm_local_port(DnsSocketA); -+ comm_local_port(DnsSocketA); - debugs(78, 1, "DNS Socket created at " << addrA << ", FD " << DnsSocketA); - commSetSelect(DnsSocketA, COMM_SELECT_READ, idnsRead, NULL, 0); - } -diff -ur squid-3.1.12/src/errorpage.cc squid-3.1.12-fixed/src/errorpage.cc ---- squid-3.1.12/src/errorpage.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/errorpage.cc 2011-05-03 15:47:49.123934483 +0200 -@@ -515,7 +515,6 @@ - ErrorState::Dump(MemBuf * mb) - { - MemBuf str; -- const char *p = NULL; /* takes priority over mb if set */ - char ntoabuf[MAX_IPSTRLEN]; - - str.reset(); -@@ -570,10 +569,6 @@ - packerToMemInit(&pck, &str); - request->header.packInto(&pck); - packerClean(&pck); -- } else if (request_hdrs) { -- p = request_hdrs; -- } else { -- p = "[none]"; - } - - str.Printf("\r\n"); -diff -ur squid-3.1.12/src/fqdncache.cc squid-3.1.12-fixed/src/fqdncache.cc ---- squid-3.1.12/src/fqdncache.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/fqdncache.cc 2011-05-03 15:49:55.533934460 +0200 -@@ -497,10 +497,9 @@ - fqdncacheHandleReply(void *data, rfc1035_rr * answers, int na, const char *error_message) - #endif - { -- int n; - fqdncache_entry *f; - static_cast(data)->unwrap(&f); -- n = ++FqdncacheStats.replies; -+ ++FqdncacheStats.replies; - const int age = f->age(); - statHistCount(&statCounter.dns.svc_time, age); - #if USE_DNSSERVERS -diff -ur squid-3.1.12/src/ftp.cc squid-3.1.12-fixed/src/ftp.cc ---- squid-3.1.12/src/ftp.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/ftp.cc 2011-05-03 15:47:49.124934483 +0200 -@@ -2453,7 +2453,6 @@ - { - int code = ftpState->ctrl.replycode; - char h1, h2, h3, h4; -- int n; - u_short port; - IpAddress ipa_remote; - int fd = ftpState->data.fd; -@@ -2521,7 +2520,7 @@ - - buf = ftpState->ctrl.last_reply + strcspn(ftpState->ctrl.last_reply, "("); - -- n = sscanf(buf, "(%c%c%c%hu%c)", &h1, &h2, &h3, &port, &h4); -+ sscanf(buf, "(%c%c%c%hu%c)", &h1, &h2, &h3, &port, &h4); - - if (h1 != h2 || h1 != h3 || h1 != h4) { - debugs(9, DBG_IMPORTANT, "Invalid EPSV reply from " << -diff -ur squid-3.1.12/src/neighbors.cc squid-3.1.12-fixed/src/neighbors.cc ---- squid-3.1.12/src/neighbors.cc 2011-04-04 03:24:06.000000000 +0200 -+++ squid-3.1.12-fixed/src/neighbors.cc 2011-05-03 15:51:08.221934455 +0200 -@@ -832,7 +832,6 @@ - peer *best_p = NULL; - #if USE_CACHE_DIGESTS - -- const cache_key *key; - int best_rtt = 0; - int choice_count = 0; - int ichoice_count = 0; -@@ -843,7 +842,7 @@ - if (!request->flags.hierarchical) - return NULL; - -- key = storeKeyPublicByRequest(request); -+ storeKeyPublicByRequest(request); - - for (i = 0, p = first_ping; i++ < Config.npeers; p = p->next) { - lookup_t lookup; diff --git a/squid-3.1.9-ltdl.patch b/squid-3.1.9-ltdl.patch index de0654a..938a45a 100644 --- a/squid-3.1.9-ltdl.patch +++ b/squid-3.1.9-ltdl.patch @@ -29,13 +29,13 @@ diff -up squid-3.1.9/Makefile.am.ltdl squid-3.1.9/Makefile.am # AUTOMAKE_OPTIONS = dist-bzip2 subdir-objects 1.5 foreign --DIST_SUBDIRS = compat lib libltdl snmplib scripts src icons errors contrib doc helpers test-suite tools -+DIST_SUBDIRS = compat lib snmplib scripts src icons errors contrib doc helpers test-suite tools +-DIST_SUBDIRS = compat lib libltdl snmplib scripts icons errors contrib doc helpers src test-suite tools ++DIST_SUBDIRS = compat lib snmplib scripts icons errors contrib doc helpers src test-suite tools SUBDIRS = compat lib $(makesnmplib) -if USE_LOADABLE_MODULES -SUBDIRS += libltdl -endif - SUBDIRS += scripts src icons errors doc helpers test-suite tools + SUBDIRS += scripts icons errors doc helpers src tools test-suite DISTCLEANFILES = include/stamp-h include/stamp-h[0-9]* diff -up squid-3.1.9/Makefile.in.ltdl squid-3.1.9/Makefile.in @@ -54,8 +54,8 @@ diff -up squid-3.1.9/Makefile.in.ltdl squid-3.1.9/Makefile.in top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ AUTOMAKE_OPTIONS = dist-bzip2 subdir-objects 1.5 foreign --DIST_SUBDIRS = compat lib libltdl snmplib scripts src icons errors contrib doc helpers test-suite tools -+DIST_SUBDIRS = compat lib snmplib scripts src icons errors contrib doc helpers test-suite tools - SUBDIRS = compat lib $(makesnmplib) $(am__append_1) scripts src icons \ - errors doc helpers test-suite tools +-DIST_SUBDIRS = compat lib libltdl snmplib scripts icons errors contrib doc helpers src test-suite tools ++DIST_SUBDIRS = compat lib snmplib scripts icons errors contrib doc helpers src test-suite tools + SUBDIRS = compat lib $(makesnmplib) $(am__append_1) scripts icons \ + errors doc helpers src tools test-suite DISTCLEANFILES = include/stamp-h include/stamp-h[0-9]* diff --git a/squid-3.2.0.9-fpic.patch b/squid-3.2.0.9-fpic.patch new file mode 100644 index 0000000..357c6a0 --- /dev/null +++ b/squid-3.2.0.9-fpic.patch @@ -0,0 +1,36 @@ +diff -up squid-3.2.0.9/compat/Makefile.in.fpic squid-3.2.0.9/compat/Makefile.in +--- squid-3.2.0.9/compat/Makefile.in.fpic 2011-07-01 11:38:35.332618191 +0200 ++++ squid-3.2.0.9/compat/Makefile.in 2011-07-01 11:41:07.207345197 +0200 +@@ -316,7 +316,7 @@ target_alias = @target_alias@ + top_build_prefix = @top_build_prefix@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ +-AM_CFLAGS = $(SQUID_CFLAGS) ++AM_CFLAGS = $(SQUID_CFLAGS) -fPIC + AM_CXXFLAGS = $(SQUID_CXXFLAGS) + CLEANFILES = testHeaders + INCLUDES = -I$(top_srcdir) -I$(top_srcdir)/include -I$(top_srcdir)/lib \ +diff -up squid-3.2.0.9/snmplib/Makefile.am.fpic squid-3.2.0.9/snmplib/Makefile.am +--- squid-3.2.0.9/snmplib/Makefile.am.fpic 2011-07-01 11:40:12.557741046 +0200 ++++ squid-3.2.0.9/snmplib/Makefile.am 2011-07-01 11:41:10.201378312 +0200 +@@ -2,7 +2,7 @@ + ## + ## Makefile for libsnmp. + ## +-AM_CFLAGS = $(SQUID_CFLAGS) ++AM_CFLAGS = $(SQUID_CFLAGS) -fPIC + AM_CXXFLAGS = $(SQUID_CXXFLAGS) + noinst_LIBRARIES = libsnmplib.a + libsnmplib_a_SOURCES = asn1.c parse.c snmp_vars.c \ +diff -up squid-3.2.0.9/snmplib/Makefile.in.fpic squid-3.2.0.9/snmplib/Makefile.in +--- squid-3.2.0.9/snmplib/Makefile.in.fpic 2011-07-01 12:04:44.083181152 +0200 ++++ squid-3.2.0.9/snmplib/Makefile.in 2011-07-01 12:05:06.796437407 +0200 +@@ -286,7 +286,7 @@ target_alias = @target_alias@ + top_build_prefix = @top_build_prefix@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ +-AM_CFLAGS = $(SQUID_CFLAGS) ++AM_CFLAGS = $(SQUID_CFLAGS) -fPIC + AM_CXXFLAGS = $(SQUID_CXXFLAGS) + noinst_LIBRARIES = libsnmplib.a + libsnmplib_a_SOURCES = asn1.c parse.c snmp_vars.c \ diff --git a/squid.spec b/squid.spec index 0c9fde4..31d881f 100644 --- a/squid.spec +++ b/squid.spec @@ -3,8 +3,8 @@ ## % define __find_requires %{SOURCE99} Name: squid -Version: 3.1.12 -Release: 3%{?dist} +Version: 3.2.0.9 +Release: 1%{?dist} Summary: The Squid proxy caching server Epoch: 7 # See CREDITS for breakdown of non GPLv2+ code @@ -12,12 +12,13 @@ License: GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain) Group: System Environment/Daemons URL: http://www.squid-cache.org Source0: http://www.squid-cache.org/Versions/v3/3.1/squid-%{version}.tar.bz2 -Source1: http://www.squid-cache.org/Versions/v3/3.1/squid-%{version}.tar.bz2.asc +#Source1: http://www.squid-cache.org/Versions/v3/3.1/squid-%{version}.tar.bz2.asc Source2: squid.init Source3: squid.logrotate Source4: squid.sysconfig Source5: squid.pam Source6: squid.nm +Source7: squid.service Source98: perl-requires-squid.sh ## Source99: filter-requires-squid.sh @@ -30,16 +31,18 @@ Source98: perl-requires-squid.sh Patch201: squid-3.1.0.9-config.patch Patch202: squid-3.1.0.9-location.patch Patch203: squid-3.0.STABLE1-perlpath.patch -Patch204: squid-3.0.STABLE7-from_manpg.patch +Patch204: squid-3.2.0.9-fpic.patch Patch205: squid-3.1.9-ltdl.patch -Patch206: squid-3.1.11-unused.patch +#Patch206: squid-3.2.0.9-lecap.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Requires: bash >= 2.0 Requires(pre): shadow-utils Requires(post): /sbin/chkconfig -Requires(preun): /sbin/service /sbin/chkconfig -Requires(postun): /sbin/service +Requires(preun): /sbin/chkconfig +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units # squid_ldap_auth and other LDAP helpers require OpenLDAP BuildRequires: openldap-devel # squid_pam_auth requires PAM development libs @@ -55,8 +58,8 @@ BuildRequires: expat-devel libxml2-devel # TPROXY requires libcap, and also increases security somewhat BuildRequires: libcap-devel # eCAP support -BuildRequires: libecap-devel -# eCAP and some other need libltdl +#BuildRequires: libecap-devel +# BuildRequires: libtool libtool-ltdl-devel %description @@ -71,6 +74,16 @@ Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. +%package sysvinit +Group: System Environment/Daemons +Summary: SysV initscript for squid caching proxy +Requires: %{name} = %{epoch}:%{version}-%{release} +Requires(preun): /sbin/service +Requires(postun): /sbin/service + +%description sysvinit +The squid-sysvinit contains SysV initscritps support. + %prep %setup -q @@ -79,19 +92,19 @@ lookup program (dnsserver), a program for retrieving FTP data %patch201 -p1 -b .config %patch202 -p1 -b .location %patch203 -p1 -b .perlpath -%patch204 -p1 -b .from_manpg +%patch204 -p1 -b .fpic %patch205 -p1 -b .ltdl -%patch206 -p1 -b .unused +#%patch206 -p1 -b .lecap %build %ifarch sparcv9 sparc64 s390 s390x - export CXXFLAGS="$RPM_OPT_FLAGS -fPIE" - export CFLAGS="$RPM_OPT_FLAGS -fPIE" + CXXFLAGS="$RPM_OPT_FLAGS -fPIE" \ + CFLAGS="$RPM_OPT_FLAGS -fPIE" \ %else - export CXXFLAGS="$RPM_OPT_FLAGS -fpie" - export CFLAGS="$RPM_OPT_FLAGS -fpie" + CXXFLAGS="$RPM_OPT_FLAGS -fpie" \ + CFLAGS="$RPM_OPT_FLAGS -fpie" \ %endif -export LDFLAGS="-pie" +LDFLAGS="-pie" %configure \ --exec_prefix=/usr \ @@ -104,11 +117,11 @@ export LDFLAGS="-pie" --disable-dependency-tracking \ --enable-arp-acl \ --enable-follow-x-forwarded-for \ - --enable-auth="basic,digest,ntlm,negotiate" \ - --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SMB,YP,getpwnam,multi-domain-NTLM,SASL,DB,POP3,squid_radius_auth" \ - --enable-ntlm-auth-helpers="smb_lm,no_check,fakeauth" \ - --enable-digest-auth-helpers="password,ldap,eDirectory" \ - --enable-negotiate-auth-helpers="squid_kerb_auth" \ + --enable-auth \ + --enable-auth-basic="DB,LDAP,MSNT,MSNT-multi-domain,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB,getpwnam" \ + --enable-auth-ntlm="smb_lm,fake" \ + --enable-auth-digest="file,LDAP,eDirectory" \ + --enable-auth-negotiate="kerberos" \ --enable-external-acl-helpers="ip_user,ldap_group,session,unix_group,wbinfo_group" \ --enable-cache-digests \ --enable-cachemgr-hostname=localhost \ @@ -128,7 +141,6 @@ export LDFLAGS="-pie" --enable-useragent-log \ --enable-wccpv2 \ --enable-esi \ - --enable-ecap \ --with-aio \ --with-default-user="squid" \ --with-filedescriptors=16384 \ @@ -167,10 +179,12 @@ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/NetworkManager/dispatcher.d +mkdir -p $RPM_BUILD_ROOT/lib/systemd/system install -m 755 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/squid install -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/squid install -m 644 %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/squid install -m 644 %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/squid +install -m 644 %{SOURCE7} ${RPM_BUILD_ROOT}/lib/systemd/system install -m 644 $RPM_BUILD_ROOT/squid.httpd.tmp $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/squid.conf install -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_sysconfdir}/NetworkManager/dispatcher.d/20-squid mkdir -p $RPM_BUILD_ROOT/var/log/squid @@ -198,6 +212,7 @@ rm -rf $RPM_BUILD_ROOT %doc COPYING COPYRIGHT README ChangeLog QUICKSTART src/squid.conf.documented %doc contrib/url-normalizer.pl contrib/rredir.* contrib/user-agents.pl +/lib/systemd/system/squid.service %attr(755,root,root) %dir %{_sysconfdir}/squid %attr(755,root,root) %dir %{_libdir}/squid %attr(750,squid,squid) %dir /var/log/squid @@ -221,16 +236,19 @@ rm -rf $RPM_BUILD_ROOT %dir %{_datadir}/squid %attr(-,root,root) %{_datadir}/squid/errors -%attr(755,root,root) %{_sysconfdir}/rc.d/init.d/squid %attr(755,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/20-squid %{_datadir}/squid/icons %{_sbindir}/squid %{_bindir}/squidclient +%{_bindir}/purge %{_mandir}/man8/* %{_mandir}/man1/* %{_libdir}/squid/* %{_datadir}/snmp/mibs/SQUID-MIB.txt +%files sysvinit +%attr(755,root,root) %{_sysconfdir}/rc.d/init.d/squid + %pre if ! getent group squid >/dev/null 2>&1; then /usr/sbin/groupadd -g 23 squid @@ -251,18 +269,18 @@ done exit 0 %post -/sbin/chkconfig --add squid +/bin/systemctl daemon-reload >/dev/null 2>&1 || : %preun if [ $1 = 0 ] ; then - service squid stop >/dev/null 2>&1 - rm -f /var/log/squid/* - /sbin/chkconfig --del squid + /bin/systemctl disable squid.service > /dev/null 2>&1 || : + /bin/systemctl stop squid.service > /dev/null 2>&1 || : fi %postun +/bin/systemctl daemon-reload >/dev/null 2>&1 || : if [ "$1" -ge "1" ] ; then - service squid condrestart >/dev/null 2>&1 + /bin/systemctl try-restart squid.service > /dev/null 2>&1 || : fi %triggerin -- samba-common @@ -272,7 +290,20 @@ fi /usr/sbin/usermod -a -G wbpriv squid >/dev/null 2>&1 || \ chgrp squid /var/cache/samba/winbindd_privileged >/dev/null 2>&1 || : +%triggerun -- %{name} < 7:3.2.0.9-1 + /sbin/chkconfig --del squid >/dev/null 2>&1 || : + /bin/systemctl try-restart squid.service >/dev/null 2>&1 || : + +%triggerpostun -n %{name}-sysvinit -- %{name} < 7:3.2.0.9-1 + /sbin/chkconfig --add squid >/dev/null 2>&1 || : + %changelog +* Tue Jun 07 2011 Jiri Skala - 7:3.2.0.9-1 +- upgrade to squid-3.2 +- fixes #720445 - Provide native systemd unit file +- SysV initscript moved to subpackage +- temproary disabled eCap + * Wed May 18 2011 Jiri Skala - 7:3.1.12-3 - enabled eCAP support