public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2015-09-17  7:53 Eray Aslan
  0 siblings, 0 replies; 9+ messages in thread
From: Eray Aslan @ 2015-09-17  7:53 UTC (permalink / raw
  To: gentoo-commits

commit:     230b16f55913585e623266d38898eda684165c02
Author:     Eray Aslan <eras <AT> gentoo <DOT> org>
AuthorDate: Thu Sep 17 07:53:17 2015 +0000
Commit:     Eray Aslan <eras <AT> gentoo <DOT> org>
CommitDate: Thu Sep 17 07:53:17 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=230b16f5

net-proxy/squid: Version bump to squid-3.5.8

Fix building with linux-headers-4.2
Gentoo-Bug: 559584

Package-Manager: portage-2.2.20.1

 net-proxy/squid/Manifest                           |   1 +
 .../squid/files/squid-kernel-headers-4.2.patch     |  14 ++
 net-proxy/squid/squid-3.5.8.ebuild                 | 250 +++++++++++++++++++++
 3 files changed, 265 insertions(+)

diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index d2153f8..bada621 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -1,2 +1,3 @@
 DIST squid-3.5.6.tar.xz 2291152 SHA256 cd080e8d5eaabebf6808792751322bd05f2a9c8fe4377f54c7155682ef6c38d5 SHA512 f6c2550cdb5b2f3317105c986caddf06d010bffa0c61d065cffcde72e5bc30c4608486c79c4b25418dfb9f0a8d7ef1d2fabb6b07d1f0262a19fafc945af98bef WHIRLPOOL 863c6f73c3c26737d98cbff15afa5b6630310226ee9ec10a3e38f646b1416137e998f9bb1e5b492e5871129aed3c98e729b3a757d35088162e671d310a887336
 DIST squid-3.5.7.tar.xz 2294580 SHA256 ec6f861bddee007b1dd320667a26ddc9ff76847bbe4cbb59c0134588e65c8699 SHA512 13757da759c1a64fe13d451cff40c4ae30b18c2939f6971b4ef25e24b771ea973e3357f05ec89fccff51acc9e2c77418880b05f6020d58b7633141b928aaf349 WHIRLPOOL 9ce722647f6144ae5192a0a177d5d085252039eed3a7cbdf1fcb638c32097bf21710db71044448fc98bdba7c15daefb79dee5912b4d0c41cbc0e0b0fda695ee1
+DIST squid-3.5.8.tar.xz 2295644 SHA256 f402a21d4fae8b3e9df13683dc530366e4b1753df21e91c05a0a9514a1abfc62 SHA512 df371934b141fd0e57223ef2a801b71ae2c88c918e1ebd17a82105d33a8f6d439da65cd6437b42a3857f0d64ce461ea31d01299d452ede3650a44cf6826e16e1 WHIRLPOOL 9ca3f07b3068a439299b30e8be924208bc36e336f7929c593563bf6dadf9eaaa051c213e34eafc1ec6db43540b61367bd666c7c172e370d600aa6823779bd192

diff --git a/net-proxy/squid/files/squid-kernel-headers-4.2.patch b/net-proxy/squid/files/squid-kernel-headers-4.2.patch
new file mode 100644
index 0000000..f56a57e
--- /dev/null
+++ b/net-proxy/squid/files/squid-kernel-headers-4.2.patch
@@ -0,0 +1,14 @@
+--- a/src/ip/Intercept.cc       2015-08-01 09:08:17.000000000 +0300
++++ b/src/ip/Intercept.cc       2015-09-12 10:03:37.000000000 +0300
+@@ -88,7 +88,10 @@
+ /* <climits> must be before including netfilter_ipv4.h */
+ #include <climits>
+ #include <linux/if.h>
+-#include <linux/netfilter_ipv4.h>
++//#include <linux/netfilter_ipv4.h>
++#if !defined(SO_ORIGINAL_DST)
++#define SO_ORIGINAL_DST 80
++#endif
+ #if HAVE_LINUX_NETFILTER_IPV6_IP6_TABLES_H
+ /* 2013-07-01: Pablo the Netfilter maintainer is rejecting patches
+  * which will enable C++ compilers to build the Netfilter public headers.

diff --git a/net-proxy/squid/squid-3.5.8.ebuild b/net-proxy/squid/squid-3.5.8.ebuild
new file mode 100644
index 0000000..1c2065f
--- /dev/null
+++ b/net-proxy/squid/squid-3.5.8.ebuild
@@ -0,0 +1,250 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit autotools eutils linux-info pam toolchain-funcs user versionator
+
+DESCRIPTION="A full-featured web proxy cache"
+HOMEPAGE="http://www.squid-cache.org/"
+SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
+	ecap esi ssl-crtd \
+	mysql postgres sqlite \
+	qos tproxy \
+	+htcp +wccp +wccpv2 \
+	pf-transparent ipf-transparent kqueue \
+	elibc_uclibc kernel_linux"
+
+COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
+	pam? ( virtual/pam )
+	ldap? ( net-nds/openldap )
+	kerberos? ( virtual/krb5 )
+	qos? ( net-libs/libnetfilter_conntrack )
+	ssl? ( dev-libs/openssl:* dev-libs/nettle >=net-libs/gnutls-3.1.5 )
+	sasl? ( dev-libs/cyrus-sasl )
+	ecap? ( net-libs/libecap:1 )
+	esi? ( dev-libs/expat dev-libs/libxml2 )
+	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
+	>=sys-libs/db-4:*
+	dev-lang/perl
+	dev-libs/libltdl:0"
+DEPEND="${COMMON_DEPEND}
+	ecap? ( virtual/pkgconfig )
+	sys-apps/ed
+	test? ( dev-util/cppunit )"
+RDEPEND="${COMMON_DEPEND}
+	samba? ( net-fs/samba )
+	mysql? ( dev-perl/DBD-mysql )
+	postgres? ( dev-perl/DBD-Pg )
+	selinux? ( sec-policy/selinux-squid )
+	sqlite? ( dev-perl/DBD-SQLite )
+	!<=sci-biology/meme-4.8.1-r1"
+
+REQUIRED_USE="tproxy? ( caps )
+			qos? ( caps )"
+
+pkg_pretend() {
+	if use tproxy; then
+		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
+		linux-info_pkg_setup
+	fi
+}
+
+pkg_setup() {
+	enewgroup squid
+	enewuser squid -1 -1 /var/cache/squid squid
+}
+
+src_prepare() {
+	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
+	epatch "${FILESDIR}/${PN}-kernel-headers-4.2.patch"
+	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
+		INSTALL QUICKSTART \
+		scripts/fileno-to-pathname.pl \
+		scripts/check_cache.pl \
+		tools/cachemgr.cgi.8 \
+		tools/purge/conffile.hh \
+		tools/purge/README  || die
+	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
+		INSTALL QUICKSTART || die
+	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
+		QUICKSTART || die
+	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
+		QUICKSTART \
+		src/log/access_log.cc || die
+	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
+		src/log/access_log.cc || die
+	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
+		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
+		helpers/external_acl/session/ext_session_acl.8 \
+		src/ssl/ssl_crtd.8 || die
+	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
+		scripts/check_cache.pl || die
+	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
+		src/ssl/ssl_crtd.8 || die
+	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
+		src/ssl/ssl_crtd.8 || die
+	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
+		src/ssl/ssl_crtd.8 || die
+	# /var/run/squid to /run/squid
+	sed -i -e 's:$(localstatedir)::' \
+		src/ipc/Makefile.am || die
+	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
+		libltdl/configure.ac || die
+
+	epatch_user
+
+	eautoreconf
+}
+
+src_configure() {
+	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
+	use samba && basic_modules+=",SMB"
+	use ldap && basic_modules+=",LDAP"
+	use pam && basic_modules+=",PAM"
+	use sasl && basic_modules+=",SASL"
+	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
+	use radius && basic_modules+=",RADIUS"
+	if use mysql || use postgres || use sqlite ; then
+		basic_modules+=",DB"
+	fi
+
+	local digest_modules="file"
+	use ldap && digest_modules+=",LDAP,eDirectory"
+
+	local negotiate_modules="none"
+	local myconf="--without-mit-krb5 --without-heimdal-krb5"
+	if use kerberos ; then
+		negotiate_modules="kerberos,wrapper"
+		if has_version app-crypt/heimdal ; then
+			myconf="--without-mit-krb5 --with-heimdal-krb5"
+		else
+			myconf="--with-mit-krb5 --without-heimdal-krb5"
+		fi
+	fi
+
+	local ntlm_modules="none"
+	use samba && ntlm_modules="smb_lm"
+
+	local ext_helpers="file_userip,session,unix_group"
+	use samba && ext_helpers+=",wbinfo_group"
+	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
+	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
+
+	local storeio_modules="aufs,diskd,rock,ufs"
+
+	local transparent
+	if use kernel_linux ; then
+		transparent+=" --enable-linux-netfilter"
+		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
+	fi
+
+	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
+		transparent+=" $(use_enable kqueue)"
+		if use pf-transparent; then
+			transparent+=" --enable-pf-transparent"
+		elif use ipf-transparent; then
+			transparent+=" --enable-ipf-transparent"
+		fi
+	fi
+
+	tc-export CC AR
+
+	econf \
+		--sysconfdir=/etc/squid \
+		--libexecdir=/usr/libexec/squid \
+		--localstatedir=/var \
+		--with-pidfile=/run/squid.pid \
+		--datadir=/usr/share/squid \
+		--with-logdir=/var/log/squid \
+		--with-default-user=squid \
+		--enable-removal-policies="lru,heap" \
+		--enable-storeio="${storeio_modules}" \
+		--enable-disk-io \
+		--enable-auth-basic="${basic_modules}" \
+		--enable-auth-digest="${digest_modules}" \
+		--enable-auth-ntlm="${ntlm_modules}" \
+		--enable-auth-negotiate="${negotiate_modules}" \
+		--enable-external-acl-helpers="${ext_helpers}" \
+		--enable-log-daemon-helpers \
+		--enable-url-rewrite-helpers \
+		--enable-cache-digests \
+		--enable-delay-pools \
+		--enable-eui \
+		--enable-icmp \
+		--enable-follow-x-forwarded-for \
+		--with-large-files \
+		--disable-strict-error-checking \
+		--disable-arch-native \
+		--with-ltdl-includedir=/usr/include \
+		--with-ltdl-libdir=/usr/$(get_libdir) \
+		$(use_with caps libcap) \
+		$(use_enable ipv6) \
+		$(use_enable snmp) \
+		$(use_with ssl openssl) \
+		$(use_with ssl nettle) \
+		$(use_with ssl gnutls) \
+		$(use_enable ssl-crtd) \
+		$(use_enable ecap) \
+		$(use_enable esi) \
+		$(use_enable htcp) \
+		$(use_enable wccp) \
+		$(use_enable wccpv2) \
+		${transparent} \
+		${myconf}
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+
+	# need suid root for looking into /etc/shadow
+	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
+	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
+	if use pam; then
+		fowners root:squid /usr/libexec/squid/basic_pam_auth
+		fperms 4750 /usr/libexec/squid/basic_pam_auth
+	fi
+	# pinger needs suid as well
+	fowners root:squid /usr/libexec/squid/pinger
+	fperms 4750 /usr/libexec/squid/pinger
+
+	# cleanup
+	rm -f "${D}"/usr/bin/Run*
+	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
+
+	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
+	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
+	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
+	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
+	newdoc tools/purge/README README.purge
+	newdoc tools/helper-mux.README README.helper-mux
+	dohtml RELEASENOTES.html
+
+	newpamd "${FILESDIR}/squid.pam" squid
+	newconfd "${FILESDIR}/squid.confd-r1" squid
+	newinitd "${FILESDIR}/squid.initd-r4" squid
+	if use logrotate; then
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/squid.logrotate" squid
+	else
+		exeinto /etc/cron.weekly
+		newexe "${FILESDIR}/squid.cron" squid.cron
+	fi
+
+	diropts -m0750 -o squid -g squid
+	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
+}
+
+pkg_postinst() {
+	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
+		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
+		elog "Please read the release notes at:"
+		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
+		echo
+	fi
+}


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2016-05-24  6:56 Eray Aslan
  0 siblings, 0 replies; 9+ messages in thread
From: Eray Aslan @ 2016-05-24  6:56 UTC (permalink / raw
  To: gentoo-commits

commit:     4888b6cd5b8f72753e30f7a6f22fdd2549a14214
Author:     Eray Aslan <eras <AT> gentoo <DOT> org>
AuthorDate: Tue May 24 06:55:39 2016 +0000
Commit:     Eray Aslan <eras <AT> gentoo <DOT> org>
CommitDate: Tue May 24 06:56:20 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4888b6cd

net-proxy/squid: remove old

Package-Manager: portage-2.3.0_rc1

 net-proxy/squid/Manifest                           |   9 -
 net-proxy/squid/files/squid-3.3.4-gentoo.patch     | 131 -----------
 .../squid/files/squid-kernel-headers-4.2.patch     |  14 --
 net-proxy/squid/squid-3.5.10.ebuild                | 249 --------------------
 net-proxy/squid/squid-3.5.11.ebuild                | 249 --------------------
 net-proxy/squid/squid-3.5.12.ebuild                | 249 --------------------
 net-proxy/squid/squid-3.5.14.ebuild                | 249 --------------------
 net-proxy/squid/squid-3.5.16-r1.ebuild             | 250 ---------------------
 net-proxy/squid/squid-3.5.16.ebuild                | 249 --------------------
 net-proxy/squid/squid-3.5.6.ebuild                 | 247 --------------------
 net-proxy/squid/squid-3.5.7.ebuild                 | 247 --------------------
 net-proxy/squid/squid-3.5.8.ebuild                 | 250 ---------------------
 net-proxy/squid/squid-3.5.9.ebuild                 | 250 ---------------------
 13 files changed, 2643 deletions(-)

diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index 10b6759..b0452a5 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -1,12 +1,3 @@
-DIST squid-3.5.10.tar.xz 2297452 SHA256 736e69fbddd6e985d2f85c995526f0a2bc4294c46dfb6737c0ccf09274a458b3 SHA512 b577cf90ccc240ae7be42df36cb592399a5f43b7a38df47f3df404aa4b6fb8ceaf568696251376fbc5e30686e6d5b77942852fb94e79d71676aaf35ffde17d21 WHIRLPOOL d422fcbf6d274fa4535c7bb2b8845e1f2f0d5ea42776a6ec517a34ceb87947b01c5412bec332fd634ed2fcef77e7de64fb138ef044fecfd00f3073c71c25513a
-DIST squid-3.5.11.tar.xz 2298436 SHA256 c26211b8e349fd9a5fd357da33074ff6523c111024dd3a5a1f77153538aa40cf SHA512 7d7557f949d7a5995eff4745f6bf58d3c4899b882828a83332e269c4396de8470d7847d76701f383fd889cf7990b8d5c9ace6d557d00a9dd4a8d326f9b116c09 WHIRLPOOL 47acb40ecdaee9ce166e8db0da8a9642125a6af8306b3fd47e29c2edb7e96242a9535f1dfb028310334863fe914458c8b3d6f0f0f9c26c1c44cf4fdea0b2ed02
-DIST squid-3.5.12.tar.xz 2299644 SHA256 8bc83f3869f7404aefb10883109e28443255cf6dde50a13904c7954619707a42 SHA512 2620f2b560df58c9a6ca5be38e91e7b67ee04a5a28de133ecd0fed232094570c453690a08a4835ad59ebf1cd002a6e6d7c7c4ea502b6d719d74f97111a5302d1 WHIRLPOOL 758c5f9d0a7dd8c87052008ec994966263f6fc956fdd9a254977f79bc2cccabe22e1dda6c6119f4e411ecec8ace9af8a5b86430ceccc075481e46955cc69dd25
-DIST squid-3.5.14.tar.xz 2315320 SHA256 79ec4cdd4f965314e6db8e3f6ddcebf2d24518edd790a68e0bd4d0a7735ace1b SHA512 0b500dbe36fb9cd487e6954244bad7fbebd2bd6af442d1c5f7ebf9c73d846a1b1c061b035afa3bf34709e41e0fef4c8023f0d1114e21b794591ee49fe8843a1f WHIRLPOOL 1c89b4aa961aa8c6b3c8f68662f506432b5f54922f49749d7977708f186bb4a842ef7182190c0ad403f4d3b0ac670d940044556db60dbcffae04dcb9b5b35738
 DIST squid-3.5.15.tar.xz 2315628 SHA256 9cfce3231c7b3b33816fc54414d8720a51ac5e723663e0685a8bb995b9f450d2 SHA512 b5a6b4bc94d007f475419123b7ff4cdf7d47a024b859d2f7de0952115285114f06fd389fc6f463c21a1ce7d41e06227972bd802bafd2704cf0814afdee893dde WHIRLPOOL a8c73ac1a9a36b405cfb2d804ad51e673ffc812e561860f5b2775b468fcebc84834842ae4f55d4be928936f1750ea54b54d788149758a362282e1287696fe094
-DIST squid-3.5.16.tar.xz 2317320 SHA256 e73d821180eed8bed230f357c680c0b19f1efa51a24725e810f2b48a2079d385 SHA512 117cf70dd87aff0c0db209648c43a8c2f056c87331133948a799715748a28133df32cf6982251a8c1366c960bbda2bd2d33287df0df7c642632723c6dbedc8cf WHIRLPOOL 2b44e2066f728a5b5218969896aaf2373a468a94ac1f0e9d23947b5bcf0933f6af72c219f822e34f88fdc90423b7619de81c6fa9130ed6f7539055e88e546006
 DIST squid-3.5.17.tar.xz 2318216 SHA256 cb04e34f6ec80a5ae6caaef042703c841d3803c4c280e75eff12a5a6c84951a2 SHA512 7531c208278ee42b9e34b4e49a249bb033389207546cf0172a2657d60d08146d36ee8f9296e16eea13c552bad01f3ef8592b1486556756edb0b3304b17306661 WHIRLPOOL 4aaf4108c1223f16e1b544244d26288cc96ee5f17b3322070fa35dc3069e588a1270df1531104554e7ac8b0316bc722edb812d0a41b871ec50020e514ef0d411
 DIST squid-3.5.19.tar.xz 2318720 SHA256 c4b8a2efb85acc600e506605f175298ce3324048e60f4708926d354fe4b5c7a0 SHA512 b2e70845d87a3a3d57b8ff08c6fb21137cedc75c8076a8e004a4b4031a7045d13f13de2b2aa98435e39770aefe1db838538ed62fc4169f83797c99fc0883f650 WHIRLPOOL 73ce9e63bbf5d494ff40b2379930e2723f01507782b3c332ea0e2b3d1c813c914fdfea47d22f9b004d0bac5a826928b5e47fa0fdb190c2be5235e1c51c25c575
-DIST squid-3.5.6.tar.xz 2291152 SHA256 cd080e8d5eaabebf6808792751322bd05f2a9c8fe4377f54c7155682ef6c38d5 SHA512 f6c2550cdb5b2f3317105c986caddf06d010bffa0c61d065cffcde72e5bc30c4608486c79c4b25418dfb9f0a8d7ef1d2fabb6b07d1f0262a19fafc945af98bef WHIRLPOOL 863c6f73c3c26737d98cbff15afa5b6630310226ee9ec10a3e38f646b1416137e998f9bb1e5b492e5871129aed3c98e729b3a757d35088162e671d310a887336
-DIST squid-3.5.7.tar.xz 2294580 SHA256 ec6f861bddee007b1dd320667a26ddc9ff76847bbe4cbb59c0134588e65c8699 SHA512 13757da759c1a64fe13d451cff40c4ae30b18c2939f6971b4ef25e24b771ea973e3357f05ec89fccff51acc9e2c77418880b05f6020d58b7633141b928aaf349 WHIRLPOOL 9ce722647f6144ae5192a0a177d5d085252039eed3a7cbdf1fcb638c32097bf21710db71044448fc98bdba7c15daefb79dee5912b4d0c41cbc0e0b0fda695ee1
-DIST squid-3.5.8.tar.xz 2295644 SHA256 f402a21d4fae8b3e9df13683dc530366e4b1753df21e91c05a0a9514a1abfc62 SHA512 df371934b141fd0e57223ef2a801b71ae2c88c918e1ebd17a82105d33a8f6d439da65cd6437b42a3857f0d64ce461ea31d01299d452ede3650a44cf6826e16e1 WHIRLPOOL 9ca3f07b3068a439299b30e8be924208bc36e336f7929c593563bf6dadf9eaaa051c213e34eafc1ec6db43540b61367bd666c7c172e370d600aa6823779bd192
-DIST squid-3.5.9.tar.xz 2296384 SHA256 9e9a3dc16e6f97258f2c3589dc6163bec20fb9369aec1fe03612dbca76d185d3 SHA512 e9db2eb1674feb4242c5498d24c44ba53eb1ac8df71465301a6e2462051788b45d38e779edc38a944c7ac903bfef0dde52a9b0e167ef15d71084b7b6e405c666 WHIRLPOOL 48c9866f36882051072fde81521189c463d35a72954f0d891b0f65f7caa49f078b1ad5229244b3c9bd51e8c4f07c947313eacffc3d94ac211c95f432deed3657

diff --git a/net-proxy/squid/files/squid-3.3.4-gentoo.patch b/net-proxy/squid/files/squid-3.3.4-gentoo.patch
deleted file mode 100644
index fb049e9..0000000
--- a/net-proxy/squid/files/squid-3.3.4-gentoo.patch
+++ /dev/null
@@ -1,131 +0,0 @@
-diff --git a/configure.ac b/configure.ac
-index a863327..deb44ed 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -26,9 +26,9 @@ PRESET_CFLAGS="$CFLAGS"
- PRESET_LDFLAGS="$LDFLAGS"
- 
- dnl Set default LDFLAGS
--if test "x$LDFLAGS" = "x" ; then
--  LDFLAGS="-g"
--fi
-+dnl if test "x$LDFLAGS" = "x" ; then
-+dnl   LDFLAGS="-g"
-+dnl fi
- 
- # Check for GNU cc
- AC_PROG_CC
-diff --git a/helpers/basic_auth/SMB/basic_smb_auth.sh b/helpers/basic_auth/SMB/basic_smb_auth.sh
-index 2a1abb3..b3ebb7a 100755
---- a/helpers/basic_auth/SMB/basic_smb_auth.sh
-+++ b/helpers/basic_auth/SMB/basic_smb_auth.sh
-@@ -24,7 +24,7 @@ read NMBCAST
- read AUTHSHARE
- read AUTHFILE
- read SMBUSER
--read SMBPASS
-+read -r SMBPASS
- 
- # Find domain controller
- echo "Domain name: $DOMAINNAME"
-@@ -47,7 +47,7 @@ else
-   addropt=""
- fi
- echo "Query address options: $addropt"
--dcip=`nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
-+dcip=`nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
- echo "Domain controller IP address: $dcip"
- [ -n "$dcip" ] || exit 1
- 
-diff --git a/src/Makefile.am b/src/Makefile.am
-index 6b69267..10f506a 100644
---- a/src/Makefile.am
-+++ b/src/Makefile.am
-@@ -867,8 +867,8 @@ DEFAULT_LOG_PREFIX	= $(DEFAULT_LOG_DIR)
- DEFAULT_CACHE_LOG	= $(DEFAULT_LOG_PREFIX)/cache.log
- DEFAULT_ACCESS_LOG	= $(DEFAULT_LOG_PREFIX)/access.log
- DEFAULT_STORE_LOG	= $(DEFAULT_LOG_PREFIX)/store.log
--DEFAULT_NETDB_FILE	= $(DEFAULT_LOG_PREFIX)/netdb.state
--DEFAULT_SSL_DB_DIR	= $(localstatedir)/lib/ssl_db
-+DEFAULT_NETDB_FILE	= $(localstatedir)/lib/squid/netdb.state
-+DEFAULT_SSL_DB_DIR	= $(localstatedir)/lib/squid/ssl_db
- DEFAULT_PINGER		= $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
- DEFAULT_UNLINKD		= $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
- DEFAULT_LOGFILED	= $(libexecdir)/`echo log_file_daemon | sed '$(transform);s/$$/$(EXEEXT)/'`
-diff --git a/src/debug.cc b/src/debug.cc
-index 64ab0ba..062119a 100644
---- a/src/debug.cc
-+++ b/src/debug.cc
-@@ -450,7 +450,7 @@ _db_init(const char *logfile, const char *options)
- #if HAVE_SYSLOG && defined(LOG_LOCAL4)
- 
-     if (Debug::log_syslog)
--        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
-+        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility);
- 
- #endif /* HAVE_SYSLOG */
- 
-diff --git a/src/main.cc b/src/main.cc
-index d6eb01a..0b93f0e 100644
---- a/src/main.cc
-+++ b/src/main.cc
-@@ -1657,7 +1657,7 @@ watch_child(char *argv[])
-     if (!IamMasterProcess())
-         return;
- 
--    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
- 
-     if ((pid = fork()) < 0)
-         syslog(LOG_ALERT, "fork failed: %s", xstrerror());
-@@ -1720,7 +1720,7 @@ watch_child(char *argv[])
- 
-             if ((pid = fork()) == 0) {
-                 /* child */
--                openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+                openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
-                 prog = argv[0];
-                 argv[0] = const_cast<char*>(kid.name().termedBuf());
-                 execvp(prog, argv);
-@@ -1733,7 +1733,7 @@ watch_child(char *argv[])
-         }
- 
-         /* parent */
--        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
- 
-         squid_signal(SIGINT, SIG_IGN, SA_RESTART);
- 
---- a/src/cf.data.pre	2013-04-29 11:17:59.256167134 +0300
-+++ b/src/cf.data.pre	2013-04-29 11:20:17.043924313 +0300
-@@ -1019,6 +1019,7 @@
- acl Safe_ports port 488		# gss-http
- acl Safe_ports port 591		# filemaker
- acl Safe_ports port 777		# multiling http
-+acl Safe_ports port 901		# SWAT
- acl CONNECT method CONNECT
- NOCOMMENT_END
- DOC_END
-@@ -5300,11 +5301,11 @@
- 
- NAME: cache_mgr
- TYPE: string
--DEFAULT: webmaster
-+DEFAULT: root
- LOC: Config.adminEmail
- DOC_START
- 	Email-address of local cache manager who will receive
--	mail if the cache dies.  The default is "webmaster".
-+	mail if the cache dies.  The default is "root".
- DOC_END
- 
- NAME: mail_from
-@@ -8052,7 +8053,7 @@
- NAME: forwarded_for
- COMMENT: on|off|transparent|truncate|delete
- TYPE: string
--DEFAULT: on
-+DEFAULT: delete
- LOC: opt_forwarded_for
- DOC_START
- 	If set to "on", Squid will append your client's IP address

diff --git a/net-proxy/squid/files/squid-kernel-headers-4.2.patch b/net-proxy/squid/files/squid-kernel-headers-4.2.patch
deleted file mode 100644
index f56a57e..0000000
--- a/net-proxy/squid/files/squid-kernel-headers-4.2.patch
+++ /dev/null
@@ -1,14 +0,0 @@
---- a/src/ip/Intercept.cc       2015-08-01 09:08:17.000000000 +0300
-+++ b/src/ip/Intercept.cc       2015-09-12 10:03:37.000000000 +0300
-@@ -88,7 +88,10 @@
- /* <climits> must be before including netfilter_ipv4.h */
- #include <climits>
- #include <linux/if.h>
--#include <linux/netfilter_ipv4.h>
-+//#include <linux/netfilter_ipv4.h>
-+#if !defined(SO_ORIGINAL_DST)
-+#define SO_ORIGINAL_DST 80
-+#endif
- #if HAVE_LINUX_NETFILTER_IPV6_IP6_TABLES_H
- /* 2013-07-01: Pablo the Netfilter maintainer is rejecting patches
-  * which will enable C++ compilers to build the Netfilter public headers.

diff --git a/net-proxy/squid/squid-3.5.10.ebuild b/net-proxy/squid/squid-3.5.10.ebuild
deleted file mode 100644
index 141bd8d..0000000
--- a/net-proxy/squid/squid-3.5.10.ebuild
+++ /dev/null
@@ -1,249 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:0 dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.11.ebuild b/net-proxy/squid/squid-3.5.11.ebuild
deleted file mode 100644
index 141bd8d..0000000
--- a/net-proxy/squid/squid-3.5.11.ebuild
+++ /dev/null
@@ -1,249 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:0 dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.12.ebuild b/net-proxy/squid/squid-3.5.12.ebuild
deleted file mode 100644
index 5b02352..0000000
--- a/net-proxy/squid/squid-3.5.12.ebuild
+++ /dev/null
@@ -1,249 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ~ia64 ~mips ~ppc ppc64 ~sparc x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:0 dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.14.ebuild b/net-proxy/squid/squid-3.5.14.ebuild
deleted file mode 100644
index f92b88f..0000000
--- a/net-proxy/squid/squid-3.5.14.ebuild
+++ /dev/null
@@ -1,249 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:0 dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.16-r1.ebuild b/net-proxy/squid/squid-3.5.16-r1.ebuild
deleted file mode 100644
index e684e5f..0000000
--- a/net-proxy/squid/squid-3.5.16-r1.ebuild
+++ /dev/null
@@ -1,250 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:0 dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5-14022.patch"
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.16.ebuild b/net-proxy/squid/squid-3.5.16.ebuild
deleted file mode 100644
index f92b88f..0000000
--- a/net-proxy/squid/squid-3.5.16.ebuild
+++ /dev/null
@@ -1,249 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:0 dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.6.ebuild b/net-proxy/squid/squid-3.5.6.ebuild
deleted file mode 100644
index 9598d04..0000000
--- a/net-proxy/squid/squid-3.5.6.ebuild
+++ /dev/null
@@ -1,247 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:* dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.3.4-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.7.ebuild b/net-proxy/squid/squid-3.5.7.ebuild
deleted file mode 100644
index f0c50da..0000000
--- a/net-proxy/squid/squid-3.5.7.ebuild
+++ /dev/null
@@ -1,247 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:* dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.8.ebuild b/net-proxy/squid/squid-3.5.8.ebuild
deleted file mode 100644
index 1c2065f..0000000
--- a/net-proxy/squid/squid-3.5.8.ebuild
+++ /dev/null
@@ -1,250 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:* dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	epatch "${FILESDIR}/${PN}-kernel-headers-4.2.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.9.ebuild b/net-proxy/squid/squid-3.5.9.ebuild
deleted file mode 100644
index 1c2065f..0000000
--- a/net-proxy/squid/squid-3.5.9.ebuild
+++ /dev/null
@@ -1,250 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:* dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	epatch "${FILESDIR}/${PN}-kernel-headers-4.2.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2016-07-12 12:50 Eray Aslan
  0 siblings, 0 replies; 9+ messages in thread
From: Eray Aslan @ 2016-07-12 12:50 UTC (permalink / raw
  To: gentoo-commits

commit:     7d76da31430622f08ab2d3e2a77ee7f02ac086a1
Author:     Eray Aslan <eras <AT> gentoo <DOT> org>
AuthorDate: Tue Jul 12 12:50:39 2016 +0000
Commit:     Eray Aslan <eras <AT> gentoo <DOT> org>
CommitDate: Tue Jul 12 12:50:39 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7d76da31

net-proxy/squid: remove old

Package-Manager: portage-2.3.0

 net-proxy/squid/Manifest                    |   2 -
 net-proxy/squid/files/squid-3.5-14022.patch |  50 ------
 net-proxy/squid/squid-3.5.15.ebuild         | 249 ----------------------------
 net-proxy/squid/squid-3.5.17.ebuild         | 249 ----------------------------
 4 files changed, 550 deletions(-)

diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index b0452a5..0158642 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -1,3 +1 @@
-DIST squid-3.5.15.tar.xz 2315628 SHA256 9cfce3231c7b3b33816fc54414d8720a51ac5e723663e0685a8bb995b9f450d2 SHA512 b5a6b4bc94d007f475419123b7ff4cdf7d47a024b859d2f7de0952115285114f06fd389fc6f463c21a1ce7d41e06227972bd802bafd2704cf0814afdee893dde WHIRLPOOL a8c73ac1a9a36b405cfb2d804ad51e673ffc812e561860f5b2775b468fcebc84834842ae4f55d4be928936f1750ea54b54d788149758a362282e1287696fe094
-DIST squid-3.5.17.tar.xz 2318216 SHA256 cb04e34f6ec80a5ae6caaef042703c841d3803c4c280e75eff12a5a6c84951a2 SHA512 7531c208278ee42b9e34b4e49a249bb033389207546cf0172a2657d60d08146d36ee8f9296e16eea13c552bad01f3ef8592b1486556756edb0b3304b17306661 WHIRLPOOL 4aaf4108c1223f16e1b544244d26288cc96ee5f17b3322070fa35dc3069e588a1270df1531104554e7ac8b0316bc722edb812d0a41b871ec50020e514ef0d411
 DIST squid-3.5.19.tar.xz 2318720 SHA256 c4b8a2efb85acc600e506605f175298ce3324048e60f4708926d354fe4b5c7a0 SHA512 b2e70845d87a3a3d57b8ff08c6fb21137cedc75c8076a8e004a4b4031a7045d13f13de2b2aa98435e39770aefe1db838538ed62fc4169f83797c99fc0883f650 WHIRLPOOL 73ce9e63bbf5d494ff40b2379930e2723f01507782b3c332ea0e2b3d1c813c914fdfea47d22f9b004d0bac5a826928b5e47fa0fdb190c2be5235e1c51c25c575

diff --git a/net-proxy/squid/files/squid-3.5-14022.patch b/net-proxy/squid/files/squid-3.5-14022.patch
deleted file mode 100644
index 4b598b6..0000000
--- a/net-proxy/squid/files/squid-3.5-14022.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-------------------------------------------------------------
-revno: 14022
-revision-id: squid3@treenet.co.nz-20160411131130-z2lp1uj94sovgthy
-parent: squid3@treenet.co.nz-20160411124138-zsrf0ltaxlj25k2x
-fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4481
-committer: Amos Jeffries <squid3@treenet.co.nz>
-branch nick: 3.5
-timestamp: Tue 2016-04-12 01:11:30 +1200
-message:
-  Bug 4481: varyEvaluateMatch: Oops. Not a Vary match on second attempt
-------------------------------------------------------------
-# Bazaar merge directive format 2 (Bazaar 0.90)
-# revision_id: squid3@treenet.co.nz-20160411131130-z2lp1uj94sovgthy
-# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# testament_sha1: 91af3a71dfc316577c5661733fc0c9fdeeb8ba83
-# timestamp: 2016-04-11 13:50:55 +0000
-# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
-# base_revision_id: squid3@treenet.co.nz-20160411124138-\
-#   zsrf0ltaxlj25k2x
-# 
-# Begin patch
-=== modified file 'src/StoreMetaVary.cc'
---- src/StoreMetaVary.cc	2016-04-01 06:15:31 +0000
-+++ src/StoreMetaVary.cc	2016-04-11 13:11:30 +0000
-@@ -22,6 +22,9 @@
-         /* XXX separate this mutator from the query */
-         /* Assume the object is OK.. remember the vary request headers */
-         e->mem_obj->vary_headers.assign(static_cast<const char *>(value), length);
-+        /* entries created before SBuf vary handling may include string terminator */
-+        static const SBuf nul("\0", 1);
-+        e->mem_obj->vary_headers.trim(nul);
-         return true;
-     }
- 
-
-=== modified file 'src/store_swapmeta.cc'
---- src/store_swapmeta.cc	2016-04-01 06:15:31 +0000
-+++ src/store_swapmeta.cc	2016-04-11 13:11:30 +0000
-@@ -89,9 +89,7 @@
-     SBuf vary(e->mem_obj->vary_headers);
- 
-     if (!vary.isEmpty()) {
--        // TODO: do we still need +1 here? StoreMetaVary::checkConsistency
--        //       no longer relies on nul-termination, but other things might.
--        t = StoreMeta::Factory(STORE_META_VARY_HEADERS, vary.length() + 1, vary.c_str());
-+        t = StoreMeta::Factory(STORE_META_VARY_HEADERS, vary.length(), vary.c_str());
- 
-         if (!t) {
-             storeSwapTLVFree(TLV);
-

diff --git a/net-proxy/squid/squid-3.5.15.ebuild b/net-proxy/squid/squid-3.5.15.ebuild
deleted file mode 100644
index e808f01..0000000
--- a/net-proxy/squid/squid-3.5.15.ebuild
+++ /dev/null
@@ -1,249 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sparc x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:0 dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}

diff --git a/net-proxy/squid/squid-3.5.17.ebuild b/net-proxy/squid/squid-3.5.17.ebuild
deleted file mode 100644
index a48b508..0000000
--- a/net-proxy/squid/squid-3.5.17.ebuild
+++ /dev/null
@@ -1,249 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI=5
-inherit autotools eutils linux-info pam toolchain-funcs user versionator
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-SRC_URI="http://www.squid-cache.org/Versions/v3/3.5/${P}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ~ia64 ~mips ~ppc ppc64 ~sparc ~x86 ~x86-fbsd"
-IUSE="caps ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( virtual/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? ( dev-libs/openssl:0 dev-libs/nettle >=net-libs/gnutls-3.1.5 )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
-	>=sys-libs/db-4:*
-	dev-lang/perl
-	dev-libs/libltdl:0"
-DEPEND="${COMMON_DEPEND}
-	ecap? ( virtual/pkgconfig )
-	sys-apps/ed
-	test? ( dev-util/cppunit )"
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )
-	!<=sci-biology/meme-4.8.1-r1"
-
-REQUIRED_USE="tproxy? ( caps )
-			qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-pkg_setup() {
-	enewgroup squid
-	enewuser squid -1 -1 /var/cache/squid squid
-}
-
-src_prepare() {
-	epatch "${FILESDIR}/${PN}-3.5.7-gentoo.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/README  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		helpers/external_acl/unix_group/ext_unix_group_acl.8 \
-		helpers/external_acl/session/ext_session_acl.8 \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	sed -i -e 's:/usr/local/squid/ssl_cert:/etc/ssl/squid:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/usr/local/squid/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	sed -i -e 's:/var/lib/ssl_db:/var/lib/squid/ssl_db:' \
-		src/ssl/ssl_crtd.8 || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	epatch_user
-
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="MSNT-multi-domain,NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="smb_lm"
-
-	local ext_helpers="file_userip,session,unix_group"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export CC AR
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-ltdl-includedir=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with ssl gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# cleanup
-	rm -f "${D}"/usr/bin/Run*
-	rm -rf "${D}"/run/squid "${D}"/var/cache/squid
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc helpers/negotiate_auth/kerberos/README README.kerberos
-	newdoc helpers/basic_auth/RADIUS/README README.RADIUS
-	newdoc helpers/external_acl/kerberos_ldap_group/README README.kerberos_ldap_group
-	newdoc tools/purge/README README.purge
-	newdoc tools/helper-mux.README README.helper-mux
-	dohtml RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r1" squid
-	newinitd "${FILESDIR}/squid.initd-r4" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	if [[ $(get_version_component_range 1 ${REPLACING_VERSIONS}) -lt 3 ]] || \
-		[[ $(get_version_component_range 2 ${REPLACING_VERSIONS}) -lt 5 ]]; then
-		elog "Please read the release notes at:"
-		elog "  http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html"
-		echo
-	fi
-}


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2019-03-04 19:57 Mikle Kolyada
  0 siblings, 0 replies; 9+ messages in thread
From: Mikle Kolyada @ 2019-03-04 19:57 UTC (permalink / raw
  To: gentoo-commits

commit:     ee8980c56616066c8eabc6ee4f0d9077939f8198
Author:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
AuthorDate: Mon Mar  4 19:50:21 2019 +0000
Commit:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
CommitDate: Mon Mar  4 19:56:33 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee8980c5

net-proxy/squid: Version bump (v4.6)

Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11

 net-proxy/squid/Manifest                     |   1 +
 net-proxy/squid/files/squid-4.3-gentoo.patch |  79 ++++++++
 net-proxy/squid/files/squid.confd-r2         |  19 ++
 net-proxy/squid/files/squid.initd-r5         | 123 ++++++++++++
 net-proxy/squid/squid-4.6.ebuild             | 276 +++++++++++++++++++++++++++
 5 files changed, 498 insertions(+)

diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index 217180128c0..ec29169dcdf 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -1,2 +1,3 @@
 DIST squid-3.5.27.tar.xz 2303468 BLAKE2B 448dbb703469bdd38a0e88da8e473510e9652fc7c7ae2e48bf687a4c2e1698f3baa92c212631fd3734ee51bead89980d31af58d64654418a7c4c4a16e1be751e SHA512 4172a053c3b7ffe7a12dfb3febac96942d0fbbe7e98e3f797f22cd75b0a3a89cbbfe7260b5daad099e79d5e9303bb5dfbfee7499cb30a90590aa1bd242ff4817
 DIST squid-3.5.28.tar.xz 2304680 BLAKE2B 9b41a191210ea441ebd2847e9dc2cfacf3ba9fa8ceb81513b4cb449b13f7e81d28e3f3c9c46003db6d3d8a936fbd2275e42e18c23bd9d7667b9bd6890a1627a8 SHA512 da8367d364725c7fd6330e7588b0ff70d32978a17ca0bc5fe58fa6d12c9d2adb42ade0a492c835761bc7fd67c1a55300b4b7402ad939cf2a2aa5104233bbb74b
+DIST squid-4.6.tar.xz 2439792 BLAKE2B 1344acfd4ba135d5ec6881612614f735c6e4791f9b15dcc2f572b93e7f7c9e39585aa0b30aef5b09e40a9599e7fe7d3a118f878adac8f272b014ac3d65a83fae SHA512 dbe2b02b83d53d67459e22a19e71cbf99b66d74a2ddc4bc69310f03a0a6092e5840766ad699fc43893516e97ef89799ef2147dd40f76b0bd688c1e271fd20d06

diff --git a/net-proxy/squid/files/squid-4.3-gentoo.patch b/net-proxy/squid/files/squid-4.3-gentoo.patch
new file mode 100644
index 00000000000..f5152b89885
--- /dev/null
+++ b/net-proxy/squid/files/squid-4.3-gentoo.patch
@@ -0,0 +1,79 @@
+--- a/configure.ac	2018-10-14 17:22:35.000000000 +0300
++++ b/configure.ac	2018-10-17 21:27:24.806986467 +0300
+@@ -32,9 +32,9 @@ PRESET_CXXFLAGS="$CXXFLAGS"
+ PRESET_LDFLAGS="$LDFLAGS"
+ 
+ dnl Set default LDFLAGS
+-if test "x$LDFLAGS" = "x" ; then
+-  LDFLAGS="-g"
+-fi
++dnl if test "x$LDFLAGS" = "x" ; then
++dnl   LDFLAGS="-g"
++dnl fi
+ 
+ # Check for GNU cc
+ AC_PROG_CC
+--- a/src/cf.data.pre	2018-10-14 08:25:34.000000000 +0300
++++ b/src/cf.data.pre	2018-10-17 21:27:24.809986705 +0300
+@@ -1520,6 +1520,7 @@ acl Safe_ports port 280		# http-mgmt
+ acl Safe_ports port 488		# gss-http
+ acl Safe_ports port 591		# filemaker
+ acl Safe_ports port 777		# multiling http
++acl Safe_ports port 901		# SWAT
+ acl CONNECT method CONNECT
+ NOCOMMENT_END
+ DOC_END
+@@ -6819,11 +6820,11 @@ COMMENT_END
+ 
+ NAME: cache_mgr
+ TYPE: string
+-DEFAULT: webmaster
++DEFAULT: root
+ LOC: Config.adminEmail
+ DOC_START
+ 	Email-address of local cache manager who will receive
+-	mail if the cache dies.  The default is "webmaster".
++	mail if the cache dies.  The default is "root".
+ DOC_END
+ 
+ NAME: mail_from
+--- a/src/debug.cc	2018-10-14 08:25:34.000000000 +0300
++++ b/src/debug.cc	2018-10-17 21:27:24.807986546 +0300
+@@ -490,7 +490,7 @@ _db_init(const char *logfile, const char
+ #if HAVE_SYSLOG && defined(LOG_LOCAL4)
+ 
+     if (Debug::log_syslog)
+-        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
++        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility);
+ 
+ #endif /* HAVE_SYSLOG */
+ 
+--- a/src/main.cc	2018-10-14 08:25:34.000000000 +0300
++++ b/src/main.cc	2018-10-17 21:28:28.632044541 +0300
+@@ -1912,7 +1912,7 @@ watch_child(const CommandLine &masterCom
+ 
+     enter_suid();
+ 
+-    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+ 
+     if (!opt_foreground)
+         GoIntoBackground();
+@@ -2012,7 +2012,7 @@ watch_child(const CommandLine &masterCom
+ 
+             if ((pid = fork()) == 0) {
+                 /* child */
+-                openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++                openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+                 (void)execvp(masterCommand.arg0(), kidCommand.argv());
+                 int xerrno = errno;
+                 syslog(LOG_ALERT, "execvp failed: %s", xstrerr(xerrno));
+@@ -2024,7 +2024,7 @@ watch_child(const CommandLine &masterCom
+         }
+ 
+         /* parent */
+-        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
++        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
+ 
+         // If Squid received a signal while checking for dying kids (below) or
+         // starting new kids (above), then do a fast check for a new dying kid

diff --git a/net-proxy/squid/files/squid.confd-r2 b/net-proxy/squid/files/squid.confd-r2
new file mode 100644
index 00000000000..a43a86e3bce
--- /dev/null
+++ b/net-proxy/squid/files/squid.confd-r2
@@ -0,0 +1,19 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+# Config file for /etc/init.d/squid
+
+SQUID_OPTS="-YC"
+
+# Kerberos keytab file to use. This is required if you enable kerberos authentication.
+SQUID_KEYTAB=""
+
+# Use max_filedescriptors setting in squid.conf to determine the maximum number
+# of filedescriptors squid can open.
+
+# Set whether Squid should receive two shutdown signals instead of one. If set to "yes",
+# Squid will skip the graceful shutdown step, and will try to immediately close all open
+# file descriptors and helpers. This is useful if you experience very long delays when
+# shutting down the caching proxy.
+SQUID_FAST_SHUTDOWN="no"

diff --git a/net-proxy/squid/files/squid.initd-r5 b/net-proxy/squid/files/squid.initd-r5
new file mode 100644
index 00000000000..c537ebfdaa6
--- /dev/null
+++ b/net-proxy/squid/files/squid.initd-r5
@@ -0,0 +1,123 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+extra_started_commands="reload rotate"
+
+depend() {
+	use dns net
+}
+
+checkconfig() {
+	local CONFFILES="/etc/squid/${RC_SVCNAME}.conf /etc/squid/${RC_SVCNAME}.include /etc/squid/${RC_SVCNAME}.include.*"
+	if [ ! -f /etc/squid/${RC_SVCNAME}.conf ]; then
+		eerror "You need to create /etc/squid/${RC_SVCNAME}.conf first."
+		eerror "The main configuration file and all included file names should have the following format:"
+		eerror "${CONFFILES}"
+		eerror "An example can be found in /etc/squid/squid.conf.default"
+		return 1
+	fi
+
+	local PIDFILE=$(cat ${CONFFILES} 2>/dev/null 3>/dev/null | awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }')
+	[ -z ${PIDFILE} ] && PIDFILE=/run/squid.pid
+	if [ /run/${RC_SVCNAME}.pid != ${PIDFILE} ]; then
+		eerror "/etc/squid/${RC_SVCNAME}.conf must set pid_filename to"
+		eerror "   /run/${RC_SVCNAME}.pid"
+		eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than"
+		eerror "         in any other instance of squid."
+		eerror "Make sure the main configuration file and all included file names have the following format:"
+		eerror "${CONFFILES}"
+		return 1
+	fi
+
+	# Maximum file descriptors squid can open is determined by:
+	# a basic default of N=1024
+	#  ... altered by ./configure --with-filedescriptors=N
+	#  ... overridden on production by squid.conf max_filedescriptors (if,
+	#  and only if, setrlimit() RLIMIT_NOFILE is able to be built+used).
+	# Since we do not configure hard coded # of filedescriptors anymore,
+	# there is no need for ulimit calls in the init script.
+	# Use max_filedescriptors in squid.conf instead.
+
+	local CACHE_SWAP=$(cat ${CONFFILES} 2>/dev/null 3>/dev/null | awk '/^[ \t]*cache_dir[ \t]+/ { if ( $2 == "rock" ) printf "%s/rock ", $3; else if ( $2 == "coss" ) printf "%s/stripe ", $3; else printf "%s/00 ", $3; }')
+	[ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00"
+	
+	local x
+	for x in $CACHE_SWAP ; do
+		if [ ! -e $x ] ; then
+			ebegin "Initializing cache directory ${x%/*}"
+			local ORIG_UMASK=$(umask)
+			umask 027
+
+			if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then
+				eend 1
+				return 1
+			fi
+
+			local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/} 2>&1)"
+			if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then
+				umask $ORIG_UMASK
+				eend 1
+				echo "$INIT_CACHE_RESPONSE"
+				return 1
+			fi
+
+			umask $ORIG_UMASK
+			eend 0
+			break
+		fi
+	done
+	
+	return 0
+}
+
+start() {
+	checkconfig || return 1
+	checkpath -d -q -m 0750 -o squid:squid /run/${RC_SVCNAME}
+
+	# see https://wiki.squid-cache.org/MultipleInstances
+	ebegin "Starting ${RC_SVCNAME} (service name ${RC_SVCNAME//[^[:alnum:]]/}) with KRB5_KTNAME=\"${SQUID_KEYTAB}\" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}"
+	KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}
+	eend $? && sleep 1
+}
+
+stop() {
+	ebegin "Stopping ${RC_SVCNAME} with /usr/sbin/squid -k shutdown -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}"
+	if /usr/sbin/squid -k shutdown -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/} ; then
+		# Now we have to wait until squid has _really_ stopped.
+		sleep 1
+		if [ -f /run/${RC_SVCNAME}.pid ] ; then
+			einfon "Waiting for squid to shutdown ."
+			cnt=0
+			while [ -f /run/${RC_SVCNAME}.pid ] ; do
+				cnt=$(expr $cnt + 1)
+				if [ $cnt -gt 60 ] ; then
+					# Waited 120 seconds now. Fail.
+					echo
+					eend 1 "Failed."
+					break
+				fi
+				sleep 2
+				echo -n "."
+			done
+			echo
+		fi
+	else
+		eerror "Squid shutdown failed, probably service is already down."
+	fi
+	eend 0
+}
+
+reload() {
+	checkconfig || return 1
+	ebegin "Reloading ${RC_SVCNAME} with /usr/sbin/squid -k reconfigure -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}"
+	/usr/sbin/squid -k reconfigure -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}
+	eend $?
+}
+
+rotate() {
+	service_started ${RC_SVCNAME} || return 1
+	ebegin "Rotating ${RC_SVCNAME} logs with /usr/sbin/squid -k rotate -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}"
+	/usr/sbin/squid -k rotate -f /etc/squid/${RC_SVCNAME}.conf -n ${RC_SVCNAME//[^[:alnum:]]/}
+	eend $?
+}

diff --git a/net-proxy/squid/squid-4.6.ebuild b/net-proxy/squid/squid-4.6.ebuild
new file mode 100644
index 00000000000..79d959a65dc
--- /dev/null
+++ b/net-proxy/squid/squid-4.6.ebuild
@@ -0,0 +1,276 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+WANT_AUTOMAKE="1.15"
+
+inherit autotools linux-info pam toolchain-funcs user
+
+DESCRIPTION="A full-featured web proxy cache"
+HOMEPAGE="http://www.squid-cache.org/"
+
+# Upstream patch ID for the most recent bug-fixed update to the formal release.
+r=
+#r=-20181117-r0022167
+if [ -z "$r" ]; then
+	SRC_URI="http://www.squid-cache.org/Versions/v${PV%.*}/${P}.tar.xz"
+else
+	SRC_URI="http://www.squid-cache.org/Versions/v${PV%.*}/${P}${r}.tar.bz2"
+	S="${S}${r}"
+fi
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="caps ipv6 pam ldap libressl samba sasl kerberos nis radius ssl snmp selinux logrotate test \
+	ecap esi ssl-crtd \
+	mysql postgres sqlite \
+	perl qos tproxy \
+	+htcp +wccp +wccpv2 \
+	pf-transparent ipf-transparent kqueue \
+	elibc_uclibc kernel_linux"
+
+BDEPEND="dev-lang/perl"
+
+COMMON_DEPEND="caps? ( >=sys-libs/libcap-2.16 )
+	pam? ( virtual/pam )
+	ldap? ( net-nds/openldap )
+	kerberos? ( virtual/krb5 )
+	qos? ( net-libs/libnetfilter_conntrack )
+	ssl? (
+		libressl? ( dev-libs/libressl:0 )
+		!libressl? ( dev-libs/openssl:0 )
+		dev-libs/nettle >=net-libs/gnutls-3.1.5 )
+	sasl? ( dev-libs/cyrus-sasl )
+	ecap? ( net-libs/libecap:1 )
+	esi? ( dev-libs/expat dev-libs/libxml2 )
+	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
+	>=sys-libs/db-4:*
+	dev-libs/libltdl:0"
+DEPEND="${COMMON_DEPEND}
+	${BDEPEND}
+	ecap? ( virtual/pkgconfig )
+	test? ( dev-util/cppunit )"
+RDEPEND="${COMMON_DEPEND}
+	samba? ( net-fs/samba )
+	perl? ( dev-lang/perl )
+	mysql? ( dev-perl/DBD-mysql )
+	postgres? ( dev-perl/DBD-Pg )
+	selinux? ( sec-policy/selinux-squid )
+	sqlite? ( dev-perl/DBD-SQLite )
+	!<=sci-biology/meme-4.8.1-r1"
+
+REQUIRED_USE="tproxy? ( caps )
+		qos? ( caps )"
+
+pkg_pretend() {
+	if use tproxy; then
+		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
+		linux-info_pkg_setup
+	fi
+}
+
+pkg_setup() {
+	enewgroup squid
+	enewuser squid -1 -1 /var/cache/squid squid
+}
+
+src_prepare() {
+	eapply "${FILESDIR}/${PN}-4.3-gentoo.patch"
+	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
+		INSTALL QUICKSTART \
+		scripts/fileno-to-pathname.pl \
+		scripts/check_cache.pl \
+		tools/cachemgr.cgi.8 \
+		tools/purge/conffile.hh \
+		tools/purge/purge.1  || die
+	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
+		INSTALL QUICKSTART || die
+	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
+		QUICKSTART || die
+	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
+		QUICKSTART \
+		src/log/access_log.cc || die
+	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
+		src/log/access_log.cc || die
+	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
+		src/acl/external/unix_group/ext_unix_group_acl.8 \
+		src/acl/external/session/ext_session_acl.8 || die
+	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
+		scripts/check_cache.pl || die
+	# /var/run/squid to /run/squid
+	sed -i -e 's:$(localstatedir)::' \
+		src/ipc/Makefile.am || die
+	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
+		libltdl/configure.ac || die
+
+	eapply_user
+	eautoreconf
+}
+
+src_configure() {
+	local basic_modules="NCSA,POP3,getpwnam"
+	use samba && basic_modules+=",SMB"
+	use ldap && basic_modules+=",SMB_LM,LDAP"
+	use pam && basic_modules+=",PAM"
+	use sasl && basic_modules+=",SASL"
+	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
+	use radius && basic_modules+=",RADIUS"
+	if use mysql || use postgres || use sqlite ; then
+		basic_modules+=",DB"
+	fi
+
+	local digest_modules="file"
+	use ldap && digest_modules+=",LDAP,eDirectory"
+
+	local negotiate_modules="none"
+	local myconf="--without-mit-krb5 --without-heimdal-krb5"
+	if use kerberos ; then
+		negotiate_modules="kerberos,wrapper"
+		if has_version app-crypt/heimdal ; then
+			myconf="--without-mit-krb5 --with-heimdal-krb5"
+		else
+			myconf="--with-mit-krb5 --without-heimdal-krb5"
+		fi
+	fi
+
+	local ntlm_modules="none"
+	use samba && ntlm_modules="SMB_LM"
+
+	local ext_helpers="file_userip,session,unix_group,delayer,time_quota"
+	use samba && ext_helpers+=",wbinfo_group"
+	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
+	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
+	if use mysql || use postgres || use sqlite ; then
+	    ext_helpers+=",SQL_session"
+	fi
+
+	local storeio_modules="aufs,diskd,rock,ufs"
+
+	local transparent
+	if use kernel_linux ; then
+		transparent+=" --enable-linux-netfilter"
+		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
+	fi
+
+	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
+		transparent+=" $(use_enable kqueue)"
+		if use pf-transparent; then
+			transparent+=" --enable-pf-transparent"
+		elif use ipf-transparent; then
+			transparent+=" --enable-ipf-transparent"
+		fi
+	fi
+
+	tc-export_build_env BUILD_CXX
+	export BUILDCXX=${BUILD_CXX}
+	export BUILDCXXFLAGS=${BUILD_CXXFLAGS}
+	tc-export CC AR
+
+	# Should be able to drop this workaround with newer versions.
+	# https://bugs.squid-cache.org/show_bug.cgi?id=4224
+	tc-is-cross-compiler && export squid_cv_gnu_atomics=no
+
+	econf \
+		--sysconfdir=/etc/squid \
+		--libexecdir=/usr/libexec/squid \
+		--localstatedir=/var \
+		--with-pidfile=/run/squid.pid \
+		--datadir=/usr/share/squid \
+		--with-logdir=/var/log/squid \
+		--with-default-user=squid \
+		--enable-removal-policies="lru,heap" \
+		--enable-storeio="${storeio_modules}" \
+		--enable-disk-io \
+		--enable-auth-basic="${basic_modules}" \
+		--enable-auth-digest="${digest_modules}" \
+		--enable-auth-ntlm="${ntlm_modules}" \
+		--enable-auth-negotiate="${negotiate_modules}" \
+		--enable-external-acl-helpers="${ext_helpers}" \
+		--enable-log-daemon-helpers \
+		--enable-url-rewrite-helpers \
+		--enable-cache-digests \
+		--enable-delay-pools \
+		--enable-eui \
+		--enable-icmp \
+		--enable-follow-x-forwarded-for \
+		--with-large-files \
+		--with-build-environment=default \
+		--disable-strict-error-checking \
+		--disable-arch-native \
+		--with-included-ltdl=/usr/include \
+		--with-ltdl-libdir=/usr/$(get_libdir) \
+		$(use_with caps libcap) \
+		$(use_enable ipv6) \
+		$(use_enable snmp) \
+		$(use_with ssl openssl) \
+		$(use_with ssl nettle) \
+		$(use_with ssl gnutls) \
+		$(use_enable ssl-crtd) \
+		$(use_enable ecap) \
+		$(use_enable esi) \
+		$(use_enable htcp) \
+		$(use_enable wccp) \
+		$(use_enable wccpv2) \
+		${transparent} \
+		${myconf}
+}
+
+src_install() {
+	default
+
+	# need suid root for looking into /etc/shadow
+	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
+	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
+	if use pam; then
+		fowners root:squid /usr/libexec/squid/basic_pam_auth
+		fperms 4750 /usr/libexec/squid/basic_pam_auth
+	fi
+	# pinger needs suid as well
+	fowners root:squid /usr/libexec/squid/pinger
+	fperms 4750 /usr/libexec/squid/pinger
+
+	# these scripts depend on perl
+	if ! use perl; then
+		for f in basic_pop3_auth \
+			ext_delayer_acl \
+			helper-mux \
+			log_db_daemon \
+			security_fake_certverify \
+			storeid_file_rewrite \
+			url_lfs_rewrite; do
+				rm "${D}"/usr/libexec/squid/${f} || die
+		done
+	fi
+
+	# cleanup
+	rm -r "${D}"/run "${D}"/var/cache || die
+
+	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
+	newdoc src/auth/negotiate/kerberos/README README.kerberos
+	newdoc src/auth/basic/RADIUS/README README.RADIUS
+	newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group
+	dodoc RELEASENOTES.html
+
+	newpamd "${FILESDIR}/squid.pam" squid
+	newconfd "${FILESDIR}/squid.confd-r2" squid
+	newinitd "${FILESDIR}/squid.initd-r5" squid
+	if use logrotate; then
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/squid.logrotate" squid
+	else
+		exeinto /etc/cron.weekly
+		newexe "${FILESDIR}/squid.cron" squid.cron
+	fi
+
+	diropts -m0750 -o squid -g squid
+	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
+}
+
+pkg_postinst() {
+	elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'."
+	if [ ${#r} -gt 0 ]; then
+		elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support."
+	fi
+}


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2020-06-29 18:14 Mikle Kolyada
  0 siblings, 0 replies; 9+ messages in thread
From: Mikle Kolyada @ 2020-06-29 18:14 UTC (permalink / raw
  To: gentoo-commits

commit:     78173484f6055e32cf33a7c0cf1b703e1c84afc6
Author:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 29 18:13:48 2020 +0000
Commit:     Mikle Kolyada <zlogene <AT> gentoo <DOT> org>
CommitDate: Mon Jun 29 18:13:48 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=78173484

net-proxy/squid: Security cleanup

Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Mikle Kolyada <zlogene <AT> gentoo.org>

 net-proxy/squid/Manifest                           |   1 -
 .../files/squid-4.11-missing-debug-extra.patch     |  31 ---
 net-proxy/squid/squid-4.11.ebuild                  | 280 ---------------------
 3 files changed, 312 deletions(-)

diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index aa209a89667..dac695fdb6a 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -1,2 +1 @@
-DIST squid-4.11.tar.xz 2447700 BLAKE2B 9080508caff683bffe3e2eb64a454c95f69ab47c0ca9b1a649e553daf0dde2391aa14c6631aa6ee617687b122beef691cbe9a8e49ac5e5ea8a9737847ece9444 SHA512 02d4bb4d5860124347670615e69b1b92be7ea4fc0131e54091a06cb2e67bd73583d8e6cbe472473f0c59764611a49561d02ab9fe2bf0305ce4652d4ec7714f26
 DIST squid-4.12.tar.xz 2450564 BLAKE2B 39068d5e999ebf62fbc45ea8faa8811c7b4e6a231f814f2580f54ce3ac499b503b7bc071188b4446a2a94f7eb2f4cfc6369a1b578e637a7b5e37a0ae2aabfb8e SHA512 96fa700a0c28711eb1ec5e44e1d324dc8d3accdddbc675def8babe057e2cc71083bd3817bc37cbd9f3c03772743df578573ee3698bbd6131df68c3580ad31ef4

diff --git a/net-proxy/squid/files/squid-4.11-missing-debug-extra.patch b/net-proxy/squid/files/squid-4.11-missing-debug-extra.patch
deleted file mode 100644
index cf4d3ebb9a5..00000000000
--- a/net-proxy/squid/files/squid-4.11-missing-debug-extra.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 0cbf89e7d266aabacc8651759a8509ebbe0f5c93 Mon Sep 17 00:00:00 2001
-From: Alex Rousskov <rousskov@measurement-factory.com>
-Date: Mon, 20 Apr 2020 15:32:48 -0400
-Subject: [PATCH] Bug 5041: Missing Debug::Extra breaks build on hosts with
- systemd
-
-Master commit 6fa8c66 (i.e. Bug 5016 fix) relied on Debug::Extra added
-by master commit (ccfbe8f) that was not ported to v4. The port of the
-former master commit lacked the required piece of the latter commit.
-
-The problem is invisible on hosts without a systemd package (that Squid
-can find/use) and with Squids explicitly ./configured --without-systemd.
----
- src/Debug.h | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/Debug.h b/src/Debug.h
-index 6eecd01bf9..ddd9e38f8f 100644
---- a/src/Debug.h
-+++ b/src/Debug.h
-@@ -99,6 +99,10 @@ class Debug
- 
-     /// configures the active debugging context to write syslog ALERT
-     static void ForceAlert();
-+
-+    /// prefixes each grouped debugs() line after the first one in the group
-+    static std::ostream& Extra(std::ostream &os) { return os << "\n    "; }
-+
- private:
-     static Context *Current; ///< deepest active context; nil outside debugs()
- };

diff --git a/net-proxy/squid/squid-4.11.ebuild b/net-proxy/squid/squid-4.11.ebuild
deleted file mode 100644
index d46ef90915e..00000000000
--- a/net-proxy/squid/squid-4.11.ebuild
+++ /dev/null
@@ -1,280 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-WANT_AUTOMAKE="1.15"
-
-inherit autotools flag-o-matic linux-info pam toolchain-funcs
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-
-# Upstream patch ID for the most recent bug-fixed update to the formal release.
-r=
-#r=-20181117-r0022167
-if [ -z "$r" ]; then
-	SRC_URI="http://www.squid-cache.org/Versions/v${PV%.*}/${P}.tar.xz"
-else
-	SRC_URI="http://www.squid-cache.org/Versions/v${PV%.*}/${P}${r}.tar.bz2"
-	S="${S}${r}"
-fi
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm ~hppa ~ia64 ~mips ppc ppc64 ~sparc x86"
-IUSE="caps gnutls ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite \
-	perl qos tproxy \
-	+htcp +wccp +wccpv2 \
-	pf-transparent ipf-transparent kqueue \
-	elibc_uclibc kernel_linux"
-
-RESTRICT="!test? ( test )"
-
-BDEPEND="dev-lang/perl"
-
-COMMON_DEPEND="acct-group/squid
-	acct-user/squid
-	caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( sys-libs/pam )
-	ldap? ( net-nds/openldap )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? (
-		!gnutls? ( dev-libs/openssl:0 )
-		dev-libs/nettle:= )
-	sasl? ( dev-libs/cyrus-sasl )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	gnutls? ( >=net-libs/gnutls-3.1.5 )
-	logrotate? ( app-admin/logrotate )
-	>=sys-libs/db-4:*
-	dev-libs/libltdl:0"
-
-DEPEND="${COMMON_DEPEND}
-	${BDEPEND}
-	ecap? ( virtual/pkgconfig )
-	test? ( dev-util/cppunit )"
-
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	perl? ( dev-lang/perl )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )"
-
-REQUIRED_USE="tproxy? ( caps )
-		qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-src_prepare() {
-	eapply "${FILESDIR}/${PN}-4.3-gentoo.patch"
-	eapply "${FILESDIR}/${PN}-4.11-missing-debug-extra.patch"
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/purge.1  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		src/acl/external/unix_group/ext_unix_group_acl.8 \
-		src/acl/external/session/ext_session_acl.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	eapply_user
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",SMB_LM,LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && ! use elibc_uclibc && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="SMB_LM"
-
-	local ext_helpers="file_userip,session,unix_group,delayer,time_quota"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-	if use mysql || use postgres || use sqlite ; then
-	    ext_helpers+=",SQL_session"
-	fi
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	if use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
-		transparent+=" $(use_enable kqueue)"
-		if use pf-transparent; then
-			transparent+=" --enable-pf-transparent"
-		elif use ipf-transparent; then
-			transparent+=" --enable-ipf-transparent"
-		fi
-	fi
-
-	tc-export_build_env BUILD_CXX
-	export BUILDCXX=${BUILD_CXX}
-	export BUILDCXXFLAGS=${BUILD_CXXFLAGS}
-	tc-export CC AR
-
-	# Should be able to drop this workaround with newer versions.
-	# https://bugs.squid-cache.org/show_bug.cgi?id=4224
-	tc-is-cross-compiler && export squid_cv_gnu_atomics=no
-
-	# Bug #719662
-	(use ppc || use arm || use hppa) && append-libs -latomic
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--with-build-environment=default \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-included-ltdl=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	default
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# these scripts depend on perl
-	if ! use perl; then
-		for f in basic_pop3_auth \
-			ext_delayer_acl \
-			helper-mux \
-			log_db_daemon \
-			security_fake_certverify \
-			storeid_file_rewrite \
-			url_lfs_rewrite; do
-				rm "${D}"/usr/libexec/squid/${f} || die
-		done
-	fi
-
-	# cleanup
-	rm -r "${D}"/run "${D}"/var/cache || die
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc src/auth/negotiate/kerberos/README README.kerberos
-	newdoc src/auth/basic/RADIUS/README README.RADIUS
-	newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group
-	dodoc RELEASENOTES.html
-
-	newpamd "${FILESDIR}/squid.pam" squid
-	newconfd "${FILESDIR}/squid.confd-r2" squid
-	newinitd "${FILESDIR}/squid.initd-r5" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'."
-	if [ ${#r} -gt 0 ]; then
-		elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support."
-	fi
-}


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2023-01-15  2:08 Sam James
  0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2023-01-15  2:08 UTC (permalink / raw
  To: gentoo-commits

commit:     44539b076743101a4421d4ef45bd8ee5dedbb046
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Sun Jan 15 02:06:57 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Sun Jan 15 02:07:01 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=44539b07

net-proxy/squid: drop 4.15-r3, 5.4.1-r2

Bug: https://bugs.gentoo.org/816246
Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-proxy/squid/Manifest                     |   2 -
 net-proxy/squid/files/squid-4.3-gentoo.patch |  79 --------
 net-proxy/squid/squid-4.15-r3.ebuild         | 280 --------------------------
 net-proxy/squid/squid-5.4.1-r2.ebuild        | 285 ---------------------------
 4 files changed, 646 deletions(-)

diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index eaa305e9bbbc..53c02583c2f1 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -1,4 +1,2 @@
-DIST squid-4.15.tar.xz 2454176 BLAKE2B 3cb08c806f03fcddd7233b05986434d2be3e62a50d006eb3f84bbc5b894ee3641929551d00a1800d6676add62f967067ec62b5b7c41d767766eeab5dfc17980e SHA512 8f0ce6e30dd9173927e8133618211ffb865fb5dde4c63c2fb465e2efccda4a6efb33f2c0846870c9b915340aff5f59461a60171882bcc0c890336b846fe60bd1
 DIST squid-4.17.tar.xz 2464204 BLAKE2B e227dfbac846dff66f04c6c72d81d667076107653721d14804f079518cef68efc53f5404fbe3306efb0c775a10638661c300a8e7cd3d7ab43c0e57a344387674 SHA512 cea36de10f128f5beb51bdc89604c16af3a820a5ac27284b2aa181ac87144930489688e1d85ce357fe1ed8a4e96e300277b95034a2475cbf86c9d6923ddf7c0a
-DIST squid-5.4.1.tar.xz 2561444 BLAKE2B 3281f592c342b59a1017f4c0829543c857d61c4d1e191461f6e69bda2dc61ff59d5b92a04744dcebb75bd1b5d85c214c1f0bea78a791033a50f29891b6995fb8 SHA512 d53e64e8c44cfc978307f3965c52889d238121735fd201a8286139f974d5db9af41fe886d64e57dfacc87b777f5940cd6123a6e178d12530117cace945a9f6c1
 DIST squid-5.7.tar.xz 2566560 BLAKE2B 4a403ca4f94034356922ea1a4feffd5f5289e2aadbe1585bd04e83ee89712227ce04c53f7e05c10f7c8ac6be67a265a32b47032e7b56e929a172772fa41d5299 SHA512 624a39041a6ceda6c470dc0937616f1aa67200f3db02b4d74095d8d706ed31d6df5e0417dcacde45f6be40b617bee018849793d52c96a626aab32a2b182972aa

diff --git a/net-proxy/squid/files/squid-4.3-gentoo.patch b/net-proxy/squid/files/squid-4.3-gentoo.patch
deleted file mode 100644
index f5152b898852..000000000000
--- a/net-proxy/squid/files/squid-4.3-gentoo.patch
+++ /dev/null
@@ -1,79 +0,0 @@
---- a/configure.ac	2018-10-14 17:22:35.000000000 +0300
-+++ b/configure.ac	2018-10-17 21:27:24.806986467 +0300
-@@ -32,9 +32,9 @@ PRESET_CXXFLAGS="$CXXFLAGS"
- PRESET_LDFLAGS="$LDFLAGS"
- 
- dnl Set default LDFLAGS
--if test "x$LDFLAGS" = "x" ; then
--  LDFLAGS="-g"
--fi
-+dnl if test "x$LDFLAGS" = "x" ; then
-+dnl   LDFLAGS="-g"
-+dnl fi
- 
- # Check for GNU cc
- AC_PROG_CC
---- a/src/cf.data.pre	2018-10-14 08:25:34.000000000 +0300
-+++ b/src/cf.data.pre	2018-10-17 21:27:24.809986705 +0300
-@@ -1520,6 +1520,7 @@ acl Safe_ports port 280		# http-mgmt
- acl Safe_ports port 488		# gss-http
- acl Safe_ports port 591		# filemaker
- acl Safe_ports port 777		# multiling http
-+acl Safe_ports port 901		# SWAT
- acl CONNECT method CONNECT
- NOCOMMENT_END
- DOC_END
-@@ -6819,11 +6820,11 @@ COMMENT_END
- 
- NAME: cache_mgr
- TYPE: string
--DEFAULT: webmaster
-+DEFAULT: root
- LOC: Config.adminEmail
- DOC_START
- 	Email-address of local cache manager who will receive
--	mail if the cache dies.  The default is "webmaster".
-+	mail if the cache dies.  The default is "root".
- DOC_END
- 
- NAME: mail_from
---- a/src/debug.cc	2018-10-14 08:25:34.000000000 +0300
-+++ b/src/debug.cc	2018-10-17 21:27:24.807986546 +0300
-@@ -490,7 +490,7 @@ _db_init(const char *logfile, const char
- #if HAVE_SYSLOG && defined(LOG_LOCAL4)
- 
-     if (Debug::log_syslog)
--        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, syslog_facility);
-+        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, syslog_facility);
- 
- #endif /* HAVE_SYSLOG */
- 
---- a/src/main.cc	2018-10-14 08:25:34.000000000 +0300
-+++ b/src/main.cc	2018-10-17 21:28:28.632044541 +0300
-@@ -1912,7 +1912,7 @@ watch_child(const CommandLine &masterCom
- 
-     enter_suid();
- 
--    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+    openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
- 
-     if (!opt_foreground)
-         GoIntoBackground();
-@@ -2012,7 +2012,7 @@ watch_child(const CommandLine &masterCom
- 
-             if ((pid = fork()) == 0) {
-                 /* child */
--                openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+                openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
-                 (void)execvp(masterCommand.arg0(), kidCommand.argv());
-                 int xerrno = errno;
-                 syslog(LOG_ALERT, "execvp failed: %s", xstrerr(xerrno));
-@@ -2024,7 +2024,7 @@ watch_child(const CommandLine &masterCom
-         }
- 
-         /* parent */
--        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY | LOG_CONS, LOG_LOCAL4);
-+        openlog(APP_SHORTNAME, LOG_PID | LOG_NDELAY, LOG_LOCAL4);
- 
-         // If Squid received a signal while checking for dying kids (below) or
-         // starting new kids (above), then do a fast check for a new dying kid

diff --git a/net-proxy/squid/squid-4.15-r3.ebuild b/net-proxy/squid/squid-4.15-r3.ebuild
deleted file mode 100644
index 48cc9cd92fd3..000000000000
--- a/net-proxy/squid/squid-4.15-r3.ebuild
+++ /dev/null
@@ -1,280 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit autotools flag-o-matic linux-info pam systemd toolchain-funcs
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-
-# Upstream patch ID for the most recent bug-fixed update to the formal release.
-r=
-#r=-20181117-r0022167
-if [[ -z "${r}" ]]; then
-	SRC_URI="http://www.squid-cache.org/Versions/v${PV%.*}/${P}.tar.xz"
-else
-	SRC_URI="http://www.squid-cache.org/Versions/v${PV%.*}/${P}${r}.tar.bz2"
-	S="${S}${r}"
-fi
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm ~arm64 ~hppa ~ia64 ~mips ~ppc ppc64 ~sparc x86"
-IUSE="caps gnutls ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite systemd \
-	perl qos tproxy \
-	+htcp +wccp +wccpv2"
-
-RESTRICT="!test? ( test )"
-
-BDEPEND="dev-lang/perl"
-
-COMMON_DEPEND="acct-group/squid
-	acct-user/squid
-	virtual/libcrypt:=
-	caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( sys-libs/pam )
-	ldap? ( net-nds/openldap:= )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? (
-		!gnutls? (
-			<dev-libs/openssl-3:=
-		)
-		dev-libs/nettle:=
-	)
-	sasl? ( dev-libs/cyrus-sasl )
-	systemd? ( sys-apps/systemd:= )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	gnutls? ( >=net-libs/gnutls-3.1.5:= )
-	logrotate? ( app-admin/logrotate )
-	>=sys-libs/db-4:*
-	dev-libs/libltdl:0"
-
-DEPEND="${COMMON_DEPEND}
-	${BDEPEND}
-	ecap? ( virtual/pkgconfig )
-	test? ( dev-util/cppunit )"
-
-RDEPEND="${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	perl? ( dev-lang/perl )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )"
-
-REQUIRED_USE="tproxy? ( caps )
-		qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-src_prepare() {
-	eapply "${FILESDIR}/${PN}-4.3-gentoo.patch"
-
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/purge.1  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		src/acl/external/unix_group/ext_unix_group_acl.8 \
-		src/acl/external/session/ext_session_acl.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	sed -i 's:/var/run/:/run/:g' tools/systemd/squid.service || die
-
-	eapply_user
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",SMB_LM,LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="SMB_LM"
-
-	local ext_helpers="file_userip,session,unix_group,delayer,time_quota"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-	if use mysql || use postgres || use sqlite ; then
-	    ext_helpers+=",SQL_session"
-	fi
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	tc-export_build_env BUILD_CXX
-	export BUILDCXX=${BUILD_CXX}
-	export BUILDCXXFLAGS=${BUILD_CXXFLAGS}
-	tc-export CC AR
-
-	# Should be able to drop this workaround with newer versions.
-	# https://bugs.squid-cache.org/show_bug.cgi?id=4224
-	tc-is-cross-compiler && export squid_cv_gnu_atomics=no
-
-	# Bug #719662
-	(use ppc || use arm || use hppa) && append-libs -latomic
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--with-build-environment=default \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--with-included-ltdl=/usr/include \
-		--with-ltdl-libdir=/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_with systemd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	default
-
-	systemd_dounit "tools/systemd/squid.service"
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# these scripts depend on perl
-	if ! use perl; then
-		for f in basic_pop3_auth \
-			ext_delayer_acl \
-			helper-mux \
-			log_db_daemon \
-			security_fake_certverify \
-			storeid_file_rewrite \
-			url_lfs_rewrite; do
-				rm "${D}"/usr/libexec/squid/${f} || die
-		done
-	fi
-
-	# cleanup
-	rm -r "${D}"/run "${D}"/var/cache || die
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc src/auth/negotiate/kerberos/README README.kerberos
-	newdoc src/auth/basic/RADIUS/README README.RADIUS
-	newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group
-	dodoc RELEASENOTES.html
-
-	if use pam; then
-		newpamd "${FILESDIR}/squid.pam" squid
-	fi
-
-	newconfd "${FILESDIR}/squid.confd-r2" squid
-	newinitd "${FILESDIR}/squid.initd-r5" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'."
-	if [[ ${#r} -gt 0 ]]; then
-		elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support."
-	fi
-}

diff --git a/net-proxy/squid/squid-5.4.1-r2.ebuild b/net-proxy/squid/squid-5.4.1-r2.ebuild
deleted file mode 100644
index 00e0b7db7145..000000000000
--- a/net-proxy/squid/squid-5.4.1-r2.ebuild
+++ /dev/null
@@ -1,285 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI="8"
-
-inherit autotools flag-o-matic linux-info pam systemd toolchain-funcs
-
-DESCRIPTION="A full-featured web proxy cache"
-HOMEPAGE="http://www.squid-cache.org/"
-
-MY_PV_MAJOR=$(ver_cut 1)
-# Upstream patch ID for the most recent bug-fixed update to the formal release.
-r=
-#r=-20181117-r0022167
-if [[ -z "${r}" ]]; then
-	SRC_URI="http://www.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}.tar.xz"
-else
-	SRC_URI="http://www.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}${r}.tar.bz2"
-	S="${S}${r}"
-fi
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
-IUSE="caps gnutls ipv6 pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test \
-	ecap esi ssl-crtd \
-	mysql postgres sqlite systemd \
-	perl qos tproxy \
-	+htcp +wccp +wccpv2"
-
-RESTRICT="!test? ( test )"
-
-BDEPEND="dev-lang/perl"
-
-COMMON_DEPEND="acct-group/squid
-	acct-user/squid
-	virtual/libcrypt:=
-	caps? ( >=sys-libs/libcap-2.16 )
-	pam? ( sys-libs/pam )
-	ldap? ( net-nds/openldap:= )
-	kerberos? ( virtual/krb5 )
-	qos? ( net-libs/libnetfilter_conntrack )
-	ssl? (
-		!gnutls? (
-			<dev-libs/openssl-3:=
-		)
-		dev-libs/nettle:=
-	)
-	sasl? ( dev-libs/cyrus-sasl )
-	systemd? ( sys-apps/systemd:= )
-	ecap? ( net-libs/libecap:1 )
-	esi? ( dev-libs/expat dev-libs/libxml2 )
-	gnutls? ( >=net-libs/gnutls-3.1.5:= )
-	logrotate? ( app-admin/logrotate )
-	dev-libs/libltdl:0
-	sys-libs/tdb"
-
-DEPEND="${COMMON_DEPEND}
-	${BDEPEND}
-	ecap? ( virtual/pkgconfig )
-	test? ( dev-util/cppunit )"
-
-RDEPEND="!!<net-proxy/squid-5
-	${COMMON_DEPEND}
-	samba? ( net-fs/samba )
-	perl? ( dev-lang/perl )
-	mysql? ( dev-perl/DBD-mysql )
-	postgres? ( dev-perl/DBD-Pg )
-	selinux? ( sec-policy/selinux-squid )
-	sqlite? ( dev-perl/DBD-SQLite )"
-
-REQUIRED_USE="tproxy? ( caps )
-		qos? ( caps )"
-
-pkg_pretend() {
-	if use tproxy; then
-		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
-		linux-info_pkg_setup
-	fi
-}
-
-src_prepare() {
-	eapply "${FILESDIR}/${PN}-5.3-gentoo.patch"
-	eapply "${FILESDIR}/${PN}-4.17-use-system-libltdl.patch"
-	eapply "${FILESDIR}/${PN}-4.17-fix-libxml2-2.10.0.patch"
-
-	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
-		INSTALL QUICKSTART \
-		scripts/fileno-to-pathname.pl \
-		scripts/check_cache.pl \
-		tools/cachemgr.cgi.8 \
-		tools/purge/conffile.hh \
-		tools/purge/purge.1  || die
-	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
-		INSTALL QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
-		QUICKSTART || die
-	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
-		QUICKSTART \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
-		src/log/access_log.cc || die
-	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
-		src/acl/external/unix_group/ext_unix_group_acl.8 \
-		src/acl/external/session/ext_session_acl.8 || die
-	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
-		scripts/check_cache.pl || die
-	# /var/run/squid to /run/squid
-	sed -i -e 's:$(localstatedir)::' \
-		src/ipc/Makefile.am || die
-	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
-		libltdl/configure.ac || die
-
-	sed -i 's:/var/run/:/run/:g' tools/systemd/squid.service || die
-
-	eapply_user
-	eautoreconf
-}
-
-src_configure() {
-	local basic_modules="NCSA,POP3,getpwnam"
-	use samba && basic_modules+=",SMB"
-	use ldap && basic_modules+=",SMB_LM,LDAP"
-	use pam && basic_modules+=",PAM"
-	use sasl && basic_modules+=",SASL"
-	use nis && basic_modules+=",NIS"
-	use radius && basic_modules+=",RADIUS"
-	if use mysql || use postgres || use sqlite ; then
-		basic_modules+=",DB"
-	fi
-
-	local digest_modules="file"
-	use ldap && digest_modules+=",LDAP,eDirectory"
-
-	local negotiate_modules="none"
-	local myconf="--without-mit-krb5 --without-heimdal-krb5"
-	if use kerberos ; then
-		negotiate_modules="kerberos,wrapper"
-		if has_version app-crypt/heimdal ; then
-			myconf="--without-mit-krb5 --with-heimdal-krb5"
-		else
-			myconf="--with-mit-krb5 --without-heimdal-krb5"
-		fi
-	fi
-
-	local ntlm_modules="none"
-	use samba && ntlm_modules="SMB_LM"
-
-	local ext_helpers="file_userip,session,unix_group,delayer,time_quota"
-	use samba && ext_helpers+=",wbinfo_group"
-	use ldap && ext_helpers+=",LDAP_group,eDirectory_userip"
-	use ldap && use kerberos && ext_helpers+=",kerberos_ldap_group"
-	if use mysql || use postgres || use sqlite ; then
-	    ext_helpers+=",SQL_session"
-	fi
-
-	local storeio_modules="aufs,diskd,rock,ufs"
-
-	local transparent
-	if use kernel_linux ; then
-		transparent+=" --enable-linux-netfilter"
-		use qos && transparent+=" --enable-zph-qos --with-netfilter-conntrack"
-	fi
-
-	tc-export_build_env BUILD_CXX
-	export BUILDCXX=${BUILD_CXX}
-	export BUILDCXXFLAGS=${BUILD_CXXFLAGS}
-	tc-export CC AR
-
-	# Should be able to drop this workaround with newer versions.
-	# https://bugs.squid-cache.org/show_bug.cgi?id=4224
-	tc-is-cross-compiler && export squid_cv_gnu_atomics=no
-
-	# Bug #719662
-	(use ppc || use arm || use hppa) && append-libs -latomic
-
-	econf \
-		--sysconfdir=/etc/squid \
-		--libexecdir=/usr/libexec/squid \
-		--localstatedir=/var \
-		--with-pidfile=/run/squid.pid \
-		--datadir=/usr/share/squid \
-		--with-logdir=/var/log/squid \
-		--with-default-user=squid \
-		--enable-removal-policies="lru,heap" \
-		--enable-storeio="${storeio_modules}" \
-		--enable-disk-io \
-		--enable-auth-basic="${basic_modules}" \
-		--enable-auth-digest="${digest_modules}" \
-		--enable-auth-ntlm="${ntlm_modules}" \
-		--enable-auth-negotiate="${negotiate_modules}" \
-		--enable-external-acl-helpers="${ext_helpers}" \
-		--enable-log-daemon-helpers \
-		--enable-url-rewrite-helpers \
-		--enable-cache-digests \
-		--enable-delay-pools \
-		--enable-eui \
-		--enable-icmp \
-		--enable-follow-x-forwarded-for \
-		--with-large-files \
-		--with-build-environment=default \
-		--disable-strict-error-checking \
-		--disable-arch-native \
-		--without-included-ltdl \
-		--with-ltdl-include="${ESYSROOT}"/usr/include \
-		--with-ltdl-lib="${ESYSROOT}"/usr/$(get_libdir) \
-		$(use_with caps libcap) \
-		$(use_enable ipv6) \
-		$(use_enable snmp) \
-		$(use_with ssl openssl) \
-		$(use_with ssl nettle) \
-		$(use_with gnutls) \
-		$(use_enable ssl-crtd) \
-		$(use_with systemd) \
-		$(use_enable ecap) \
-		$(use_enable esi) \
-		$(use_enable htcp) \
-		$(use_enable wccp) \
-		$(use_enable wccpv2) \
-		${transparent} \
-		${myconf}
-}
-
-src_install() {
-	default
-
-	systemd_dounit "tools/systemd/squid.service"
-
-	# need suid root for looking into /etc/shadow
-	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
-	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
-	if use pam; then
-		fowners root:squid /usr/libexec/squid/basic_pam_auth
-		fperms 4750 /usr/libexec/squid/basic_pam_auth
-	fi
-	# pinger needs suid as well
-	fowners root:squid /usr/libexec/squid/pinger
-	fperms 4750 /usr/libexec/squid/pinger
-
-	# these scripts depend on perl
-	if ! use perl; then
-		for f in basic_pop3_auth \
-			ext_delayer_acl \
-			helper-mux \
-			log_db_daemon \
-			security_fake_certverify \
-			storeid_file_rewrite \
-			url_lfs_rewrite; do
-				rm "${D}"/usr/libexec/squid/${f} || die
-		done
-	fi
-
-	# cleanup
-	rm -r "${D}"/run "${D}"/var/cache || die
-
-	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
-	newdoc src/auth/negotiate/kerberos/README README.kerberos
-	newdoc src/auth/basic/RADIUS/README README.RADIUS
-	newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group
-	dodoc RELEASENOTES.html
-
-	if use pam; then
-		newpamd "${FILESDIR}/squid.pam" squid
-	fi
-
-	newconfd "${FILESDIR}/squid.confd-r2" squid
-	newinitd "${FILESDIR}/squid.initd-r5" squid
-	if use logrotate; then
-		insinto /etc/logrotate.d
-		newins "${FILESDIR}/squid.logrotate" squid
-	else
-		exeinto /etc/cron.weekly
-		newexe "${FILESDIR}/squid.cron" squid.cron
-	fi
-
-	diropts -m0750 -o squid -g squid
-	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
-}
-
-pkg_postinst() {
-	elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'."
-	if [[ ${#r} -gt 0 ]]; then
-		elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support."
-	fi
-}


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2023-11-17 15:09 Sam James
  0 siblings, 0 replies; 9+ messages in thread
From: Sam James @ 2023-11-17 15:09 UTC (permalink / raw
  To: gentoo-commits

commit:     031e513506d3d9b474f8a5df01994578f531f1eb
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 17 14:54:17 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Nov 17 15:07:23 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=031e5135

net-proxy/squid: fix build for GCC 14 (partially); use config cache for libltdl

* Fix build for GCC 14 (missing <algorithm> include for std::find, not upstreamed
  it yet). There's another issue I still need to look at to do with class visibility.

* Use config cache for libltdl which avoids some redundant configure checks.

Closes: https://bugs.gentoo.org/917161
Signed-off-by: Sam James <sam <AT> gentoo.org>

 net-proxy/squid/files/squid-6.4-gcc14-algorithm.patch | 12 ++++++++++++
 net-proxy/squid/squid-6.4.ebuild                      |  3 +++
 2 files changed, 15 insertions(+)

diff --git a/net-proxy/squid/files/squid-6.4-gcc14-algorithm.patch b/net-proxy/squid/files/squid-6.4-gcc14-algorithm.patch
new file mode 100644
index 000000000000..3a509e029eb5
--- /dev/null
+++ b/net-proxy/squid/files/squid-6.4-gcc14-algorithm.patch
@@ -0,0 +1,12 @@
+https://bugs.gentoo.org/917161
+--- a/src/helper/Reply.cc
++++ b/src/helper/Reply.cc
+@@ -17,6 +17,8 @@
+ #include "rfc1738.h"
+ #include "SquidString.h"
+ 
++#include <algorithm>
++
+ Helper::Reply::Reply() :
+     result(Helper::Unknown)
+ {

diff --git a/net-proxy/squid/squid-6.4.ebuild b/net-proxy/squid/squid-6.4.ebuild
index 9b116ab8ff58..0ecdce7be628 100644
--- a/net-proxy/squid/squid-6.4.ebuild
+++ b/net-proxy/squid/squid-6.4.ebuild
@@ -77,6 +77,7 @@ BDEPEND="
 PATCHES=(
 	"${FILESDIR}"/${PN}-6.2-gentoo.patch
 	"${FILESDIR}"/${PN}-4.17-use-system-libltdl.patch
+	"${FILESDIR}"/${PN}-6.4-gcc14-algorithm.patch
 )
 
 pkg_pretend() {
@@ -124,6 +125,8 @@ src_prepare() {
 
 src_configure() {
 	local myeconfargs=(
+		--cache-file="${S}"/config.cache
+
 		--datadir=/usr/share/squid
 		--libexecdir=/usr/libexec/squid
 		--localstatedir=/var


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2024-07-03 13:26 Joonas Niilola
  0 siblings, 0 replies; 9+ messages in thread
From: Joonas Niilola @ 2024-07-03 13:26 UTC (permalink / raw
  To: gentoo-commits

commit:     e3a9968929b0dbb164a56bcb18db0a5a86839a78
Author:     Hank Leininger <hlein <AT> korelogic <DOT> com>
AuthorDate: Sat May 25 17:44:57 2024 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Wed Jul  3 13:26:37 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e3a99689

net-proxy/squid: add 6.9

Fix some gcc-14 compilation issues, add upstream memleak fix patch,
init script & logrotate/cron fixes.

Closes: https://bugs.gentoo.org/932742
Closes: https://bugs.gentoo.org/931123
Closes: https://bugs.gentoo.org/932744
Closes: https://bugs.gentoo.org/932750
Signed-off-by: Hank Leininger <hlein <AT> korelogic.com>
Closes: https://github.com/gentoo/gentoo/pull/36815
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 net-proxy/squid/Manifest                          |   2 +
 net-proxy/squid/files/squid-6.9-memleak_fix.patch | 563 ++++++++++++++++++++++
 net-proxy/squid/files/squid.cron-r1               |  15 +
 net-proxy/squid/files/squid.initd-r7              | 133 +++++
 net-proxy/squid/files/squid.logrotate-r1          |  11 +
 net-proxy/squid/squid-6.9.ebuild                  | 391 +++++++++++++++
 6 files changed, 1115 insertions(+)

diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index 320eecdf2f0e..e577ed2f01bb 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -2,3 +2,5 @@ DIST squid-6.6.tar.xz 2554824 BLAKE2B 7c3c96f5cd5f819f6f020fb3e63ee8d9bb26b7fb4f
 DIST squid-6.6.tar.xz.asc 1193 BLAKE2B c37a400c51c30de35c6fe52123389c134d05670a36b1ffae4d67e7d06981bbf94788343daf2fdeafb782d464a977ee31bc601e3b1b92b45cd40ba6a6725b9a16 SHA512 08550569759c403a1a9747d08ea7055751fbf251355691074f6d09baca76a0987c5dff36e1f01b64edd446d568c7244b14124f6f8a1b19ccfc30293eed83a297
 DIST squid-6.7.tar.xz 2427468 BLAKE2B 0cd892213085326d1f4cc065778d95d74c03edaaf98b839b4422397fdcd449716b022e74adcbac636ca98e9d5c45a8f7aa156c3edc9f306fb13fc5cc21125dd6 SHA512 6221437056c600119fe9ff1ceeeaa9955cf9f21df481ad29a3515f8439a41b779d51f37b820b75641d0d4d6de54554f6f924dbd347834bf4a6ad6b5b317084a0
 DIST squid-6.7.tar.xz.asc 646 BLAKE2B 6d4e6075b261f54269577fc31b28e7cb74b835c851741542c322b226d29325128cdbaadd156070e9fe6c5af5c33149c78f71b01272934a62676e08f3f75f8628 SHA512 4a1f9d123ce6b5a600d9d2dd3af95a7ce98bfe28ba42d1281ab1f3d7f220f8738a4320afb85eeba1bf9d31e722ffaccd2d89cbefcd11e6b6ea31fe237ccf9a8c
+DIST squid-6.9.tar.xz 2557992 BLAKE2B cac10d3a16fe31a9becfcd0fc278413d53c52285cdca9ece897ca4e3a0e50806e186960091f9050243180996382c6b5209360d9fff249d26b20d1e529285a038 SHA512 2666551caca39fa6ca49b56b537645dd043ee0c99b805c433cf714172e6062590fd6ed942043df1a3b543f30c039f3ab701493187dc6a0a4a8311217417c366e
+DIST squid-6.9.tar.xz.asc 646 BLAKE2B fafa49d40af849103d04c0f07e19e5b9007306ba0f85bcabed761b53f94015aefc65ec2035963c95fd938cb04dfdb878363fcf5150a06889b563fa48922ef289 SHA512 ccd053476e91544bf797cf38a7e57acdc1c02c1edb2804230f061d9b24abbbd2e06abbaaa0fe2b209951631c0369510f60f0b7137fe950f3ccf59e8a212bc0fa

diff --git a/net-proxy/squid/files/squid-6.9-memleak_fix.patch b/net-proxy/squid/files/squid-6.9-memleak_fix.patch
new file mode 100644
index 000000000000..797489ac4136
--- /dev/null
+++ b/net-proxy/squid/files/squid-6.9-memleak_fix.patch
@@ -0,0 +1,563 @@
+Backport of fixes in master/v7
+
+https://bugs.squid-cache.org/show_bug.cgi?id=5322
+https://bugs.squid-cache.org/attachment.cgi?id=3891
+diff -aurN a/src/AclRegs.cc b/src/AclRegs.cc
+--- a/src/AclRegs.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/AclRegs.cc	2024-05-02 14:39:02.842264552 +0300
+@@ -130,8 +130,8 @@
+     RegisterMaker("dstdom_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLDestinationDomainStrategy, name); });
+     RegisterMaker("dst", [](TypeName)->ACL* { return new ACLDestinationIP; }); // XXX: Add name parameter to ctor
+     RegisterMaker("hier_code", [](TypeName name)->ACL* { return new ACLStrategised<hier_code>(new ACLHierCodeData, new ACLHierCodeStrategy, name); });
+-    RegisterMaker("rep_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPRepHeaderStrategy, name); });
+-    RegisterMaker("req_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPReqHeaderStrategy, name); });
++    RegisterMaker("rep_header", [](TypeName name)->ACL* { return new ACLStrategised<const HttpHeader &>(new ACLHTTPHeaderData, new ACLHTTPRepHeaderStrategy, name); });
++    RegisterMaker("req_header", [](TypeName name)->ACL* { return new ACLStrategised<const HttpHeader &>(new ACLHTTPHeaderData, new ACLHTTPReqHeaderStrategy, name); });
+     RegisterMaker("http_status", [](TypeName name)->ACL* { return new ACLHTTPStatus(name); });
+     RegisterMaker("maxconn", [](TypeName name)->ACL* { return new ACLMaxConnection(name); });
+     RegisterMaker("method", [](TypeName name)->ACL* { return new ACLStrategised<HttpRequestMethod>(new ACLMethodData, new ACLMethodStrategy, name); });
+diff -aurN a/src/DelayId.cc b/src/DelayId.cc
+--- a/src/DelayId.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/DelayId.cc	2024-05-02 13:14:06.529560559 +0300
+@@ -87,10 +87,7 @@
+ 
+         ACLFilledChecklist ch(DelayPools::delay_data[pool].access, r, nullptr);
+         clientAclChecklistFill(ch, http);
+-        if (!ch.reply && reply) {
+-            ch.reply = reply;
+-            HTTPMSGLOCK(reply);
+-        }
++	ch.updateReply(reply);
+         // overwrite ACLFilledChecklist acl_uses_indirect_client-based decision
+ #if FOLLOW_X_FORWARDED_FOR
+         if (Config.onoff.delay_pool_uses_indirect_client)
+diff -aurN a/src/HttpHeaderTools.cc b/src/HttpHeaderTools.cc
+--- a/src/HttpHeaderTools.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/HttpHeaderTools.cc	2024-05-02 13:15:05.133567028 +0300
+@@ -289,11 +289,7 @@
+ 
+     ACLFilledChecklist checklist(hm->access_list, request, nullptr);
+ 
+-    checklist.al = al;
+-    if (al && al->reply) {
+-        checklist.reply = al->reply.getRaw();
+-        HTTPMSGLOCK(checklist.reply);
+-    }
++    checklist.updateAle(al);
+ 
+     // XXX: The two "It was denied" clauses below mishandle cases with no
+     // matching rules, violating the "If no rules within the set have matching
+@@ -489,11 +485,7 @@
+ {
+     ACLFilledChecklist checklist(nullptr, request, nullptr);
+ 
+-    checklist.al = al;
+-    if (al && al->reply) {
+-        checklist.reply = al->reply.getRaw();
+-        HTTPMSGLOCK(checklist.reply);
+-    }
++    checklist.updateAle(al);
+ 
+     for (HeaderWithAclList::const_iterator hwa = headersAdd.begin(); hwa != headersAdd.end(); ++hwa) {
+         if (!hwa->aclList || checklist.fastCheck(hwa->aclList).allowed()) {
+diff -aurN a/src/HttpReply.cc b/src/HttpReply.cc
+--- a/src/HttpReply.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/HttpReply.cc	2024-05-02 13:15:39.572584896 +0300
+@@ -596,8 +596,7 @@
+ 
+     ACLFilledChecklist ch(nullptr, &request, nullptr);
+     // XXX: cont-cast becomes irrelevant when checklist is HttpReply::Pointer
+-    ch.reply = const_cast<HttpReply *>(this);
+-    HTTPMSGLOCK(ch.reply);
++    ch.updateReply(this);
+     for (AclSizeLimit *l = Config.ReplyBodySize; l; l = l -> next) {
+         /* if there is no ACL list or if the ACLs listed match use this size value */
+         if (!l->aclList || ch.fastCheck(l->aclList).allowed()) {
+diff -aurN a/src/Notes.cc b/src/Notes.cc
+--- a/src/Notes.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/Notes.cc	2024-05-02 13:54:09.664336645 +0300
+@@ -70,11 +70,9 @@
+ Note::match(HttpRequest *request, HttpReply *reply, const AccessLogEntry::Pointer &al, SBuf &matched)
+ {
+     ACLFilledChecklist ch(nullptr, request, nullptr);
+-    ch.al = al;
+-    ch.reply = reply;
++    ch.updateAle(al);
++    ch.updateReply(reply);
+     ch.syncAle(request, nullptr);
+-    if (reply)
+-        HTTPMSGLOCK(ch.reply);
+ 
+     for (const auto &v: values) {
+         assert(v->aclList);
+diff -aurN a/src/acl/ConnectionsEncrypted.cc b/src/acl/ConnectionsEncrypted.cc
+--- a/src/acl/ConnectionsEncrypted.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/ConnectionsEncrypted.cc	2024-05-02 14:11:23.059165031 +0300
+@@ -55,8 +55,8 @@
+ 
+     const bool safeRequest =
+         !(filled->request->sources & Http::Message::srcUnsafe);
+-    const bool safeReply = !filled->reply ||
+-                           !(filled->reply->sources & Http::Message::srcUnsafe);
++    const bool safeReply = !filled->hasReply() ||
++                           !(filled->reply().sources & Http::Message::srcUnsafe);
+ 
+     return (safeRequest && safeReply) ? 1 : 0;
+ }
+diff -aurN a/src/acl/FilledChecklist.cc b/src/acl/FilledChecklist.cc
+--- a/src/acl/FilledChecklist.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/FilledChecklist.cc	2024-05-02 14:07:41.297685699 +0300
+@@ -27,7 +27,6 @@
+ ACLFilledChecklist::ACLFilledChecklist() :
+     dst_rdns(nullptr),
+     request (nullptr),
+-    reply (nullptr),
+ #if USE_AUTH
+     auth_user_request (nullptr),
+ #endif
+@@ -54,8 +53,6 @@
+ 
+     HTTPMSGUNLOCK(request);
+ 
+-    HTTPMSGUNLOCK(reply);
+-
+     cbdataReferenceDone(conn_);
+ 
+     debugs(28, 4, "ACLFilledChecklist destroyed " << this);
+@@ -107,9 +104,9 @@
+         }
+     }
+ 
+-    if (reply && !al->reply) {
++    if (hasReply() && !al->reply) {
+         showDebugWarning("HttpReply object");
+-        al->reply = reply;
++	al->reply = reply_;
+     }
+ 
+ #if USE_IDENT
+@@ -214,7 +211,6 @@
+ ACLFilledChecklist::ACLFilledChecklist(const acl_access *A, HttpRequest *http_request, const char *ident):
+     dst_rdns(nullptr),
+     request(nullptr),
+-    reply(nullptr),
+ #if USE_AUTH
+     auth_user_request(nullptr),
+ #endif
+@@ -268,3 +264,21 @@
+ #endif
+ }
+ 
++void
++ACLFilledChecklist::updateAle(const AccessLogEntry::Pointer &a)
++{
++    if (!a)
++        return;
++
++    al = a; // could have been set already (to a different value)
++    if (!request)
++        setRequest(a->request);
++    updateReply(a->reply);
++}
++
++void
++ACLFilledChecklist::updateReply(const HttpReply::Pointer &r)
++{
++    if (r)
++        reply_ = r; // may already be set, including to r
++}
+diff -aurN a/src/acl/FilledChecklist.h b/src/acl/FilledChecklist.h
+--- a/src/acl/FilledChecklist.h	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/FilledChecklist.h	2024-05-02 13:45:57.773923228 +0300
+@@ -14,6 +14,8 @@
+ #include "acl/forward.h"
+ #include "base/CbcPointer.h"
+ #include "error/forward.h"
++#include "HttpReply.h"
++#include "HttpRequest.h"
+ #include "ip/Address.h"
+ #if USE_AUTH
+ #include "auth/UserRequest.h"
+@@ -42,6 +44,7 @@
+     void setRequest(HttpRequest *);
+     /// configure rfc931 user identity for the first time
+     void setIdent(const char *userIdentity);
++    void updateAle(const AccessLogEntry::Pointer &);
+ 
+ public:
+     /// The client connection manager
+@@ -57,6 +60,14 @@
+ 
+     //int authenticated();
+ 
++    /// response added by updateReply()
++    /// \prec hasReply()
++    const HttpReply &reply() const { return *reply_; }
++
++    /// Remembers the given response (if it is not nil) or does nothing
++    /// (otherwise).
++    void updateReply(const HttpReply::Pointer &);
++
+     bool destinationDomainChecked() const;
+     void markDestinationDomainChecked();
+     bool sourceDomainChecked() const;
+@@ -64,7 +75,7 @@
+ 
+     // ACLChecklist API
+     bool hasRequest() const override { return request != nullptr; }
+-    bool hasReply() const override { return reply != nullptr; }
++    bool hasReply() const override { return reply_ != nullptr; }
+     bool hasAle() const override { return al != nullptr; }
+     void syncAle(HttpRequest *adaptedRequest, const char *logUri) const override;
+     void verifyAle() const override;
+@@ -77,7 +88,6 @@
+     char *dst_rdns;
+ 
+     HttpRequest *request;
+-    HttpReply *reply;
+ 
+     char rfc931[USER_IDENT_SZ];
+ #if USE_AUTH
+@@ -108,6 +118,9 @@
+ private:
+     ConnStateData * conn_;          /**< hack for ident and NTLM */
+     int fd_;                        /**< may be available when conn_ is not */
++
++    HttpReply::Pointer reply_; ///< response added by updateReply() or nil
++
+     bool destinationDomainChecked_;
+     bool sourceDomainChecked_;
+     /// not implemented; will cause link failures if used
+diff -aurN a/src/acl/HttpHeaderData.cc b/src/acl/HttpHeaderData.cc
+--- a/src/acl/HttpHeaderData.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/HttpHeaderData.cc	2024-05-02 13:39:44.260625713 +0300
+@@ -36,20 +36,18 @@
+ }
+ 
+ bool
+-ACLHTTPHeaderData::match(HttpHeader* hdr)
++ACLHTTPHeaderData::match(const HttpHeader &hdr)
+ {
+-    if (hdr == nullptr)
+-        return false;
+ 
+     debugs(28, 3, "aclHeaderData::match: checking '" << hdrName << "'");
+ 
+     String value;
+     if (hdrId != Http::HdrType::BAD_HDR) {
+-        if (!hdr->has(hdrId))
++	if (!hdr.has(hdrId))
+             return false;
+-        value = hdr->getStrOrList(hdrId);
++	value = hdr.getStrOrList(hdrId);
+     } else {
+-        if (!hdr->hasNamed(hdrName, &value))
++	if (!hdr.hasNamed(hdrName, &value))
+             return false;
+     }
+ 
+diff -aurN a/src/acl/HttpHeaderData.h b/src/acl/HttpHeaderData.h
+--- a/src/acl/HttpHeaderData.h	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/HttpHeaderData.h	2024-05-02 13:40:26.326492200 +0300
+@@ -14,14 +14,14 @@
+ #include "sbuf/SBuf.h"
+ #include "SquidString.h"
+ 
+-class ACLHTTPHeaderData : public ACLData<HttpHeader*>
++class ACLHTTPHeaderData: public ACLData<const HttpHeader &>
+ {
+     MEMPROXY_CLASS(ACLHTTPHeaderData);
+ 
+ public:
+     ACLHTTPHeaderData();
+     ~ACLHTTPHeaderData() override;
+-    bool match(HttpHeader* hdr) override;
++    bool match(const HttpHeader &) override;
+     SBufList dump() const override;
+     void parse() override;
+     bool empty() const override;
+diff -aurN a/src/acl/HttpRepHeader.cc b/src/acl/HttpRepHeader.cc
+--- a/src/acl/HttpRepHeader.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/HttpRepHeader.cc	2024-05-02 14:22:13.208427916 +0300
+@@ -13,8 +13,9 @@
+ #include "HttpReply.h"
+ 
+ int
+-ACLHTTPRepHeaderStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
++ACLHTTPRepHeaderStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist * const ch)
+ {
+-    return data->match (&checklist->reply->header);
++    const auto checklist = Filled(ch);
++    return data->match(checklist->reply().header);
+ }
+ 
+diff -aurN a/src/acl/HttpRepHeader.h b/src/acl/HttpRepHeader.h
+--- a/src/acl/HttpRepHeader.h	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/HttpRepHeader.h	2024-05-02 14:26:12.634833092 +0300
+@@ -14,7 +14,7 @@
+ #include "HttpHeader.h"
+ 
+ /// \ingroup ACLAPI
+-class ACLHTTPRepHeaderStrategy : public ACLStrategy<HttpHeader*>
++class ACLHTTPRepHeaderStrategy : public ACLStrategy<const HttpHeader &>
+ {
+ 
+ public:
+diff -aurN a/src/acl/HttpReqHeader.cc b/src/acl/HttpReqHeader.cc
+--- a/src/acl/HttpReqHeader.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/HttpReqHeader.cc	2024-05-02 14:22:47.381726897 +0300
+@@ -13,8 +13,9 @@
+ #include "HttpRequest.h"
+ 
+ int
+-ACLHTTPReqHeaderStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
++ACLHTTPReqHeaderStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist * const ch)
+ {
+-    return data->match (&checklist->request->header);
++    const auto checklist = Filled(ch);
++    return data->match (checklist->request->header);
+ }
+ 
+diff -aurN a/src/acl/HttpReqHeader.h b/src/acl/HttpReqHeader.h
+--- a/src/acl/HttpReqHeader.h	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/HttpReqHeader.h	2024-05-02 14:26:59.730191970 +0300
+@@ -13,7 +13,7 @@
+ #include "HttpHeader.h"
+ 
+ /// \ingroup ACLAPI
+-class ACLHTTPReqHeaderStrategy : public ACLStrategy<HttpHeader*>
++class ACLHTTPReqHeaderStrategy : public ACLStrategy<const HttpHeader &>
+ {
+ 
+ public:
+diff -aurN a/src/acl/HttpStatus.cc b/src/acl/HttpStatus.cc
+--- a/src/acl/HttpStatus.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/HttpStatus.cc	2024-05-02 13:48:12.200714068 +0300
+@@ -116,7 +116,7 @@
+ int
+ ACLHTTPStatus::match(ACLChecklist *checklist)
+ {
+-    return aclMatchHTTPStatus(&data, Filled(checklist)->reply->sline.status());
++    return aclMatchHTTPStatus(&data, Filled(checklist)->reply().sline.status());
+ }
+ 
+ int
+diff -aurN a/src/acl/ReplyHeaderStrategy.h b/src/acl/ReplyHeaderStrategy.h
+--- a/src/acl/ReplyHeaderStrategy.h	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/ReplyHeaderStrategy.h	2024-05-02 13:48:40.981219348 +0300
+@@ -28,7 +28,7 @@
+ int
+ ACLReplyHeaderStrategy<header>::match (ACLData<char const *> * &data, ACLFilledChecklist *checklist)
+ {
+-    char const *theHeader = checklist->reply->header.getStr(header);
++    char const *theHeader = checklist->reply().header.getStr(header);
+ 
+     if (nullptr == theHeader)
+         return 0;
+diff -aurN a/src/acl/ReplyMimeType.h b/src/acl/ReplyMimeType.h
+--- a/src/acl/ReplyMimeType.h	2024-04-08 08:02:07.000000000 +0300
++++ b/src/acl/ReplyMimeType.h	2024-05-02 13:51:50.684699376 +0300
+@@ -19,7 +19,8 @@
+ inline int
+ ACLReplyHeaderStrategy<Http::HdrType::CONTENT_TYPE>::match(ACLData<char const *> * &data, ACLFilledChecklist *checklist)
+ {
+-    char const *theHeader = checklist->reply->header.getStr(Http::HdrType::CONTENT_TYPE);
++    char const *theHeader = checklist->reply().header.getStr(Http::HdrType::CONTENT_TYPE);
++
+ 
+     if (nullptr == theHeader)
+         theHeader = "";
+diff -aurN a/src/adaptation/AccessCheck.cc b/src/adaptation/AccessCheck.cc
+--- a/src/adaptation/AccessCheck.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/adaptation/AccessCheck.cc	2024-05-02 13:56:05.309606789 +0300
+@@ -131,9 +131,8 @@
+             /* BUG 2526: what to do when r->acl is empty?? */
+             // XXX: we do not have access to conn->rfc931 here.
+             acl_checklist = new ACLFilledChecklist(r->acl, filter.request, dash_str);
+-            if ((acl_checklist->reply = filter.reply))
+-                HTTPMSGLOCK(acl_checklist->reply);
+-            acl_checklist->al = filter.al;
++            acl_checklist->updateAle(filter.al);
++	    acl_checklist->updateReply(filter.reply);
+             acl_checklist->syncAle(filter.request, nullptr);
+             acl_checklist->nonBlockingCheck(AccessCheckCallbackWrapper, this);
+             return;
+diff -aurN a/src/adaptation/icap/Launcher.cc b/src/adaptation/icap/Launcher.cc
+--- a/src/adaptation/icap/Launcher.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/adaptation/icap/Launcher.cc	2024-05-02 13:25:41.483439412 +0300
+@@ -142,8 +142,7 @@
+ 
+     ACLFilledChecklist *cl =
+         new ACLFilledChecklist(TheConfig.repeat, info.icapRequest, dash_str);
+-    cl->reply = info.icapReply;
+-    HTTPMSGLOCK(cl->reply);
++    cl->updateReply(info.icapReply);
+ 
+     bool result = cl->fastCheck().allowed();
+     delete cl;
+diff -aurN a/src/adaptation/icap/icap_log.cc b/src/adaptation/icap/icap_log.cc
+--- a/src/adaptation/icap/icap_log.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/adaptation/icap/icap_log.cc	2024-05-02 13:26:09.810655898 +0300
+@@ -61,10 +61,7 @@
+ {
+     if (IcapLogfileStatus == LOG_ENABLE) {
+         ACLFilledChecklist checklist(nullptr, al->adapted_request, nullptr);
+-        if (al->reply) {
+-            checklist.reply = al->reply.getRaw();
+-            HTTPMSGLOCK(checklist.reply);
+-        }
++	checklist.updateAle(al);
+         accessLogLogTo(Config.Log.icaplogs, al, &checklist);
+     }
+ }
+diff -aurN a/src/auth/UserRequest.cc b/src/auth/UserRequest.cc
+--- a/src/auth/UserRequest.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/auth/UserRequest.cc	2024-05-02 13:26:56.382746257 +0300
+@@ -466,8 +466,7 @@
+ {
+     if (!Auth::TheConfig.schemeLists.empty() && Auth::TheConfig.schemeAccess) {
+         ACLFilledChecklist ch(nullptr, request, nullptr);
+-        ch.reply = rep;
+-        HTTPMSGLOCK(ch.reply);
++	ch.updateReply(rep);
+         const auto answer = ch.fastCheck(Auth::TheConfig.schemeAccess);
+         if (answer.allowed())
+             return Auth::TheConfig.schemeLists.at(answer.kind).authConfigs;
+diff -aurN a/src/client_side.cc b/src/client_side.cc
+--- a/src/client_side.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/client_side.cc	2024-05-02 13:32:24.247196027 +0300
+@@ -446,31 +446,19 @@
+         }
+         // The al->notes and request->notes must point to the same object.
+         al->syncNotes(request);
+-    }
+-
+-    ACLFilledChecklist checklist(nullptr, request, nullptr);
+-    if (al->reply) {
+-        checklist.reply = al->reply.getRaw();
+-        HTTPMSGLOCK(checklist.reply);
+-    }
+-
+-    if (request) {
+         HTTPMSGUNLOCK(al->adapted_request);
+         al->adapted_request = request;
+         HTTPMSGLOCK(al->adapted_request);
+     }
++    ACLFilledChecklist checklist(nullptr, request, nullptr);
++    checklist.updateAle(al);
+     // no need checklist.syncAle(): already synced
+-    checklist.al = al;
+     accessLogLog(al, &checklist);
+ 
+     bool updatePerformanceCounters = true;
+     if (Config.accessList.stats_collection) {
+         ACLFilledChecklist statsCheck(Config.accessList.stats_collection, request, nullptr);
+-        statsCheck.al = al;
+-        if (al->reply) {
+-            statsCheck.reply = al->reply.getRaw();
+-            HTTPMSGLOCK(statsCheck.reply);
+-        }
++	statsCheck.updateAle(al);
+         updatePerformanceCounters = statsCheck.fastCheck().allowed();
+     }
+ 
+@@ -3546,12 +3534,8 @@
+         checklist.setRequest(http->request);
+ 
+     if (!checklist.al && http->al) {
+-        checklist.al = http->al;
++        checklist.updateAle(http->al);
+         checklist.syncAle(http->request, http->log_uri);
+-        if (!checklist.reply && http->al->reply) {
+-            checklist.reply = http->al->reply.getRaw();
+-            HTTPMSGLOCK(checklist.reply);
+-        }
+     }
+ 
+     if (const auto conn = http->getConn())
+diff -aurN a/src/client_side_reply.cc b/src/client_side_reply.cc
+--- a/src/client_side_reply.cc	2024-05-02 14:48:58.863528254 +0300
++++ b/src/client_side_reply.cc	2024-05-02 13:33:55.668212735 +0300
+@@ -843,11 +843,9 @@
+     if (http->flags.internal)
+         return false; // internal content "hits" cannot be blocked
+ 
+-    const auto &rep = http->storeEntry()->mem().freshestReply();
+     {
+         std::unique_ptr<ACLFilledChecklist> chl(clientAclChecklistCreate(Config.accessList.sendHit, http));
+-        chl->reply = const_cast<HttpReply*>(&rep); // ACLChecklist API bug
+-        HTTPMSGLOCK(chl->reply);
++	chl->updateReply(&http->storeEntry()->mem().freshestReply());
+         return !chl->fastCheck().allowed(); // when in doubt, block
+     }
+ }
+@@ -1850,8 +1848,7 @@
+     /** Process http_reply_access lists */
+     ACLFilledChecklist *replyChecklist =
+         clientAclChecklistCreate(Config.accessList.reply, http);
+-    replyChecklist->reply = reply;
+-    HTTPMSGLOCK(replyChecklist->reply);
++    replyChecklist->updateReply(reply);
+     replyChecklist->nonBlockingCheck(ProcessReplyAccessResult, this);
+ }
+ 
+diff -aurN a/src/clients/Client.cc b/src/clients/Client.cc
+--- a/src/clients/Client.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/clients/Client.cc	2024-05-02 13:56:57.931087748 +0300
+@@ -555,9 +555,8 @@
+         // This relatively expensive check is not in StoreEntry::checkCachable:
+         // That method lacks HttpRequest and may be called too many times.
+         ACLFilledChecklist ch(acl, originalRequest().getRaw());
+-        ch.reply = const_cast<HttpReply*>(&entry->mem().freshestReply()); // ACLFilledChecklist API bug
+-        HTTPMSGLOCK(ch.reply);
+-        ch.al = fwd->al;
++	ch.updateAle(fwd->al);
++	ch.updateReply(&entry->mem().freshestReply());
+         if (!ch.fastCheck().allowed()) { // when in doubt, block
+             debugs(20, 3, "store_miss prohibits caching");
+             return true;
+diff -aurN a/src/http/Stream.cc b/src/http/Stream.cc
+--- a/src/http/Stream.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/http/Stream.cc	2024-05-02 13:35:57.062950806 +0300
+@@ -294,8 +294,7 @@
+     for (const auto &pool: MessageDelayPools::Instance()->pools) {
+         if (pool->access) {
+             std::unique_ptr<ACLFilledChecklist> chl(clientAclChecklistCreate(pool->access, http));
+-            chl->reply = rep;
+-            HTTPMSGLOCK(chl->reply);
++	    chl->updateReply(rep);
+             const auto answer = chl->fastCheck();
+             if (answer.allowed()) {
+                 writeQuotaHandler = pool->createBucket();
+diff -aurN a/src/http.cc b/src/http.cc
+--- a/src/http.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/http.cc	2024-05-02 13:35:29.522323694 +0300
+@@ -773,10 +773,9 @@
+     // check whether the 1xx response forwarding is allowed by squid.conf
+     if (Config.accessList.reply) {
+         ACLFilledChecklist ch(Config.accessList.reply, originalRequest().getRaw());
+-        ch.al = fwd->al;
+-        ch.reply = reply;
++	ch.updateAle(fwd->al);
++	ch.updateReply(reply);
+         ch.syncAle(originalRequest().getRaw(), nullptr);
+-        HTTPMSGLOCK(ch.reply);
+         if (!ch.fastCheck().allowed()) // TODO: support slow lookups?
+             return drop1xx("http_reply_access blocked it");
+     }
+diff -aurN a/src/neighbors.cc b/src/neighbors.cc
+--- a/src/neighbors.cc	2024-04-08 08:02:07.000000000 +0300
++++ b/src/neighbors.cc	2024-05-02 13:36:27.203322463 +0300
+@@ -170,11 +170,7 @@
+         return true;
+ 
+     ACLFilledChecklist checklist(p->access, request, nullptr);
+-    checklist.al = ps->al;
+-    if (ps->al && ps->al->reply) {
+-        checklist.reply = ps->al->reply.getRaw();
+-        HTTPMSGLOCK(checklist.reply);
+-    }
++    checklist.updateAle(ps->al);
+     checklist.syncAle(request, nullptr);
+     return checklist.fastCheck().allowed();
+ }

diff --git a/net-proxy/squid/files/squid.cron-r1 b/net-proxy/squid/files/squid.cron-r1
new file mode 100644
index 000000000000..f0fa84ed2cb3
--- /dev/null
+++ b/net-proxy/squid/files/squid.cron-r1
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+# OpenRC init script supports multiple Squid instances, and exposes 'rotate'.
+if command -v rc-service >/dev/null; then
+	SQUID_SERVICES=$(rc-status | awk '/ *squid.* started /{print $1}')
+	for SQUID_SERVICE in $SQUID_SERVICES ; do
+		rc-service "${SQUID_SERVICE}" rotate
+	done
+
+# Systemd unit file supports only a single default squid instance,
+# and no 'rotate' support, so call squid directly.
+elif command -v systemctl >/dev/null; then
+	SQUID_ACTIVE=$(systemctl --type=service --state=active | awk '/^ *squid\.service / {print $1}')
+	[ -n "${SQUID_ACTIVE}" ] && squid -k rotate
+fi

diff --git a/net-proxy/squid/files/squid.initd-r7 b/net-proxy/squid/files/squid.initd-r7
new file mode 100644
index 000000000000..7215b774736d
--- /dev/null
+++ b/net-proxy/squid/files/squid.initd-r7
@@ -0,0 +1,133 @@
+#!/sbin/openrc-run
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+SQUID_SVCNAME=$( echo "${RC_SVCNAME}" | tr -cd '[a-zA-Z0-9]' )
+
+extra_started_commands="reload rotate"
+
+depend() {
+	use dns net
+}
+
+_getconfig() {
+	# Make PIDFILE, CHROOTDIR, and CACHE_SWAP visible to other functions
+	local CONFFILES="/etc/squid/${RC_SVCNAME}.conf /etc/squid/${RC_SVCNAME}.include /etc/squid/${RC_SVCNAME}.include.*"
+	if [ ! -f /etc/squid/${RC_SVCNAME}.conf ]; then
+		eerror "You need to create /etc/squid/${RC_SVCNAME}.conf first."
+		eerror "The main configuration file and all included file names should have the following format:"
+		eerror "${CONFFILES}"
+		eerror "An example can be found in /etc/squid/squid.conf.default"
+		return 1
+	fi
+	PIDFILE=$(cat ${CONFFILES} 2>/dev/null 3>/dev/null | awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }')
+	CHROOTDIR=$(cat ${CONFFILES} 2>/dev/null 3>/dev/null | awk '/^[ \t]*chroot[ \t]+/ { print $2 }')
+	if [ -n "${CHROOTDIR}" ] && [ -n "${PIDFILE}" ]; then
+		CHROOTDIR="${CHROOTDIR%/}"
+		PIDFILE="${CHROOTDIR}${PIDFILE}"
+	fi
+	[ -z ${PIDFILE} ] && PIDFILE=/run/squid.pid
+	if [ "${CHROOTDIR}/run/${RC_SVCNAME}.pid" != ${PIDFILE} ]; then
+		eerror "/etc/squid/${RC_SVCNAME}.conf must set pid_filename to"
+		eerror "   /run/${RC_SVCNAME}.pid"
+		if [ -n "${CHROOTDIR}" ]; then
+			eerror "with chrootdir ${CHROOTDIR} set."
+		fi
+		eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than"
+		eerror "         in any other instance of squid."
+		eerror "Make sure the main configuration file and all included file names have the following format:"
+		eerror "${CONFFILES}"
+		return 1
+	fi
+	CACHE_SWAP=$(cat ${CONFFILES} 2>/dev/null 3>/dev/null | awk '/^[ \t]*cache_dir[ \t]+/ { if ( $2 == "rock" ) printf "%s/rock ", $3; else if ( $2 == "coss" ) printf "%s/stripe ", $3; else printf "%s/00 ", $3; }')
+	[ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00"
+
+	return 0
+}
+
+checkconfig() {
+	_getconfig || return 1
+	local x
+	for x in $CACHE_SWAP ; do
+		if [ ! -e $x ] ; then
+			ebegin "Initializing cache directory ${x%/*}"
+			local ORIG_UMASK=$(umask)
+			umask 027
+
+			if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then
+				eend 1
+				return 1
+			fi
+
+			local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME} 2>&1)"
+			if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then
+				umask $ORIG_UMASK
+				eend 1
+				echo "$INIT_CACHE_RESPONSE"
+				return 1
+			fi
+
+			umask $ORIG_UMASK
+			eend 0
+			break
+		fi
+	done
+
+	return 0
+}
+
+start() {
+	checkconfig || return 1
+	checkpath -d -q -m 0750 -o squid:squid /run/${RC_SVCNAME}
+
+	# see https://wiki.squid-cache.org/MultipleInstances
+	ebegin "Starting ${RC_SVCNAME} (service name ${SQUID_SVCNAME}) with KRB5_KTNAME=\"${SQUID_KEYTAB}\" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME}"
+	KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME}
+	eend $? && sleep 1
+}
+
+stop() {
+	_getconfig || return 1
+	ebegin "Stopping ${RC_SVCNAME} with /usr/sbin/squid -k shutdown -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME}"
+	if /usr/sbin/squid -k shutdown -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME} ; then
+		if [ "x${SQUID_FAST_SHUTDOWN}" = "xyes" ]; then
+			einfo "Attempting fast shutdown."
+			/usr/sbin/squid -k shutdown -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME}
+		fi
+		# Now we have to wait until squid has _really_ stopped.
+		sleep 1
+		if [ -f ${PIDFILE} ] ; then
+			einfon "Waiting for squid to shutdown ."
+			cnt=0
+			while [ -f ${PIDFILE} ] ; do
+				cnt=$(expr $cnt + 1)
+				if [ $cnt -gt 90 ] ; then
+					# Waited 180 seconds now. Fail.
+					echo
+					eend 1 "Failed."
+					break
+				fi
+				sleep 2
+				printf "."
+			done
+			echo
+		fi
+	else
+		eerror "Squid shutdown failed, probably service is already down."
+	fi
+	eend 0
+}
+
+reload() {
+	checkconfig || return 1
+	ebegin "Reloading ${RC_SVCNAME} with /usr/sbin/squid -k reconfigure -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME}"
+	/usr/sbin/squid -k reconfigure -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME}
+	eend $?
+}
+
+rotate() {
+	service_started ${RC_SVCNAME} || return 1
+	ebegin "Rotating ${RC_SVCNAME} logs with /usr/sbin/squid -k rotate -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME}"
+	/usr/sbin/squid -k rotate -f /etc/squid/${RC_SVCNAME}.conf -n ${SQUID_SVCNAME}
+	eend $?
+}

diff --git a/net-proxy/squid/files/squid.logrotate-r1 b/net-proxy/squid/files/squid.logrotate-r1
new file mode 100644
index 000000000000..03cbca9b5f4a
--- /dev/null
+++ b/net-proxy/squid/files/squid.logrotate-r1
@@ -0,0 +1,11 @@
+/var/log/squid/*.log {
+    copytruncate
+    compress
+    notifempty
+    missingok
+    sharedscripts
+    postrotate
+      squid -k rotate 2>/dev/null
+    endscript
+}
+

diff --git a/net-proxy/squid/squid-6.9.ebuild b/net-proxy/squid/squid-6.9.ebuild
new file mode 100644
index 000000000000..7f6845704afe
--- /dev/null
+++ b/net-proxy/squid/squid-6.9.ebuild
@@ -0,0 +1,391 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/squid.gpg
+inherit autotools flag-o-matic linux-info pam systemd toolchain-funcs verify-sig
+
+DESCRIPTION="Full-featured web proxy cache"
+HOMEPAGE="https://www.squid-cache.org/"
+
+MY_PV_MAJOR=$(ver_cut 1)
+# Upstream patch ID for the most recent bug-fixed update to the formal release.
+#r=-20181117-r0022167
+r=
+if [[ -z ${r} ]]; then
+	SRC_URI="
+		http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}.tar.xz
+		verify-sig? ( http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}.tar.xz.asc )
+	"
+else
+	SRC_URI="http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}${r}.tar.bz2"
+	S="${S}${r}"
+fi
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86"
+IUSE="caps gnutls pam ldap samba sasl kerberos nis radius ssl snmp selinux logrotate test ecap"
+IUSE+=" esi ssl-crtd mysql postgres sqlite systemd perl qos tproxy +htcp valgrind +wccp +wccpv2"
+RESTRICT="!test? ( test )"
+REQUIRED_USE="tproxy? ( caps ) qos? ( caps ) ssl-crtd? ( ssl )"
+
+DEPEND="
+	acct-group/squid
+	acct-user/squid
+	dev-libs/libltdl
+	sys-libs/tdb
+	virtual/libcrypt:=
+	caps? ( >=sys-libs/libcap-2.16 )
+	ecap? ( net-libs/libecap:1 )
+	esi? (
+		dev-libs/expat
+		dev-libs/libxml2
+	)
+	ldap? ( net-nds/openldap:= )
+	gnutls? ( >=net-libs/gnutls-3.1.5:= )
+	logrotate? ( app-admin/logrotate )
+	nis? (
+		net-libs/libtirpc:=
+		net-libs/libnsl:=
+	)
+	kerberos? ( virtual/krb5 )
+	pam? ( sys-libs/pam )
+	qos? ( net-libs/libnetfilter_conntrack )
+	ssl? (
+		dev-libs/nettle:=
+		!gnutls? (
+			dev-libs/openssl:=
+		)
+	)
+	sasl? ( dev-libs/cyrus-sasl )
+	systemd? ( sys-apps/systemd:= )
+"
+RDEPEND="
+	${DEPEND}
+	mysql? ( dev-perl/DBD-mysql )
+	postgres? ( dev-perl/DBD-Pg )
+	perl? ( dev-lang/perl )
+	samba? ( net-fs/samba )
+	selinux? ( sec-policy/selinux-squid )
+	sqlite? ( dev-perl/DBD-SQLite )
+"
+DEPEND+=" valgrind? ( dev-debug/valgrind )"
+BDEPEND="
+	dev-lang/perl
+	ecap? ( virtual/pkgconfig )
+	test? ( dev-util/cppunit )
+	verify-sig? ( sec-keys/openpgp-keys-squid )
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-6.2-gentoo.patch
+	"${FILESDIR}"/${PN}-4.17-use-system-libltdl.patch
+	"${FILESDIR}"/${PN}-6.9-memleak_fix.patch
+)
+
+pkg_pretend() {
+	if use tproxy; then
+		local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_SOCKET ~NETFILTER_XT_TARGET_TPROXY"
+		linux-info_pkg_setup
+	fi
+}
+
+src_prepare() {
+	default
+
+	# Fixup various paths
+	sed -i -e 's:/usr/local/squid/etc:/etc/squid:' \
+		INSTALL QUICKSTART \
+		scripts/fileno-to-pathname.pl \
+		scripts/check_cache.pl \
+		tools/cachemgr.cgi.8 \
+		tools/purge/conffile.hh \
+		tools/purge/purge.1 || die
+	sed -i -e 's:/usr/local/squid/sbin:/usr/sbin:' \
+		INSTALL QUICKSTART || die
+	sed -i -e 's:/usr/local/squid/var/cache:/var/cache/squid:' \
+		QUICKSTART || die
+	sed -i -e 's:/usr/local/squid/var/logs:/var/log/squid:' \
+		QUICKSTART \
+		src/log/access_log.cc || die
+	sed -i -e 's:/usr/local/squid/logs:/var/log/squid:' \
+		src/log/access_log.cc || die
+	sed -i -e 's:/usr/local/squid/libexec:/usr/libexec/squid:' \
+		src/acl/external/unix_group/ext_unix_group_acl.8 \
+		src/acl/external/session/ext_session_acl.8 || die
+	sed -i -e 's:/usr/local/squid/cache:/var/cache/squid:' \
+		scripts/check_cache.pl || die
+	# /var/run/squid to /run/squid
+	sed -i -e 's:$(localstatedir)::' \
+		src/ipc/Makefile.am || die
+	sed -i 's:/var/run/:/run/:g' tools/systemd/squid.service || die
+
+	sed -i -e 's:_LTDL_SETUP:LTDL_INIT([installable]):' \
+		libltdl/configure.ac || die
+
+	eautoreconf
+}
+
+src_configure() {
+	local myeconfargs=(
+		--cache-file="${S}"/config.cache
+
+		--datadir=/usr/share/squid
+		--libexecdir=/usr/libexec/squid
+		--localstatedir=/var
+		--sysconfdir=/etc/squid
+		--with-default-user=squid
+		--with-logdir=/var/log/squid
+		--with-pidfile=/run/squid.pid
+
+		--enable-build-info="Gentoo ${PF} (r: ${r:-NONE})"
+		--enable-log-daemon-helpers
+		--enable-url-rewrite-helpers
+		--enable-cache-digests
+		--enable-delay-pools
+		--enable-disk-io
+		--enable-eui
+		--enable-icmp
+		--enable-ipv6
+		--enable-follow-x-forwarded-for
+		--enable-removal-policies="lru,heap"
+		--disable-strict-error-checking
+		--disable-arch-native
+
+		--with-large-files
+		--with-build-environment=default
+
+		--with-tdb
+
+		--without-included-ltdl
+		--with-ltdl-include="${ESYSROOT}"/usr/include
+		--with-ltdl-lib="${ESYSROOT}"/usr/$(get_libdir)
+
+		$(use_with caps cap)
+		$(use_enable snmp)
+		$(use_with ssl openssl)
+		$(use_with ssl nettle)
+		$(use_with gnutls)
+		$(use_with ldap)
+		$(use_enable ssl-crtd)
+		$(use_with systemd)
+		$(use_with test cppunit)
+		$(use_enable ecap)
+		$(use_enable esi)
+		$(use_enable esi expat)
+		$(use_enable esi xml2)
+		$(use_enable htcp)
+		$(use_with valgrind valgrind-debug)
+		$(use_enable wccp)
+		$(use_enable wccpv2)
+	)
+
+	# Basic modules
+	local basic_modules=(
+		NCSA
+		POP3
+		getpwnam
+
+		$(usev samba 'SMB')
+		$(usev ldap 'SMB_LM LDAP')
+		$(usev pam 'PAM')
+		$(usev sasl 'SASL')
+		$(usev nis 'NIS')
+		$(usev radius 'RADIUS')
+	)
+
+	use nis && append-cppflags "-I${ESYSROOT}/usr/include/tirpc"
+
+	if use mysql || use postgres || use sqlite; then
+		basic_modules+=( DB )
+	fi
+
+	# Digests
+	local digest_modules=(
+		file
+
+		$(usev ldap 'LDAP eDirectory')
+	)
+
+	# Kerberos
+	local negotiate_modules=( none )
+
+	myeconfargs+=( --without-mit-krb5 --without-heimdal-krb5 )
+
+	if use kerberos; then
+		# We intentionally overwrite negotiate_modules here to lose
+		# the 'none'.
+		negotiate_modules=( kerberos wrapper )
+
+		if has_version app-crypt/heimdal; then
+			myeconfargs+=(
+				--without-mit-krb5
+				--with-heimdal-krb5
+			)
+		else
+			myeconfargs+=(
+				--with-mit-krb5
+				--without-heimdal-krb5
+			)
+		fi
+	fi
+
+	# NTLM modules
+	local ntlm_modules=( none )
+
+	if use samba ; then
+		# We intentionally overwrite ntlm_modules here to lose
+		# the 'none'.
+		ntlm_modules=( SMB_LM )
+	fi
+
+	# External helpers
+	local ext_helpers=(
+		file_userip
+		session
+		unix_group
+		delayer
+		time_quota
+
+		$(usev samba 'wbinfo_group')
+		$(usev ldap 'LDAP_group eDirectory_userip')
+	)
+
+	use ldap && use kerberos && ext_helpers+=( kerberos_ldap_group )
+	if use mysql || use postgres || use sqlite; then
+		ext_helpers+=( SQL_session )
+	fi
+
+	# Storage modules
+	local storeio_modules=(
+		aufs
+		diskd
+		rock
+		ufs
+	)
+
+	#
+	local transparent
+	if use kernel_linux; then
+		myeconfargs+=(
+			--enable-linux-netfilter
+			$(usev qos '--enable-zph-qos --with-netfilter-conntrack')
+		)
+	fi
+
+	tc-export_build_env BUILD_CXX
+	export BUILDCXX="${BUILD_CXX}"
+	export BUILDCXXFLAGS="${BUILD_CXXFLAGS}"
+	tc-export CC AR
+
+	# Should be able to drop this workaround with newer versions.
+	# https://bugs.squid-cache.org/show_bug.cgi?id=4224
+	tc-is-cross-compiler && export squid_cv_gnu_atomics=no
+
+	# Bug #719662
+	append-atomic-flags
+
+	print_options_without_comma() {
+		# IFS as ',' will cut off any trailing commas
+		(
+			IFS=','
+			options=( $(printf "%s," "${@}") )
+			echo "${options[*]}"
+		)
+	}
+
+	myeconfargs+=(
+		--enable-storeio=$(print_options_without_comma "${storeio_modules[@]}")
+		--enable-auth-basic=$(print_options_without_comma "${basic_modules[@]}")
+		--enable-auth-digest=$(print_options_without_comma "${digest_modules[@]}")
+		--enable-auth-ntlm=$(print_options_without_comma "${ntlm_modules[@]}")
+		--enable-auth-negotiate=$(print_options_without_comma "${negotiate_modules[@]}")
+		--enable-external-acl-helpers=$(print_options_without_comma "${ext_helpers[@]}")
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+
+	systemd_dounit tools/systemd/squid.service
+
+	# Need suid root for looking into /etc/shadow
+	fowners root:squid /usr/libexec/squid/basic_ncsa_auth
+	fperms 4750 /usr/libexec/squid/basic_ncsa_auth
+
+	if use pam; then
+		fowners root:squid /usr/libexec/squid/basic_pam_auth
+		fperms 4750 /usr/libexec/squid/basic_pam_auth
+	fi
+
+	# Pinger needs suid as well
+	fowners root:squid /usr/libexec/squid/pinger
+	fperms 4750 /usr/libexec/squid/pinger
+
+	# These scripts depend on perl
+	if ! use perl; then
+		local perl_scripts=(
+			basic_pop3_auth ext_delayer_acl helper-mux
+			log_db_daemon security_fake_certverify
+			storeid_file_rewrite url_lfs_rewrite
+		)
+
+		local script
+		for script in "${perl_scripts[@]}"; do
+			rm "${ED}"/usr/libexec/squid/${script} || die
+		done
+	fi
+
+	# Cleanup
+	rm -r "${D}"/run "${D}"/var/cache || die
+
+	dodoc CONTRIBUTORS CREDITS ChangeLog INSTALL QUICKSTART README SPONSORS doc/*.txt
+	newdoc src/auth/negotiate/kerberos/README README.kerberos
+	newdoc src/auth/basic/RADIUS/README README.RADIUS
+	newdoc src/acl/external/kerberos_ldap_group/README README.kerberos_ldap_group
+	dodoc RELEASENOTES.html
+
+	if use pam; then
+		newpamd "${FILESDIR}"/squid.pam squid
+	fi
+
+	newconfd "${FILESDIR}"/squid.confd-r2 squid
+	newinitd "${FILESDIR}"/squid.initd-r7 squid
+
+	if use logrotate ; then
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}"/squid.logrotate-r1 squid
+	else
+		exeinto /etc/cron.weekly
+		newexe "${FILESDIR}"/squid.cron-r1 squid.cron
+	fi
+
+	diropts -m0750 -o squid -g squid
+	keepdir /var/log/squid /etc/ssl/squid /var/lib/squid
+
+	# Hack for bug #834503 (see also bug #664940)
+	# Please keep this for a few years until it's no longer plausible
+	# someone is upgrading from < squid 5.7.
+	mv "${ED}"/usr/share/squid/errors{,.new} || die
+}
+
+pkg_preinst() {
+	# Remove file in EROOT that the directory collides with.
+	rm -rf "${EROOT}"/usr/share/squid/errors || die
+
+	# Following the collision protection check, reverse
+	# src_install's rename in ED.
+	mv "${ED}"/usr/share/squid/errors{.new,} || die
+}
+
+pkg_postinst() {
+	elog "A good starting point to debug Squid issues is to use 'squidclient mgr:' commands such as 'squidclient mgr:info'."
+
+	if [[ ${#r} -gt 0 ]]; then
+		elog "You are using a release with the official ${r} patch! Make sure you mention that, or send the output of 'squidclient mgr:info' when asking for support."
+	fi
+}


^ permalink raw reply related	[flat|nested] 9+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/
@ 2024-07-03 13:26 Joonas Niilola
  0 siblings, 0 replies; 9+ messages in thread
From: Joonas Niilola @ 2024-07-03 13:26 UTC (permalink / raw
  To: gentoo-commits

commit:     d0523baf97702d3ce078f0cd6831ca0d8f8cb9cf
Author:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
AuthorDate: Wed Jul  3 13:25:44 2024 +0000
Commit:     Joonas Niilola <juippis <AT> gentoo <DOT> org>
CommitDate: Wed Jul  3 13:26:37 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d0523baf

net-proxy/squid: update SRC_URI (add squid-6.9-memleak_fix.patch)

 - SizeViolation fix.

Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org>

 net-proxy/squid/Manifest                          |   1 +
 net-proxy/squid/files/squid-6.9-memleak_fix.patch | 563 ----------------------
 net-proxy/squid/squid-6.9.ebuild                  |   6 +-
 3 files changed, 5 insertions(+), 565 deletions(-)

diff --git a/net-proxy/squid/Manifest b/net-proxy/squid/Manifest
index e577ed2f01bb..f5f8ae210f39 100644
--- a/net-proxy/squid/Manifest
+++ b/net-proxy/squid/Manifest
@@ -2,5 +2,6 @@ DIST squid-6.6.tar.xz 2554824 BLAKE2B 7c3c96f5cd5f819f6f020fb3e63ee8d9bb26b7fb4f
 DIST squid-6.6.tar.xz.asc 1193 BLAKE2B c37a400c51c30de35c6fe52123389c134d05670a36b1ffae4d67e7d06981bbf94788343daf2fdeafb782d464a977ee31bc601e3b1b92b45cd40ba6a6725b9a16 SHA512 08550569759c403a1a9747d08ea7055751fbf251355691074f6d09baca76a0987c5dff36e1f01b64edd446d568c7244b14124f6f8a1b19ccfc30293eed83a297
 DIST squid-6.7.tar.xz 2427468 BLAKE2B 0cd892213085326d1f4cc065778d95d74c03edaaf98b839b4422397fdcd449716b022e74adcbac636ca98e9d5c45a8f7aa156c3edc9f306fb13fc5cc21125dd6 SHA512 6221437056c600119fe9ff1ceeeaa9955cf9f21df481ad29a3515f8439a41b779d51f37b820b75641d0d4d6de54554f6f924dbd347834bf4a6ad6b5b317084a0
 DIST squid-6.7.tar.xz.asc 646 BLAKE2B 6d4e6075b261f54269577fc31b28e7cb74b835c851741542c322b226d29325128cdbaadd156070e9fe6c5af5c33149c78f71b01272934a62676e08f3f75f8628 SHA512 4a1f9d123ce6b5a600d9d2dd3af95a7ce98bfe28ba42d1281ab1f3d7f220f8738a4320afb85eeba1bf9d31e722ffaccd2d89cbefcd11e6b6ea31fe237ccf9a8c
+DIST squid-6.9-memleak_fix.patch 22178 BLAKE2B bf87a98ac3ddcf27b817b7b09a1a7656cb6547c7c157d02a3daf4b337669180718e1df06040b9b4be252a9f60fc767d94ed698014113c072dd9b91ada08a1adc SHA512 38754b1f593dde3e7ab70601bdaaabf8c1c40beea0ae9913684d3de78d76cec4243abac8e315af2009b98e096a3b04c56181940f0528716278aaf7c44ea76dad
 DIST squid-6.9.tar.xz 2557992 BLAKE2B cac10d3a16fe31a9becfcd0fc278413d53c52285cdca9ece897ca4e3a0e50806e186960091f9050243180996382c6b5209360d9fff249d26b20d1e529285a038 SHA512 2666551caca39fa6ca49b56b537645dd043ee0c99b805c433cf714172e6062590fd6ed942043df1a3b543f30c039f3ab701493187dc6a0a4a8311217417c366e
 DIST squid-6.9.tar.xz.asc 646 BLAKE2B fafa49d40af849103d04c0f07e19e5b9007306ba0f85bcabed761b53f94015aefc65ec2035963c95fd938cb04dfdb878363fcf5150a06889b563fa48922ef289 SHA512 ccd053476e91544bf797cf38a7e57acdc1c02c1edb2804230f061d9b24abbbd2e06abbaaa0fe2b209951631c0369510f60f0b7137fe950f3ccf59e8a212bc0fa

diff --git a/net-proxy/squid/files/squid-6.9-memleak_fix.patch b/net-proxy/squid/files/squid-6.9-memleak_fix.patch
deleted file mode 100644
index 797489ac4136..000000000000
--- a/net-proxy/squid/files/squid-6.9-memleak_fix.patch
+++ /dev/null
@@ -1,563 +0,0 @@
-Backport of fixes in master/v7
-
-https://bugs.squid-cache.org/show_bug.cgi?id=5322
-https://bugs.squid-cache.org/attachment.cgi?id=3891
-diff -aurN a/src/AclRegs.cc b/src/AclRegs.cc
---- a/src/AclRegs.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/AclRegs.cc	2024-05-02 14:39:02.842264552 +0300
-@@ -130,8 +130,8 @@
-     RegisterMaker("dstdom_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLDestinationDomainStrategy, name); });
-     RegisterMaker("dst", [](TypeName)->ACL* { return new ACLDestinationIP; }); // XXX: Add name parameter to ctor
-     RegisterMaker("hier_code", [](TypeName name)->ACL* { return new ACLStrategised<hier_code>(new ACLHierCodeData, new ACLHierCodeStrategy, name); });
--    RegisterMaker("rep_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPRepHeaderStrategy, name); });
--    RegisterMaker("req_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPReqHeaderStrategy, name); });
-+    RegisterMaker("rep_header", [](TypeName name)->ACL* { return new ACLStrategised<const HttpHeader &>(new ACLHTTPHeaderData, new ACLHTTPRepHeaderStrategy, name); });
-+    RegisterMaker("req_header", [](TypeName name)->ACL* { return new ACLStrategised<const HttpHeader &>(new ACLHTTPHeaderData, new ACLHTTPReqHeaderStrategy, name); });
-     RegisterMaker("http_status", [](TypeName name)->ACL* { return new ACLHTTPStatus(name); });
-     RegisterMaker("maxconn", [](TypeName name)->ACL* { return new ACLMaxConnection(name); });
-     RegisterMaker("method", [](TypeName name)->ACL* { return new ACLStrategised<HttpRequestMethod>(new ACLMethodData, new ACLMethodStrategy, name); });
-diff -aurN a/src/DelayId.cc b/src/DelayId.cc
---- a/src/DelayId.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/DelayId.cc	2024-05-02 13:14:06.529560559 +0300
-@@ -87,10 +87,7 @@
- 
-         ACLFilledChecklist ch(DelayPools::delay_data[pool].access, r, nullptr);
-         clientAclChecklistFill(ch, http);
--        if (!ch.reply && reply) {
--            ch.reply = reply;
--            HTTPMSGLOCK(reply);
--        }
-+	ch.updateReply(reply);
-         // overwrite ACLFilledChecklist acl_uses_indirect_client-based decision
- #if FOLLOW_X_FORWARDED_FOR
-         if (Config.onoff.delay_pool_uses_indirect_client)
-diff -aurN a/src/HttpHeaderTools.cc b/src/HttpHeaderTools.cc
---- a/src/HttpHeaderTools.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/HttpHeaderTools.cc	2024-05-02 13:15:05.133567028 +0300
-@@ -289,11 +289,7 @@
- 
-     ACLFilledChecklist checklist(hm->access_list, request, nullptr);
- 
--    checklist.al = al;
--    if (al && al->reply) {
--        checklist.reply = al->reply.getRaw();
--        HTTPMSGLOCK(checklist.reply);
--    }
-+    checklist.updateAle(al);
- 
-     // XXX: The two "It was denied" clauses below mishandle cases with no
-     // matching rules, violating the "If no rules within the set have matching
-@@ -489,11 +485,7 @@
- {
-     ACLFilledChecklist checklist(nullptr, request, nullptr);
- 
--    checklist.al = al;
--    if (al && al->reply) {
--        checklist.reply = al->reply.getRaw();
--        HTTPMSGLOCK(checklist.reply);
--    }
-+    checklist.updateAle(al);
- 
-     for (HeaderWithAclList::const_iterator hwa = headersAdd.begin(); hwa != headersAdd.end(); ++hwa) {
-         if (!hwa->aclList || checklist.fastCheck(hwa->aclList).allowed()) {
-diff -aurN a/src/HttpReply.cc b/src/HttpReply.cc
---- a/src/HttpReply.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/HttpReply.cc	2024-05-02 13:15:39.572584896 +0300
-@@ -596,8 +596,7 @@
- 
-     ACLFilledChecklist ch(nullptr, &request, nullptr);
-     // XXX: cont-cast becomes irrelevant when checklist is HttpReply::Pointer
--    ch.reply = const_cast<HttpReply *>(this);
--    HTTPMSGLOCK(ch.reply);
-+    ch.updateReply(this);
-     for (AclSizeLimit *l = Config.ReplyBodySize; l; l = l -> next) {
-         /* if there is no ACL list or if the ACLs listed match use this size value */
-         if (!l->aclList || ch.fastCheck(l->aclList).allowed()) {
-diff -aurN a/src/Notes.cc b/src/Notes.cc
---- a/src/Notes.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/Notes.cc	2024-05-02 13:54:09.664336645 +0300
-@@ -70,11 +70,9 @@
- Note::match(HttpRequest *request, HttpReply *reply, const AccessLogEntry::Pointer &al, SBuf &matched)
- {
-     ACLFilledChecklist ch(nullptr, request, nullptr);
--    ch.al = al;
--    ch.reply = reply;
-+    ch.updateAle(al);
-+    ch.updateReply(reply);
-     ch.syncAle(request, nullptr);
--    if (reply)
--        HTTPMSGLOCK(ch.reply);
- 
-     for (const auto &v: values) {
-         assert(v->aclList);
-diff -aurN a/src/acl/ConnectionsEncrypted.cc b/src/acl/ConnectionsEncrypted.cc
---- a/src/acl/ConnectionsEncrypted.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/ConnectionsEncrypted.cc	2024-05-02 14:11:23.059165031 +0300
-@@ -55,8 +55,8 @@
- 
-     const bool safeRequest =
-         !(filled->request->sources & Http::Message::srcUnsafe);
--    const bool safeReply = !filled->reply ||
--                           !(filled->reply->sources & Http::Message::srcUnsafe);
-+    const bool safeReply = !filled->hasReply() ||
-+                           !(filled->reply().sources & Http::Message::srcUnsafe);
- 
-     return (safeRequest && safeReply) ? 1 : 0;
- }
-diff -aurN a/src/acl/FilledChecklist.cc b/src/acl/FilledChecklist.cc
---- a/src/acl/FilledChecklist.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/FilledChecklist.cc	2024-05-02 14:07:41.297685699 +0300
-@@ -27,7 +27,6 @@
- ACLFilledChecklist::ACLFilledChecklist() :
-     dst_rdns(nullptr),
-     request (nullptr),
--    reply (nullptr),
- #if USE_AUTH
-     auth_user_request (nullptr),
- #endif
-@@ -54,8 +53,6 @@
- 
-     HTTPMSGUNLOCK(request);
- 
--    HTTPMSGUNLOCK(reply);
--
-     cbdataReferenceDone(conn_);
- 
-     debugs(28, 4, "ACLFilledChecklist destroyed " << this);
-@@ -107,9 +104,9 @@
-         }
-     }
- 
--    if (reply && !al->reply) {
-+    if (hasReply() && !al->reply) {
-         showDebugWarning("HttpReply object");
--        al->reply = reply;
-+	al->reply = reply_;
-     }
- 
- #if USE_IDENT
-@@ -214,7 +211,6 @@
- ACLFilledChecklist::ACLFilledChecklist(const acl_access *A, HttpRequest *http_request, const char *ident):
-     dst_rdns(nullptr),
-     request(nullptr),
--    reply(nullptr),
- #if USE_AUTH
-     auth_user_request(nullptr),
- #endif
-@@ -268,3 +264,21 @@
- #endif
- }
- 
-+void
-+ACLFilledChecklist::updateAle(const AccessLogEntry::Pointer &a)
-+{
-+    if (!a)
-+        return;
-+
-+    al = a; // could have been set already (to a different value)
-+    if (!request)
-+        setRequest(a->request);
-+    updateReply(a->reply);
-+}
-+
-+void
-+ACLFilledChecklist::updateReply(const HttpReply::Pointer &r)
-+{
-+    if (r)
-+        reply_ = r; // may already be set, including to r
-+}
-diff -aurN a/src/acl/FilledChecklist.h b/src/acl/FilledChecklist.h
---- a/src/acl/FilledChecklist.h	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/FilledChecklist.h	2024-05-02 13:45:57.773923228 +0300
-@@ -14,6 +14,8 @@
- #include "acl/forward.h"
- #include "base/CbcPointer.h"
- #include "error/forward.h"
-+#include "HttpReply.h"
-+#include "HttpRequest.h"
- #include "ip/Address.h"
- #if USE_AUTH
- #include "auth/UserRequest.h"
-@@ -42,6 +44,7 @@
-     void setRequest(HttpRequest *);
-     /// configure rfc931 user identity for the first time
-     void setIdent(const char *userIdentity);
-+    void updateAle(const AccessLogEntry::Pointer &);
- 
- public:
-     /// The client connection manager
-@@ -57,6 +60,14 @@
- 
-     //int authenticated();
- 
-+    /// response added by updateReply()
-+    /// \prec hasReply()
-+    const HttpReply &reply() const { return *reply_; }
-+
-+    /// Remembers the given response (if it is not nil) or does nothing
-+    /// (otherwise).
-+    void updateReply(const HttpReply::Pointer &);
-+
-     bool destinationDomainChecked() const;
-     void markDestinationDomainChecked();
-     bool sourceDomainChecked() const;
-@@ -64,7 +75,7 @@
- 
-     // ACLChecklist API
-     bool hasRequest() const override { return request != nullptr; }
--    bool hasReply() const override { return reply != nullptr; }
-+    bool hasReply() const override { return reply_ != nullptr; }
-     bool hasAle() const override { return al != nullptr; }
-     void syncAle(HttpRequest *adaptedRequest, const char *logUri) const override;
-     void verifyAle() const override;
-@@ -77,7 +88,6 @@
-     char *dst_rdns;
- 
-     HttpRequest *request;
--    HttpReply *reply;
- 
-     char rfc931[USER_IDENT_SZ];
- #if USE_AUTH
-@@ -108,6 +118,9 @@
- private:
-     ConnStateData * conn_;          /**< hack for ident and NTLM */
-     int fd_;                        /**< may be available when conn_ is not */
-+
-+    HttpReply::Pointer reply_; ///< response added by updateReply() or nil
-+
-     bool destinationDomainChecked_;
-     bool sourceDomainChecked_;
-     /// not implemented; will cause link failures if used
-diff -aurN a/src/acl/HttpHeaderData.cc b/src/acl/HttpHeaderData.cc
---- a/src/acl/HttpHeaderData.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/HttpHeaderData.cc	2024-05-02 13:39:44.260625713 +0300
-@@ -36,20 +36,18 @@
- }
- 
- bool
--ACLHTTPHeaderData::match(HttpHeader* hdr)
-+ACLHTTPHeaderData::match(const HttpHeader &hdr)
- {
--    if (hdr == nullptr)
--        return false;
- 
-     debugs(28, 3, "aclHeaderData::match: checking '" << hdrName << "'");
- 
-     String value;
-     if (hdrId != Http::HdrType::BAD_HDR) {
--        if (!hdr->has(hdrId))
-+	if (!hdr.has(hdrId))
-             return false;
--        value = hdr->getStrOrList(hdrId);
-+	value = hdr.getStrOrList(hdrId);
-     } else {
--        if (!hdr->hasNamed(hdrName, &value))
-+	if (!hdr.hasNamed(hdrName, &value))
-             return false;
-     }
- 
-diff -aurN a/src/acl/HttpHeaderData.h b/src/acl/HttpHeaderData.h
---- a/src/acl/HttpHeaderData.h	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/HttpHeaderData.h	2024-05-02 13:40:26.326492200 +0300
-@@ -14,14 +14,14 @@
- #include "sbuf/SBuf.h"
- #include "SquidString.h"
- 
--class ACLHTTPHeaderData : public ACLData<HttpHeader*>
-+class ACLHTTPHeaderData: public ACLData<const HttpHeader &>
- {
-     MEMPROXY_CLASS(ACLHTTPHeaderData);
- 
- public:
-     ACLHTTPHeaderData();
-     ~ACLHTTPHeaderData() override;
--    bool match(HttpHeader* hdr) override;
-+    bool match(const HttpHeader &) override;
-     SBufList dump() const override;
-     void parse() override;
-     bool empty() const override;
-diff -aurN a/src/acl/HttpRepHeader.cc b/src/acl/HttpRepHeader.cc
---- a/src/acl/HttpRepHeader.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/HttpRepHeader.cc	2024-05-02 14:22:13.208427916 +0300
-@@ -13,8 +13,9 @@
- #include "HttpReply.h"
- 
- int
--ACLHTTPRepHeaderStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
-+ACLHTTPRepHeaderStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist * const ch)
- {
--    return data->match (&checklist->reply->header);
-+    const auto checklist = Filled(ch);
-+    return data->match(checklist->reply().header);
- }
- 
-diff -aurN a/src/acl/HttpRepHeader.h b/src/acl/HttpRepHeader.h
---- a/src/acl/HttpRepHeader.h	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/HttpRepHeader.h	2024-05-02 14:26:12.634833092 +0300
-@@ -14,7 +14,7 @@
- #include "HttpHeader.h"
- 
- /// \ingroup ACLAPI
--class ACLHTTPRepHeaderStrategy : public ACLStrategy<HttpHeader*>
-+class ACLHTTPRepHeaderStrategy : public ACLStrategy<const HttpHeader &>
- {
- 
- public:
-diff -aurN a/src/acl/HttpReqHeader.cc b/src/acl/HttpReqHeader.cc
---- a/src/acl/HttpReqHeader.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/HttpReqHeader.cc	2024-05-02 14:22:47.381726897 +0300
-@@ -13,8 +13,9 @@
- #include "HttpRequest.h"
- 
- int
--ACLHTTPReqHeaderStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
-+ACLHTTPReqHeaderStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist * const ch)
- {
--    return data->match (&checklist->request->header);
-+    const auto checklist = Filled(ch);
-+    return data->match (checklist->request->header);
- }
- 
-diff -aurN a/src/acl/HttpReqHeader.h b/src/acl/HttpReqHeader.h
---- a/src/acl/HttpReqHeader.h	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/HttpReqHeader.h	2024-05-02 14:26:59.730191970 +0300
-@@ -13,7 +13,7 @@
- #include "HttpHeader.h"
- 
- /// \ingroup ACLAPI
--class ACLHTTPReqHeaderStrategy : public ACLStrategy<HttpHeader*>
-+class ACLHTTPReqHeaderStrategy : public ACLStrategy<const HttpHeader &>
- {
- 
- public:
-diff -aurN a/src/acl/HttpStatus.cc b/src/acl/HttpStatus.cc
---- a/src/acl/HttpStatus.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/HttpStatus.cc	2024-05-02 13:48:12.200714068 +0300
-@@ -116,7 +116,7 @@
- int
- ACLHTTPStatus::match(ACLChecklist *checklist)
- {
--    return aclMatchHTTPStatus(&data, Filled(checklist)->reply->sline.status());
-+    return aclMatchHTTPStatus(&data, Filled(checklist)->reply().sline.status());
- }
- 
- int
-diff -aurN a/src/acl/ReplyHeaderStrategy.h b/src/acl/ReplyHeaderStrategy.h
---- a/src/acl/ReplyHeaderStrategy.h	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/ReplyHeaderStrategy.h	2024-05-02 13:48:40.981219348 +0300
-@@ -28,7 +28,7 @@
- int
- ACLReplyHeaderStrategy<header>::match (ACLData<char const *> * &data, ACLFilledChecklist *checklist)
- {
--    char const *theHeader = checklist->reply->header.getStr(header);
-+    char const *theHeader = checklist->reply().header.getStr(header);
- 
-     if (nullptr == theHeader)
-         return 0;
-diff -aurN a/src/acl/ReplyMimeType.h b/src/acl/ReplyMimeType.h
---- a/src/acl/ReplyMimeType.h	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/acl/ReplyMimeType.h	2024-05-02 13:51:50.684699376 +0300
-@@ -19,7 +19,8 @@
- inline int
- ACLReplyHeaderStrategy<Http::HdrType::CONTENT_TYPE>::match(ACLData<char const *> * &data, ACLFilledChecklist *checklist)
- {
--    char const *theHeader = checklist->reply->header.getStr(Http::HdrType::CONTENT_TYPE);
-+    char const *theHeader = checklist->reply().header.getStr(Http::HdrType::CONTENT_TYPE);
-+
- 
-     if (nullptr == theHeader)
-         theHeader = "";
-diff -aurN a/src/adaptation/AccessCheck.cc b/src/adaptation/AccessCheck.cc
---- a/src/adaptation/AccessCheck.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/adaptation/AccessCheck.cc	2024-05-02 13:56:05.309606789 +0300
-@@ -131,9 +131,8 @@
-             /* BUG 2526: what to do when r->acl is empty?? */
-             // XXX: we do not have access to conn->rfc931 here.
-             acl_checklist = new ACLFilledChecklist(r->acl, filter.request, dash_str);
--            if ((acl_checklist->reply = filter.reply))
--                HTTPMSGLOCK(acl_checklist->reply);
--            acl_checklist->al = filter.al;
-+            acl_checklist->updateAle(filter.al);
-+	    acl_checklist->updateReply(filter.reply);
-             acl_checklist->syncAle(filter.request, nullptr);
-             acl_checklist->nonBlockingCheck(AccessCheckCallbackWrapper, this);
-             return;
-diff -aurN a/src/adaptation/icap/Launcher.cc b/src/adaptation/icap/Launcher.cc
---- a/src/adaptation/icap/Launcher.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/adaptation/icap/Launcher.cc	2024-05-02 13:25:41.483439412 +0300
-@@ -142,8 +142,7 @@
- 
-     ACLFilledChecklist *cl =
-         new ACLFilledChecklist(TheConfig.repeat, info.icapRequest, dash_str);
--    cl->reply = info.icapReply;
--    HTTPMSGLOCK(cl->reply);
-+    cl->updateReply(info.icapReply);
- 
-     bool result = cl->fastCheck().allowed();
-     delete cl;
-diff -aurN a/src/adaptation/icap/icap_log.cc b/src/adaptation/icap/icap_log.cc
---- a/src/adaptation/icap/icap_log.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/adaptation/icap/icap_log.cc	2024-05-02 13:26:09.810655898 +0300
-@@ -61,10 +61,7 @@
- {
-     if (IcapLogfileStatus == LOG_ENABLE) {
-         ACLFilledChecklist checklist(nullptr, al->adapted_request, nullptr);
--        if (al->reply) {
--            checklist.reply = al->reply.getRaw();
--            HTTPMSGLOCK(checklist.reply);
--        }
-+	checklist.updateAle(al);
-         accessLogLogTo(Config.Log.icaplogs, al, &checklist);
-     }
- }
-diff -aurN a/src/auth/UserRequest.cc b/src/auth/UserRequest.cc
---- a/src/auth/UserRequest.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/auth/UserRequest.cc	2024-05-02 13:26:56.382746257 +0300
-@@ -466,8 +466,7 @@
- {
-     if (!Auth::TheConfig.schemeLists.empty() && Auth::TheConfig.schemeAccess) {
-         ACLFilledChecklist ch(nullptr, request, nullptr);
--        ch.reply = rep;
--        HTTPMSGLOCK(ch.reply);
-+	ch.updateReply(rep);
-         const auto answer = ch.fastCheck(Auth::TheConfig.schemeAccess);
-         if (answer.allowed())
-             return Auth::TheConfig.schemeLists.at(answer.kind).authConfigs;
-diff -aurN a/src/client_side.cc b/src/client_side.cc
---- a/src/client_side.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/client_side.cc	2024-05-02 13:32:24.247196027 +0300
-@@ -446,31 +446,19 @@
-         }
-         // The al->notes and request->notes must point to the same object.
-         al->syncNotes(request);
--    }
--
--    ACLFilledChecklist checklist(nullptr, request, nullptr);
--    if (al->reply) {
--        checklist.reply = al->reply.getRaw();
--        HTTPMSGLOCK(checklist.reply);
--    }
--
--    if (request) {
-         HTTPMSGUNLOCK(al->adapted_request);
-         al->adapted_request = request;
-         HTTPMSGLOCK(al->adapted_request);
-     }
-+    ACLFilledChecklist checklist(nullptr, request, nullptr);
-+    checklist.updateAle(al);
-     // no need checklist.syncAle(): already synced
--    checklist.al = al;
-     accessLogLog(al, &checklist);
- 
-     bool updatePerformanceCounters = true;
-     if (Config.accessList.stats_collection) {
-         ACLFilledChecklist statsCheck(Config.accessList.stats_collection, request, nullptr);
--        statsCheck.al = al;
--        if (al->reply) {
--            statsCheck.reply = al->reply.getRaw();
--            HTTPMSGLOCK(statsCheck.reply);
--        }
-+	statsCheck.updateAle(al);
-         updatePerformanceCounters = statsCheck.fastCheck().allowed();
-     }
- 
-@@ -3546,12 +3534,8 @@
-         checklist.setRequest(http->request);
- 
-     if (!checklist.al && http->al) {
--        checklist.al = http->al;
-+        checklist.updateAle(http->al);
-         checklist.syncAle(http->request, http->log_uri);
--        if (!checklist.reply && http->al->reply) {
--            checklist.reply = http->al->reply.getRaw();
--            HTTPMSGLOCK(checklist.reply);
--        }
-     }
- 
-     if (const auto conn = http->getConn())
-diff -aurN a/src/client_side_reply.cc b/src/client_side_reply.cc
---- a/src/client_side_reply.cc	2024-05-02 14:48:58.863528254 +0300
-+++ b/src/client_side_reply.cc	2024-05-02 13:33:55.668212735 +0300
-@@ -843,11 +843,9 @@
-     if (http->flags.internal)
-         return false; // internal content "hits" cannot be blocked
- 
--    const auto &rep = http->storeEntry()->mem().freshestReply();
-     {
-         std::unique_ptr<ACLFilledChecklist> chl(clientAclChecklistCreate(Config.accessList.sendHit, http));
--        chl->reply = const_cast<HttpReply*>(&rep); // ACLChecklist API bug
--        HTTPMSGLOCK(chl->reply);
-+	chl->updateReply(&http->storeEntry()->mem().freshestReply());
-         return !chl->fastCheck().allowed(); // when in doubt, block
-     }
- }
-@@ -1850,8 +1848,7 @@
-     /** Process http_reply_access lists */
-     ACLFilledChecklist *replyChecklist =
-         clientAclChecklistCreate(Config.accessList.reply, http);
--    replyChecklist->reply = reply;
--    HTTPMSGLOCK(replyChecklist->reply);
-+    replyChecklist->updateReply(reply);
-     replyChecklist->nonBlockingCheck(ProcessReplyAccessResult, this);
- }
- 
-diff -aurN a/src/clients/Client.cc b/src/clients/Client.cc
---- a/src/clients/Client.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/clients/Client.cc	2024-05-02 13:56:57.931087748 +0300
-@@ -555,9 +555,8 @@
-         // This relatively expensive check is not in StoreEntry::checkCachable:
-         // That method lacks HttpRequest and may be called too many times.
-         ACLFilledChecklist ch(acl, originalRequest().getRaw());
--        ch.reply = const_cast<HttpReply*>(&entry->mem().freshestReply()); // ACLFilledChecklist API bug
--        HTTPMSGLOCK(ch.reply);
--        ch.al = fwd->al;
-+	ch.updateAle(fwd->al);
-+	ch.updateReply(&entry->mem().freshestReply());
-         if (!ch.fastCheck().allowed()) { // when in doubt, block
-             debugs(20, 3, "store_miss prohibits caching");
-             return true;
-diff -aurN a/src/http/Stream.cc b/src/http/Stream.cc
---- a/src/http/Stream.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/http/Stream.cc	2024-05-02 13:35:57.062950806 +0300
-@@ -294,8 +294,7 @@
-     for (const auto &pool: MessageDelayPools::Instance()->pools) {
-         if (pool->access) {
-             std::unique_ptr<ACLFilledChecklist> chl(clientAclChecklistCreate(pool->access, http));
--            chl->reply = rep;
--            HTTPMSGLOCK(chl->reply);
-+	    chl->updateReply(rep);
-             const auto answer = chl->fastCheck();
-             if (answer.allowed()) {
-                 writeQuotaHandler = pool->createBucket();
-diff -aurN a/src/http.cc b/src/http.cc
---- a/src/http.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/http.cc	2024-05-02 13:35:29.522323694 +0300
-@@ -773,10 +773,9 @@
-     // check whether the 1xx response forwarding is allowed by squid.conf
-     if (Config.accessList.reply) {
-         ACLFilledChecklist ch(Config.accessList.reply, originalRequest().getRaw());
--        ch.al = fwd->al;
--        ch.reply = reply;
-+	ch.updateAle(fwd->al);
-+	ch.updateReply(reply);
-         ch.syncAle(originalRequest().getRaw(), nullptr);
--        HTTPMSGLOCK(ch.reply);
-         if (!ch.fastCheck().allowed()) // TODO: support slow lookups?
-             return drop1xx("http_reply_access blocked it");
-     }
-diff -aurN a/src/neighbors.cc b/src/neighbors.cc
---- a/src/neighbors.cc	2024-04-08 08:02:07.000000000 +0300
-+++ b/src/neighbors.cc	2024-05-02 13:36:27.203322463 +0300
-@@ -170,11 +170,7 @@
-         return true;
- 
-     ACLFilledChecklist checklist(p->access, request, nullptr);
--    checklist.al = ps->al;
--    if (ps->al && ps->al->reply) {
--        checklist.reply = ps->al->reply.getRaw();
--        HTTPMSGLOCK(checklist.reply);
--    }
-+    checklist.updateAle(ps->al);
-     checklist.syncAle(request, nullptr);
-     return checklist.fastCheck().allowed();
- }

diff --git a/net-proxy/squid/squid-6.9.ebuild b/net-proxy/squid/squid-6.9.ebuild
index 7f6845704afe..4025b8126e25 100644
--- a/net-proxy/squid/squid-6.9.ebuild
+++ b/net-proxy/squid/squid-6.9.ebuild
@@ -16,10 +16,12 @@ r=
 if [[ -z ${r} ]]; then
 	SRC_URI="
 		http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}.tar.xz
+		https://dev.gentoo.org/~juippis/distfiles/squid-6.9-memleak_fix.patch
 		verify-sig? ( http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}.tar.xz.asc )
 	"
 else
-	SRC_URI="http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}${r}.tar.bz2"
+	SRC_URI="http://static.squid-cache.org/Versions/v${MY_PV_MAJOR}/${P}${r}.tar.bz2
+		https://dev.gentoo.org/~juippis/distfiles/squid-6.9-memleak_fix.patch"
 	S="${S}${r}"
 fi
 
@@ -82,7 +84,7 @@ BDEPEND="
 PATCHES=(
 	"${FILESDIR}"/${PN}-6.2-gentoo.patch
 	"${FILESDIR}"/${PN}-4.17-use-system-libltdl.patch
-	"${FILESDIR}"/${PN}-6.9-memleak_fix.patch
+	"${DISTDIR}"/${PN}-6.9-memleak_fix.patch
 )
 
 pkg_pretend() {


^ permalink raw reply related	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2024-07-03 13:26 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-05-24  6:56 [gentoo-commits] repo/gentoo:master commit in: net-proxy/squid/, net-proxy/squid/files/ Eray Aslan
  -- strict thread matches above, loose matches on Subject: below --
2024-07-03 13:26 Joonas Niilola
2024-07-03 13:26 Joonas Niilola
2023-11-17 15:09 Sam James
2023-01-15  2:08 Sam James
2020-06-29 18:14 Mikle Kolyada
2019-03-04 19:57 Mikle Kolyada
2016-07-12 12:50 Eray Aslan
2015-09-17  7:53 Eray Aslan

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox