Version bump (#285877).

(Portage version: 2.1.6.13/cvs/Linux x86_64)

4 files changed, 533 insertions, 1 deletions

diff --git a/net-proxy/squid/ChangeLog b/net-proxy/squid/ChangeLog
index 3cb04d0fd6cb..1dca0b76cd5c 100644
--- a/net-proxy/squid/ChangeLog
+++ b/net-proxy/squid/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-proxy/squid
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.284 2009/09/19 11:58:15 mrness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/ChangeLog,v 1.285 2009/09/22 16:08:52 mrness Exp $
+
+*squid-2.7.7 (22 Sep 2009)
+
+  22 Sep 2009; Alin Năstac <mrness@gentoo.org> +squid-2.7.7.ebuild,
+  +files/squid-2.7.7-gentoo.patch, +files/squid-2-heimdal.patch:
+  Version bump (#285877).
 
 *squid-3.1.0.13_beta-r2 (19 Sep 2009)
 
diff --git a/net-proxy/squid/files/squid-2-heimdal.patch b/net-proxy/squid/files/squid-2-heimdal.patch
new file mode 100644
index 000000000000..67500ae6a85d
--- /dev/null
+++ b/net-proxy/squid/files/squid-2-heimdal.patch
@@ -0,0 +1,18 @@
+diff -Nru squid-2.7.STABLE6.orig/helpers/negotiate_auth/squid_kerb_auth/Makefile.am squid-2.7.STABLE6/helpers/negotiate_auth/squid_kerb_auth/Makefile.am
+--- squid-2.7.STABLE6.orig/helpers/negotiate_auth/squid_kerb_auth/Makefile.am	2007-05-14 23:36:29.000000000 +0000
++++ squid-2.7.STABLE6/helpers/negotiate_auth/squid_kerb_auth/Makefile.am	2009-02-16 23:26:28.000000000 +0000
+@@ -18,10 +18,10 @@
+ #-L$(top_builddir)/lib -lmiscutil $(XTRA_LIBS)
+ 
+ # HEIMDAL
+-#KERBINC = -DHEIMDAL -I/usr/include/heimdal
+-#KERBLIBS = -lgssapi -lkrb5 -lcom_err -lasn1 -lroken
++KERBINC = -DHEIMDAL -I/usr/include/heimdal
++KERBLIBS = -lgssapi -lkrb5 -lcom_err -lasn1 -lroken
+ 
+ # MIT
+-KERBINC = 
+-KERBLIBS = -lgssapi_krb5 -lkrb5 -lcom_err
++#KERBINC = 
++#KERBLIBS = -lgssapi_krb5 -lkrb5 -lcom_err
+ 
diff --git a/net-proxy/squid/files/squid-2.7.7-gentoo.patch b/net-proxy/squid/files/squid-2.7.7-gentoo.patch
new file mode 100644
index 000000000000..a41c030838cf
--- /dev/null
+++ b/net-proxy/squid/files/squid-2.7.7-gentoo.patch
@@ -0,0 +1,319 @@
+diff -Nru squid-2.7.STABLE7.orig/configure.in squid-2.7.STABLE7/configure.in
+--- squid-2.7.STABLE7.orig/configure.in	2009-09-22 17:57:06.000000000 +0200
++++ squid-2.7.STABLE7/configure.in	2009-09-22 17:58:34.000000000 +0200
+@@ -18,9 +18,9 @@
+ PRESET_LDFLAGS="$LDFLAGS"
+ 
+ dnl Set default LDFLAGS
+-if test -z "$LDFLAGS"; then
+-	LDFLAGS="-g"
+-fi
++dnl if test -z "$LDFLAGS"; then
++dnl 	LDFLAGS="-g"
++dnl fi
+ 
+ dnl Check for GNU cc
+ AC_PROG_CC
+diff -Nru squid-2.7.STABLE7.orig/helpers/basic_auth/MSNT/confload.c squid-2.7.STABLE7/helpers/basic_auth/MSNT/confload.c
+--- squid-2.7.STABLE7.orig/helpers/basic_auth/MSNT/confload.c	2002-06-26 21:09:48.000000000 +0200
++++ squid-2.7.STABLE7/helpers/basic_auth/MSNT/confload.c	2009-09-22 17:58:34.000000000 +0200
+@@ -24,7 +24,7 @@
+ 
+ /* Path to configuration file */
+ #ifndef SYSCONFDIR
+-#define SYSCONFDIR "/usr/local/squid/etc"
++#define SYSCONFDIR "/etc/squid"
+ #endif
+ #define CONFIGFILE   SYSCONFDIR "/msntauth.conf"
+ 
+diff -Nru squid-2.7.STABLE7.orig/helpers/basic_auth/MSNT/msntauth.conf.default squid-2.7.STABLE7/helpers/basic_auth/MSNT/msntauth.conf.default
+--- squid-2.7.STABLE7.orig/helpers/basic_auth/MSNT/msntauth.conf.default	2002-06-26 20:44:28.000000000 +0200
++++ squid-2.7.STABLE7/helpers/basic_auth/MSNT/msntauth.conf.default	2009-09-22 17:58:34.000000000 +0200
+@@ -8,6 +8,6 @@
+ server other_PDC	other_BDC	otherdomain
+ 
+ # Denied and allowed users. Comment these if not needed.
+-#denyusers	/usr/local/squid/etc/msntauth.denyusers
+-#allowusers	/usr/local/squid/etc/msntauth.allowusers
++#denyusers	/etc/squid/msntauth.denyusers
++#allowusers	/etc/squid/msntauth.allowusers
+ 
+diff -Nru squid-2.7.STABLE7.orig/helpers/basic_auth/SMB/Makefile.am squid-2.7.STABLE7/helpers/basic_auth/SMB/Makefile.am
+--- squid-2.7.STABLE7.orig/helpers/basic_auth/SMB/Makefile.am	2005-05-17 18:56:26.000000000 +0200
++++ squid-2.7.STABLE7/helpers/basic_auth/SMB/Makefile.am	2009-09-22 17:58:34.000000000 +0200
+@@ -14,7 +14,7 @@
+ ## FIXME: autoconf should test for the samba path.
+ 
+ SMB_AUTH_HELPER	= smb_auth.sh
+-SAMBAPREFIX=/usr/local/samba
++SAMBAPREFIX=/usr
+ SMB_AUTH_HELPER_PATH = $(libexecdir)/$(SMB_AUTH_HELPER)
+ 
+ libexec_SCRIPTS	= $(SMB_AUTH_HELPER)
+diff -Nru squid-2.7.STABLE7.orig/helpers/basic_auth/SMB/smb_auth.sh squid-2.7.STABLE7/helpers/basic_auth/SMB/smb_auth.sh
+--- squid-2.7.STABLE7.orig/helpers/basic_auth/SMB/smb_auth.sh	2001-01-08 00:36:46.000000000 +0100
++++ squid-2.7.STABLE7/helpers/basic_auth/SMB/smb_auth.sh	2009-09-22 17:58:34.000000000 +0200
+@@ -24,7 +24,7 @@
+ read AUTHSHARE
+ read AUTHFILE
+ read SMBUSER
+-read SMBPASS
++read -r SMBPASS
+ 
+ # Find domain controller
+ echo "Domain name: $DOMAINNAME"
+@@ -47,7 +47,7 @@
+   addropt=""
+ fi
+ echo "Query address options: $addropt"
+-dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+ / { print $1 ; exit }'`
++dcip=`$SAMBAPREFIX/bin/nmblookup $addropt "$PASSTHROUGH#1c" | awk '/^[0-9.]+\..+ / { print $1 ; exit }'`
+ echo "Domain controller IP address: $dcip"
+ [ -n "$dcip" ] || exit 1
+ 
+diff -Nru squid-2.7.STABLE7.orig/helpers/external_acl/session/squid_session.8 squid-2.7.STABLE7/helpers/external_acl/session/squid_session.8
+--- squid-2.7.STABLE7.orig/helpers/external_acl/session/squid_session.8	2007-01-06 18:28:35.000000000 +0100
++++ squid-2.7.STABLE7/helpers/external_acl/session/squid_session.8	2009-09-22 17:58:34.000000000 +0200
+@@ -35,7 +35,7 @@
+ .P
+ Configuration example using the default automatic mode
+ .IP
+-external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/local/squid/libexec/squid_session
++external_acl_type session ttl=300 negative_ttl=0 children=1 concurrency=200 %LOGIN /usr/libexec/squid/squid_session
+ .IP
+ acl session external session
+ .IP
+diff -Nru squid-2.7.STABLE7.orig/helpers/external_acl/unix_group/squid_unix_group.8 squid-2.7.STABLE7/helpers/external_acl/unix_group/squid_unix_group.8
+--- squid-2.7.STABLE7.orig/helpers/external_acl/unix_group/squid_unix_group.8	2006-05-14 17:07:24.000000000 +0200
++++ squid-2.7.STABLE7/helpers/external_acl/unix_group/squid_unix_group.8	2009-09-22 17:58:34.000000000 +0200
+@@ -27,7 +27,7 @@
+ This squid.conf example defines two Squid acls. usergroup1 matches users in group1, and usergroup2
+ matches users in group2 or group3
+ .IP
+-external_acl_type unix_group %LOGIN /usr/local/squid/libexec/squid_unix_group -p
++external_acl_type unix_group %LOGIN /usr/libexec/squid/squid_unix_group -p
+ .IP
+ acl usergroup1 external unix_group group1
+ .IP
+diff -Nru squid-2.7.STABLE7.orig/helpers/negotiate_auth/squid_kerb_auth/do.sh squid-2.7.STABLE7/helpers/negotiate_auth/squid_kerb_auth/do.sh
+--- squid-2.7.STABLE7.orig/helpers/negotiate_auth/squid_kerb_auth/do.sh	2007-06-25 00:23:18.000000000 +0200
++++ squid-2.7.STABLE7/helpers/negotiate_auth/squid_kerb_auth/do.sh	2009-09-22 17:58:34.000000000 +0200
+@@ -7,7 +7,7 @@
+ #
+ CC=gcc
+ #CFLAGS="-Wall -Wextra -Werror -Wcomment -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wdeclaration-after-statement -Wshadow -O2"
+-CFLAGS="-Wall -Werror -Wcomment -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -O2"
++CFLAGS="-Wall -Wpointer-arith -Wcast-align -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -O2"
+ if [ "$1" = "HEIMDAL" ]; then
+   DEFINE="-DHEIMDAL -D__LITTLE_ENDIAN__"
+   INCLUDE="-I/usr/include/heimdal -Ispnegohelp"
+diff -Nru squid-2.7.STABLE7.orig/src/access_log.c squid-2.7.STABLE7/src/access_log.c
+--- squid-2.7.STABLE7.orig/src/access_log.c	2008-03-18 03:48:43.000000000 +0100
++++ squid-2.7.STABLE7/src/access_log.c	2009-09-22 17:58:34.000000000 +0200
+@@ -1261,7 +1261,7 @@
+ 	LogfileStatus = LOG_ENABLE;
+     }
+ #if HEADERS_LOG
+-    headerslog = logfileOpen("/usr/local/squid/logs/headers.log", MAX_URL << 1, 0);
++    headerslog = logfileOpen("/var/log/squid/headers.log", MAX_URL << 1, 0);
+     assert(NULL != headerslog);
+ #endif
+ #if FORW_VIA_DB
+diff -Nru squid-2.7.STABLE7.orig/src/cf.data.pre squid-2.7.STABLE7/src/cf.data.pre
+--- squid-2.7.STABLE7.orig/src/cf.data.pre	2009-08-16 23:52:42.000000000 +0200
++++ squid-2.7.STABLE7/src/cf.data.pre	2009-09-22 17:58:34.000000000 +0200
+@@ -678,6 +678,8 @@
+ acl Safe_ports port 488		# gss-http
+ acl Safe_ports port 591		# filemaker
+ acl Safe_ports port 777		# multiling http
++acl Safe_ports port 901		# SWAT
++acl purge method PURGE
+ acl CONNECT method CONNECT
+ NOCOMMENT_END
+ DOC_END
+@@ -711,6 +713,9 @@
+ # Only allow cachemgr access from localhost
+ http_access allow manager localhost
+ http_access deny manager
++# Only allow purge requests from localhost
++http_access allow purge localhost
++http_access deny purge
+ # Deny requests to unknown ports
+ http_access deny !Safe_ports
+ # Deny CONNECT to other than SSL ports
+@@ -728,6 +733,9 @@
+ # from where browsing should be allowed
+ http_access allow localnet
+ 
++# Allow the localhost to have access by default
++http_access allow localhost
++
+ # And finally deny all other access to this proxy
+ http_access deny all
+ NOCOMMENT_END
+@@ -3754,11 +3762,11 @@
+ 
+ NAME: cache_mgr
+ TYPE: string
+-DEFAULT: webmaster
++DEFAULT: root
+ LOC: Config.adminEmail
+ DOC_START
+ 	Email-address of local cache manager who will receive
+-	mail if the cache dies. The default is "webmaster".
++	mail if the cache dies. The default is "root".
+ DOC_END
+ 
+ NAME: mail_from
+@@ -3787,12 +3795,12 @@
+ 
+ NAME: cache_effective_user
+ TYPE: string
+-DEFAULT: nobody
++DEFAULT: squid
+ LOC: Config.effectiveUser
+ DOC_START
+ 	If you start Squid as root, it will change its effective/real
+ 	UID/GID to the user specified below.  The default is to change
+-	to UID to nobody.  If you define cache_effective_user, but not
++	to UID to squid.  If you define cache_effective_user, but not
+ 	cache_effective_group, Squid sets the GID to the effective
+ 	user's default group ID (taken from the password file) and
+ 	supplementary group list from the from groups membership of
+@@ -4429,12 +4437,12 @@
+ NAME: snmp_port
+ TYPE: ushort
+ LOC: Config.Port.snmp
+-DEFAULT: 3401
++DEFAULT: 0
+ IFDEF: SQUID_SNMP
+ DOC_START
+ 	Squid can now serve statistics and status information via SNMP.
+-	By default it listens to port 3401 on the machine. If you don't
+-	wish to use SNMP, set this to "0".
++	By default snmp_port is disabled. If you wish to use SNMP, 
++	set this to "3401" (or any other number you like).
+ DOC_END
+ 
+ NAME: snmp_access
+@@ -4505,12 +4513,12 @@
+ NAME: htcp_port
+ IFDEF: USE_HTCP
+ TYPE: ushort
+-DEFAULT: 4827
++DEFAULT: 0
+ LOC: Config.Port.htcp
+ DOC_START
+ 	The port number where Squid sends and receives HTCP queries to
+-	and from neighbor caches.  Default is 4827.  To disable use
+-	"0".
++	and from neighbor caches.  To turn it on you want to set it to
++	4827.  By default it is set to "0" (disabled).
+ DOC_END
+ 
+ NAME: log_icp_queries
+@@ -5407,6 +5415,9 @@
+ 	If you disable this, it will appear as
+ 
+ 		X-Forwarded-For: unknown
++NOCOMMENT_START
++forwarded_for off
++NOCOMMENT_END
+ DOC_END
+ 
+ NAME: cachemgr_passwd
+diff -Nru squid-2.7.STABLE7.orig/src/client_side.c squid-2.7.STABLE7/src/client_side.c
+--- squid-2.7.STABLE7.orig/src/client_side.c	2009-08-16 23:43:51.000000000 +0200
++++ squid-2.7.STABLE7/src/client_side.c	2009-09-22 17:58:34.000000000 +0200
+@@ -4693,14 +4693,7 @@
+ 	debug(83, 2) ("clientNegotiateSSL: Session %p reused on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port);
+     } else {
+ 	if (do_debug(83, 4)) {
+-	    /* Write out the SSL session details.. actually the call below, but
+-	     * OpenSSL headers do strange typecasts confusing GCC.. */
+-	    /* PEM_write_SSL_SESSION(debug_log, SSL_get_session(ssl)); */
+-#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x00908000L
+-	    PEM_ASN1_write((i2d_of_void *) i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL);
+-#else
+ 	    PEM_ASN1_write(i2d_SSL_SESSION, PEM_STRING_SSL_SESSION, debug_log, (char *) SSL_get_session(ssl), NULL, NULL, 0, NULL, NULL);
+-#endif
+ 	    /* Note: This does not automatically fflush the log file.. */
+ 	}
+ 	debug(83, 2) ("clientNegotiateSSL: New session %p on FD %d (%s:%d)\n", SSL_get_session(ssl), fd, fd_table[fd].ipaddr, (int) fd_table[fd].remote_port);
+diff -Nru squid-2.7.STABLE7.orig/src/defines.h squid-2.7.STABLE7/src/defines.h
+--- squid-2.7.STABLE7.orig/src/defines.h	2009-06-26 00:49:28.000000000 +0200
++++ squid-2.7.STABLE7/src/defines.h	2009-09-22 17:58:34.000000000 +0200
+@@ -259,7 +259,7 @@
+ 
+ /* were to look for errors if config path fails */
+ #ifndef DEFAULT_SQUID_ERROR_DIR
+-#define DEFAULT_SQUID_ERROR_DIR "/usr/local/squid/etc/errors"
++#define DEFAULT_SQUID_ERROR_DIR "/usr/share/squid/errors/English"
+ #endif
+ 
+ /* gb_type operations */
+diff -Nru squid-2.7.STABLE7.orig/src/main.c squid-2.7.STABLE7/src/main.c
+--- squid-2.7.STABLE7.orig/src/main.c	2009-06-26 00:53:15.000000000 +0200
++++ squid-2.7.STABLE7/src/main.c	2009-09-22 17:58:34.000000000 +0200
+@@ -376,6 +376,22 @@
+     asnFreeMemory();
+ }
+ 
++#if USE_UNLINKD
++static int
++needUnlinkd(void)
++{
++    int i;
++    int r = 0;
++    for (i = 0; i < Config.cacheSwap.n_configured; i++) {
++       if (strcmp(Config.cacheSwap.swapDirs[i].type, "ufs") == 0 ||
++           strcmp(Config.cacheSwap.swapDirs[i].type, "aufs") == 0 ||
++           strcmp(Config.cacheSwap.swapDirs[i].type, "diskd") == 0)
++          r++;
++    }
++    return r;
++}
++#endif
++
+ static void
+ mainReconfigure(void)
+ {
+@@ -613,7 +629,7 @@
+ 
+     if (!configured_once) {
+ #if USE_UNLINKD
+-	unlinkdInit();
++	if (needUnlinkd()) unlinkdInit();
+ #endif
+ 	urlInitialize();
+ 	cachemgrInit();
+@@ -636,6 +652,9 @@
+ #if USE_WCCPv2
+     wccp2Init();
+ #endif
++#if USE_UNLINKD
++    if (needUnlinkd()) unlinkdInit();
++#endif
+     serverConnectionsOpen();
+     neighbors_init();
+     if (Config.chroot_dir)
+diff -Nru squid-2.7.STABLE7.orig/src/Makefile.am squid-2.7.STABLE7/src/Makefile.am
+--- squid-2.7.STABLE7.orig/src/Makefile.am	2008-01-02 16:50:39.000000000 +0100
++++ squid-2.7.STABLE7/src/Makefile.am	2009-09-22 17:58:34.000000000 +0200
+@@ -340,13 +340,13 @@
+ DEFAULT_CONFIG_FILE     = $(sysconfdir)/squid.conf
+ DEFAULT_MIME_TABLE	= $(sysconfdir)/mime.conf
+ DEFAULT_DNSSERVER       = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'`
+-DEFAULT_LOG_PREFIX	= $(localstatedir)/logs
++DEFAULT_LOG_PREFIX	= $(localstatedir)/log/squid
+ DEFAULT_CACHE_LOG       = $(DEFAULT_LOG_PREFIX)/cache.log
+ DEFAULT_ACCESS_LOG      = $(DEFAULT_LOG_PREFIX)/access.log
+ DEFAULT_STORE_LOG       = $(DEFAULT_LOG_PREFIX)/store.log
+-DEFAULT_PID_FILE        = $(DEFAULT_LOG_PREFIX)/squid.pid
++DEFAULT_PID_FILE        = $(localstatedir)/run/squid.pid
+ DEFAULT_NETDB_FILE      = $(DEFAULT_LOG_PREFIX)/netdb.state
+-DEFAULT_SWAP_DIR        = $(localstatedir)/cache
++DEFAULT_SWAP_DIR        = $(localstatedir)/cache/squid
+ DEFAULT_PINGER		= $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_UNLINKD		= $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'`
+ DEFAULT_DISKD		= $(libexecdir)/`echo diskd-daemon | sed '$(transform);s/$$/$(EXEEXT)/'`
diff --git a/net-proxy/squid/squid-2.7.7.ebuild b/net-proxy/squid/squid-2.7.7.ebuild
new file mode 100644
index 000000000000..9e0c3eebf2f2
--- /dev/null
+++ b/net-proxy/squid/squid-2.7.7.ebuild
@@ -0,0 +1,189 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squid/squid-2.7.7.ebuild,v 1.1 2009/09/22 16:08:52 mrness Exp $
+
+EAPI="2"
+
+inherit eutils pam toolchain-funcs autotools
+
+#lame archive versioning scheme..
+S_PMV="${PV%%.*}"
+S_PV="${PV%.*}"
+S_PL="${PV##*.}"
+S_PL="${S_PL/_rc/-RC}"
+S_PP="${PN}-${S_PV}.STABLE${S_PL}"
+
+DESCRIPTION="A full-featured web proxy cache"
+HOMEPAGE="http://www.squid-cache.org/"
+SRC_URI="http://www.squid-cache.org/Versions/v${S_PMV}/${S_PV}/${S_PP}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="caps pam ldap samba sasl kerberos nis ssl snmp selinux logrotate \
+	mysql postgres sqlite \
+	zero-penalty-hit \
+	pf-transparent ipf-transparent kqueue \
+	elibc_uclibc kernel_linux +epoll"
+
+DEPEND="caps? ( >=sys-libs/libcap-2.16 )
+	pam? ( virtual/pam )
+	ldap? ( net-nds/openldap )
+	kerberos? ( || ( app-crypt/mit-krb5 app-crypt/heimdal ) )
+	ssl? ( dev-libs/openssl )
+	sasl? ( dev-libs/cyrus-sasl )
+	selinux? ( sec-policy/selinux-squid )
+	!x86-fbsd? ( logrotate? ( app-admin/logrotate ) )
+	>=sys-libs/db-4
+	dev-lang/perl"
+RDEPEND="${DEPEND}
+	samba? ( net-fs/samba )
+	mysql? ( dev-perl/DBD-mysql )
+	postgres? ( dev-perl/DBD-Pg )
+	sqlite? ( dev-perl/DBD-SQLite )"
+
+S="${WORKDIR}/${S_PP}"
+
+pkg_setup() {
+	if use zero-penalty-hit; then
+		ewarn "This version supports natively IP TOS/Priority mangling,"
+		ewarn "but it does not support zph_preserve_miss_tos."
+		ewarn "If you need that, please use >=${CATEGORY}/${PN}-3 ."
+	fi
+	enewgroup squid 31
+	enewuser squid 31 -1 /var/cache/squid squid
+}
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PN}-2-capability.patch
+	epatch "${FILESDIR}"/${P}-gentoo.patch
+	has_version app-crypt/mit-krb5 || epatch "${FILESDIR}"/${PN}-2-heimdal.patch
+	eautoreconf
+}
+
+src_configure() {
+	local basic_modules="getpwnam,NCSA,MSNT"
+	use samba && basic_modules="SMB,multi-domain-NTLM,${basic_modules}"
+	use ldap && basic_modules="LDAP,${basic_modules}"
+	use pam && basic_modules="PAM,${basic_modules}"
+	use sasl && basic_modules="SASL,${basic_modules}"
+	use nis && ! use elibc_uclibc && basic_modules="YP,${basic_modules}"
+	if use mysql || use postgres || use sqlite ; then
+		basic_modules="DB,${basic_modules}"
+	fi
+
+	local ext_helpers="ip_user,session,unix_group"
+	use samba && ext_helpers="wbinfo_group,${ext_helpers}"
+	use ldap && ext_helpers="ldap_group,${ext_helpers}"
+
+	local ntlm_helpers="fakeauth"
+	use samba && ntlm_helpers="SMB,${ntlm_helpers}"
+
+	local negotiate_helpers=
+	use kerberos && local negotiate_helpers="squid_kerb_auth"
+
+	local myconf=""
+
+	# Support for uclibc #61175
+	if use elibc_uclibc; then
+		myconf="${myconf} --enable-storeio=ufs,diskd,aufs,null"
+		myconf="${myconf} --disable-async-io"
+	else
+		myconf="${myconf} --enable-storeio=ufs,diskd,coss,aufs,null"
+		myconf="${myconf} --enable-async-io"
+	fi
+
+	if use kernel_linux; then
+		myconf="${myconf} --enable-linux-netfilter
+			$(use_enable epoll)"
+	elif use kernel_FreeBSD || use kernel_OpenBSD || use kernel_NetBSD ; then
+		myconf="${myconf} $(use_enable kqueue)"
+		if use pf-transparent; then
+			myconf="${myconf} --enable-pf-transparent"
+		elif use ipf-transparent; then
+			myconf="${myconf} --enable-ipf-transparent"
+		fi
+	fi
+
+	export CC=$(tc-getCC)
+
+	econf \
+		--sysconfdir=/etc/squid \
+		--libexecdir=/usr/libexec/squid \
+		--localstatedir=/var \
+		--datadir=/usr/share/squid \
+		--enable-auth="basic,digest,ntlm,negotiate" \
+		--enable-removal-policies="lru,heap" \
+		--enable-digest-auth-helpers="password" \
+		--enable-basic-auth-helpers="${basic_modules}" \
+		--enable-external-acl-helpers="${ext_helpers}" \
+		--enable-ntlm-auth-helpers="${ntlm_helpers}" \
+		--enable-negotiate-auth-helpers="${negotiate_helpers}" \
+		--enable-ident-lookups \
+		--enable-useragent-log \
+		--enable-cache-digests \
+		--enable-delay-pools \
+		--enable-referer-log \
+		--enable-arp-acl \
+		--with-pthreads \
+		--with-large-files \
+		--enable-htcp \
+		--enable-carp \
+		--enable-follow-x-forwarded-for \
+		--with-maxfd=8192 \
+		$(use_enable caps) \
+		$(use_enable snmp) \
+		$(use_enable ssl) \
+		${myconf} || die "econf failed"
+}
+
+src_install() {
+	make DESTDIR="${D}" install || die "make install failed"
+
+	# need suid root for looking into /etc/shadow
+	fowners root:squid /usr/libexec/squid/ncsa_auth
+	fowners root:squid /usr/libexec/squid/pam_auth
+	fperms 4750 /usr/libexec/squid/ncsa_auth
+	fperms 4750 /usr/libexec/squid/pam_auth
+
+	# some cleanups
+	rm -f "${D}"/usr/bin/Run*
+
+	dodoc CONTRIBUTORS CREDITS ChangeLog QUICKSTART SPONSORS doc/*.txt \
+		helpers/ntlm_auth/no_check/README.no_check_ntlm_auth
+	newdoc helpers/basic_auth/SMB/README README.auth_smb
+	dohtml helpers/basic_auth/MSNT/README.html RELEASENOTES.html
+	newdoc helpers/basic_auth/LDAP/README README.auth_ldap
+	doman helpers/basic_auth/LDAP/*.8
+	dodoc helpers/basic_auth/SASL/squid_sasl_auth*
+
+	newpamd "${FILESDIR}/squid.pam" squid
+	newconfd "${FILESDIR}/squid.confd" squid
+	if use logrotate; then
+		newinitd "${FILESDIR}/squid.initd-logrotate" squid
+		insinto /etc/logrotate.d
+		newins "${FILESDIR}/squid.logrotate" squid
+	else
+		newinitd "${FILESDIR}/squid.initd" squid
+		exeinto /etc/cron.weekly
+		newexe "${FILESDIR}/squid.cron" squid.cron
+	fi
+
+	rm -rf "${D}"/var
+	diropts -m0755 -o squid -g squid
+	keepdir /var/cache/squid /var/log/squid
+}
+
+pkg_postinst() {
+	echo
+	ewarn "Squid authentication helpers have been installed suid root."
+	ewarn "This allows shadow based authentication (see bug #52977 for more)."
+	echo
+	ewarn "Be careful what type of cache_dir you select!"
+	ewarn "   'diskd' is optimized for high levels of traffic, but it might seem slow"
+	ewarn "when there isn't sufficient traffic to keep squid reasonably busy."
+	ewarn "   If your traffic level is low to moderate, use 'aufs' or 'ufs'."
+	echo
+	ewarn "Squid can be configured to run in transparent mode like this:"
+	ewarn "   ${HILITE}http_port internal-addr:3128 transparent${NORMAL}"
+}