diff -ruN /root/squid.orig/Makefile squid/Makefile --- /root/squid.orig/Makefile 2020-06-16 09:24:41.369254000 +0300 +++ squid/Makefile 2020-06-19 16:03:43.508115000 +0300 @@ -1,8 +1,7 @@ # $FreeBSD: head/www/squid/Makefile 535391 2020-05-16 10:51:32Z sunpoet $ PORTNAME= squid -PORTVERSION= 4.11 -PORTREVISION= 2 +PORTVERSION= 4.12 CATEGORIES= www MASTER_SITES= http://www.squid-cache.org/Versions/v4/ \ http://www2.us.squid-cache.org/Versions/v4/ \ diff -ruN /root/squid.orig/distinfo squid/distinfo --- /root/squid.orig/distinfo 2020-06-16 09:24:41.368578000 +0300 +++ squid/distinfo 2020-06-16 09:26:50.764312000 +0300 @@ -1,3 +1,3 @@ -TIMESTAMP = 1588493552 -SHA256 (squid-4.11.tar.xz) = 4ed947612410263f57ad0e39bfd087e60fb714f028d7d3b0e469943efd34287d -SIZE (squid-4.11.tar.xz) = 2447700 +TIMESTAMP = 1592288810 +SHA256 (squid-4.12.tar.xz) = f42a03c8b3dc020722c88bf1a87da8cb0c087b2f66b41d8256c77ee1b527e317 +SIZE (squid-4.12.tar.xz) = 2450564 diff -ruN /root/squid.orig/files/patch-configure squid/files/patch-configure --- /root/squid.orig/files/patch-configure 2020-06-16 09:24:41.316108000 +0300 +++ squid/files/patch-configure 2020-06-16 10:02:42.993185000 +0300 @@ -1,6 +1,6 @@ ---- configure.orig 2020-04-19 12:39:06 UTC +--- configure.orig 2020-06-09 06:58:26 UTC +++ configure -@@ -35077,7 +35077,7 @@ done +@@ -35068,7 +35068,7 @@ done ## BUILD_HELPER="NIS" @@ -9,7 +9,7 @@ do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_cxx_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" " -@@ -35092,8 +35092,10 @@ if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : +@@ -35083,8 +35083,10 @@ if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF @@ -22,7 +22,7 @@ fi done -@@ -35566,7 +35568,7 @@ done +@@ -35557,7 +35559,7 @@ done # unconditionally requires crypt(3), for now if test "x$ac_cv_func_crypt" != "x"; then @@ -31,7 +31,7 @@ do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_cxx_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" -@@ -37958,7 +37960,7 @@ for ac_header in \ +@@ -38321,7 +38323,7 @@ for ac_header in \ arpa/nameser.h \ assert.h \ bstring.h \ @@ -40,7 +40,7 @@ ctype.h \ direct.h \ errno.h \ -@@ -38166,6 +38168,7 @@ ac_fn_cxx_check_header_compile "$LINENO" "$ac_header" +@@ -38529,6 +38531,7 @@ ac_fn_cxx_check_header_compile "$LINENO" "$ac_header" #include #endif #if HAVE_NETINET_IP_COMPAT_H @@ -48,7 +48,7 @@ #include #endif #if HAVE_NETINET_IP_FIL_H -@@ -42213,6 +42216,7 @@ if test "x$enable_ipf_transparent" != "xno" ; then +@@ -42576,6 +42579,7 @@ if test "x$enable_ipf_transparent" != "xno" ; then # include # include @@ -56,7 +56,7 @@ # include # include # include -@@ -42243,6 +42247,7 @@ else +@@ -42606,6 +42610,7 @@ else # include # include #undef minor_t @@ -64,7 +64,7 @@ # include # include # include -@@ -42287,6 +42292,7 @@ _ACEOF +@@ -42650,6 +42655,7 @@ _ACEOF ip_fil_compat.h \ ip_fil.h \ ip_nat.h \ @@ -72,7 +72,7 @@ netinet/ip_compat.h \ netinet/ip_fil_compat.h \ netinet/ip_fil.h \ -@@ -42316,6 +42322,7 @@ ac_fn_cxx_check_header_compile "$LINENO" "$ac_header" +@@ -42679,6 +42685,7 @@ ac_fn_cxx_check_header_compile "$LINENO" "$ac_header" #if HAVE_IP_COMPAT_H #include #elif HAVE_NETINET_IP_COMPAT_H @@ -80,13 +80,12 @@ #include #endif #if HAVE_IP_FIL_H -@@ -42379,8 +42386,7 @@ _ACEOF +@@ -42749,7 +42756,7 @@ _ACEOF fi --ac_fn_cxx_check_member "$LINENO" "struct natlookup" "nl_realipaddr.in6" -- "ac_cv_member_struct_natlookup_nl_realipaddr_in6___" " -+ac_fn_cxx_check_member "$LINENO" "struct natlookup" "nl_realipaddr.in6" "ac_cv_member_struct_natlookup_nl_realipaddr_in6___" " +-ac_fn_cxx_check_member "$LINENO" "struct natlookup" "nl_realipaddr.in6" "ac_cv_member_struct_natlookup_nl_realipaddr_in6" " ++ac_fn_cxx_check_member "$LINENO" "struct natlookup" "nl_realipaddr.in6" "ac_cv_member_struct_natlookup_nl_realipaddr_in6__" " #if USE_SOLARIS_IPFILTER_MINOR_T_HACK #define minor_t fubar #endif diff -ruN /root/squid.orig/files/patch-src_acl_external_eDirectory__userip_ext__edirectory__userip__acl.cc squid/files/patch-src_acl_external_eDirectory__userip_ext__edirectory__userip__acl.cc --- /root/squid.orig/files/patch-src_acl_external_eDirectory__userip_ext__edirectory__userip__acl.cc 2020-06-16 09:24:41.338868000 +0300 +++ squid/files/patch-src_acl_external_eDirectory__userip_ext__edirectory__userip__acl.cc 1970-01-01 03:00:00.000000000 +0300 @@ -1,15 +0,0 @@ ---- src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc.orig 2020-04-19 12:38:51 UTC -+++ src/acl/external/eDirectory_userip/ext_edirectory_userip_acl.cc -@@ -69,6 +69,12 @@ - #ifdef HAVE_NETDB_H - #include - #endif -+#ifdef HAVE_SYS_SOCKET_H -+#include -+#endif -+#ifdef HAVE_NETINET_IN_H -+#include -+#endif - - #ifdef HELPER_INPUT_BUFFER - #define EDUI_MAXLEN HELPER_INPUT_BUFFER diff -ruN /root/squid.orig/files/patch-src_acl_external_kerberos__ldap__group_support__krb5.cc squid/files/patch-src_acl_external_kerberos__ldap__group_support__krb5.cc --- /root/squid.orig/files/patch-src_acl_external_kerberos__ldap__group_support__krb5.cc 2020-06-16 09:24:41.324170000 +0300 +++ squid/files/patch-src_acl_external_kerberos__ldap__group_support__krb5.cc 1970-01-01 03:00:00.000000000 +0300 @@ -1,19 +0,0 @@ ---- src/acl/external/kerberos_ldap_group/support_krb5.cc.orig 2020-04-19 12:38:51 UTC -+++ src/acl/external/kerberos_ldap_group/support_krb5.cc -@@ -467,10 +467,15 @@ krb5_create_cache(char *domain, char *service_principa - } - - // overwrite limitation of enctypes -+#if USE_HEIMDAL_KRB5 -+ creds->session.keytype = 0; -+ if (creds->session.keyvalue.length>0) -+ krb5_free_keyblock_contents(kparam.context, &creds->session); -+#else - creds->keyblock.enctype = 0; - if (creds->keyblock.contents) - krb5_free_keyblock_contents(kparam.context, &creds->keyblock); -- -+#endif - code = krb5_get_credentials(kparam.context, 0, kparam.cc[ccindex], creds, &tgt_creds); - if (code) { - k5_error("Error while getting tgt", code); diff -ruN /root/squid.orig/files/squid.in squid/files/squid.in --- /root/squid.orig/files/squid.in 2020-06-16 09:24:41.324639000 +0300 +++ squid/files/squid.in 2020-07-01 20:40:00.229978000 +0300 @@ -29,6 +29,14 @@ # you want to run Squid in reverse proxy setups or if you want # Squid to listen on a "privileged" port < 1024. # +# squid_group: The group id that should be used to run the Squid master +# process. Default: squid +# Note that it affects squid pid dir also, where SHM files +# may be stored on some OS (see r391555) +# +# squid_maxwait: Seconds to wait for squid PID file +# Default: 10 +# # squid_pidfile: # The name (including the full path) of the Squid # master process' PID file. @@ -74,7 +82,9 @@ : ${squid_enable:=NO} : ${squid_program:=%%PREFIX%%/sbin/squid} : ${squid_pidfile:=/var/run/squid/squid.pid} + : ${squid_maxwait:=10} : ${squid_user:=squid} + : ${squid_group:=squid} required_args="-f ${squid_conf}" required_dirs=$chdir @@ -87,6 +97,13 @@ squid_prestart() { + # create piddir if it's missing (for example if /var/run is tmpfs) + squid_piddir=${pidfile%/*} + if [ ! -d "${squid_piddir}" ]; then + echo "Creating PID directory ${squid_piddir}" + mkdir ${squid_piddir} && chown ${squid_user}:${squid_group} ${squid_piddir} && chmod 750 ${squid_piddir}|| return $? + fi + # setup KRB5_KTNAME: squid_krb5_ktname=${squid_krb5_ktname:-"NONE"} if [ "${squid_krb5_ktname}" != "NONE" ]; then @@ -137,8 +154,15 @@ # retrieve the PID of the Squid master process explicitly here # in case rc.subr was unable to determine it: if [ -z "$rc_pid" ]; then + squid_secs=0 while ! [ -f ${pidfile} ]; do + if [ ${squid_maxwait} -le ${squid_secs} ]; then + echo "give up waiting for pidfile" + break + fi sleep 1 + echo -n "." + : $(( squid_secs+=1 )) done read _pid _junk <${pidfile} [ -z "${_pid}" ] || pid=${_pid}