From 792ee326e5ddf6a92f8a54a1f0ed566cb2d9fed9 Mon Sep 17 00:00:00 2001
From: Florian Smeets <flo@FreeBSD.org>
Date: Tue, 30 Oct 2012 23:05:50 +0000
Subject: - add www/squid32 [1] - update www/libecap to 0.20 [2] - remove
 option ECAP from www/squid31 and add a note to UPDATING that you need   to
 upgrade to squid32 if you need ECAP

PR:		ports/173152 [1]
PR:		ports/173156 [2]
Submitted by:	Thomas-Martin Seck <tmseck@web.de>
Feature safe:	yes
---
 www/squid32/Makefile                               | 543 +++++++++++++++++++++
 www/squid32/distinfo                               |   2 +
 www/squid32/files/extra-patch-src-cf.data.pre.aufs |  20 +
 www/squid32/files/patch-configure                  |  47 ++
 .../patch-helpers-basic_auth-LDAP-config.test      |  12 +
 .../patch-helpers-basic_auth-SASL-config.test      |  12 +
 ...tch-helpers-external_acl-LDAP_group-config.test |  12 +
 www/squid32/files/patch-src-cf.data.pre            |  13 +
 www/squid32/files/pkg-install.in                   |  79 +++
 www/squid32/files/pkg-message.in                   |  33 ++
 www/squid32/files/squid.in                         |  96 ++++
 www/squid32/pkg-deinstall                          |  49 ++
 www/squid32/pkg-descr                              |   5 +
 13 files changed, 923 insertions(+)
 create mode 100644 www/squid32/Makefile
 create mode 100644 www/squid32/distinfo
 create mode 100644 www/squid32/files/extra-patch-src-cf.data.pre.aufs
 create mode 100644 www/squid32/files/patch-configure
 create mode 100644 www/squid32/files/patch-helpers-basic_auth-LDAP-config.test
 create mode 100644 www/squid32/files/patch-helpers-basic_auth-SASL-config.test
 create mode 100644 www/squid32/files/patch-helpers-external_acl-LDAP_group-config.test
 create mode 100644 www/squid32/files/patch-src-cf.data.pre
 create mode 100644 www/squid32/files/pkg-install.in
 create mode 100644 www/squid32/files/pkg-message.in
 create mode 100644 www/squid32/files/squid.in
 create mode 100644 www/squid32/pkg-deinstall
 create mode 100644 www/squid32/pkg-descr

(limited to 'www/squid32')

diff --git a/www/squid32/Makefile b/www/squid32/Makefile
new file mode 100644
index 000000000000..a3aa8c3e4d4f
--- /dev/null
+++ b/www/squid32/Makefile
@@ -0,0 +1,543 @@
+# $FreeBSD$
+#
+# Note:
+# Starting with Squid 3.1 SQUID_LANGUAGES and SQUID_DEFAULT_LANG are no longer
+# available and will be ignored.
+#
+# SQUID_CONFIGURE_ARGS
+#   Additional configuration options.
+#
+#   To enable them, use e.g
+#   `make SQUID_CONFIGURE_ARGS="--enable-ntml-fail-open" install'
+#
+#   The list below may be incomplete, please see the configure script
+#   in the Squid source distribution for the complete list of additional
+#   options.
+#   Note that you probably do not need to worry about these options in most
+#   cases, they are included in case you want to experiment with them.
+#
+#    --enable-xmalloc-statistics
+#     Show malloc statistics in status page
+#    --enable-cachemgr-hostname=some.hostname
+#     Make cachemgr.cgi default to this host
+#    --disable-unlinkd
+#     Do not use "unlinkd"
+#    --with-aufs-threads=N_THREADS
+#     Tune the number of worker threads for the aufs object
+#    --with-filedescriptors=N
+#     Force Squid to use N filedescriptors.
+#    --enable-ntlm-fail-open
+#     Enable NTLM fail open, where a helper that fails one of the
+#     Authentication steps can allow Squid to still authenticate the user
+#    --enable-x-accelerator-vary
+#     Enable support for the X-Accelerator-Vary HTTP header. Can be used
+#     to indicate variance within an accelerator setup. Typically used
+#     together with other code that adds custom HTTP headers to the
+#     requests.
+
+PORTNAME=	squid
+PORTVERSION=	3.2.${SQUID_STABLE_VER}
+CATEGORIES=	www ipv6
+MASTER_SITES=	ftp://ftp.squid-cache.org/pub/%SUBDIR%/ \
+		http://mirrors.ccs.neu.edu/Squid/ \
+		ftp://ftp.fu-berlin.de/unix/www/squid/squid/ \
+		ftp://ftp.nl.uu.net/pub/unix/www/squid/ \
+		ftp://ftp.solnet.ch/mirror/squid/ \
+		ftp://ftp.ntua.gr/pub/www/Squid/squid/ \
+		${MASTER_SITE_RINGSERVER:S,%SUBDIR%,net/www/squid,} \
+		http://www.squid-cache.org/Versions/v3/3.2/ \
+		http://www2.us.squid-cache.org/Versions/v3/3.2/ \
+		http://www3.us.squid-cache.org/Versions/v3/3.2/ \
+		http://www1.at.squid-cache.org/Versions/v3/3.2/ \
+		http://www.eu.squid-cache.org/Versions/v3/3.2/ \
+		http://www1.ie.squid-cache.org/Versions/v3/3.2/ \
+		http://www1.jp.squid-cache.org/Versions/v3/3.2/ \
+		http://www1.za.squid-cache.org/Versions/v3/3.2/
+MASTER_SITE_SUBDIR=	squid
+DIST_SUBDIR=	squid3.2
+
+PATCH_SITES=	http://www.squid-cache.org/%SUBDIR%/ \
+		http://www2.us.squid-cache.org/%SUBDIR%/ \
+		http://www3.us.squid-cache.org/%SUBDIR%/ \
+		http://www1.at.squid-cache.org/%SUBDIR%/ \
+		http://www.eu.squid-cache.org/%SUBDIR%/ \
+		http://www1.ie.squid-cache.org/%SUBDIR%/ \
+		http://www1.jp.squid-cache.org/%SUBDIR%/ \
+		http://www2.tw.squid-cache.org/%SUBDIR%/
+PATCH_SITE_SUBDIR=	Versions/v3/3.2/changesets
+PATCHFILES=	# empty
+
+MAINTAINER=	tmseck@web.de
+COMMENT=	HTTP Caching Proxy
+
+LICENSE=	GPLv2
+LICENSE_FILE=	${WRKSRC}/COPYING
+
+LATEST_LINK=	squid32
+
+SQUID_STABLE_VER=	3
+
+CONFLICTS_INSTALL=	squid-2.[0-9].* squid-3.[!2].* cacheboy-[0-9]* lusca-head-[0-9]*
+GNU_CONFIGURE=	yes
+USE_BZIP2=	yes
+USE_PERL5=	yes
+USE_RC_SUBR=	squid
+
+USERS=		squid
+GROUPS=		squid
+
+MAN1=		squidclient.1
+MAN8=		cachemgr.cgi.8 squid.8
+docs=		QUICKSTART README RELEASENOTES.html doc/debug-sections.txt
+PORTDOCS=	${docs:T}
+PORTEXAMPLES=	*
+SUB_FILES+=	pkg-install pkg-message
+
+OPTIONS_DEFINE=	ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB \
+		CACHE_DIGESTS DEBUG DELAY_POOLS DNS_HELPER ECAP ESI \
+		FOLLOW_XFF FS_AUFS FS_COSS HTCP ICAP ICMP IDENT IPV6 KQUEUE \
+		LARGEFILE SNMP SSL SSL_CRTD STACKTRACES STRICT_HTTP \
+		TP_IPF TP_IPFW TP_PF VIA_DB WCCP WCCPV2 
+
+ARP_ACL_DESC=	Enable ARP/MAC/EUI based authentification
+AUTH_KERB_DESC=	Install Kerberos authentication helpers
+AUTH_LDAP_DESC=	Install LDAP authentication helpers
+AUTH_NIS_DESC=	Install NIS/YP authentication helpers
+AUTH_SASL_DESC=	Install SASL authentication helpers
+AUTH_SMB_DESC=	Install SMB auth. helpers (req. Samba)
+CACHE_DIGESTS_DESC=	Use cache digests
+DEBUG_DESC=	Build with extended debugging support
+DELAY_POOLS_DESC=	Enable delay pools (bandwidth limiting)
+DNS_HELPER_DESC=	Use external dnsserver processes for DNS
+ECAP_DESC=	Enable loadable content adaptation modules
+ESI_DESC=	Enable support for ESI
+FOLLOW_XFF_DESC=	Enable support for the X-Following-For header
+FS_AUFS_DESC=	Enable AUFS (async-io) support
+FS_COSS_DESC=	Enable COSS (not stable yet)
+HTCP_DESC=	Enable HTCP support
+ICAP_DESC=	Enable the ICAP client
+ICMP_DESC=	Enable ICMP pinging and network measurement
+IDENT_DESC=	Enable Ident lookups (RFC 931)
+IPV6_DESC=	Enable IPv6 support
+KQUEUE_DESC=	Enable kqueue(2) support
+LARGEFILE_DESC=	Support large (>2GB) cache and log files
+SNMP_DESC=	Enable SNMP support
+SSL_CRTD_DESC=	Use ssl_crtd to handle SSL cert requests
+SSL_DESC=	Enable SSL gatewaying support
+STACKTRACES_DESC=	Enable automatic backtraces on fatal errors
+STRICT_HTTP_DESC=	Make Squid strictly HTTP compliant
+TP_IPFW_DESC=	Enable transparent proxying with IPFW
+TP_IPF_DESC=	Enable transparent proxying with IPFilter
+TP_PF_DESC=	Enable transparent proxying with PF
+VIA_DB_DESC=	Enable Forward/Via database
+WCCPV2_DESC=	Enable Web Cache Coordination Protocol v2
+WCCP_DESC=	Enable Web Cache Coordination Protocol
+
+OPTIONS_DEFAULT=	AUTH_KERB AUTH_NIS FS_AUFS HTCP IDENT IPV6 KQUEUE \
+			SNMP WCCP WCCPV2
+
+etc_files=	squid/cachemgr.conf.default \
+		squid/errorpage.css.default \
+		squid/mib.txt \
+		squid/mime.conf.default \
+		squid/msntauth.conf.default \
+		squid/squid.conf.default \
+		squid/squid.conf.documented
+
+icon_silk_files=	application.png arrow_up.png bomb.png box.png \
+			bricks.png bullet_red.png cd.png chart_line.png \
+			compress.png computer_link.png css.png cup.png \
+			database.png database_table.png drive_disk.png \
+			film.png film_key.png folder.png folder_table.png \
+			image.png information.png layers.png layout.png \
+			link.png music.png package.png package_go.png \
+			page_code.png page_excel.png page_green.png \
+			page_white.png page_white_acrobat.png page_white_c.png \
+			page_white_cplusplus.png page_white_flash.png \
+			page_white_magnify.png page_white_picture.png \
+			page_white_powerpoint.png page_white_stack.png \
+			page_white_text.png page_world.png \
+			page_white_word.png page_white_zip.png photo.png \
+			picture.png plugin.png plugin_add.png script.png \
+			script_gear.png script_palette.png
+
+error_files=	ERR_ACCESS_DENIED ERR_ACL_TIME_QUOTA_EXCEEDED \
+		ERR_AGENT_CONFIGURE ERR_AGENT_WPAD \
+		ERR_CACHE_ACCESS_DENIED \
+		ERR_CACHE_MGR_ACCESS_DENIED ERR_CONFLICT_HOST \
+		ERR_CANNOT_FORWARD ERR_CONNECT_FAIL \
+		ERR_DIR_LISTING ERR_DNS_FAIL \
+		ERR_ESI ERR_FORWARDING_DENIED \
+		ERR_FTP_DISABLED ERR_FTP_FAILURE ERR_FTP_FORBIDDEN \
+		ERR_FTP_NOT_FOUND ERR_FTP_PUT_CREATED \
+		ERR_FTP_PUT_ERROR ERR_FTP_PUT_MODIFIED ERR_FTP_UNAVAILABLE \
+		ERR_GATEWAY_FAILURE \
+		ERR_ICAP_FAILURE ERR_INVALID_REQ ERR_INVALID_RESP \
+		ERR_INVALID_URL ERR_LIFETIME_EXP ERR_NO_RELAY \
+		ERR_ONLY_IF_CACHED_MISS ERR_PRECONDITION_FAILED \
+		ERR_READ_ERROR ERR_READ_TIMEOUT \
+		ERR_SECURE_CONNECT_FAIL ERR_SHUTTING_DOWN ERR_SOCKET_FAILURE \
+		ERR_TOO_BIG ERR_UNSUP_REQ ERR_UNSUP_HTTPVERSION \
+		ERR_URN_RESOLVE ERR_WRITE_ERROR ERR_ZERO_SIZE_OBJECT \
+		error-details.txt
+
+error_dirs=	af ar az bg ca cs da de el en es et fa fi fr he hu hy id it \
+		ja ko lt lv ms nl oc pl pt pt-br ro ru sk sl sr-cyrl sr-latn \
+		sv \
+		th tr uk uz \
+		vi zh-cn zh-tw \
+		templates
+
+error_dir_links=	ar-ae ar-bh ar-dz ar-eg ar-iq ar-jo ar-kw ar-lb \
+			ar-ly ar-ma ar-om ar-qa ar-sa ar-sy ar-tn ar-ye \
+			az-az bg-bg cs-cz da-dk \
+			de-at de-ch de-de de-li de-lu \
+			el-gr \
+			en-au en-bz en-ca en-gb en-ie en-in en-jm en-nz \
+			en-ph en-sg en-tt en-uk en-us en-za en-zw \
+			es-ar es-bo es-cl es-co es-cr es-do es-ec es-es \
+			es-gt es-hn es-mx es-ni es-pa es-pe es-pr es-py \
+			es-sv es-uy es-ve \
+			et-ee \
+			fa-fa fa-ir fi-fi \
+			fr-be fr-ca fr-ch fr-fr fr-lu fr-mc \
+			he-il hu-hu hy-am hy-armn id-id it-ch it-it \
+			ja-jp ko-kp ko-kr lt-lt lv-lv ms-my nl-nl \
+			pl-pl pt-pt ro-md ro-ro ru-ru \
+			sk-sk sl-si sr sr-latn-cs sr-sp sv-fi sv-se \
+			th-th tr-tr uk-ua vi-vn zh-hk zh-mo zh-sg
+
+libexec=	cachemgr.cgi \
+		diskd \
+		helper-mux.pl
+
+.if !defined(SQUID_CONFIGURE_ARGS) || ${SQUID_CONFIGURE_ARGS:M*--disable-unlinkd*} == ""
+libexec+=	unlinkd
+.endif
+
+sbin=		purge squidclient squid
+
+CONFIGURE_ARGS=	--with-default-user=squid \
+		--bindir=${PREFIX}/sbin  \
+		--sbindir=${PREFIX}/sbin  \
+		--datadir=${ETCDIR} \
+		--libexecdir=${PREFIX}/libexec/squid \
+		--localstatedir=/var/squid \
+		--sysconfdir=${ETCDIR} \
+		--with-logdir=/var/log/squid \
+		--with-pidfile=/var/run/squid/squid.pid \
+		--enable-auth \
+		--enable-build-info \
+		--enable-loadable-modules \
+		--enable-removal-policies="lru heap" \
+		--disable-epoll \
+		--disable-linux-netfilter \
+		--disable-linux-tproxy \
+		--disable-translation
+
+.include <bsd.port.options.mk>
+.include <bsd.port.pre.mk>
+
+# Authentication methods and modules:
+# TODO: external-session hängt wovon ab?
+
+basic_auth=	DB MSNT MSNT-multi-domain NCSA PAM POP3 RADIUS \
+		fake getpwnam
+digest_auth=	file
+external_acl=	file_userip unix_group
+ntlm_auth=	fake smb_lm
+libexec+=	basic_db_auth \
+		basic_fake_auth \
+		basic_getpwnam_auth \
+		basic_ncsa_auth \
+		basic_msnt_auth \
+		basic_msnt_multi_domain_auth \
+		basic_pam_auth \
+		basic_pop3_auth \
+		basic_radius_auth \
+		digest_file_auth \
+		ext_file_userip_acl \
+		ext_unix_group_acl \
+		ntlm_fake_auth \
+		ntlm_smb_lm_auth
+MAN8+=		basic_getpwnam_auth.8 basic_ncsa_auth.8 basic_pam_auth.8 \
+		basic_radius_auth.8 basic_db_auth.8 \
+		digest_file_auth.8 \
+		ext_file_userip_acl.8 ext_unix_group_acl.8
+.if ${PORT_OPTIONS:MAUTH_LDAP}
+USE_OPENLDAP=	yes
+CFLAGS+=	-I${LOCALBASE}/include
+LDFLAGS+=	-L${LOCALBASE}/lib
+MAN8+=		basic_ldap_auth.8 ext_ldap_group_acl.8
+basic_auth+=	LDAP
+external_acl+=	LDAP_group
+libexec+=	basic_ldap_auth ext_ldap_group_acl
+.endif
+.if ${PORT_OPTIONS:MAUTH_SASL}
+LIB_DEPENDS+=	sasl2.2:${PORTSDIR}/security/cyrus-sasl2
+CFLAGS+=	-I${LOCALBASE}/include
+CPPFLAGS+=	-I${LOCALBASE}/include
+LDFLAGS+=	-L${LOCALBASE}/lib
+MAN8+=		basic_sasl_auth.8
+basic_auth+=	SASL
+libexec+=	basic_sasl_auth
+.endif
+.if ${PORT_OPTIONS:MAUTH_SMB}
+# TODO: build-depends entfernen, wird nur für den configure-check gebraucht
+BUILD_DEPENDS+=	smbclient:${PORTSDIR}/net/samba36
+RUN_DEPENDS+=	smbclient:${PORTSDIR}/net/samba36
+basic_auth+=	SMB
+external_acl+=	wbinfo_group
+libexec+=	basic_smb_auth basic_smb_auth.sh \
+		ext_wbinfo_group_acl
+MAN8+=		ext_wbinfo_group_acl.8
+.endif
+# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
+.if ${PORT_OPTIONS:MAUTH_NIS} && !defined(NO_NIS) && !defined(WITHOUT_NIS)
+basic_auth+=	NIS
+libexec+=	basic_nis_auth
+.endif
+CONFIGURE_ARGS+=	--enable-auth-basic="${basic_auth}" \
+			--enable-auth-digest="${digest_auth}" \
+			--enable-external-acl-helpers="${external_acl}" \
+			--enable-auth-ntlm="${ntlm_auth}"
+# TODO:
+#  - configure-Skript auf bashisms prüfen
+#  - external/kerberos_ldap_group immer mit installieren?
+#  - gehört wrapper auch zu kerberos oder kann man den immer installieren?
+#  - negotiate_auth-Variable einführen
+# POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
+.if ${PORT_OPTIONS:MAUTH_KERB} && !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS)
+CONFIGURE_ARGS+=	--enable-auth-negotiate="kerberos wrapper"
+libexec+=	negotiate_kerberos_auth negotiate_kerberos_auth_test \
+		negotiate_wrapper_auth
+MAN8+=		negotiate_kerberos_auth.8
+.else
+CONFIGURE_ARGS+=	--enable-auth-negotiate="none"
+.endif
+
+# Storage schemes:
+
+storage_schemes=	diskd rock ufs
+diskio_modules=	AIO Blocking DiskDaemon IpcIo Mmapped
+.if ${PORT_OPTIONS:MFS_AUFS}
+storage_schemes+=	aufs
+diskio_modules+=	DiskThreads
+# Only document switching from libpthread to libthr using libmap.conf
+# where lipthread is still the default threading library:
+.if ${OSVERSION} < 700041
+EXTRA_PATCHES+=		${PATCHDIR}/extra-patch-src-cf.data.pre.aufs
+.endif
+# Nil aufs threads is default, set any other value via SQUID_CONFIGURE_ARGS,
+# e.g. SQUID_CONFIGURE_ARGS=--with-aufs-threads=N
+CFLAGS+=	${PTHREAD_CFLAGS}
+LDFLAGS+=	${PTHREAD_LIBS}
+.else
+CONFIGURE_ARGS+=	--without-pthreads
+.endif
+.if ${PORT_OPTIONS:MFS_COSS}
+storage_schemes+=	coss
+.endif
+CONFIGURE_ARGS+=	--enable-storeio="${storage_schemes}"
+CONFIGURE_ARGS+=	--enable-disk-io="${diskio_modules}"
+
+# Log daemon helpers:
+
+logdaemon_helpers=	file
+CONFIGURE_ARGS+=	--enable-log-daemon-helpers="${logdaemon_helpers}"
+libexec+=	log_file_daemon
+
+# Rewrite helpers:
+
+rewrite_helpers=	fake
+CONFIGURE_ARGS+=	--enable-url-rewrite-helpers="${rewrite_helpers}"
+libexec+=	url_fake_rewrite url_fake_rewrite.sh
+
+# Other options set via 'make config':
+
+.if empty(PORT_OPTIONS:MIPV6) || defined(WITHOUT_IPV6)
+CONFIGURE_ARGS+=	--disable-ipv6
+.endif
+.if ${PORT_OPTIONS:MDELAY_POOLS}
+CONFIGURE_ARGS+=	--enable-delay-pools
+.endif
+.if empty(PORT_OPTIONS:MSNMP)
+CONFIGURE_ARGS+=	--disable-snmp
+.endif
+.if ${PORT_OPTIONS:MSSL}
+# we need to .include bsd.openssl.mk manually here.because USE_OPENSSL only
+# works when it is defined before bsd.port{.pre}.mk is .included.
+# This makes it currently impossible to combine this macro with OPTIONS to
+# conditionally include OpenSSL support.
+# XXX: is this still true with OptionsNG as of 2012-10?
+.include "${PORTSDIR}/Mk/bsd.openssl.mk"
+CONFIGURE_ARGS+=	--enable-ssl \
+			--with-openssl="${OPENSSLBASE}"
+CFLAGS+=	-I${OPENSSLINC}
+LDFLAGS+=	-L${OPENSSLLIB}
+.endif
+.if ${PORT_OPTIONS:MSSL_CRTD}
+CONFIGURE_ARGS+=	--enable-ssl-crtd
+libexec+=	ssl_crtd
+.endif
+.if ${PORT_OPTIONS:MICMP}
+CONFIGURE_ARGS+=	--enable-icmp
+libexec+=	pinger
+.endif
+.if ${PORT_OPTIONS:MDNS_HELPER}
+CONFIGURE_ARGS+=	--disable-internal-dns
+libexec+=	dnsserver
+.endif
+.if empty(PORT_OPTIONS:MHTCP)
+CONFIGURE_ARGS+=	--disable-htcp
+.else
+CONFIGURE_ARGS+=	--enable-htcp
+.endif
+.if ${PORT_OPTIONS:MVIA_DB}
+CONFIGURE_ARGS+=	--enable-forw-via-db
+.else
+CONFIGURE_ARGS+=	--disable-forw-via-db
+.endif
+.if ${PORT_OPTIONS:MCACHE_DIGESTS}
+CONFIGURE_ARGS+=	--enable-cache-digests
+.else
+CONFIGURE_ARGS+=	--disable-cache-digests
+.endif
+.if ${PORT_OPTIONS:MWCCP}
+CONFIGURE_ARGS+=	--enable-wccp
+.else
+CONFIGURE_ARGS+=	--disable-wccp
+.endif
+.if ${PORT_OPTIONS:MWCCPV2}
+CONFIGURE_ARGS+=	--enable-wccpv2
+.else
+CONFIGURE_ARGS+=	--disable-wccpv2
+.endif
+.if ${PORT_OPTIONS:MSTRICT_HTTP}
+CONFIGURE_ARGS+=	--disable-http-violations
+.endif
+.if empty(PORT_OPTIONS:MIDENT)
+CONFIGURE_ARGS+=	--disable-ident-lookups
+.endif
+.if ${PORT_OPTIONS:MARP_ACL}
+CONFIGURE_ARGS+=	--enable-eui
+.else
+CONFIGURE_ARGS+=	--disable-eui
+.endif
+.if ${PORT_OPTIONS:MTP_IPFW}
+CONFIGURE_ARGS+=	--enable-ipfw-transparent
+.else
+CONFIGURE_ARGS+=	--disable-ipfw-transparent
+.endif
+.if ${PORT_OPTIONS:MTP_PF}
+CONFIGURE_ARGS+=	--enable-pf-transparent
+.else
+CONFIGURE_ARGS+=	--disable-pf-transparent
+.endif
+.if ${PORT_OPTIONS:MTP_IPF}
+CONFIGURE_ARGS+=	--enable-ipf-transparent
+.else
+CONFIGURE_ARGS+=	--disable-ipf-transparent
+.endif
+.if ${PORT_OPTIONS:MFOLLOW_XFF}
+CONFIGURE_ARGS+=	--enable-follow-x-forwarded-for
+.else
+CONFIGURE_ARGS+=	--disable-follow-x-forwarded-for
+.endif
+.if ${PORT_OPTIONS:MECAP}
+CONFIGURE_ARGS+=	--enable-ecap
+LIB_DEPENDS+=	ecap:${PORTSDIR}/www/libecap
+CFLAGS+=	-I${LOCALBASE}/include
+LDFLAGS+=	-L${LOCALBASE}/lib
+USE_PKGCONFIG=	build
+.else
+CONFIGURE_ARGS+=	--disable-ecap
+.endif
+.if ${PORT_OPTIONS:MICAP}
+CONFIGURE_ARGS+=	--enable-icap-client
+.else
+CONFIGURE_ARGS+=	--disable-icap-client
+.endif
+.if ${PORT_OPTIONS:MESI}
+CONFIGURE_ARGS+=	--enable-esi
+LIB_DEPENDS+=	expat:${PORTSDIR}/textproc/expat2 \
+		xml2:${PORTSDIR}/textproc/libxml2
+CFLAGS+=	-I${LOCALBASE}/include -I${LOCALBASE}/include/libxml2
+LDFLAGS+=	-L${LOCALBASE}/lib
+.else
+CONFIGURE_ARGS+=	--disable-esi
+.endif
+.if empty(PORT_OPTIONS:MKQUEUE)
+# Squid-3's kqueue support is still marked as experimental, so it is not yet
+# enabled automatically as in Squid-2. We are explicit about disabling it,
+# nonetheless:
+CONFIGURE_ARGS+=	--disable-kqueue
+.else
+CONFIGURE_ARGS+=	--enable-kqueue
+.endif
+.if ${PORT_OPTIONS:MLARGEFILE}
+CONFIGURE_ARGS+=	--with-large-files
+.endif
+.if ${PORT_OPTIONS:MSTACKTRACES}
+CONFIGURE_ARGS+=	--enable-stacktraces
+CFLAGS+=		-g
+STRIP=
+.endif
+.if ${PORT_OPTIONS:MDEBUG} || defined(WITH_DEBUG)
+CONFIGURE_ARGS+=	--disable-optimizations --enable-debug-cbdata
+WITH_DEBUG?=		yes
+.endif
+
+# Finally, add additional user specified configuration options:
+CONFIGURE_ARGS+=	${SQUID_CONFIGURE_ARGS}
+
+PLIST_DIRS=	%%ETCDIR%%/icons/silk %%ETCDIR%%/icons libexec/squid
+PLIST_FILES=	${etc_files:S,^,etc/,} \
+		%%ETCDIR%%/icons/SN.png \
+		${icon_silk_files:S,^,%%ETCDIR%%/icons/silk/,} \
+		${libexec:S,^,libexec/squid/,} ${sbin:S,^,sbin/,}
+
+PLIST_FILES+=	%%ETCDIR%%/errors/COPYRIGHT %%ETCDIR%%/errors/TRANSLATORS
+.for d in ${error_dirs}
+PLIST_DIRS+=	%%ETCDIR%%/errors/${d}
+PLIST_FILES+=	${error_files:S,^,%%ETCDIR%%/errors/${d}/,}
+.endfor
+PLIST_FILES+=	${error_dir_links:S,^,%%ETCDIR%%/errors/,}
+PLIST_DIRS+=	%%ETCDIR%%/errors
+PLIST_DIRSTRY+=	%%ETCDIR%%
+
+post-patch:
+	@${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' \
+	    ${WRKSRC}/src/cf.data.pre
+
+pre-install:
+# Prevent installation of .orig files by deleting them.
+	@${FIND} ${WRKSRC} -name '*.bak' -delete
+	@${FIND} ${WRKSRC} -name '*.orig' -delete
+
+pre-su-install:
+	@${SETENV} ${SCRIPTS_ENV} PKG_PREFIX=${PREFIX} \
+	    ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
+
+post-install:
+.if !defined(NOPORTEXAMPLES)
+	@${MKDIR} ${EXAMPLESDIR}
+	${INSTALL_DATA} ${WRKSRC}/helpers/basic_auth/DB/passwd.sql ${EXAMPLESDIR}
+.endif
+.if ${PORT_OPTIONS:MICMP}
+	${CHMOD} 4510 ${PREFIX}/libexec/squid/pinger; \
+	${CHGRP} squid ${PREFIX}/libexec/squid/pinger
+.endif
+.if !defined(NOPORTDOCS)
+	@${MKDIR} ${DOCSDIR}
+	cd ${WRKSRC} && ${INSTALL_DATA} ${docs} ${DOCSDIR}
+.endif
+	@${SETENV} PKG_PREFIX=${PREFIX} \
+	    ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
+
+	@${ECHO_CMD} "===> post-installation information for ${PKGNAME}:"
+	@${ECHO_CMD} ""
+	@${CAT} ${PKGMESSAGE}
+	@${ECHO_CMD} ""
+
+.include <bsd.port.post.mk>
diff --git a/www/squid32/distinfo b/www/squid32/distinfo
new file mode 100644
index 000000000000..0c49259c5249
--- /dev/null
+++ b/www/squid32/distinfo
@@ -0,0 +1,2 @@
+SHA256 (squid3.2/squid-3.2.3.tar.bz2) = 1741c3ef647f5b0960498b7bb3e44af4a4409c321afe2d141c67d2b5c85ed5a1
+SIZE (squid3.2/squid-3.2.3.tar.bz2) = 2891753
diff --git a/www/squid32/files/extra-patch-src-cf.data.pre.aufs b/www/squid32/files/extra-patch-src-cf.data.pre.aufs
new file mode 100644
index 000000000000..019fdcac0fc7
--- /dev/null
+++ b/www/squid32/files/extra-patch-src-cf.data.pre.aufs
@@ -0,0 +1,20 @@
+--- src/cf.data.pre.orig	Wed Nov  1 15:12:02 2006
++++ src/cf.data.pre	Wed Nov  1 15:12:17 2006
+@@ -1097,6 +1100,17 @@
+ 
+ 	see argument descriptions under ufs above
+ 
++	Note:
++	By default, FreeBSD uses the pthread(3) M:N threading library.
++	You can, however, map the thread library to the 1:1 libthr(3)
++	implementation by inserting the following lines into
++	/etc/libmap.conf and see whether this performs better on your
++	system:
++
++	[%%PREFIX%%/sbin/squid]
++	libpthread.so.1	libthr.so.1
++	libpthread.so.2	libthr.so.2
++
+ 	The diskd store type:
+ 
+ 	"diskd" uses the same storage format as "ufs", utilizing a
diff --git a/www/squid32/files/patch-configure b/www/squid32/files/patch-configure
new file mode 100644
index 000000000000..0b7bf2394c01
--- /dev/null
+++ b/www/squid32/files/patch-configure
@@ -0,0 +1,47 @@
+--- configure.orig	2012-10-21 18:10:03.000000000 +0200
++++ configure	2012-10-21 18:27:39.000000000 +0200
+@@ -22154,7 +22154,7 @@
+ 
+ done
+ 
+-  if test "x$ac_heimdal" == "x" ; then
++  if test "x$ac_heimdal" = "x" ; then
+     for ac_header in gssapi/gssapi_generic.h
+ do :
+   ac_fn_cxx_check_header_mongrel "$LINENO" "gssapi/gssapi_generic.h" "ac_cv_header_gssapi_gssapi_generic_h" "$ac_includes_default"
+@@ -22351,7 +22351,7 @@
+ 
+ 
+   ac_com_error_message=no
+-  if test "x$ac_cv_header_com_err_h" == "xyes" ; then
++  if test "x$ac_cv_header_com_err_h" = "xyes" ; then
+       cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ /* end confdefs.h.  */
+ #include <com_err.h>
+@@ -22363,7 +22363,7 @@
+ fi
+ rm -f conftest*
+ 
+-  elif test "x$ac_cv_header_et_com_err_h" == "xyes" ; then
++  elif test "x$ac_cv_header_et_com_err_h" = "xyes" ; then
+       cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ /* end confdefs.h.  */
+ #include <et/com_err.h>
+@@ -22424,7 +22424,7 @@
+ 
+   fi
+ 
+-  if test `echo $KRB5LIBS | grep -c com_err` -ne 0 -a "x$ac_com_error_message" == "xyes" ; then
++  if test `echo $KRB5LIBS | grep -c com_err` -ne 0 -a "x$ac_com_error_message" = "xyes" ; then
+     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for error_message in -lcom_err" >&5
+ $as_echo_n "checking for error_message in -lcom_err... " >&6; }
+ if ${ac_cv_lib_com_err_error_message+:} false; then :
+@@ -22467,7 +22467,7 @@
+ 
+ fi
+ 
+-  elif test  "x$ac_com_error_message" == "xyes" ; then
++  elif test  "x$ac_com_error_message" = "xyes" ; then
+     { $as_echo "$as_me:${as_lineno-$LINENO}: checking for error_message in -lkrb5" >&5
+ $as_echo_n "checking for error_message in -lkrb5... " >&6; }
+ if ${ac_cv_lib_krb5_error_message+:} false; then :
diff --git a/www/squid32/files/patch-helpers-basic_auth-LDAP-config.test b/www/squid32/files/patch-helpers-basic_auth-LDAP-config.test
new file mode 100644
index 000000000000..9961e5fa44cb
--- /dev/null
+++ b/www/squid32/files/patch-helpers-basic_auth-LDAP-config.test
@@ -0,0 +1,12 @@
+--- helpers/basic_auth/LDAP/config.test.orig	2012-10-20 14:39:49.000000000 +0200
++++ helpers/basic_auth/LDAP/config.test	2012-10-21 20:49:49.000000000 +0200
+@@ -1,8 +1,2 @@
+ #!/bin/sh
+-if [ -f /usr/include/ldap.h ]; then
+-	exit 0
+-fi
+-if [ -f /usr/include/winldap.h ]; then
+-	exit 0
+-fi
+-exit 1
++exit 0
diff --git a/www/squid32/files/patch-helpers-basic_auth-SASL-config.test b/www/squid32/files/patch-helpers-basic_auth-SASL-config.test
new file mode 100644
index 000000000000..4952c279e82f
--- /dev/null
+++ b/www/squid32/files/patch-helpers-basic_auth-SASL-config.test
@@ -0,0 +1,12 @@
+--- helpers/basic_auth/SASL/config.test.orig	2012-10-20 14:39:49.000000000 +0200
++++ helpers/basic_auth/SASL/config.test	2012-10-21 20:50:57.000000000 +0200
+@@ -1,8 +1,2 @@
+ #!/bin/sh
+-if [ -f /usr/include/sasl.h ]; then
+-	exit 0
+-fi
+-if [ -f /usr/include/sasl/sasl.h ]; then
+-	exit 0
+-fi
+-exit 1
++exit 0
diff --git a/www/squid32/files/patch-helpers-external_acl-LDAP_group-config.test b/www/squid32/files/patch-helpers-external_acl-LDAP_group-config.test
new file mode 100644
index 000000000000..d7b6fe19f770
--- /dev/null
+++ b/www/squid32/files/patch-helpers-external_acl-LDAP_group-config.test
@@ -0,0 +1,12 @@
+--- helpers/external_acl/LDAP_group/config.test.orig	2012-10-20 14:39:49.000000000 +0200
++++ helpers/external_acl/LDAP_group/config.test	2012-10-21 20:51:53.000000000 +0200
+@@ -1,8 +1,2 @@
+ #!/bin/sh
+-if [ -f /usr/include/ldap.h ]; then
+-	exit 0
+-fi
+-if [ -f /usr/include/winldap.h ]; then
+-	exit 0
+-fi
+-exit 1
++exit 0
diff --git a/www/squid32/files/patch-src-cf.data.pre b/www/squid32/files/patch-src-cf.data.pre
new file mode 100644
index 000000000000..b3831a3132ef
--- /dev/null
+++ b/www/squid32/files/patch-src-cf.data.pre
@@ -0,0 +1,13 @@
+--- src/cf.data.pre.orig	2012-10-20 14:39:49.000000000 +0200
++++ src/cf.data.pre	2012-10-28 11:28:18.000000000 +0100
+@@ -3479,6 +3479,10 @@
+ LOC: Config.pidFilename
+ DOC_START
+ 	A filename to write the process-id to.  To disable, enter "none".
++
++	Note: If you change this setting, you need to set squid_pidfile
++	in /etc/rc.conf to reflect the new value. Please see
++	%%PREFIX%%/etc/rc.d/squid for details.
+ DOC_END
+ 
+ NAME: log_fqdn
diff --git a/www/squid32/files/pkg-install.in b/www/squid32/files/pkg-install.in
new file mode 100644
index 000000000000..1ee676c254a8
--- /dev/null
+++ b/www/squid32/files/pkg-install.in
@@ -0,0 +1,79 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+PATH=/bin:/usr/bin:/usr/sbin
+pkgname=$1
+squid_base="/var/squid"
+squid_cachedir="${squid_base}/cache"
+squid_confdir="${PKG_PREFIX:-%%PREFIX%%}/etc/squid"
+squid_logdir="/var/log/squid"
+squid_rundir="/var/run/squid"
+# these are hardcoded, see /usr/ports/UIDs and /usr/ports/GIDs:
+squid_user=squid
+squid_group=squid
+squid_gid=100
+squid_uid=100
+case $2 in
+PRE-INSTALL)
+	echo "===> Pre-installation configuration for ${pkgname}"
+	;;
+POST-INSTALL)
+	# Since we usually start the Squid master process as ${squid_user}
+	# instead of root make sure that ${squid_base} is writable for it.
+	if [ ! -d ${squid_base} ]; then
+		echo "Creating ${squid_base}..."
+		install -d -o root -g ${squid_group} \
+		    -m 0775 ${squid_base}
+	else
+		chgrp ${squid_group} ${squid_base}
+		chmod g+w ${squid_base}
+	fi
+	if [ ! -d ${squid_cachedir} ]; then
+		echo "Creating ${squid_cachedir} ..."
+		install -d -o ${squid_user} -g ${squid_group} \
+		    -m 0750 ${squid_cachedir}
+	else
+		chown ${squid_user} ${squid_cachedir}
+		chgrp ${squid_group} ${squid_cachedir}
+		chmod 0750 ${squid_cachedir}
+	fi
+	if [ ! -d ${squid_confdir} ]; then
+		echo "Creating ${squid_confdir}..."
+		install -d -o root -g ${squid_group} \
+		    -m 0755 ${squid_confdir}
+	else
+		chgrp ${squid_group} ${squid_confdir}
+	fi
+	if [ ! -d ${squid_logdir} ]; then
+		echo "Creating ${squid_logdir}..."
+		install -d -o ${squid_user} -g ${squid_group} \
+		    -m 0750 ${squid_logdir}
+	else
+		chown ${squid_user} ${squid_logdir}
+		chgrp ${squid_group} ${squid_logdir}
+	fi
+	if [ ! -d ${squid_rundir} ]; then
+		echo "Creating ${squid_rundir}..."
+		install -d -o ${squid_user} -g ${squid_group} \
+		    -m 0755 ${squid_rundir}
+	else
+		chown ${squid_user} ${squid_rundir}
+		chgrp ${squid_group} ${squid_rundir}
+	fi
+	for file in cachemgr.conf errorpage.css mime.conf msntauth.conf squid.conf; do
+		if [ ! -f ${squid_confdir}/${file} \
+		    -a -f ${squid_confdir}/${file}.default ]; then
+			echo "Creating ${file} from default..."
+			install -c -o root -g ${squid_group} -m 0640 \
+		    	    ${squid_confdir}/${file}.default \
+			    ${squid_confdir}/${file}
+		fi
+	done
+	;;
+*)
+	exit 64
+	;;
+esac
+exit 0
diff --git a/www/squid32/files/pkg-message.in b/www/squid32/files/pkg-message.in
new file mode 100644
index 000000000000..d73cc6e7748d
--- /dev/null
+++ b/www/squid32/files/pkg-message.in
@@ -0,0 +1,33 @@
+     o You can find the configuration files for this package in the
+       directory %%PREFIX%%/etc/squid.
+
+     o The default cache directory is /var/squid/.
+       The default log directory is /var/log/squid/.
+
+       Note:
+       You must initialize new cache directories before you can start
+       squid.  Do this by running "squid -z" as 'root' or 'squid'.
+       If your cache directories are already initialized (e.g. after an
+       upgrade of squid) you do not need to initialize them again.
+
+     o The default configuration will deny everyone but the local host and
+       local networks as defined in RFC 1918 for IPv4 and RFCs 4193 and
+       4291 for IPv6 access to the proxy service.  Edit the "http_access
+       allow/deny" directives in %%PREFIX%%/etc/squid/squid.conf
+       to suit your needs.
+
+     To enable Squid, set squid_enable=yes in either
+     /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/squid
+     Please see %%PREFIX%%/etc/rc.d/squid for further details.
+
+     Note:
+     If you just updated your Squid installation from an earlier version,
+     make sure to check your Squid configuration against the 3.2 default
+     configuration file %%PREFIX%%/etc/squid/squid.conf.default.
+     
+     %%PREFIX%%/etc/squid/squid.conf.documented is a fully annotated
+     configuration file you can consult for further reference.
+
+     Additionally, you should check your configuration by calling
+     'squid -f /path/to/squid.conf -k parse' before starting Squid.
+
diff --git a/www/squid32/files/squid.in b/www/squid32/files/squid.in
new file mode 100644
index 000000000000..ce3e9b64d37a
--- /dev/null
+++ b/www/squid32/files/squid.in
@@ -0,0 +1,96 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+# PROVIDE: squid
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+#
+# Note:
+# Set "squid_enable=yes" in either /etc/rc.conf, /etc/rc.conf.local or
+# /etc/rc.conf.d/squid to activate Squid.
+#
+# Additional variables you can define in one of these files:
+#
+# squid_chdir:	the directory into which the rc system moves into before
+# 		starting Squid. Default: /var/squid
+#
+# squid_conf:	The configuration file that Squid should use.
+#		Default: %%PREFIX%%/etc/squid/squid.conf
+#
+# squid_fib:	The alternative routing table id that Squid should use.
+#		Default: none
+#		See setfib(1) for further details. Note that the setfib(2)
+#		system call is not available in FreeBSD versions prior to 7.1.
+#
+# squid_user:	The user id that should be used to run the Squid master
+#		process. Default: %%SQUID_UID%%.
+#		Note that you probably need to define "squid_user=root" if
+#		you want to run Squid in reverse proxy setups or if you want
+#		Squid to listen on a "privileged" port < 1024.
+#
+# squid_pidfile:
+#		The name (including the full path) of the Squid
+#		master process' PID file.
+#		Default: /var/run/squid/squid.pid.
+#		You only need to change this if you changed the
+#		corresponding entry in your Squid configuration.
+#
+# squid_flags:	Additional commandline arguments for Squid you might want to
+#		use. See squid(8) for further details.
+#
+
+squid_checkrunning() {
+	${command} ${command_args} ${squid_flags} -k check 2>/dev/null
+}
+
+squid_setfib() {
+	sysctl net.fibs >/dev/null 2>&1 || return 0
+	if [ "x${squid_fib}" != "xNONE" ]; then
+		command="setfib -F ${squid_fib} ${command}"
+	else
+		return 0
+	fi
+}
+
+squid_stop() {
+	echo "Stopping ${name}."
+	${command} ${command_args} ${squid_flags} -k shutdown
+	run_rc_command poll
+}
+
+. /etc/rc.subr
+
+name=squid
+rcvar=squid_enable
+
+command=%%PREFIX%%/sbin/squid
+extra_commands=reload
+reload_cmd="${command} ${command_args} ${squid_flags} -k reconfigure"
+start_precmd="squid_setfib"
+stop_precmd="squid_checkrunning"
+stop_cmd="squid_stop"
+
+load_rc_config ${name}
+
+squid_chdir=${squid_chdir:-"/var/squid"}
+squid_conf=${squid_conf:-"%%PREFIX%%/etc/squid/squid.conf"}
+squid_enable=${squid_enable:-"NO"}
+squid_fib=${squid_fib:-"NONE"}
+squid_pidfile=${squid_pidfile:-"/var/run/squid/squid.pid"}
+squid_user=${squid_user:-"squid"}
+
+pidfile=${squid_pidfile}
+required_dirs=${squid_chdir}
+
+# squid(8) will not start if ${squid_conf} is not present so try
+# to catch that beforehand via ${required_files} rather than make
+# squid(8) crash.
+
+required_files=${squid_conf}
+
+# Now make sure that we invoke squid with "-f ${squid_conf}":
+
+command_args="-f ${squid_conf}"
+
+run_rc_command "$1"
diff --git a/www/squid32/pkg-deinstall b/www/squid32/pkg-deinstall
new file mode 100644
index 000000000000..04c866a13608
--- /dev/null
+++ b/www/squid32/pkg-deinstall
@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+PATH=/bin:/usr/bin:/usr/sbin
+squid_homedir="/var/squid"
+squid_cache_basedir="${squid_homedir}/cache"
+squid_state_basedir="${squid_homedir}/run"
+squid_confdir=${PKG_PREFIX}/etc/squid
+squid_logdir="/var/log/squid"
+squid_rundir="/var/run/squid"
+
+case $2 in
+DEINSTALL)
+	cd ${squid_confdir} || exit 1
+	for f in cachemgr.conf errorpage.css mime.conf msntauth.conf squid.conf; do
+		cmp -s -z ${f} ${f}.default && rm ${f}
+	done
+	# try to cleanup directories in /var:
+	for d in ${squid_cache_basedir}/squid ${squid_cache_basedir} ${squid_state_basedir}/squid ${squid_state_basedir} ${squid_homedir} ${squid_logdir} ${squid_rundir}; do
+		rmdir ${d} 2>/dev/null
+	done
+	;;
+POST-DEINSTALL)
+	echo "===> post-deinstallation information for $1:"
+	echo ""
+	echo "     Note:"
+	echo "     Squid related user accounts and groups were not removed."
+	echo ""
+	echo "     To remove the 'squid' user and the 'squid' group which were"
+	echo "     created by a default installation of this package, run"
+	echo ""
+	echo "     pw userdel -n squid -u 100"
+	if  [ -d ${squid_homedir} -o -d ${squid_confdir} -o -d ${squid_logdir} -o -d ${squid_rundir} ] ; then
+		echo ""
+		echo "     In order to ease updates the cache and log directories"
+		echo "     and all configuration files modified by you were preserved."
+		echo ""
+		echo "     Please remove them manually if you do not want to use"
+	       	echo "     Squid any longer."
+	fi
+	echo ""
+	;;
+*)
+	exit 64
+	;;
+esac
+exit 0
diff --git a/www/squid32/pkg-descr b/www/squid32/pkg-descr
new file mode 100644
index 000000000000..bf8b272763c4
--- /dev/null
+++ b/www/squid32/pkg-descr
@@ -0,0 +1,5 @@
+Squid is a fully-featured HTTP/1.0 proxy which is almost (but not quite)
+HTTP/1.1 compliant. Squid offers a rich access control, authorization and
+logging environment to develop web proxy and content serving applications.
+
+WWW: http://www.squid-cache.org/
-- 
cgit v1.2.3