debian/0000775000000000000000000000000012300550035007161 5ustar debian/squid-purge.install0000664000000000000000000000002512252041564013023 0ustar /usr/bin/squid-purge debian/squid3.rc0000664000000000000000000000677712252041564010750 0ustar #! /bin/sh # # squid3 Startup script for the SQUID HTTP proxy-cache. # # Version: @(#)squid3.rc 1.0 07-Jul-2006 luigi@debian.org # ### BEGIN INIT INFO # Provides: squid3 # Required-Start: $network $remote_fs $syslog # Required-Stop: $network $remote_fs $syslog # Should-Start: $named # Should-Stop: $named # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Squid HTTP Proxy version 3.x ### END INIT INFO NAME=squid3 DESC="Squid HTTP Proxy 3.x" DAEMON=/usr/sbin/squid3 PIDFILE=/var/run/$NAME.pid CONFIG=/etc/squid3/squid.conf SQUID_ARGS="-YC -f $CONFIG" [ ! -f /etc/default/squid3 ] || . /etc/default/squid3 . /lib/lsb/init-functions PATH=/bin:/usr/bin:/sbin:/usr/sbin [ -x $DAEMON ] || exit 0 ulimit -n 65535 find_cache_dir () { w=" " # space tab res=`sed -ne ' s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $CONFIG` [ -n "$res" ] || res=$2 echo "$res" } find_cache_type () { w=" " # space tab res=`sed -ne ' s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $CONFIG` [ -n "$res" ] || res=$2 echo "$res" } grepconf () { w=" " # space tab sq=/etc/squid3/squid.conf # sed is cool. res=`sed -ne ' s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $sq` [ -n "$res" ] || res=$2 echo "$res" } create_run_dir () { run_dir=/var/run/squid3 usr=`grepconf cache_effective_user proxy` grp=`grepconf cache_effective_group proxy` if [ "$(stat -c %U $run_dir)" != "$usr" ] || [ "$(stat -c %G $run_dir)" != "$grp" ] ; then if [ "$(dpkg-statoverride --list $run_dir)" = "" ] ; then chown -R $usr:$grp $run_dir fi fi } start () { cache_dir=`find_cache_dir cache_dir` cache_type=`find_cache_type cache_dir` # # Create spool dirs if they don't exist. # if [ "$cache_type" = "coss" -a -d "$cache_dir" -a ! -f "$cache_dir/stripe" ] || [ "$cache_type" != "coss" -a -d "$cache_dir" -a ! -d "$cache_dir/00" ] then log_warning_msg "Creating $DESC cache structure" $DAEMON -z -f $CONFIG fi umask 027 ulimit -n 65535 cd $cache_dir start-stop-daemon --quiet --start \ --pidfile $PIDFILE \ --exec $DAEMON -- $SQUID_ARGS < /dev/null return $? } stop () { PID=`cat $PIDFILE 2>/dev/null` start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON # # Now we have to wait until squid has _really_ stopped. # sleep 2 if test -n "$PID" && kill -0 $PID 2>/dev/null then log_action_begin_msg " Waiting" cnt=0 while kill -0 $PID 2>/dev/null do cnt=`expr $cnt + 1` if [ $cnt -gt 24 ] then log_action_end_msg 1 return 1 fi sleep 5 log_action_cont_msg "" done log_action_end_msg 0 return 0 else return 0 fi } case "$1" in start) log_daemon_msg "Starting $DESC" "$NAME" if start ; then log_end_msg $? else log_end_msg $? fi ;; stop) log_daemon_msg "Stopping $DESC" "$NAME" if stop ; then log_end_msg $? else log_end_msg $? fi ;; reload|force-reload) log_action_msg "Reloading $DESC configuration files" start-stop-daemon --stop --signal 1 \ --pidfile $PIDFILE --quiet --exec $DAEMON log_action_end_msg 0 ;; restart) log_daemon_msg "Restarting $DESC" "$NAME" stop if start ; then log_end_msg $? else log_end_msg $? fi ;; status) status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit 3 ;; *) echo "Usage: /etc/init.d/$NAME {start|stop|reload|force-reload|restart|status}" exit 3 ;; esac exit 0 debian/usr.sbin.squid30000664000000000000000000000325012252041564012066 0ustar # Author: Simon Deziel # Jamie Strandboge # vim:syntax=apparmor #include /usr/sbin/squid3 { #include #include #include capability net_raw, capability setuid, capability setgid, capability sys_chroot, # pinger network inet raw, network inet6 raw, /etc/mtab r, @{PROC}/[0-9]*/mounts r, @{PROC}/mounts r, # squid3 configuration /etc/squid3/** r, /{,var/}run/squid3.pid rwk, /var/spool/squid3/ r, /var/spool/squid3/** rwk, /usr/lib/squid3/* rmix, /usr/share/squid3/** r, /var/log/squid3/* rw, # squid-langpack /usr/share/squid-langpack/** r, # squid-deb-proxy /etc/squid-deb-proxy/** r, /{,var/}run/squid-deb-proxy.pid rwk, /var/cache/squid-deb-proxy/ r, /var/cache/squid-deb-proxy/** rwk, /var/log/squid-deb-proxy/* rw, # squidguard /usr/bin/squidGuard Cx -> squidguard, profile squidguard { #include /etc/squid/squidGuard.conf r, /var/log/squid{,3}/squidGuard.log w, /var/lib/squidguard/** rw, # squidguard by default uses /var/log/squid as its logdir, however, we # don't want it to access squid's logs, only its own. Explicitly deny # access to squid's files but allow all others since the user may specify # anything for the squidGurad 'log' directive. /var/log/squid{,3}/* rw, audit deny /var/log/squid{,3}/{access,cache,store}.log* rw, # Site-specific additions and overrides. See local/README for details. #include } # Site-specific additions and overrides. See local/README for details. #include } debian/squid3.lintian-overrides0000664000000000000000000000010212252041564013752 0ustar squid3 binary: setuid-binary usr/lib/squid3/pinger 4755 root/root debian/tests/0000775000000000000000000000000012252043165010332 5ustar debian/tests/squid0000775000000000000000000000046312252041564011411 0ustar #!/bin/bash #-------------- # Testing squid #-------------- set -e # configure vsftpd sed -i "s/anonymous_enable[[:blank:]]*=[[:blank:]]*.*/anonymous_enable=YES/g" /etc/vsftpd.conf echo "seccomp_sandbox=NO" >> /etc/vsftpd.conf service vsftpd restart 2>&1 > /dev/null python `dirname $0`/test-squid.py 2>&1 debian/tests/testlib_httpd.py0000664000000000000000000003050212252041564013556 0ustar #!/usr/bin/python # # testlib_httpd.py quality assurance test script # Copyright (C) 2008-2013 Canonical Ltd. # Author: Jamie Strandboge # Author: Marc Deslauriers # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License version 3, # as published by the Free Software Foundation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # import unittest, subprocess import os import sys import tempfile import testlib import time import socket import shutil import cookielib import urllib2 import re import base64 class HttpdCommon(testlib.TestlibCase): '''Common functions''' def _setUp(self, clearlogs = False): '''Setup''' self.release = self.lsb_release['Codename'] self.html_page = "/var/www/test.html" self.php_page = "/var/www/test.php" self.cgi_page = "/usr/lib/cgi-bin/test-cgi.pl" self.apache2_default = "/etc/default/apache2" self.ssl_key = "/etc/ssl/private/server.key" self.ssl_crt = "/etc/ssl/certs/server.crt" self.ssl_site = "/etc/apache2/sites-enabled/999-testlib" self.ports_file = "/etc/apache2/ports.conf" self.access_log = "/var/log/apache2/access.log" self.error_log = "/var/log/apache2/error.log" if not hasattr(self, 'initscript'): self._set_initscript("apache2") # Dapper's apache2 is disabled by default if self.lsb_release['Release'] == 6.06: testlib.config_replace(self.apache2_default, "", append=True) subprocess.call(['sed', '-i', 's/NO_START=1/NO_START=0/', self.apache2_default]) self._stop() if clearlogs == True: self._clearlogs() self._start() def _set_initscript(self, initscript): self.initscript = initscript def _tearDown(self): '''Clean up after each test_* function''' self._stop() time.sleep(2) if os.path.exists(self.html_page): os.unlink(self.html_page) if os.path.exists(self.php_page): os.unlink(self.php_page) if os.path.exists(self.cgi_page): os.unlink(self.cgi_page) if os.path.exists(self.ssl_key): os.unlink(self.ssl_key) if os.path.exists(self.ssl_crt): os.unlink(self.ssl_crt) if os.path.exists(self.ssl_site): os.unlink(self.ssl_site) self._disable_mod("ssl") testlib.config_restore(self.ports_file) testlib.config_restore(self.apache2_default) def _start(self): '''Start process''' # check if there is a /etc/init/initscript.conf if os.path.exists("/etc/init/%s.conf" % self.initscript): rc, report = testlib.cmd(['start', self.initscript]) else: rc, report = testlib.cmd(["/etc/init.d/%s" % self.initscript, 'start']) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) time.sleep(2) def _stop(self): '''Stop process''' # check if process is running if os.path.exists("/etc/init/%s.conf" % self.initscript): rc, pidof = testlib.cmd(['pidof', '-x', self.initscript]) if pidof: rc, report = testlib.cmd(['stop', self.initscript]) else: # no need to stop it, it's stopped rc, report = (0, '') else: rc, report = testlib.cmd([self.initscript, 'stop']) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) def _clearlogs(self): '''Clear httpd logs''' if os.path.exists(self.access_log): os.unlink(self.access_log) if os.path.exists(self.error_log): os.unlink(self.error_log) def __disable_mod(self, mod): if not os.path.exists(os.path.join("/etc/apache2/mods-available", mod + \ ".load")): return if not os.path.exists("/usr/sbin/a2dismod"): return rc, report = testlib.cmd(['a2dismod', mod]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) def _disable_mod(self, mod): self.__disable_mod(mod) self._restart() time.sleep(2) def _disable_mods(self, mods): '''take a list of modules to disable''' for mod in mods: self.__disable_mod(mod) self._restart() time.sleep(2) def __enable_mod(self, mod): rc, report = testlib.cmd(['a2enmod', mod]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) def _enable_mod(self, mod): self.__enable_mod(mod) # for some reason, force-reload doesn't work # if self.lsb_release['Release'] >= 8.04: # self._reload() # else: self._restart() time.sleep(2) def _enable_mods(self, mods): '''take a list of modules to enable''' for mod in mods: self.__enable_mod(mod) # for some reason, force-reload doesn't work # if self.lsb_release['Release'] >= 8.04: # self._reload() # else: self._restart() time.sleep(2) def _disable_site(self, sitename): rc, report = testlib.cmd(['a2dissite', sitename]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) self._restart() time.sleep(2) def _enable_site(self, sitename): rc, report = testlib.cmd(['a2ensite', sitename]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) # for some reason, force-reload doesn't work # if self.lsb_release['Release'] >= 8.04: # self._reload() #else: self._restart() time.sleep(2) def _reload(self): '''Reload httpd''' rc, report = testlib.cmd([self.initscript, 'force-reload']) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) def _restart(self): '''Restart httpd''' self._stop() self._start() def _prepare_ssl(self, srvkey, srvcert): '''Prepare Apache for ssl connections''' self._enable_mod("ssl") # copy instead of rename so we don't get invalid cross-device link errors shutil.copy(srvkey, self.ssl_key) shutil.copy(srvcert, self.ssl_crt) if self.lsb_release['Release'] <= 7.04: testlib.config_replace(self.ports_file, "Listen 443", True) # create the conffile entry site_contents = ''' NameVirtualHost *:443 SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key ServerAdmin webmaster@localhost DocumentRoot /var/www/ ErrorLog /var/log/apache2/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog /var/log/apache2/access.log combined ServerSignature On ''' testlib.create_fill(self.ssl_site, site_contents) self._reload() def _test_url_proxy(self, url="http://localhost/", content="", proxy="localhost:3128"): '''Test the given url''' rc, report = testlib.cmd(['elinks', '-verbose', '2', '-no-home', '1', '-eval', 'set protocol.ftp.proxy.host = "%s"' %(proxy), '-eval', 'set protocol.http.proxy.host = "%s"' %(proxy), '-eval', 'set protocol.https.proxy.host = "%s"' %(proxy), '-dump', url]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) if content != "": self._word_find(report, content) def _test_url(self, url="http://localhost/", content="", invert=False, source=False): '''Test the given url''' if source: report = self._get_page_source(url) else: report = self._get_page(url) if content != "": self._word_find(report, content, invert) def _get_page_source(self, url="http://localhost/", data='', headers=None): '''Fetch html source''' cookies = "/tmp/cookies.lwp" testlib.create_fill(cookies, "#LWP-Cookies-2.0") if headers == None: headers = {'User-agent' : 'Mozilla/4.0 (compatible; MSIE 5.5; Windows NT)'} clean_url = url if re.search(r'http(|s)://.*:.*@[a-z].*', url): tmp = re.sub(r'^http(|s)://', '', url) username = tmp.split('@')[0].split(':')[0] password = tmp.split('@')[0].split(':')[1] base64_str = base64.encodestring('%s:%s' % (username, password))[:-1] headers['Authorization'] = "Basic %s" % (base64_str) # strip out the username and password from the url clean_url = re.sub(r'%s:%s@' % (username, password), '', url) cj = cookielib.LWPCookieJar(filename=cookies) cj.load() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj)) urllib2.install_opener(opener) try: if data != '': req = urllib2.Request(clean_url, data, headers) else: req = urllib2.Request(clean_url, headers=headers) except: raise tries = 0 failed = True while tries < 3: try: handle = urllib2.urlopen(req) failed = False break except urllib2.HTTPError, e: raise if e.code != 503: # for debugging #print >>sys.stderr, 'Error retrieving page "url=%s", "data=%s"' % (url, data) raise tries += 1 time.sleep(2) self.assertFalse(failed, 'Could not retrieve page "url=%s", "data=%s"' % (url, data)) html = handle.read() cj.save() return html def _get_page(self, url="http://localhost/"): '''Get contents of given url''' rc, report = testlib.cmd(['elinks', '-verbose', '2', '-no-home', '1', '-dump', url]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) return report def _test_raw(self, request="", content="", host="localhost", port=80, invert = False, limit=1024): '''Test the given url with a raw socket to include headers''' s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host, port)) s.send(request) data = s.recv(limit) s.close() if content != "": self._word_find(data, content, invert = invert) def create_php_page(page, php_content=None): '''Create a basic php page''' # complexity here is due to maintaining interface compatability when # php_content is not provided if not php_content: str = "php works" php_content = "echo '" + str + "'; " else: str = php_content script = '''''' %(php_content) testlib.create_fill(page, script) return str def create_perl_script(page): '''Create a basic perl script''' str = "perl works" script = '''#!/usr/bin/perl print "Content-Type: text/plain\\n\\n"; print "''' + str + '''\\n"; ''' testlib.create_fill(page, script, 0755) return str def create_html_page(page): '''Create html page''' str = "html works" testlib.create_fill(page, "" + str + "") return str debian/tests/test-squid.py0000664000000000000000000001724612252041564013021 0ustar #!/usr/bin/python # # test-squid.py quality assurance test script # Copyright (C) 2008-2013 Canonical Ltd. # Author: Jamie Strandboge # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2, # as published by the Free Software Foundation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # ''' *** IMPORTANT *** DO NOT RUN ON A PRODUCTION SERVER. *** IMPORTANT *** How to run: $ sudo apt-get remove --purge squid $ sudo apt-get -y install squid squidclient python-unit elinks netcat $ sudo ./test-squid.py -v NOTE: The host running this script needs to have access to the internet TODO: acls ident purge (via squidclient) ... squidguard: - test with: $ echo "http://blocked.com 1.2.3.4/- - GET -" | squidGuard -c /etc/squid/squidGuard.conf -d if using a 'redirect', then the redirect URL is displayed, otherwise nothing - test block with the following in default acl in squidGuard.conf: pass local none redirect http://www.example.com/redirected.html - test pass with the following in default acl in squidGuard.conf: pass local all redirect http://www.example.com/redirected.html - test domains and urls with something like the following acl: dest bad { domainlist test/domains urllist test/urls } acl { default { pass !bad all redirect http://www.example.com/redirected.html } } then create /var/lib/squidguard/db/test/domains with: blocked.com Test with: $ echo "http://ok.com 1.2.3.4/- - GET -" | squidGuard -c /etc/squid/squidGuard.conf -d $ echo "http://blocked.com 1.2.3.4/- - GET -" | squidGuard -c /etc/squid/squidGuard.conf -d ''' # QRT-Packages: squid squidclient python-unit elinks netcat pygopherd apparmor-utils # QRT-Depends: testlib_httpd.py private/qrt/squid.py import unittest, subprocess import os import sys import testlib import testlib_httpd import time import tempfile try: from private.qrt.squid import PrivateSquidTest except ImportError: class PrivateSquidTest(object): '''Empty class''' print >>sys.stdout, "Skipping private tests" class BasicTest(testlib_httpd.HttpdCommon, PrivateSquidTest): '''Test basic functionality''' def setUp(self): '''Setup mechanisms''' # for some reason, squid on maverick is missing the init.d # upstart compatibility symlink if self.lsb_release['Release'] == 10.10 and not os.path.exists("/etc/init.d/squid"): os.symlink("/lib/init/upstart-job", "/etc/init.d/squid") self._set_initscript("/etc/init.d/squid") if self.lsb_release['Release'] >= 12.04: self._set_initscript("squid3") testlib_httpd.HttpdCommon._setUp(self) self.gophermap = "/var/gopher/gophermap" self.aa_profile = "usr.sbin.squid3" self.aa_abs_profile = "/etc/apparmor.d/%s" % self.aa_profile self.version_with_apparmor = 12.10 # This hack is only used until we have tests run both confined and # unconfined self.aa_unload_at_teardown = False def tearDown(self): '''Shutdown methods''' testlib_httpd.HttpdCommon._tearDown(self) testlib.config_restore(self.gophermap) def test_daemons(self): '''Test daemon''' pidfile = "/run/squid3.pid" exe = "squid3" if self.lsb_release['Release'] < 12.04: pidfile = "/var/run/squid.pid" exe = "squid" self.assertTrue(testlib.check_pidfile(exe, pidfile)) def test_http_proxy(self): '''Test http''' self._test_url_proxy("http://www.ubuntu.com/", "Canonical", "http://localhost:3128/") def test_https_proxy(self): '''Test https''' self._test_url_proxy("https://wiki.ubuntu.com/", "Community", "http://localhost:3128/") def test_ftp_proxy(self): '''Test ftp''' self._test_url_proxy("ftp://anonymous@localhost:21", "irectory", "http://localhost:3128/") def test_squidclient(self): '''Test squidclient''' urls = ['http://www.ubuntu.com/', 'https://wiki.ubuntu.com/', \ 'ftp://anonymous@localhost:21', 'gopher://127.0.0.1'] for url in urls: rc, report = testlib.cmd(['squidclient', '-h', '127.0.0.1', '-p', '3128', '-r', url]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) def test_CVE_2011_3205(self): '''Test parsing lines > 4096 in length (CVE-2011-3205)''' longline = "ABCDEF" * 4096 testlib.config_replace(self.gophermap, """Welcome to Pygopherd! You can place your documents in /var/gopher for future use. You can remove the gophermap file there to get rid of this message, or you can edit it to use other things. (You'll need to do at least one of these two things in order to get your own data to show up!) %s Some links to get you started: 1Pygopherd Home /devel/gopher/pygopherd gopher.quux.org 70 1Quux.Org Mega Server / gopher.quux.org 70 1The Gopher Project /Software/Gopher gopher.quux.org 70 1Traditional UMN Home Gopher / gopher.tc.umn.edu 70 Welcome to the world of Gopher and enjoy! """ %(longline), append=False) rc, report = testlib.cmd(['squidclient', '-h', '127.0.0.1', '-p', '3128', '-r', "gopher://127.0.0.1"]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) # Run this last so if we enable the profile then we don't unload it def test_zz_apparmor(self): '''Test apparmor''' if self.lsb_release['Release'] < 12.10: self._skipped("No profile in 12.04 and under") self.aa_unload_at_teardown = True # Currently while we have a profile, it is shipped disabled by default. # Verify that. rc, report = testlib.check_apparmor(self.aa_abs_profile, 12.10, is_running=False) expected = 1 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(rc, expected, result + report) # Verify it is syntactically correct rc, report = testlib.cmd(['apparmor_parser', '-p', self.aa_abs_profile]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(rc, expected, result + report) # Verify it loads ok rc, report = testlib.cmd(['aa-enforce', self.aa_abs_profile]) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(rc, expected, result + report) self._stop() self._start() rc, report = testlib.check_apparmor(self.aa_abs_profile, 12.10, is_running=True) expected = 1 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(rc, expected, result + report) if __name__ == '__main__': suite = unittest.TestSuite() suite.addTest(unittest.TestLoader().loadTestsFromTestCase(BasicTest)) rc = unittest.TextTestRunner(verbosity=2).run(suite) if not rc.wasSuccessful(): sys.exit(1) debian/tests/control0000664000000000000000000000020212252041564011730 0ustar Tests: squid Depends: squid, squidclient, python-unit, elinks, netcat, pygopherd, apparmor-utils, vsftpd Restrictions: needs-root debian/tests/testlib.py0000664000000000000000000011534212252041564012361 0ustar # # testlib.py quality assurance test script # Copyright (C) 2008-2011 Canonical Ltd. # # This library is free software; you can redistribute it and/or # modify it under the terms of the GNU Library General Public # License as published by the Free Software Foundation; either # version 2 of the License. # # This library is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # Library General Public License for more details. # # You should have received a copy of the GNU Library General Public # License along with this program. If not, see # . # '''Common classes and functions for package tests.''' import string, random, crypt, subprocess, pwd, grp, signal, time, unittest, tempfile, shutil, os, os.path, re, glob import sys, socket, gzip from stat import * from encodings import string_escape import warnings warnings.filterwarnings('ignore', message=r'.*apt_pkg\.TagFile.*', category=DeprecationWarning) try: import apt_pkg apt_pkg.InitSystem(); except: # On non-Debian system, fall back to simple comparison without debianisms class apt_pkg(object): def VersionCompare(one, two): list_one = one.split('.') list_two = two.split('.') while len(list_one)>0 and len(list_two)>0: if list_one[0] > list_two[0]: return 1 if list_one[0] < list_two[0]: return -1 list_one.pop(0) list_two.pop(0) return 0 bogus_nxdomain = "208.69.32.132" # http://www.chiark.greenend.org.uk/ucgi/~cjwatson/blosxom/2009-07-02-python-sigpipe.html # This is needed so that the subprocesses that produce endless output # actually quit when the reader goes away. import signal def subprocess_setup(): # Python installs a SIGPIPE handler by default. This is usually not what # non-Python subprocesses expect. signal.signal(signal.SIGPIPE, signal.SIG_DFL) class TimedOutException(Exception): def __init__(self, value = "Timed Out"): self.value = value def __str__(self): return repr(self.value) def _restore_backup(path): pathbackup = path + '.autotest' if os.path.exists(pathbackup): shutil.move(pathbackup, path) def _save_backup(path): pathbackup = path + '.autotest' if os.path.exists(path) and not os.path.exists(pathbackup): shutil.copy2(path, pathbackup) # copy2 does not copy ownership, so do it here. # Reference: http://docs.python.org/library/shutil.html a = os.stat(path) os.chown(pathbackup, a[4], a[5]) def config_copydir(path): if os.path.exists(path) and not os.path.isdir(path): raise OSError, "'%s' is not a directory" % (path) _restore_backup(path) pathbackup = path + '.autotest' if os.path.exists(path): shutil.copytree(path, pathbackup, symlinks=True) def config_replace(path,contents,append=False): '''Replace (or append) to a config file''' _restore_backup(path) if os.path.exists(path): _save_backup(path) if append: contents = file(path).read() + contents open(path, 'w').write(contents) def config_comment(path, field): _save_backup(path) contents = "" for line in file(path): if re.search("^\s*%s\s*=" % (field), line): line = "#" + line contents += line open(path+'.new', 'w').write(contents) os.rename(path+'.new', path) def config_set(path, field, value, spaces=True): _save_backup(path) contents = "" if spaces==True: setting = '%s = %s\n' % (field, value) else: setting = '%s=%s\n' % (field, value) found = False for line in file(path): if re.search("^\s*%s\s*=" % (field), line): found = True line = setting contents += line if not found: contents += setting open(path+'.new', 'w').write(contents) os.rename(path+'.new', path) def config_patch(path, patch, depth=1): '''Patch a config file''' _restore_backup(path) _save_backup(path) handle, name = mkstemp_fill(patch) rc = subprocess.call(['/usr/bin/patch', '-p%s' %(depth), path], stdin=handle, stdout=subprocess.PIPE) os.unlink(name) if rc != 0: raise Exception("Patch failed") def config_restore(path): '''Rename a replaced config file back to its initial state''' _restore_backup(path) def timeout(secs, f, *args): def handler(signum, frame): raise TimedOutException() old = signal.signal(signal.SIGALRM, handler) result = None signal.alarm(secs) try: result = f(*args) finally: signal.alarm(0) signal.signal(signal.SIGALRM, old) return result def require_nonroot(): if os.geteuid() == 0: print >>sys.stderr, "This series of tests should be run as a regular user with sudo access, not as root." sys.exit(1) def require_root(): if os.geteuid() != 0: print >>sys.stderr, "This series of tests should be run with root privileges (e.g. via sudo)." sys.exit(1) def require_sudo(): if os.geteuid() != 0 or os.environ.get('SUDO_USER', None) == None: print >>sys.stderr, "This series of tests must be run under sudo." sys.exit(1) if os.environ['SUDO_USER'] == 'root': print >>sys.stderr, 'Please run this test using sudo from a regular user. (You ran sudo from root.)' sys.exit(1) def random_string(length,lower=False): '''Return a random string, consisting of ASCII letters, with given length.''' s = '' selection = string.letters if lower: selection = string.lowercase maxind = len(selection)-1 for l in range(length): s += selection[random.randint(0, maxind)] return s def mkstemp_fill(contents,suffix='',prefix='testlib-',dir=None): '''As tempfile.mkstemp does, return a (file, name) pair, but with prefilled contents.''' handle, name = tempfile.mkstemp(suffix=suffix,prefix=prefix,dir=dir) os.close(handle) handle = file(name,"w+") handle.write(contents) handle.flush() handle.seek(0) return handle, name def create_fill(path, contents, mode=0644): '''Safely create a page''' # make the temp file in the same dir as the destination file so we # don't get invalid cross-device link errors when we rename handle, name = mkstemp_fill(contents, dir=os.path.dirname(path)) handle.close() os.rename(name, path) os.chmod(path, mode) def login_exists(login): '''Checks whether the given login exists on the system.''' try: pwd.getpwnam(login) return True except KeyError: return False def group_exists(group): '''Checks whether the given login exists on the system.''' try: grp.getgrnam(group) return True except KeyError: return False def recursive_rm(dirPath, contents_only=False): '''recursively remove directory''' names = os.listdir(dirPath) for name in names: path = os.path.join(dirPath, name) if os.path.islink(path) or not os.path.isdir(path): os.unlink(path) else: recursive_rm(path) if contents_only == False: os.rmdir(dirPath) def check_pidfile(exe, pidfile): '''Checks if pid in pidfile is running''' if not os.path.exists(pidfile): return False # get the pid try: fd = open(pidfile, 'r') pid = fd.readline().rstrip('\n') fd.close() except: return False return check_pid(exe, pid) def check_pid(exe, pid): '''Checks if pid is running''' cmdline = "/proc/%s/cmdline" % (str(pid)) if not os.path.exists(cmdline): return False # get the command line try: fd = open(cmdline, 'r') tmp = fd.readline().split('\0') fd.close() except: return False # this allows us to match absolute paths or just the executable name if re.match('^' + exe + '$', tmp[0]) or \ re.match('.*/' + exe + '$', tmp[0]) or \ re.match('^' + exe + ': ', tmp[0]) or \ re.match('^\(' + exe + '\)', tmp[0]): return True return False def check_port(port, proto, ver=4): '''Check if something is listening on the specified port. WARNING: for some reason this does not work with a bind mounted /proc ''' assert (port >= 1) assert (port <= 65535) assert (proto.lower() == "tcp" or proto.lower() == "udp") assert (ver == 4 or ver == 6) fn = "/proc/net/%s" % (proto) if ver == 6: fn += str(ver) rc, report = cmd(['cat', fn]) assert (rc == 0) hport = "%0.4x" % port if re.search(': [0-9a-f]{8}:%s [0-9a-f]' % str(hport).lower(), report.lower()): return True return False def get_arch(): '''Get the current architecture''' rc, report = cmd(['uname', '-m']) assert (rc == 0) return report.strip() def get_memory(): '''Gets total ram and swap''' meminfo = "/proc/meminfo" memtotal = 0 swaptotal = 0 if not os.path.exists(meminfo): return (False, False) try: fd = open(meminfo, 'r') for line in fd.readlines(): splitline = line.split() if splitline[0] == 'MemTotal:': memtotal = int(splitline[1]) elif splitline[0] == 'SwapTotal:': swaptotal = int(splitline[1]) fd.close() except: return (False, False) return (memtotal,swaptotal) def is_running_in_vm(): '''Check if running under a VM''' # add other virtualization environments here for search in ['QEMU Virtual CPU']: rc, report = cmd_pipe(['dmesg'], ['grep', search]) if rc == 0: return True return False def ubuntu_release(): '''Get the Ubuntu release''' f = "/etc/lsb-release" try: size = os.stat(f)[ST_SIZE] except: return "UNKNOWN" if size > 1024*1024: raise IOError, 'Could not open "%s" (too big)' % f try: fh = open("/etc/lsb-release", 'r') except: raise lines = fh.readlines() fh.close() pat = re.compile(r'DISTRIB_CODENAME') for line in lines: if pat.search(line): return line.split('=')[1].rstrip('\n').rstrip('\r') return "UNKNOWN" def cmd(command, input = None, stderr = subprocess.STDOUT, stdout = subprocess.PIPE, stdin = None, timeout = None): '''Try to execute given command (array) and return its stdout, or return a textual error if it failed.''' try: sp = subprocess.Popen(command, stdin=stdin, stdout=stdout, stderr=stderr, close_fds=True, preexec_fn=subprocess_setup) except OSError, e: return [127, str(e)] out, outerr = sp.communicate(input) # Handle redirection of stdout if out == None: out = '' # Handle redirection of stderr if outerr == None: outerr = '' return [sp.returncode,out+outerr] def cmd_pipe(command1, command2, input = None, stderr = subprocess.STDOUT, stdin = None): '''Try to pipe command1 into command2.''' try: sp1 = subprocess.Popen(command1, stdin=stdin, stdout=subprocess.PIPE, stderr=stderr, close_fds=True) sp2 = subprocess.Popen(command2, stdin=sp1.stdout, stdout=subprocess.PIPE, stderr=stderr, close_fds=True) except OSError, e: return [127, str(e)] out = sp2.communicate(input)[0] return [sp2.returncode,out] def cwd_has_enough_space(cdir, total_bytes): '''Determine if the partition of the current working directory has 'bytes' free.''' rc, df_output = cmd(['df']) result = 'Got exit code %d, expected %d\n' % (rc, 0) if rc != 0: return False kb = total_bytes / 1024 mounts = dict() for line in df_output.splitlines(): if '/' not in line: continue tmp = line.split() mounts[tmp[5]] = int(tmp[3]) cdir = os.getcwd() while cdir != '/': if not mounts.has_key(cdir): cdir = os.path.dirname(cdir) continue if kb < mounts[cdir]: return True else: return False if kb < mounts['/']: return True return False def get_md5(filename): '''Gets the md5sum of the file specified''' (rc, report) = cmd(["/usr/bin/md5sum", "-b", filename]) expected = 0 assert (expected == rc) return report.split(' ')[0] def dpkg_compare_installed_version(pkg, check, version): '''Gets the version for the installed package, and compares it to the specified version. ''' (rc, report) = cmd(["/usr/bin/dpkg", "-s", pkg]) assert (rc == 0) assert ("Status: install ok installed" in report) installed_version = "" for line in report.splitlines(): if line.startswith("Version: "): installed_version = line.split()[1] assert (installed_version != "") (rc, report) = cmd(["/usr/bin/dpkg", "--compare-versions", installed_version, check, version]) assert (rc == 0 or rc == 1) if rc == 0: return True return False def prepare_source(source, builder, cached_src, build_src, patch_system): '''Download and unpack source package, installing necessary build depends, adjusting the permissions for the 'builder' user, and returning the directory of the unpacked source. Patch system can be one of: - cdbs - dpatch - quilt - quiltv3 - None (not the string) This is normally used like this: def setUp(self): ... self.topdir = os.getcwd() self.cached_src = os.path.join(os.getcwd(), "source") self.tmpdir = tempfile.mkdtemp(prefix='testlib', dir='/tmp') self.builder = testlib.TestUser() testlib.cmd(['chgrp', self.builder.login, self.tmpdir]) os.chmod(self.tmpdir, 0775) def tearDown(self): ... self.builder = None self.topdir = os.getcwd() if os.path.exists(self.tmpdir): testlib.recursive_rm(self.tmpdir) def test_suite_build(self): ... build_dir = testlib.prepare_source('foo', \ self.builder, \ self.cached_src, \ os.path.join(self.tmpdir, \ os.path.basename(self.cached_src)), "quilt") os.chdir(build_dir) # Example for typical build, adjust as necessary print "" print " make clean" rc, report = testlib.cmd(['sudo', '-u', self.builder.login, 'make', 'clean']) print " configure" rc, report = testlib.cmd(['sudo', '-u', self.builder.login, './configure', '--prefix=%s' % self.tmpdir, '--enable-debug']) print " make (will take a while)" rc, report = testlib.cmd(['sudo', '-u', self.builder.login, 'make']) print " make check (will take a while)", rc, report = testlib.cmd(['sudo', '-u', self.builder.login, 'make', 'check']) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) def test_suite_cleanup(self): ... if os.path.exists(self.cached_src): testlib.recursive_rm(self.cached_src) It is up to the caller to clean up cached_src and build_src (as in the above example, often the build_src is in a tmpdir that is cleaned in tearDown() and the cached_src is cleaned in a one time clean-up operation (eg 'test_suite_cleanup()) which must be run after the build suite test (obviously). ''' # Make sure we have a clean slate assert (os.path.exists(os.path.dirname(build_src))) assert (not os.path.exists(build_src)) cdir = os.getcwd() if os.path.exists(cached_src): shutil.copytree(cached_src, build_src) os.chdir(build_src) else: # Only install the build dependencies on the initial setup rc, report = cmd(['apt-get','-y','--force-yes','build-dep',source]) assert (rc == 0) os.makedirs(build_src) os.chdir(build_src) # These are always needed pkgs = ['build-essential', 'dpkg-dev', 'fakeroot'] rc, report = cmd(['apt-get','-y','--force-yes','install'] + pkgs) assert (rc == 0) rc, report = cmd(['apt-get','source',source]) assert (rc == 0) shutil.copytree(build_src, cached_src) unpacked_dir = os.path.join(build_src, glob.glob('%s-*' % source)[0]) # Now apply the patches. Do it here so that we don't mess up our cached # sources. os.chdir(unpacked_dir) assert (patch_system in ['cdbs', 'dpatch', 'quilt', 'quiltv3', None]) if patch_system != None and patch_system != "quiltv3": if patch_system == "quilt": os.environ.setdefault('QUILT_PATCHES','debian/patches') rc, report = cmd(['quilt', 'push', '-a']) assert (rc == 0) elif patch_system == "cdbs": rc, report = cmd(['./debian/rules', 'apply-patches']) assert (rc == 0) elif patch_system == "dpatch": rc, report = cmd(['dpatch', 'apply-all']) assert (rc == 0) cmd(['chown', '-R', '%s:%s' % (builder.uid, builder.gid), build_src]) os.chdir(cdir) return unpacked_dir def _aa_status(): '''Get aa-status output''' exe = "/usr/sbin/aa-status" assert (os.path.exists(exe)) if os.geteuid() == 0: return cmd([exe]) return cmd(['sudo', exe]) def is_apparmor_loaded(path): '''Check if profile is loaded''' rc, report = _aa_status() if rc != 0: return False for line in report.splitlines(): if line.endswith(path): return True return False def is_apparmor_confined(path): '''Check if application is confined''' rc, report = _aa_status() if rc != 0: return False for line in report.splitlines(): if re.search('%s \(' % path, line): return True return False def check_apparmor(path, first_ubuntu_release, is_running=True): '''Check if path is loaded and confined for everything higher than the first Ubuntu release specified. Usage: rc, report = testlib.check_apparmor('/usr/sbin/foo', 8.04, is_running=True) if rc < 0: return self._skipped(report) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, result + report) ''' global manager rc = -1 if manager.lsb_release["Release"] < first_ubuntu_release: return (rc, "Skipped apparmor check") if not os.path.exists('/sbin/apparmor_parser'): return (rc, "Skipped (couldn't find apparmor_parser)") rc = 0 msg = "" if not is_apparmor_loaded(path): rc = 1 msg = "Profile not loaded for '%s'" % path # this check only makes sense it the 'path' is currently executing if is_running and rc == 0 and not is_apparmor_confined(path): rc = 1 msg = "'%s' is not running in enforce mode" % path return (rc, msg) def get_gcc_version(gcc, full=True): gcc_version = 'none' if not gcc.startswith('/'): gcc = '/usr/bin/%s' % (gcc) if os.path.exists(gcc): gcc_version = 'unknown' lines = cmd([gcc,'-v'])[1].strip().splitlines() version_lines = [x for x in lines if x.startswith('gcc version')] if len(version_lines) == 1: gcc_version = " ".join(version_lines[0].split()[2:]) if not full: return gcc_version.split()[0] return gcc_version def is_kdeinit_running(): '''Test if kdeinit is running''' # applications that use kdeinit will spawn it if it isn't running in the # test. This is a problem because it does not exit. This is a helper to # check for it. rc, report = cmd(['ps', 'x']) if 'kdeinit4 Running' not in report: print >>sys.stderr, ("kdeinit not running (you may start/stop any KDE application then run this script again)") return False return True def get_pkgconfig_flags(libs=[]): '''Find pkg-config flags for libraries''' assert (len(libs) > 0) rc, pkg_config = cmd(['pkg-config', '--cflags', '--libs'] + libs) expected = 0 if rc != expected: print >>sys.stderr, 'Got exit code %d, expected %d\n' % (rc, expected) assert(rc == expected) return pkg_config.split() class TestDaemon: '''Helper class to manage daemons consistently''' def __init__(self, init): '''Setup daemon attributes''' self.initscript = init def start(self): '''Start daemon''' rc, report = cmd([self.initscript, 'start']) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) time.sleep(2) if expected != rc: return (False, result + report) if "fail" in report: return (False, "Found 'fail' in report\n" + report) return (True, "") def stop(self): '''Stop daemon''' rc, report = cmd([self.initscript, 'stop']) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) if expected != rc: return (False, result + report) if "fail" in report: return (False, "Found 'fail' in report\n" + report) return (True, "") def reload(self): '''Reload daemon''' rc, report = cmd([self.initscript, 'force-reload']) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) if expected != rc: return (False, result + report) if "fail" in report: return (False, "Found 'fail' in report\n" + report) return (True, "") def restart(self): '''Restart daemon''' (res, str) = self.stop() if not res: return (res, str) (res, str) = self.start() if not res: return (res, str) return (True, "") def status(self): '''Check daemon status''' rc, report = cmd([self.initscript, 'status']) expected = 0 result = 'Got exit code %d, expected %d\n' % (rc, expected) if expected != rc: return (False, result + report) if "fail" in report: return (False, "Found 'fail' in report\n" + report) return (True, "") class TestlibManager(object): '''Singleton class used to set up per-test-run information''' def __init__(self): # Set glibc aborts to dump to stderr instead of the tty so test output # is more sane. os.environ.setdefault('LIBC_FATAL_STDERR_','1') # check verbosity self.verbosity = False if (len(sys.argv) > 1 and '-v' in sys.argv[1:]): self.verbosity = True # Load LSB release file self.lsb_release = dict() if not os.path.exists('/usr/bin/lsb_release') and not os.path.exists('/bin/lsb_release'): raise OSError, "Please install 'lsb-release'" for line in subprocess.Popen(['lsb_release','-a'],stdout=subprocess.PIPE,stderr=subprocess.PIPE).communicate()[0].splitlines(): field, value = line.split(':',1) value=value.strip() field=field.strip() # Convert numerics try: value = float(value) except: pass self.lsb_release.setdefault(field,value) # FIXME: hack OEM releases into known-Ubuntu versions if self.lsb_release['Distributor ID'] == "HP MIE (Mobile Internet Experience)": if self.lsb_release['Release'] == 1.0: self.lsb_release['Distributor ID'] = "Ubuntu" self.lsb_release['Release'] = 8.04 else: raise OSError, "Unknown version of HP MIE" # FIXME: hack to assume a most-recent release if we're not # running under Ubuntu. if self.lsb_release['Distributor ID'] not in ["Ubuntu","Linaro"]: self.lsb_release['Release'] = 10000 # Adjust Linaro release to pretend to be Ubuntu if self.lsb_release['Distributor ID'] in ["Linaro"]: self.lsb_release['Distributor ID'] = "Ubuntu" self.lsb_release['Release'] -= 0.01 # Load arch if not os.path.exists('/usr/bin/dpkg'): machine = cmd(['uname','-m'])[1].strip() if machine.endswith('86'): self.dpkg_arch = 'i386' elif machine.endswith('_64'): self.dpkg_arch = 'amd64' elif machine.startswith('arm'): self.dpkg_arch = 'armel' else: raise ValueError, "Unknown machine type '%s'" % (machine) else: self.dpkg_arch = cmd(['dpkg','--print-architecture'])[1].strip() # Find kernel version self.kernel_is_ubuntu = False self.kernel_version_signature = None self.kernel_version = cmd(["uname","-r"])[1].strip() versig = '/proc/version_signature' if os.path.exists(versig): self.kernel_is_ubuntu = True self.kernel_version_signature = file(versig).read().strip() self.kernel_version_ubuntu = self.kernel_version elif os.path.exists('/usr/bin/dpkg'): # this can easily be inaccurate but is only an issue for Dapper rc, out = cmd(['dpkg','-l','linux-image-%s' % (self.kernel_version)]) if rc == 0: self.kernel_version_signature = out.strip().split('\n').pop().split()[2] self.kernel_version_ubuntu = self.kernel_version_signature if self.kernel_version_signature == None: # Attempt to fall back to something for non-Debian-based self.kernel_version_signature = self.kernel_version self.kernel_version_ubuntu = self.kernel_version # Build ubuntu version without hardware suffix try: self.kernel_version_ubuntu = "-".join([x for x in self.kernel_version_signature.split(' ')[1].split('-') if re.search('^[0-9]', x)]) except: pass # Find gcc version self.gcc_version = get_gcc_version('gcc') # Find libc self.path_libc = [x.split()[2] for x in cmd(['ldd','/bin/ls'])[1].splitlines() if x.startswith('\tlibc.so.')][0] # Report self if self.verbosity: kernel = self.kernel_version_ubuntu if kernel != self.kernel_version_signature: kernel += " (%s)" % (self.kernel_version_signature) print >>sys.stdout, "Running test: '%s' distro: '%s %.2f' kernel: '%s' arch: '%s' uid: %d/%d SUDO_USER: '%s')" % ( \ sys.argv[0], self.lsb_release['Distributor ID'], self.lsb_release['Release'], kernel, self.dpkg_arch, os.geteuid(), os.getuid(), os.environ.get('SUDO_USER', '')) sys.stdout.flush() # Additional heuristics #if os.environ.get('SUDO_USER', os.environ.get('USER', '')) in ['mdeslaur']: # sys.stdout.write("Replying to Marc Deslauriers in http://launchpad.net/bugs/%d: " % random.randint(600000, 980000)) # sys.stdout.flush() # time.sleep(0.5) # sys.stdout.write("destroyed\n") # time.sleep(0.5) def hello(self, msg): print >>sys.stderr, "Hello from %s" % (msg) # The central instance manager = TestlibManager() class TestlibCase(unittest.TestCase): def __init__(self, *args): '''This is called for each TestCase test instance, which isn't much better than SetUp.''' unittest.TestCase.__init__(self, *args) # Attach to and duplicate dicts from manager singleton self.manager = manager #self.manager.hello(repr(self) + repr(*args)) self.my_verbosity = self.manager.verbosity self.lsb_release = self.manager.lsb_release self.dpkg_arch = self.manager.dpkg_arch self.kernel_version = self.manager.kernel_version self.kernel_version_signature = self.manager.kernel_version_signature self.kernel_version_ubuntu = self.manager.kernel_version_ubuntu self.kernel_is_ubuntu = self.manager.kernel_is_ubuntu self.gcc_version = self.manager.gcc_version self.path_libc = self.manager.path_libc def version_compare(self, one, two): return apt_pkg.VersionCompare(one,two) def assertFileType(self, filename, filetype): '''Checks the file type of the file specified''' (rc, report, out) = self._testlib_shell_cmd(["/usr/bin/file", "-b", filename]) out = out.strip() expected = 0 # Absolutely no idea why this happens on Hardy if self.lsb_release['Release'] == 8.04 and rc == 255 and len(out) > 0: rc = 0 result = 'Got exit code %d, expected %d:\n%s\n' % (rc, expected, report) self.assertEquals(expected, rc, result) filetype = '^%s$' % (filetype) result = 'File type reported by file: [%s], expected regex: [%s]\n' % (out, filetype) self.assertNotEquals(None, re.search(filetype, out), result) def yank_commonname_from_cert(self, certfile): '''Extract the commonName from a given PEM''' rc, out = cmd(['openssl','asn1parse','-in',certfile]) if rc == 0: ready = False for line in out.splitlines(): if ready: return line.split(':')[-1] if ':commonName' in line: ready = True return socket.getfqdn() def announce(self, text): if self.my_verbosity: print >>sys.stdout, "(%s) " % (text), sys.stdout.flush() def make_clean(self): rc, output = self.shell_cmd(['make','clean']) self.assertEquals(rc, 0, output) def get_makefile_compiler(self): # Find potential compiler name compiler = 'gcc' if os.path.exists('Makefile'): for line in open('Makefile'): if line.startswith('CC') and '=' in line: items = [x.strip() for x in line.split('=')] if items[0] == 'CC': compiler = items[1] break return compiler def make_target(self, target, expected=0): '''Compile a target and report output''' compiler = self.get_makefile_compiler() rc, output = self.shell_cmd(['make',target]) self.assertEquals(rc, expected, 'rc(%d)!=%d:\n' % (rc, expected) + output) self.assertTrue('%s ' % (compiler) in output, 'Expected "%s":' % (compiler) + output) return output # call as return testlib.skipped() def _skipped(self, reason=""): '''Provide a visible way to indicate that a test was skipped''' if reason != "": reason = ': %s' % (reason) self.announce("skipped%s" % (reason)) return False def _testlib_shell_cmd(self,args,stdin=None, stdout=subprocess.PIPE, stderr=subprocess.STDOUT): argstr = "'" + "', '".join(args).strip() + "'" rc, out = cmd(args,stdin=stdin,stdout=stdout,stderr=stderr) report = 'Command: ' + argstr + '\nOutput:\n' + out return rc, report, out def shell_cmd(self, args, stdin=None): return cmd(args,stdin=stdin) def assertShellExitEquals(self, expected, args, stdin=None, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, msg=""): '''Test a shell command matches a specific exit code''' rc, report, out = self._testlib_shell_cmd(args, stdin=stdin, stdout=stdout, stderr=stderr) result = 'Got exit code %d, expected %d\n' % (rc, expected) self.assertEquals(expected, rc, msg + result + report) def assertShellExitNotEquals(self, unwanted, args, stdin=None, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, msg=""): '''Test a shell command doesn't match a specific exit code''' rc, report, out = self._testlib_shell_cmd(args, stdin=stdin, stdout=stdout, stderr=stderr) result = 'Got (unwanted) exit code %d\n' % rc self.assertNotEquals(unwanted, rc, msg + result + report) def assertShellOutputContains(self, text, args, stdin=None, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, msg="", invert=False): '''Test a shell command contains a specific output''' rc, report, out = self._testlib_shell_cmd(args, stdin=stdin, stdout=stdout, stderr=stderr) result = 'Got exit code %d. Looking for text "%s"\n' % (rc, text) if not invert: self.assertTrue(text in out, msg + result + report) else: self.assertFalse(text in out, msg + result + report) def assertShellOutputEquals(self, text, args, stdin=None, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, msg="", invert=False, expected=None): '''Test a shell command matches a specific output''' rc, report, out = self._testlib_shell_cmd(args, stdin=stdin, stdout=stdout, stderr=stderr) result = 'Got exit code %d. Looking for exact text "%s" (%s)\n' % (rc, text, " ".join(args)) if not invert: self.assertEquals(text, out, msg + result + report) else: self.assertNotEquals(text, out, msg + result + report) if expected != None: result = 'Got exit code %d. Expected %d (%s)\n' % (rc, expected, " ".join(args)) self.assertEquals(rc, expected, msg + result + report) def _word_find(self, report, content, invert=False): '''Check for a specific string''' if invert: warning = 'Found "%s"\n' % content self.assertTrue(content not in report, warning + report) else: warning = 'Could not find "%s"\n' % content self.assertTrue(content in report, warning + report) def _test_sysctl_value(self, path, expected, msg=None, exists=True): sysctl = '/proc/sys/%s' % (path) self.assertEquals(exists, os.path.exists(sysctl), sysctl) value = None if exists: value = int(file(sysctl).read()) report = "%s is not %d: %d" % (sysctl, expected, value) if msg: report += " (%s)" % (msg) self.assertEquals(value, expected, report) return value def set_sysctl_value(self, path, desired): sysctl = '/proc/sys/%s' % (path) self.assertTrue(os.path.exists(sysctl),"%s does not exist" % (sysctl)) file(sysctl,'w').write(str(desired)) self._test_sysctl_value(path, desired) def kernel_at_least(self, introduced): return self.version_compare(self.kernel_version_ubuntu, introduced) >= 0 def kernel_claims_cve_fixed(self, cve): changelog = "/usr/share/doc/linux-image-%s/changelog.Debian.gz" % (self.kernel_version) if os.path.exists(changelog): for line in gzip.open(changelog): if cve in line and not "revert" in line and not "Revert" in line: return True return False class TestGroup: '''Create a temporary test group and remove it again in the dtor.''' def __init__(self, group=None, lower=False): '''Create a new group''' self.group = None if group: if group_exists(group): raise ValueError, 'group name already exists' else: while(True): group = random_string(7,lower=lower) if not group_exists(group): break assert subprocess.call(['groupadd',group]) == 0 self.group = group g = grp.getgrnam(self.group) self.gid = g[2] def __del__(self): '''Remove the created group.''' if self.group: rc, report = cmd(['groupdel', self.group]) assert rc == 0 class TestUser: '''Create a temporary test user and remove it again in the dtor.''' def __init__(self, login=None, home=True, group=None, uidmin=None, lower=False, shell=None): '''Create a new user account with a random password. By default, the login name is random, too, but can be explicitly specified with 'login'. By default, a home directory is created, this can be suppressed with 'home=False'.''' self.login = None if os.geteuid() != 0: raise ValueError, "You must be root to run this test" if login: if login_exists(login): raise ValueError, 'login name already exists' else: while(True): login = 't' + random_string(7,lower=lower) if not login_exists(login): break self.salt = random_string(2) self.password = random_string(8,lower=lower) self.crypted = crypt.crypt(self.password, self.salt) creation = ['useradd', '-p', self.crypted] if home: creation += ['-m'] if group: creation += ['-G',group] if uidmin: creation += ['-K','UID_MIN=%d'%uidmin] if shell: creation += ['-s',shell] creation += [login] assert subprocess.call(creation) == 0 # Set GECOS assert subprocess.call(['usermod','-c','Buddy %s' % (login),login]) == 0 self.login = login p = pwd.getpwnam(self.login) self.uid = p[2] self.gid = p[3] self.gecos = p[4] self.home = p[5] self.shell = p[6] def __del__(self): '''Remove the created user account.''' if self.login: # sanity check the login name so we don't accidentally wipe too much if len(self.login)>3 and not '/' in self.login: subprocess.call(['rm','-rf', '/home/'+self.login, '/var/mail/'+self.login]) rc, report = cmd(['userdel', '-f', self.login]) assert rc == 0 def add_to_group(self, group): '''Add user to the specified group name''' rc, report = cmd(['usermod', '-G', group, self.login]) if rc != 0: print report assert rc == 0 # Timeout handler using alarm() from John P. Speno's Pythonic Avocado class TimeoutFunctionException(Exception): """Exception to raise on a timeout""" pass class TimeoutFunction: def __init__(self, function, timeout): self.timeout = timeout self.function = function def handle_timeout(self, signum, frame): raise TimeoutFunctionException() def __call__(self, *args, **kwargs): old = signal.signal(signal.SIGALRM, self.handle_timeout) signal.alarm(self.timeout) try: result = self.function(*args, **kwargs) finally: signal.signal(signal.SIGALRM, old) signal.alarm(0) return result def main(): print "hi" unittest.main() debian/squid3.prerm0000664000000000000000000000054212252041564011451 0ustar #!/bin/sh set -e case "$1" in remove|remove-in-favour|deconfigure-in-favour) # # Stop the daemon # if status squid3 | grep "start/running" > /dev/null; then stop squid3 fi ;; upgrade|failed-upgrade) ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/squid3.resolvconf0000664000000000000000000000025212252041564012502 0ustar #!/bin/sh PATH="/usr/sbin:/usr/bin:/sbin:/bin" # Make squid aware of changes to resolv.conf if status squid3 | grep "start/running" > /dev/null; then reload squid3 fi debian/copyright0000664000000000000000000004552112252041564011133 0ustar This package was debianized by Luigi Gangitano on 22 Apr 2006. The current Debian maintainer is Luigi Gangitano It was downloaded from http://www.squid-cache.org SQUID Internet Object Cache http://www.squid-cache.org -------------------------------------------------------- Squid is the result of efforts by numerous individuals from the Internet community. Development is led by Duane Wessels of the National Laboratory for Applied Network Research and funded by the National Science Foundation. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. Squid is derived from the ``cached'' software from the ARPA-funded Harvest research project. The Harvest home page is http://harvest.cs.colorado.edu/. Squid is originally derived from the Harvest Information Discovery and Access System. The Harvest copyright text follows: /* * Copyright (c) 1994, 1995. All rights reserved. * * The Harvest software was developed by the Internet Research Task * Force Research Group on Resource Discovery (IRTF-RD): * * Mic Bowman of Transarc Corporation. * Peter Danzig of the University of Southern California. * Darren R. Hardy of the University of Colorado at Boulder. * Udi Manber of the University of Arizona. * Michael F. Schwartz of the University of Colorado at Boulder. * Duane Wessels of the University of Colorado at Boulder. * * This copyright notice applies to software in the Harvest * ``src/'' directory only. Users should consult the individual * copyright notices in the ``components/'' subdirectories for * copyright information about other software bundled with the * Harvest source code distribution. * * TERMS OF USE * * The Harvest software may be used and re-distributed without * charge, provided that the software origin and research team are * cited in any use of the system. Most commonly this is * accomplished by including a link to the Harvest Home Page * (http://harvest.cs.colorado.edu/) from the query page of any * Broker you deploy, as well as in the query result pages. These * links are generated automatically by the standard Broker * software distribution. * * The Harvest software is provided ``as is'', without express or * implied warranty, and with no support nor obligation to assist * in its use, correction, modification or enhancement. We assume * no liability with respect to the infringement of copyrights, * trade secrets, or any patents, and are not responsible for * consequential damages. Proper use of the Harvest software is * entirely the responsibility of the user. * * DERIVATIVE WORKS * * Users may make derivative works from the Harvest software, subject * to the following constraints: * * - You must include the above copyright notice and these * accompanying paragraphs in all forms of derivative works, * and any documentation and other materials related to such * distribution and use acknowledge that the software was * developed at the above institutions. * * - You must notify IRTF-RD regarding your distribution of * the derivative work. * * - You must clearly notify users that your are distributing * a modified version and not the original Harvest software. * * - Any derivative product is also subject to these copyright * and use restrictions. * * Note that the Harvest software is NOT in the public domain. We * retain copyright, as specified above. * * HISTORY OF FREE SOFTWARE STATUS * * Originally we required sites to license the software in cases * where they were going to build commercial products/services * around Harvest. In June 1995 we changed this policy. We now * allow people to use the core Harvest software (the code found in * the Harvest ``src/'' directory) for free. We made this change * in the interest of encouraging the widest possible deployment of * the technology. The Harvest software is really a reference * implementation of a set of protocols and formats, some of which * we intend to standardize. We encourage commercial * re-implementations of code complying to this set of standards. */ ============================================================================== lib/base64.c::base64_encode(): Adopted from http://ftp.sunet.se/pub2/gnu/vm/base64-encode.c. Modified to work with strings instead of files. ============================================================================== snmplib/*: include/{asn1.h,parse.h,snmp*}: The SNMP library code is developed by Carnegie Mellon University. /*************************************************************************** * * Copyright 1997 by Carnegie Mellon University * * All Rights Reserved * * Permission to use, copy, modify, and distribute this software and its * documentation for any purpose and without fee is hereby granted, * provided that the above copyright notice appear in all copies and that * both that copyright notice and this permission notice appear in * supporting documentation, and that the name of CMU not be * used in advertising or publicity pertaining to distribution of the * software without specific, written prior permission. * * CMU DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING * ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL * CMU BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR * ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, * WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, * ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS * SOFTWARE. * ***************************************************************************/ ============================================================================== lib/GNUregex.c: /* Extended regular expression matching and search library, * version 0.12. * (Implements POSIX draft P10003.2/D11.2, except for * internationalization features.) * * Copyright (C) 1993 Free Software Foundation, Inc. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. */ ============================================================================== lib/md5.c: /* * This code implements the MD5 message-digest algorithm. * The algorithm is due to Ron Rivest. This code was * written by Colin Plumb in 1993, no copyright is claimed. * This code is in the public domain; do with it what you wish. * * Equivalent code is available from RSA Data Security, Inc. * This code has been tested against that, and is equivalent, * except that you don't need to include two pages of legalese * with every copy. * * To compute the message digest of a chunk of bytes, declare an * SquidMD5Context structure, pass it to SquidMD5Init, call * SquidMD5Update as needed on buffers full of bytes, and then call * SquidMD5Final, which will fill a supplied 16-byte array with the * digest. * * Changed so as no longer to depend on Colin Plumb's `usual.h' header * definitions; now uses stuff from dpkg's config.h. * - Ian Jackson . * Still in the public domain. * * Changed SquidMD5Update to take a void * for easier use and some * other minor cleanup. - Henrik Nordstrom . * Still in the public domain. * * Prefixed all symbols with "Squid" so they don't collide with * other libraries. Duane Wessels . * Still in the public domain. */ ============================================================================== lib/radix.c: /* * Copyright (c) 1988, 1989, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)radix.c 8.4 (Berkeley) 11/2/94 */ ============================================================================== lib/tempnam.c: /* A reasonably functional tmpnam. */ /* Originally by Tom Hageman, tom@basil.icce.rug.nl */ /* * This tmpnam() was changed by Gerben_Wierda@RnA.nl to serve as * tempnam() for squid-1.1.6. It ignores the directory parameter, every * temp file is written in /tmp. */ ============================================================================== lib/drand48.c: From Linux libc-5.4.46. ============================================================================== mcast_encode() in src/access_log.c is derived from Mark Atkinson's (mark_a@cix.compulink.co.uk) "Tiny Encryption Algorithm". http://www.io.com/~paulhart/game/algorithms/tea.html ============================================================================== lib/inet_ntoa.c: /* * Copyright (c) 1983 Regents of the University of California. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ static char sccsid[] = "@(#)inet_ntoa.c 5.6 (Berkeley) 2/24/91"; ============================================================================== lib/strnstr.cc: /*- * Copyright (c) 2001 Mike Barcroft * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Chris Torek. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)strstr.c 8.1 (Berkeley) 6/4/93 * $FreeBSD: src/lib/libc/string/strnstr.c,v 1.2.2.1 2001/12/09 06:50:03 mike Exp $ * $DragonFly: src/lib/libc/string/strnstr.c,v 1.4 2006/03/20 17:24:20 dillon Exp $ */ ============================================================================== lib/getopt.c: /* * Copyright (c) 1987, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ static char sccsid[] = "@(#)getopt.c 8.3 (Berkeley) 4/27/95"; ============================================================================== src/external_acl.c Copyright (C) 2002 MARA Systems AB, Sweden This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. ============================================================================== helpers/external_acl/wbinfo_group/wbinfo_group.pl This program is put in the public domain by Jerry Murdock . It is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ============================================================================== helpers/external_acl/winbind_group/ This is a helper for the external ACL interface for Squid Cache Copyright (C) 2002 Guido Serassio Based on previous work of Rodrigo Albani de Campos This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. includes code contributed by others winbind client common code Copyright (C) Tim Potter 2000 Copyright (C) Andrew Tridgell 2000 This library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. ============================================================================== lib/libTrie/* This library is (C) Robert Collins and is licensed under the GPL. ============================================================================== On Debian GNU/Linux systems, a copy of the GNU General Public License can be found in /usr/share/common-licenses/GPL. The Debian packaging is (C) 2006, Luigi Gangitano and is licensed under the GPL, see above. debian/squid3-common.postinst0000664000000000000000000000125412252041564013476 0ustar #! /bin/sh set -e case "$1" in configure) # # Fix directory->link transition for /usr/share/squid3/errors in # 3.0.STABLE15-1: all has gone well, remove temporary directory # if (dpkg --compare-versions "$2" lt '3.0.STABLE15-1' && [ ! -h "/usr/share/squid3/errors" ] && [ -d "/usr/share/squid3/errors" ]) then rm -rf /usr/share/squid3/errors ln -s /usr/share/squid-langpack /usr/share/squid3/errors fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) # # Unknown action - do nothing. # exit 0 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/squid3.postinst0000664000000000000000000000321412252041564012206 0ustar #! /bin/sh set -e grepconf () { w=" " # space tab sq=/etc/squid3/squid.conf # sed is cool. res=`sed -ne ' s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $sq` [ -n "$res" ] || res=$2 echo "$res" } grepconf2 () { w=" " # space tab sq=/etc/squid3/squid.conf # sed is cool. res=`sed -ne ' s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $sq` [ -n "$res" ] || res=$2 echo "$res" } case "$1" in configure) # # Chown the directories. # log_dir=/var/log/squid3 cache_dir=`grepconf2 cache_dir /var/spool/squid3` usr=`grepconf cache_effective_user proxy` grp=`grepconf cache_effective_group proxy` if [ "$(stat -c %U $cache_dir)" != "$usr" ] || [ "$(stat -c %G $cache_dir)" != "$grp" ] ; then chown $usr:$grp $cache_dir -R fi if [ "$(stat -c %U $log_dir)" != "$usr" ] || [ "$(stat -c %G $log_dir)" != "$grp" ] ; then if [ "$(dpkg-statoverride --list $log_dir)" = "" ] ; then chown -R $usr:$grp $log_dir fi fi # # Create spool dirs if they don't exist. # if [ -d "$cache_dir" -a ! -d "$cache_dir/00" ] then echo "Creating Squid HTTP proxy 3.x spool directory structure" squid3 -z fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) # # Unknown action - do nothing. # exit 0 ;; esac if [ -e "/etc/init/squid3.conf" ] ; then # Using stop/start because restart fails to reload the upstart job # file. See LP: #707479. invoke-rc.d squid3 stop || : invoke-rc.d squid3 start fi # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/squid3.install0000664000000000000000000000152712252041564011776 0ustar etc/squid3/squid.conf etc/squid3/msntauth.conf etc/squid3/errorpage.css etc/logrotate.d etc/resolvconf etc/init/squid3.conf etc/ufw usr/lib/squid3 usr/sbin/squid3 usr/share/man/man8/basic_db_auth.8 usr/share/man/man8/basic_getpwnam_auth.8 usr/share/man/man8/basic_ldap_auth.8 usr/share/man/man8/basic_ncsa_auth.8 usr/share/man/man8/basic_pam_auth.8 usr/share/man/man8/basic_radius_auth.8 usr/share/man/man8/basic_sasl_auth.8 usr/share/man/man8/digest_file_auth.8 usr/share/man/man8/ext_ldap_group_acl.8 usr/share/man/man8/ext_session_acl.8 usr/share/man/man8/ext_sql_session_acl.8 usr/share/man/man8/ext_unix_group_acl.8 usr/share/man/man8/ext_wbinfo_group_acl.8 usr/share/man/man8/log_db_daemon.8 usr/share/man/man8/negotiate_kerberos_auth.8 usr/share/man/man8/squid3.8 etc/apparmor.d/disable etc/apparmor.d/force-complain etc/apparmor.d/usr.sbin.squid3 debian/source/0000775000000000000000000000000012252043165010470 5ustar debian/source/format0000664000000000000000000000001412252041564011677 0ustar 3.0 (quilt) debian/squid-cgi.install0000664000000000000000000000012712252041564012446 0ustar usr/lib/cgi-bin/cachemgr.cgi usr/share/man/man8/cachemgr.cgi.8 etc/squid/cachemgr.conf debian/changelog0000664000000000000000000012214312300550035011036 0ustar squid3 (3.3.8-1ubuntu6) trusty; urgency=medium * debian/rules: Force -O2 to work around build failure with -O3. -- Adam Conrad Mon, 17 Feb 2014 20:13:30 -0700 squid3 (3.3.8-1ubuntu5) trusty; urgency=low [ Yolanda Robla ] * debian/control: added lsb-release dependency * debian/patches/fix-distribution.patch: added patch to show distribution [ Dimitri John Ledkov ] * Enable parallel build -- Yolanda Robla Wed, 11 Dec 2013 10:51:45 +0000 squid3 (3.3.8-1ubuntu4) trusty; urgency=low * Fix perl & pod2man config.tests. -- Dmitrijs Ledkovs Mon, 04 Nov 2013 02:17:30 +0000 squid3 (3.3.8-1ubuntu3) saucy; urgency=low * d/tests/squid: Disable seccomp sandboxing in vsftpd until it works reliably (http://pad.lv/1219857), restart vsftpd using service command. -- James Page Mon, 02 Sep 2013 15:50:41 +0100 squid3 (3.3.8-1ubuntu2) saucy; urgency=low * d/usr.sbin.squid3: Update apparmor profile to allow pinger process to create and use ICMP ports for ipv4/ipv6. -- James Page Mon, 02 Sep 2013 11:06:54 +0100 squid3 (3.3.8-1ubuntu1) saucy; urgency=low * Merge from Debian unstable, remaining changes: + debian/control: - Update maintainer. - Suggests apparmor (>= 2.3) - Depends on ssl-cert ((>= 1.0-11ubuntu1), autopkgtests + debian/squid3.upstart - Move ulimit command to script section so that it applies to the started squid daemon. Thanks to Timur Irmatov (LP: 986159) - Work around squid not handling SIGHUP by adding respawn to upstart job. (LP: 978356) + debian/NEWS.Debian: Rename NEWS.debian, add note regarding squid3 transition in 12.04 (LP: 924739) + debian/rules - Re-enable all hardening options lost in the squid->squid3 transition (LP: 986314) + squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm, debian/squid3.preinst, debian/squid3.prerm: - Convert init script to upstart + debian/patches/99-ubuntu-ssl-cert-snakeoil: - Use snakeoil certificates. + debian/logrotate - Use sar-reports rather than sarg-maint. (LP: 26616) + debian/patches/90-cf.data.ubuntu.dpatch: - Add an example refresh pattern for debs. (foundations-lucid-local-report spec) + Add disabled by default AppArmor profile (LP: 497790) - debian/squid3.upstart: load profile in pre-start stanza - add debian/usr.sbin.squid3 profile - debian/rules: + install debian/usr.sbin.squid3, etc/apparmor.d/force-complain and etc/apparmor.d/disable into $(INSTALLDIR) + use dh_apparmor - debian/squid3.install: install etc/apparmor.d/disable, force-complain and usr.sbin.squid3 - debian/squid3.preinst: disable profile on clean install or upgrades from earlier than when we shipped the profile + debian/tests: - Add autopkgtests. * d/control: Add dependency package for squid -> squid3 (LP: #1211942). * d/control: Add dh-apparmor to BD's. -- James Page Wed, 14 Aug 2013 09:03:55 +0100 squid3 (3.3.8-1) unstable; urgency=high * Urgency high due to security fixes * New upstream release - Fixes security issues (Closes: #716743) + Buffer overflow in HTTP request handling (Ref: SQUID-2013:2, CVE-2013-4115) + DoS in request processing (Ref: SQUID-2013:3, CVE-2013-4123) - Includes PNG image used in error pages, with new copyright assignement (Closes: #683255) * Added /var/run/squid3 dir to host sockets in SMP configuration (Closes: #710126) * debian/control - Bumped Standard-Version to 3.9.4, no change needed -- Luigi Gangitano Sun, 21 Jul 2013 18:28:36 +0200 squid3 (3.3.4-1ubuntu1) saucy; urgency=low * Merge from Debian unstable (LP: #1199883). Remaining changes: + debian/control: - Update maintainer. - Suggests apparmor (>= 2.3) - Depends on ssl-cert ((>= 1.0-11ubuntu1), autopkgtests + debian/squid3.upstart - Move ulimit command to script section so that it applies to the started squid daemon. Thanks to Timur Irmatov (LP: 986159) - Work around squid not handling SIGHUP by adding respawn to upstart job. (LP: 978356) + debian/NEWS.Debian: Rename NEWS.debian, add note regarding squid3 transition in 12.04 (LP: 924739) + debian/rules - Re-enable all hardening options lost in the squid->squid3 transition (LP: 986314) + squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm, debian/squid3.preinst, debian/squid3.prerm: - Convert init script to upstart + debian/patches/99-ubuntu-ssl-cert-snakeoil: - Use snakeoil certificates. + debian/logrotate - Use sar-reports rather than sarg-maint. (LP: 26616) + debian/patches/90-cf.data.ubuntu.dpatch: - Add an example refresh pattern for debs. (foundations-lucid-local-report spec) + Add disabled by default AppArmor profile (LP: 497790) - debian/squid3.upstart: load profile in pre-start stanza - add debian/usr.sbin.squid3 profile - debian/rules: + install debian/usr.sbin.squid3, etc/apparmor.d/force-complain and etc/apparmor.d/disable into $(INSTALLDIR) + use dh_apparmor - debian/squid3.install: install etc/apparmor.d/disable, force-complain and usr.sbin.squid3 - debian/squid3.preinst: disable profile on clean install or upgrades from earlier than when we shipped the profile + debian/tests: - Add autopkgtests. * Dropped: - debian/patches: dropped patches, superseded by new release: + 98-CVE-2012-5643.patch + 99-lp1117517_r12473.patch - debian/rules: fix FTBFS, removed --with-cppunit-basedir flag, included in Debian. - debian/control: Dropped transitional packages from squid, no longer required. * Refreshed patches: - 01-cf.data.debian.patch - 02-makefile-defaults.patch - 15-cachemgr-default-config.patch * debian/tests/test-squid.py: fixed case problem with ftp test -- Yolanda Robla Wed, 10 Jul 2013 17:12:42 +0200 squid3 (3.3.4-1) unstable; urgency=low * New upstream release - Added support for SHA passwords in ncsa_auth (Closes: #652010) * debian/squid3.lintian-overrides - Added override for pinger setuid bin * debian/watch - Fixed pattern to skip the last dot * debian/rules - Removed reference to cppunit-basedir -- Luigi Gangitano Mon, 06 May 2013 16:46:33 +0200 squid3 (3.3.3-2) unstable; urgency=low I would like to thank Amos Jeffries for his help with this release. * debian/control - Added Build-Depend on pkg-config to solve FTBFS when ecap is enabled (Closes: #706025) - Fixed package descriptions - Added Build-Depend on libnetfilter-conntrack-dev - Added Suggests on winbindd for NTLM authentication * debian/patches/01-cf.data.debian.patch - Removed change to visible_hostname defaut value (Closes: #705983) - Fixed path of ntlm_auth helper in example * debian/rules - Removed --enable-arp-acl options obsoleted by --enable-eui - Fixed FTBFS on hurd due to missing netfilter support - Enabled Rock store type support - Added SETUID bit to pinger program * debian/watch - Fixed pattern to match all the released versions of 3.3 -- Luigi Gangitano Tue, 23 Apr 2013 15:38:39 +0200 squid3 (3.3.3-1) unstable; urgency=low * New upstream release (Closes: #694633, #701799, #702540) - Removed upstream patches + debian/patches/20-ipv6-fix + debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch + debian/patches/fix-701123-regression-in-cachemgr.patch - Includes upstream fix for CVE-2009-0801 (Closes: #521052) - Includes upstream fix for rejection of benign request containing variants of double CR (Closes: #669148) * debian/control - Added dependency on libecap2-dev - Added squid-purge package * debian/source - Enabled ECAP support - Fixed configure invocation to match new syntax - Removed unneeded rename of helper man pages - Fixed list of helpers to build, adding fake agents (Closes: #644280) and negotiate wrapper (Closes: #656304) * debian/watch - Updated for 3.3 * debian/squid3.logrotate - Added check for existing binary in logrotate script (Closes: #703954) -- Luigi Gangitano Sun, 21 Apr 2013 23:51:11 +0200 squid3 (3.1.20-2.2) unstable; urgency=low * Non-maintainer upload. * Add fix-701123-regression-in-cachemgr.patch patch. Fix missing bits in the fix for CVE-2012-5643 and CVE-2013-0189 causing cachemgr.cgi crashing when authentication credentials are supplied. Thanks to Amos Jeffries (Closes: #701123) -- Salvatore Bonaccorso Sat, 23 Feb 2013 13:44:48 +0100 squid3 (3.1.20-2.1) unstable; urgency=high * Non-maintainer upload * Urgency high due to security fixes * debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch - Added upstream fix for squid-cgi (cachemgr) memory leaks and denial of service vulnerability (Closes: #696187) -- Michael Stapelberg Tue, 05 Feb 2013 23:16:27 +0100 squid3 (3.1.20-2) unstable; urgency=low * debian/patches/20-ipv6-fix - Added upstream fix for squid not working when IPv6 is not loaded (Closes: #660489) -- Luigi Gangitano Thu, 06 Dec 2012 20:02:56 +0100 squid3 (3.1.20-1ubuntu7) saucy; urgency=low * debian/tests: Run ftp tests against local vsftpd instead of ftp.ubuntu.com. -- Yolanda Robla Mon, 17 Jun 2013 11:00:17 +0200 squid3 (3.1.20-1ubuntu6) saucy; urgency=low * debian/tests: Fix start/stop of squid3. -- Yolanda Robla Mon, 10 Jun 2013 10:30:33 +0200 squid3 (3.1.20-1ubuntu5) saucy; urgency=low * debian/rules: fix FTBFS, removed --with-cppunit-basedir flag -- Yolanda Robla Mon, 27 May 2013 14:50:11 +0200 squid3 (3.1.20-1ubuntu4) saucy; urgency=low * debian/tests: Add autopkgtest. -- Yolanda Mon, 27 May 2013 11:24:35 +0200 squid3 (3.1.20-1ubuntu3) raring-proposed; urgency=low * fix FTBFS with newer glibc (LP: #1117517) -- Jamie Strandboge Wed, 06 Feb 2013 11:37:29 -0600 squid3 (3.1.20-1ubuntu2) raring-proposed; urgency=low [ Seth Arnold ] * SECURITY UPDATE: denial of service via cachemgr.cgi insufficient input validation - debian/patches/98-CVE-2012-5643.patch: modify cachemgr.cc to properly free memory and handle input in chunks - Based on http://www.squid-cache.org/Versions/v3/3.1/changesets/SQUID-2012_1.patch - CVE-2012-5643 - CVE-2013-0189 -- Jamie Strandboge Wed, 06 Feb 2013 09:56:53 -0600 squid3 (3.1.20-1ubuntu1) quantal; urgency=low * Merge from Debian testing (LP: #1016560). Remaining changes: + debian/control: - Update maintainer. - Suggests apparmor (>= 2.3) - Depends on ssl-cert ((>= 1.0-11ubuntu1) - Add transitional dummy packages + debian/squid3.upstart - Move ulimit command to script section so that it applies to the started squid daemon. Thanks to Timur Irmatov (LP: 986159) - Work around squid not handling SIGHUP by adding respawn to upstart job. (LP: 978356) + debian/NEWS.Debian: Rename NEWS.debian, add note regarding squid3 transition in 12.04 (LP: 924739) + debian/rules - Re-enable all hardening options lost in the squid->squid3 transition (LP: 986314) + squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm, debian/squid3.preinst, debian/squid3.prerm: - Convert init script to upstart + debian/patches/99-ubuntu-ssl-cert-snakeoil: - Use snakeoil certificates. + debian/logrotate - Use sar-reports rather than sarg-maint. (LP: 26616) + debian/patches/90-cf.data.ubuntu.dpatch: - Add an example refresh pattern for debs. (foundations-lucid-local-report spec) + Add disabled by default AppArmor profile (LP: 497790) - debian/squid3.upstart: load profile in pre-start stanza - add debian/usr.sbin.squid3 profile - debian/rules: + install debian/usr.sbin.squid3, etc/apparmor.d/force-complain and etc/apparmor.d/disable into $(INSTALLDIR) + use dh_apparmor - debian/squid3.install: install etc/apparmor.d/disable, force-complain and usr.sbin.squid3 - debian/squid3.preinst: disable profile on clean install or upgrades from earlier than when we shipped the profile -- Stefan Bader Fri, 22 Jun 2012 14:18:00 +0200 squid3 (3.1.20-1) unstable; urgency=low * New upstream release * debian/control - Bumped Standard-Version to 3.9.3, no change needed - Added missing dependency on dpkg-dev (>= 1.16.1~) * debian/rules - Enabled hardening options (Closes: #669684) * debian/patches/01-cf.data.debian.patch - Fixed minor typos in configuration file (Closes: #670832, #673350) -- Luigi Gangitano Mon, 18 Jun 2012 14:20:53 +0200 squid3 (3.1.19-1ubuntu5) quantal; urgency=low * d/squid3.upstart: Work around squid not handling SIGHUP by adding respawn to upstart job. (LP: #978356) -- Clint Byrum Tue, 19 Jun 2012 15:35:19 -0700 squid3 (3.1.19-1ubuntu4) quantal; urgency=low * Add disabled by default AppArmor profile (LP: #497790) - debian/squid3.upstart: load profile in pre-start stanza - add debian/usr.sbin.squid3 profile - debian/rules: + install debian/usr.sbin.squid3, etc/apparmor.d/force-complain and etc/apparmor.d/disable into $(INSTALLDIR) + use dh_apparmor - debian/control: suggests apparmor (>= 2.3) - debian/squid3.install: install etc/apparmor.d/disable, force-complain and usr.sbin.squid3 - debian/squid3.preinst: disable profile on clean install or upgrades from earlier than when we shipped the profile -- Jamie Strandboge Wed, 13 Jun 2012 11:32:14 -0500 squid3 (3.1.19-1ubuntu3.1) quantal; urgency=low * debian/rules: re-enable all hardening options lost in the squid->squid3 transition (LP: #986314) * debian/squid3.upstart: move ulimit command to script section so that it applies to the started squid daemon. Thanks to Timur Irmatov (LP: #986159) -- Jamie Strandboge Wed, 13 Jun 2012 09:06:51 -0500 squid3 (3.1.19-1ubuntu2) precise; urgency=low * debian/NEWS.Debian: Rename NEWS.debian, add note regarding squid3 transition in 12.04 (LP: #924739) -- Adam Gandelman Thu, 12 Apr 2012 13:46:10 -0700 squid3 (3.1.19-1ubuntu1) precise; urgency=low * Merge from Debian testing. Remaining changes: + debian/control: - Update maintainer. + debian/squid3.upstart, debian/rules, squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm, debian/squid3.preinst, debian/squid3.prerm: Convert init script to upstart + debian/control, debian/patches/99-ubuntu-ssl-cert-snakeoil: Use snakeoil certificates. + debian/logrotate: Use sar-reports rather than sarg-maint. (LP: 26616) + debian/patches/90-cf.data.ubuntu.dpatch: Add an example refresh pattern for debs. (foundations-lucid-local-report spec) + Add transitional dummy packages * New upstream bugfix release fixes swap.state corruption, so squid will now start after a reboot. (LP: #930252) -- Christopher James Halse Rogers Tue, 21 Feb 2012 18:51:26 +1100 squid3 (3.1.19-1) unstable; urgency=low * New upstream release - Removed patch integrated upstream + 19-adaptation-compile * debian/rules - Enabled WCCPv2 support (Closes: #654877) -- Luigi Gangitano Tue, 07 Feb 2012 16:19:12 +0100 squid3 (3.1.18-1ubuntu1) precise; urgency=low [ Ubuntu Merge-o-Matic ] * Merge from Debian testing. Remaining changes: + debian/control: - Update maintainer. + debian/squid3.upstart, debian/rules, squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm, debian/squid3.preinst, debian/squid3.prerm: Convert init script to upstart + debian/control, debian/patches/99-ubuntu-ssl-cert-snakeoil: Use snakeoil certificates. + debian/logrotate: Use sar-reports rather than sarg-maint. (LP: #26616) + debian/patches/90-cf.data.ubuntu.dpatch: Add an example refresh pattern for debs. (foundations-lucid-local-report spec) + Add transitional dummy packages -- Chuck Short Mon, 30 Jan 2012 10:24:33 -0500 squid3 (3.1.18-1) unstable; urgency=low * New upstream release * debian/patches/19-adaptation-compile.patch - Added upstream patch to fix compile failure -- Luigi Gangitano Mon, 26 Dec 2011 22:04:28 +0100 squid3 (3.1.16-1ubuntu1) precise; urgency=low * Merge from Debian testing. Remaining changes: + debian/control: - Update maintainer. + debian/squid3.upstart, debian/rules, squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm, debian/squid3.preinst, debian/squid3.prerm: Convert init script to upstart + debian/control, debian/patches/99-ubuntu-ssl-cert-snakeoil: Use snakeoil certificates. + debian/logrotate: Use sar-reports rather than sarg-maint. (LP: #26616) + debian/patches/90-cf.data.ubuntu.dpatch: Add an example refresh pattern for debs. (foundations-lucid-local-report spec) + Add transitional dummy packages -- Chuck Short Mon, 19 Dec 2011 21:35:43 +0000 squid3 (3.1.16-1) unstable; urgency=low * New upstream release * Changed source format to 3.0 (quilt) * debian/squid3.rc - Added LSB compliant option to init script (Closes: #645780) Thanks to Fredrik Eriksson -- Luigi Gangitano Thu, 3 Nov 2011 13:37:17 +0100 squid3 (3.1.15-1ubuntu3) precise; urgency=low * debian/squid3.upstart: Properly return 0 from maxfds() if $SQUID_MAXFD is unset, else pre-start will fail as well. Also fix paths to config file. (LP: #891445) * debian/squid3.upstart: Modify to better reflect functionality of Debian's squid3.rc * debian/rules: Fix permissions on upstart job -- Adam Gandelman Wed, 16 Nov 2011 18:26:25 -0800 squid3 (3.1.15-1ubuntu2) precise; urgency=low * Fix spelling of squid-common transitional package name. * Remove meaningless self-conflicts. -- Colin Watson Fri, 11 Nov 2011 10:33:44 +0000 squid3 (3.1.15-1ubuntu1) precise; urgency=low * debian/control: + Update maintainer. * debian/squid3.upstart, debian/rules, squid3.resolvconf, debian/squid3.postinst, debian/squid3.postrm, debian/squid3.preinst, debian/squid3.prerm: Convert init script to upstart * debian/control, debian/patches/99-ubuntu-ssl-cert-snakeoil: Use snakeoil certificates. * debian/logrotate: Use sar-reports rather than sarg-maint. (LP: #26616) * debian/patches/90-cf.data.ubuntu.dpatch: Add an example refresh pattern for debs. (foundations-lucid-local-report spec) * Add transitional dummy packages. -- Chuck Short Thu, 10 Nov 2011 08:59:31 -0500 squid3 (3.1.15-1) unstable; urgency=high * Urgency high due to security fixes * New upstream release - Fixes DoS issue in Gopher client (Closes: #639755) (Ref: CVE-2011-3205, SQUID-2011:3) * debian/control - Removed hardcoded list of non-Linux architectures (Closes: #634765) -- Luigi Gangitano Fri, 02 Sep 2011 13:33:41 +0200 squid3 (3.1.14-1) unstable; urgency=low * New upstream release - Fixes FTBFS with GCC 4.6 (Closes: #625405) - Fixes issue with IPv4/IPv6 DNS resolution (Closes: #604566) - Fixes issue with IPv6 resolution in access.log (Closes: #604832) * debian/control - Bumped Standard-Version to 3.9.2, no change needed * debian/squid.rc - Fixed init script preventing alterate cache dir from being created (Closes: #623935) -- Luigi Gangitano Sat, 09 Jul 2011 17:58:46 +0200 squid3 (3.1.12-1) unstable; urgency=low * New upstream release - Removed patch integrated upstream + 18-gcc-4.5-fix - Rebuild against libdb5.1 (Closes: #621453) * debian/control - Remove article at start of synopsis, to make lintian happy -- Luigi Gangitano Mon, 11 Apr 2011 18:47:02 +0200 squid3 (3.1.11-1) unstable; urgency=low * New upstream release * debian/patches/18-gcc-4.5-fix - Added upstream fix for gcc 4.5 building (Closes: #613153) -- Luigi Gangitano Tue, 15 Feb 2011 01:46:19 +0100 squid3 (3.1.10-1) unstable; urgency=low * New upstream release (Closes: #609881) - Removed patches integrated upstream + 16-CVE-2010-3072 + 17-CVE-2010-2951 - Fixes TCP DNS lookups failure on IPv6-disabled systems (Closes: #607379) - Fixes HTTPS not working if IPv6 is disabled (Closes: #594713) * debian/rules - Enable ZPH feature (Closes: #597687) * debian/squid3.ufw.profile - Added UFW profile, thanks to Alessio Treglia (Closes: #605088) * debian/control - Added versioned dependency on squid-langpack -- Luigi Gangitano Fri, 21 Jan 2011 18:43:56 +0100 squid3 (3.1.6-1.2) unstable; urgency=low * Non-maintainer upload. * Fix DoS while processing large DNS replies with no IPv6 resolver present (CVE-2010-2951) (Closes: #599709) -- Ben Hutchings Sat, 30 Oct 2010 17:00:55 +0200 squid3 (3.1.6-1.1) unstable; urgency=high * Non-maintainer upload by the security team * Fix DoS due to wrong string handling (Closes: #596086) Fixes: CVE-2010-3072 -- Steffen Joeris Mon, 13 Sep 2010 17:07:51 +1000 squid3 (3.1.6-1) unstable; urgency=low * New upstream release * debian/rules - Removed now-default --enable-ipv6 option * debian/control - Bumped Standard-Version to 3.9.1, no change needed * debian/patches/01-cf.data.pre - Updated to match new upstream default IPv6 configuration -- Luigi Gangitano Mon, 09 Aug 2010 00:59:26 +0200 squid3 (3.1.5-2) unstable; urgency=low * debian/control - Added build dependency on libltdl-dev fixing FTBFS on most archs -- Luigi Gangitano Wed, 07 Jul 2010 15:21:06 +0200 squid3 (3.1.5-1) unstable; urgency=low * New upstream release * debian/control - Bumped Standard-Version to 3.9.0 -- Luigi Gangitano Tue, 06 Jul 2010 23:26:26 +0200 squid3 (3.1.4-1) unstable; urgency=low * New upstream release - Fixes several issues with IPv6 socket handling (Closes: #581901, #584223) - Fixes assertion in comm.cc (Closes: #572368) -- Luigi Gangitano Fri, 04 Jun 2010 14:49:32 +0200 squid3 (3.1.3-2) unstable; urgency=low * debian/rules - Actually enable IPv6 (how did I miss this?) -- Luigi Gangitano Tue, 04 May 2010 11:15:49 +0200 squid3 (3.1.3-1) unstable; urgency=low * New upstream release - Fix incorrect behaviour of --enable-ipv6 (Closes: #578047) - Removed patches integrated upstream + 14-kfreebsd-compile -- Luigi Gangitano Sun, 02 May 2010 19:31:38 +0200 squid3 (3.1.1-3) unstable; urgency=low * debian/{squid3.install,rules} - Install documented version of squid.conf as file, not directory (Closes: #577615) -- Luigi Gangitano Thu, 15 Apr 2010 11:14:08 +0200 squid3 (3.1.1-2) unstable; urgency=low * debian/watch - Updated pattern to match 3.1 releases * debian/control - Excluded dependency on libcap2-dev on kfreebsd * debian/patches/14-kfreebsd-compile - Added patch to enable kfreebsd compilato, thanks to Petr Salinger (Closes: #576952) * debian/{rules,control,squid-cgi.install} - Rename squid3-cgi package to squid-cgi (Closes: #489061) * debian/patches/15-cachemgr-default-config - Fix squid-cgi default configuration file path * debian/source/format - Added format specification file, still with 1.0 version -- Luigi Gangitano Mon, 12 Apr 2010 11:49:01 +0200 squid3 (3.1.1-1) unstable; urgency=low * New upstream release * debian/control - Bumped Standard-Version to 3.8.4, no change needed -- Luigi Gangitano Thu, 01 Apr 2010 00:33:21 +0200 squid3 (3.1.0.18-1) UNRELEASED; urgency=low * New upstream release * debian/rules - Fix wrong resolvconf directory (Closes: #565652) -- Luigi Gangitano Mon, 15 Mar 2010 19:35:50 +0100 squid3 (3.1.0.17-1) UNRELEASED; urgency=low * New upstream release, fixes - Remote Denial of Service issue in HTCP (Closes: #572554) (Ref: SQUID-2010:2 CVE-2010-0639) -- Luigi Gangitano Fri, 12 Mar 2010 15:41:00 +0100 squid3 (3.1.0.16-1) experimental; urgency=low * New upstream release - Adds client_ip_max_connection to avoid DoS under Slowloris attack (Ref: TEMP-0533661-009115 Closes: #533664) - Handle DNS header-only packets as invalid (Ref: SQUID-2010:1 CVE-2010-0308) - Fixes memory filling during file download (Closes: #562012) -- Luigi Gangitano Wed, 10 Feb 2010 18:53:36 +0100 squid3 (3.1.0.15-1) experimental; urgency=low * New upstream release - Fixes assertion failures on malformed Content-Range response headers (Closes: #541032) * debian/README.Debian - Fixed reference to RELEASENOTES.html (Closes: #561007) * debian/README.source - Added directions on source handling * debian/control - Remove duplicated informations that can be inherited from source stanza - Added autotools-dev build-dependency to enable cdbs fix for ancient helper files -- Luigi Gangitano Thu, 14 Jan 2010 22:44:13 +0100 squid3 (3.1.0.14-2) experimental; urgency=low * debian/rules - Enable ESI support (Closes: #506241) * debian/control - Add Build-Dep on libexpat1-dev and libxml2-dev, needed by ESI support -- Luigi Gangitano Tue, 29 Sep 2009 19:55:23 +0200 squid3 (3.1.0.14-1) experimental; urgency=low * New upstream release - Fixes FTBFS in GNU/kFreeBSD (Closes: #545965) - Fixes incorrect handling of IMS (Closes: #499379) * debian/patches/01-cf.data.debian - Updated to match new upstream -- Luigi Gangitano Tue, 29 Sep 2009 19:31:16 +0200 squid3 (3.1.0.13-2) experimental; urgency=low * debian/rules - Disable language files generation - Do not clean libcppunit that is not shipped with squid anymore * debian/control - Removed dependency on sharutils - Added dependency on libcap2, will enable TPROXY support (Closes: 398970) - Fixed squid3-common description, no more error pages * debian/squidclient.1 - Removed man page integrated upstream * debian/squid3.rc - Removed obsolete -D option * debian/patches/01-cf.data.debian - Added ::1 to localhost definition in ACLs -- Luigi Gangitano Fri, 25 Sep 2009 23:02:40 +0200 squid3 (3.1.0.13-1) experimental; urgency=low * Upload to experimental * New upstream release - Fixes Follow-X-Forwarded-For support (Closes: #523943) - Adds IPv6 support (Closes: #432351) * debian/rules - Removed obsolete configuration options - Enable db and radius basic authentication modules * debian/patches/01-cf.data.debian - Adapted to new upstream version * debian/patches/02-makefile-defaults - Adapted to new upstream version * debian/{squid.postinst,squid.rc,README.Debian,watch} - Updated references to squid 3.1 * debian/squid3.install - Install CSS file for error pages - Install manual pages for new authentication modules * debian/squid3-common.install - Install documented version of configuration file in /usr/share/doc/squid3 -- Luigi Gangitano Thu, 24 Sep 2009 14:51:06 +0200 squid3 (3.0.STABLE19-1) unstable; urgency=low * New upstream release - Fixes DoS in exthernal auth header parser (Ref: CVE-2009-2855) * debian/squid.rc - Fixed dependencies in init.d script, thanks to Petter Reinholdtsen (Closes: #546362) * debian/control - Bumped Standard-Version to 3.8.3, no change needed -- Luigi Gangitano Sun, 20 Sep 2009 01:33:00 +0200 squid3 (3.0.STABLE18-1) unstable; urgency=high * New upstream release - Removed patches integrated upstream + 12-gcc44-fixes + 13-signed-unsigned-fixes + SQUID-2009-2 * debian/rules - Enable ARP ACLs (Closes: #538023) - Enable SNMP support (Closes: #537187) * debian/control - Fix dependency for squid3-dbg on squid3 =${binary:Version} - Added dependency of squid3-dbg on ${misc:Depends} * debian/squid3-common.postinst - Added DEBHELPER placeholder -- Luigi Gangitano Sun, 09 Aug 2009 00:28:56 +0200 squid3 (3.0.STABLE16-2.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix multiple possible denial of service vectors in the processing of requests or responses (SQUID-2009-2; CVE-2009-2622; CVE-2009-2621; 12-SQUID-2009_2.dpatch). -- Nico Golde Tue, 04 Aug 2009 21:56:36 +0200 squid3 (3.0.STABLE16-2) unstable; urgency=low * debian/patches/13-signed-unsigned-fixes - Added upstream patch fixing build errors on 64-bit archs (Closes: #536588) * debian/README.Debian - Removed instability notice of development version * debian/control - Fixed squid3-dbg section and priority to match archive override -- Luigi Gangitano Sat, 11 Jul 2009 13:46:45 +0200 squid3 (3.0.STABLE16-1) unstable; urgency=low * New upstream release * debian/patches/12-gcc44-fixes - Added upstream patch fixing build erros with GCC 4.4 (Closes: #526672) * debian/control - Bumped Standard-Version to 3.8.2, no change needed * debian/NEWS.Debian - Fixed format of NEWS.Debian (double space at start) -- Luigi Gangitano Tue, 07 Jul 2009 18:56:41 +0200 squid3 (3.0.STABLE15-1) unstable; urgency=low * New upstream release - Fixes wrong reference to digest_pw_auth (Closes: #517528) * debian/{control,squid3-common.{install,postinst,links},NEWS.Debian} - Added dependency on squid-langpack, linked error directory to /usr/share/squid-langpack (Closes: #497283) - Added a notice in NEWS.Debian on customized error_directory settings * debian/patches/01-cf.data.debian - Adapted to new upstream version * debian/control - Added debug package to help bug reports - Added dependency on libkrb5-dev and comerr-dev * debian/squid3.resolvconf - Use invoke-rc.d instead of directly calling init script * debian/rules - Added missing --with-large-files configure option (Closes: #534888) - Enabled Kerberos Negotiate Auth support (Closes: #532064) * debian/copyright - Fixed copyright to reflect current sources, thanks to Amos Jeffries (Closes: #524601) * debian/squid3.rc - Added reference to config file at startup (Closes: #517529) * debian/squid3.postinst - Removed path from command invocation and make lintian happy -- Luigi Gangitano Mon, 6 May 2009 13:29:10 +0200 squid3 (3.0.STABLE13-1) unstable; urgency=low * New upstream release - Removed patches integrated upstream + 10-mgr_active_requests + 11-SQUID-2009-1 * debian/patches/02-makefile-defaults - Removed cachemgr configuration file fix integrated upstream * debian/rules - Disable support for coss witch is marked as unstable upstream -- Luigi Gangitano Mon, 16 Feb 2009 16:18:30 +0100 squid3 (3.0.STABLE8-3) unstable; urgency=high * Urgency high due to security fixes * debian/patches/11-SQUID-2009-1 - Added upstream patch fixing Denial of Service in request processing (Ref: SQUID-2009-1, CVE: TBA) -- Luigi Gangitano Fri, 06 Feb 2009 20:23:57 +0100 squid3 (3.0.STABLE8-2) unstable; urgency=low * debian/squid3.postinst - Fixed non-POSIX option to chown (Closes: #491701) * debian/rules - Removed obsoleted configure options (Closes: 511272) - Added --enable-follow-x-forwarded-for configure option * debian/control - Added dependency on ${misc:Depends} to make lintian happy * debian/squid3.postinst - Removed path from squid3 invocation to make lintian happy * debian/control - Bumped Standard-Version to 3.8.0, no change needed -- Luigi Gangitano Fri, 9 Jan 2009 00:02:48 +0200 squid3 (3.0.STABLE8-1) unstable; urgency=high * Urgency high to meet freeze deadline * New upstream release * debian/patches/10-mgr_active_requests - Added upstream patch fixing delay_pool reporting in cachemgr.cgi -- Luigi Gangitano Mon, 21 Jul 2008 09:20:31 +0200 squid3 (3.0.STABLE7-1) unstable; urgency=low * New upstream release -- Luigi Gangitano Sat, 05 Jul 2008 21:24:36 +0200 squid3 (3.0.STABLE6-2) unstable; urgency=low * debian/control - Fixed suggestion on squidclient package -- Luigi Gangitano Sun, 01 Jun 2008 05:48:22 +0200 squid3 (3.0.STABLE6-1) unstable; urgency=low * New upstream release (Closes: #478695) * debian/squid3.rc - Added automatic coss file creation (Closes: #478108) - Removed default blocking logging to syslog - Added parsing of /etc/default/squid3 for SQUID_ARGS override * debian/{rules,control,squidclient.install,squidclient.1} - Rename squid3-client package to squidclient (Closes: #473876) - Added squidclient man page from old squid package -- Luigi Gangitano Sun, 01 Jun 2008 02:43:42 +0200 squid3 (3.0.STABLE5-1) UNRELEASED; urgency=low * New upstream release (Closes: #478695) -- Luigi Gangitano Sat, 03 May 2008 18:39:36 +0200 squid3 (3.0.STABLE4-1) unstable; urgency=low * New upstream release -- Luigi Gangitano Thu, 03 Apr 2008 01:34:07 +0200 squid3 (3.0.STABLE2-1) unstable; urgency=low * New upstream release (Closes: #470641) * debian/rules - Fixed bashism (Closes: #468567) * debian/control - Fixed description, remove instability notice (Closes: #463347) * debian/squid.rc - Raise max open filedescriptor limit to match build time limit at 65535 (Closes: #470605, #470607) -- Luigi Gangitano Wed, 12 Mar 2008 13:52:21 +0100 squid3 (3.0.STABLE1-2) unstable; urgency=low * debian/rules - Fixed --with-large-files option to ./configure (Closes: #459306) - Added null storio option (Closes: #456889) -- Luigi Gangitano Tue, 11 Jan 2008 14:09:45 +0100 squid3 (3.0.STABLE1-1) unstable; urgency=low * New upstream release - Updated debian/watch (Closes: #456470) - Removed patches integrated upstream + 08-resume-http + 09-dos-cache-update * debian/control - Bumped Standard-Version to 3.7.3 (no change needed) - Added Homepage field * debian/patches/01-cf.data.debian - Adapted to new upstream version (remove default accesso to RFC1918 addresses) * debian/squid3.{preinst,postinst,prerm,postrm} - Added debhelper token -- Luigi Gangitano Mon, 17 Dec 2007 11:36:57 +0100 squid3 (3.0.RC1-3) unstable; urgency=high * Urgency high due to security fixes * debian/patches/09-dos-cache-update - Added upstream patch fixing DoS in cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) -- Luigi Gangitano Fri, 7 Dec 2007 16:30:39 +0100 squid3 (3.0.RC1-2) unstable; urgency=low * debian/patches/08-resume-http.dpatch - Added upstream patch fixing failure to resume downloads -- Luigi Gangitano Mon, 15 Oct 2007 02:43:44 +0200 squid3 (3.0.RC1-1) unstable; urgency=low * New upstream release - Updated debian watch * debian/patches/01-cf.data.debian - Updated to match upstream changes * debian/control - Updated Build-Depends to libdb 4.6 - Removed dependency on essential package coreutils - Fixed dependency on virtual package httpd -- Luigi Gangitano Sun, 14 Oct 2007 16:07:28 +0200 squid3 (3.0.PRE7-1) unstable; urgency=low * New upstream release - Fixed assertion failure when receiving TCP_RESET (Closes: #435887) - Removed patches integrated upstream: + debian/patches/05-helpers-typo + debian/patches/06-mem-obj-reference + debian/patches/07-close-icap-connections * debian/patches/01-cf.data.debian - Removed upstream-integrated patches * debian/rules - Enabled build time default user configuration -- Luigi Gangitano Fri, 31 Aug 2007 18:05:13 +0200 squid3 (3.0.PRE6-2) unstable; urgency=low * debian/control - Make package binNMU safe (Closes: #432981) * debian/rules - Enabled diskd (Closes: #434621) - Removed --enable-diskio option (Closes: #435230) -- Luigi Gangitano Sun, 13 May 2007 19:13:03 +0200 squid3 (3.0.PRE6-1) unstable; urgency=low * New upstream release - Removed patches integrated upsteam: + 04-m68k-ftbfs * debian/rules - Enable delay pools (Closes: #410785) - Enable cache digests (Closes: #416631) - Enable ICAP client - Raised Max Filedescriptor limit to 65536 * debian/control - Added real package dependency for httpd in squid3-cgi * debian/patches/02-makefile-defaults - Fix default configuration file for cachemgr.cgi (Closes: #416630) * debian/squid3.postinst - Fixed bashish in postinst (Closes: #411797) * debian/patches/05-helpers-typo - Added upstream patch fixing compilation error in src/helpers.cc * debian/patches/06-mem-obj-reference - Added upstream patch fixing a mem_obj reference in src/store.cc * debian/patches/07-close-icap-connections - Added upstream patch fixing icap connection starvation * debian/squid3.rc - Added LSB-compliant description to rc script -- Luigi Gangitano Sun, 13 May 2007 16:03:16 +0200 squid3 (3.0.PRE5-5) unstable; urgency=low * debian/control - Revert dependency on libsasl2-2-dev to libsasl2-dev (Closes: #401292) -- Luigi Gangitano Thu, 30 Nov 2006 16:27:26 +0100 squid3 (3.0.PRE5-4) unstable; urgency=low * debian/{rules,squid3-client.install} - Fix path for squid3client (Closes: #400893) -- Luigi Gangitano Thu, 30 Nov 2006 15:32:53 +0100 squid3 (3.0.PRE5-3) unstable; urgency=low * debian/rules - Use the right patch for specific options on GNU/kFreeBSD (Closes: #397829) -- Luigi Gangitano Sat, 11 Nov 2006 10:32:06 +0100 squid3 (3.0.PRE5-2) unstable; urgency=low * debian/rules - Added architecture specific configure options to fix FTBFS on GNU/KFreeBSD (Closes: #397829) * debian/control - Updated Build-Depend to libsasl2-2-dev -- Luigi Gangitano Sat, 11 Nov 2006 00:33:31 +0100 squid3 (3.0.PRE5-1) unstable; urgency=low * New upstream release - Includes fix for FTBFS with GCC 4.2 (Closes: #379969) - Removed upstream-integrated patches: + 03-upstream-md5-byteswap * debian/patches/04-m68k-ftbfs.dpathc - Added patch to fix FTBFS on m68k due to missing parenthesis (Closes: #394220) * debian/control - Added Build-Dep on libcppunit-dev - Updated Build-Dep to libdb4.4-dev * debian/rules - Added usage of already compiled libcppunit, reducing build time -- Luigi Gangitano Thu, 9 Nov 2006 15:42:43 +0100 squid3 (3.0.PRE4-5) unstable; urgency=low * debian/rules - Fixed typo in configure options (--with-filedescriptors) - Added missing transparent proxy options -- Luigi Gangitano Thu, 20 Jul 2006 15:03:07 +0200 squid3 (3.0.PRE4-4) unstable; urgency=low * debian/control - Removed dependency on webmin-squid for squid-cgi * debian/rules - Removed bashism (Closes: #377952) -- Luigi Gangitano Wed, 12 Jul 2006 15:56:01 +0200 squid3 (3.0.PRE4-3) unstable; urgency=low * debian/patches/03-upstream-md5-byteswap.dpatch - Added upstream patch to fix FTBFS on BIGENDIAN architectures (Closes: #377596) -- Luigi Gangitano Mon, 10 Jul 2006 18:06:06 +0200 squid3 (3.0.PRE4-2) unstable; urgency=low * debian/copyright - Added text from CREDITS with copyright and licences for all the components included in squid -- Luigi Gangitano Mon, 10 Jul 2006 00:46:10 +0200 squid3 (3.0.PRE4-1) unstable; urgency=low * New upstream release * debian/rules - Revorked to build packages that can be installed side-by-side with the squid 2.x packages. * debian/control - Added dependency on dpatch -- Luigi Gangitano Mon, 3 Jul 2006 16:47:43 +0200 squid3 (3.0.PRE3.20060422-2) unstable; urgency=low * debian/control - Added missing Build-Depends on libsasl2-dev -- Luigi Gangitano Wed, 14 Jun 2006 15:31:34 +0200 squid3 (3.0.PRE3.20060422-1) unstable; urgency=low * First package attempt -- Luigi Gangitano Sat, 22 Apr 2006 01:19:36 +0200 debian/compat0000664000000000000000000000000212252041564010367 0ustar 5 debian/rules0000775000000000000000000000757212300547730010264 0ustar #! /usr/bin/make -f export DEB_BUILD_MAINT_OPTIONS = hardening=+all export DEB_CFLAGS_MAINT_APPEND = -Wall include /usr/share/dpkg/buildflags.mk export DEB_BUILD_MAINT_OPTIONS = hardening=+all export DEB_BUILD_PARALLEL=yes include /usr/share/cdbs/1/rules/debhelper.mk include /usr/share/cdbs/1/class/autotools.mk include /usr/share/dpkg/buildflags.mk CXXFLAGS := $(subst -O3,-O2,$(CXXFLAGS)) INSTALLDIR := $(CURDIR)/debian/tmp datadir=/usr/share/squid3 DEB_DH_INSTALL_SOURCEDIR := $(INSTALLDIR) DEB_INSTALL_DOCS_squid3-common := CONTRIBUTORS CREDITS QUICKSTART RELEASENOTES.html \ SPONSORS DEB_CONFIGURE_EXTRA_FLAGS := --datadir=/usr/share/squid3 \ --sysconfdir=/etc/squid3 \ --mandir=/usr/share/man \ --enable-inline \ --enable-async-io=8 \ --enable-storeio="ufs,aufs,diskd,rock" \ --enable-removal-policies="lru,heap" \ --enable-delay-pools \ --enable-cache-digests \ --enable-underscores \ --enable-icap-client \ --enable-follow-x-forwarded-for \ --enable-auth-basic="DB,fake,getpwnam,LDAP,MSNT,MSNT-multi-domain,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB" \ --enable-auth-digest="file,LDAP" \ --enable-auth-negotiate="kerberos,wrapper" \ --enable-auth-ntlm="fake,smb_lm" \ --enable-external-acl-helpers="file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,unix_group,wbinfo_group" \ --enable-url-rewrite-helpers="fake" \ --enable-eui \ --enable-esi \ --enable-icmp \ --enable-zph-qos \ --enable-ecap \ --disable-translation \ --with-swapdir=/var/spool/squid3 \ --with-logdir=/var/log/squid3 \ --with-pidfile=/var/run/squid3.pid \ --with-filedescriptors=65536 \ --with-large-files \ --with-default-user=proxy DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS 2>/dev/null) ifeq ($(DEB_HOST_ARCH_OS), kfreebsd) DEB_CONFIGURE_EXTRA_FLAGS += --enable-kqueue endif ifeq ($(DEB_HOST_ARCH_OS), linux) DEB_CONFIGURE_EXTRA_FLAGS += --enable-linux-netfilter endif DEB_MAKE_CLEAN_TARGET = distclean DEB_FIXPERMS_EXCLUDE = /usr/lib/squid3/pinger install/squid3:: install -m 755 -g root -d $(INSTALLDIR)/usr/lib/cgi-bin mv $(INSTALLDIR)/etc/squid3/squid.conf.documented $(INSTALLDIR)/etc/squid3/squid.conf mv $(INSTALLDIR)/usr/lib/squid3/cachemgr.cgi $(INSTALLDIR)/usr/lib/cgi-bin/cachemgr.cgi mv $(INSTALLDIR)/usr/sbin/squid $(INSTALLDIR)/usr/sbin/squid3 mv $(INSTALLDIR)/usr/share/man/man8/squid.8 $(INSTALLDIR)/usr/share/man/man8/squid3.8 install -m 755 -g root -d $(INSTALLDIR)/etc/init.d install -m 755 -g root -d $(INSTALLDIR)/etc/init install -m 755 -g root -d $(INSTALLDIR)/etc/logrotate.d install -m 755 -g root -d $(INSTALLDIR)/etc/resolvconf install -m 755 -g root -d $(INSTALLDIR)/etc/resolvconf/update-libc.d install -m 755 -g root -d $(INSTALLDIR)/etc/ufw/applications.d install -m 755 -g root debian/squid3.rc $(INSTALLDIR)/etc/init.d/squid3 install -m 644 -g root debian/squid3.upstart $(INSTALLDIR)/etc/init/squid3.conf install -m 755 -g root debian/squid3.resolvconf $(INSTALLDIR)/etc/resolvconf/update-libc.d/squid3 install -m 644 -g root debian/squid3.logrotate $(INSTALLDIR)/etc/logrotate.d/squid3 install -m 644 -g root debian/squid3.ufw.profile $(INSTALLDIR)/etc/ufw/applications.d/squid3 install -m 755 -g root -d debian/squid3/var/log install -m 755 -g root -d debian/squid3/var/spool install -m 755 -g root -d debian/squid3/var/run install -m 750 -o proxy -g proxy -d debian/squid3/var/log/squid3 install -m 750 -o proxy -g proxy -d debian/squid3/var/spool/squid3 install -m 755 -g root -d $(INSTALLDIR)/usr/share/man/man1 mv $(INSTALLDIR)/usr/bin/purge $(INSTALLDIR)/usr/bin/squid-purge chmod 4755 $(INSTALLDIR)/usr/lib/squid3/pinger install -m 755 -g root -d $(INSTALLDIR)/etc/apparmor.d/force-complain install -m 755 -g root -d $(INSTALLDIR)/etc/apparmor.d/disable install -m 644 -g root debian/usr.sbin.squid3 $(INSTALLDIR)/etc/apparmor.d dh_apparmor --profile-name=usr.sbin.squid3 -psquid3 clean:: # nothing to do debian/NEWS.Debian0000664000000000000000000000216512252041564011055 0ustar squid3 (3.1.19-1ubuntu2) precise; urgency=low Ubuntu 12.04 has transition from the deprecated squid package to squid3. The squid package is now a transitional package for squid3. While many of the original squid configuration options are supported on squid3, some are not and original configuration file formats may not be supported. As a result, /etc/squid/squid.conf needs to be migrated to /etc/squid3/squid.conf manually. Please see the squid 3.1.9 release notes to find out more: http://squidcache.cybermirror.org/squid/squid-3.1.19-RELEASENOTES.html#ss6.1 -- Adam Gandelman Thu, 12 Apr 2012 13:53:26 -0700 squid3 (3.0.STABLE15-1) unstable; urgency=low Since version 3.0.STABLE15-1 error pages are not included in squid3-common anymore, but are instead shipped in a separate package (squid-langpack). If the error_directory option in /etc/squid3/squid.conf was customized, it should be checked against the new directory layout of squid-langpack; if it is not set correctly, squid3 will refuse to start. -- Luigi Gangitano Mon, 6 Jul 2009 13:29:10 +0200 debian/squid3-cgi.dirs0000664000000000000000000000001312252041564012016 0ustar /etc/squid debian/squid3.upstart0000664000000000000000000000251712252041564012032 0ustar # squid - SQUID HTTP proxy-cache # description "HTTP proxy-cache" author "Chuck Short " # The second "or" condition is to start squid in case it failed to start # because no real interface was there. start on runlevel [2345] stop on runlevel [!2345] respawn normal exit 0 env CONFIG="/etc/squid3/squid.conf" env SQUID_ARGS="-YC" pre-start script /lib/init/apparmor-profile-load usr.sbin.squid3 if [ -f /etc/default/squid3 ]; then . /etc/default/squid3 fi find_cache_dir () { w=" " # space tab res=`sed -ne ' s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $CONFIG` [ -n "$res" ] || res=$2 echo "$res" } find_cache_type () { w=" " # space tab res=`sed -ne ' s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $CONFIG` [ -n "$res" ] || res=$2 echo "$res" } cache_dir=`find_cache_dir cache_dir` cache_type=`find_cache_type cache_dir` if [ "$cache_type" = "coss" -a -d "$cache_dir" -a ! -f "$cache_dir/stripe" ] || [ "$cache_type" != "coss" -a -d "$cache_dir" -a ! -d "$cache_dir/00" ] then /usr/sbin/squid3 $SQUID_ARGS -z -f $CONFIG fi end script script if [ -f /etc/default/squid3 ]; then . /etc/default/squid3 fi umask 027 ulimit -n 65535 exec /usr/sbin/squid3 -N $SQUID_ARGS -f $CONFIG end script debian/control0000664000000000000000000000777212252041564010611 0ustar Source: squid3 Section: web Priority: optional Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Luigi Gangitano Homepage: http://www.squid-cache.org Standards-Version: 3.9.4 Build-Depends: libldap2-dev, libpam0g-dev, libdb-dev, cdbs, libsasl2-dev, debhelper (>=5), libcppunit-dev, libkrb5-dev, comerr-dev, libcap2-dev [linux-any], libecap2-dev, libexpat1-dev, libxml2-dev, autotools-dev, libltdl-dev, dpkg-dev (>= 1.16.1~), pkg-config, libnetfilter-conntrack-dev [linux-any], dh-apparmor, lsb-release XS-Testsuite: autopkgtest Package: squid3 Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, netbase, adduser, logrotate (>= 3.5.4-1), squid3-common (= ${source:Version}), lsb-base, ssl-cert (>= 1.0-11ubuntu1) Suggests: squidclient, squid-cgi, squid-purge, resolvconf (>= 0.40), smbclient, ufw, winbindd, apparmor (>= 2.3) Description: Full featured Web Proxy cache (HTTP proxy) Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, ICY and HTTP data objects. . Squid version 3 is a major rewrite of Squid in C++ and introduces a number of new features including ICAP and ESI support. Package: squid3-dbg Architecture: any Section: debug Priority: extra Depends: squid3 (= ${binary:Version}), ${misc:Depends} Description: Full featured Web Proxy cache (HTTP proxy) - Debug symbols Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, ICY and HTTP data objects. . Squid version 3 is a major rewrite of Squid in C++ and introduces a number of new features including ICAP and ESI support. . This package contains debugging symbols for binaries in squid3. Package: squid3-common Architecture: all Depends: ${misc:Depends}, squid-langpack (>= 20110214-1) Description: Full featured Web Proxy cache (HTTP proxy) - common files Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, ICY and HTTP data objects. . Squid version 3 is a major rewrite of Squid in C++ and introduces a number of new features including ICAP and ESI support. . This package contains common files (MIB and icons) Package: squidclient Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Provides: squid3-client Conflicts: squid3-client Replaces: squid3-client Description: Full featured Web Proxy cache (HTTP proxy) - control utility Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, ICY and HTTP data objects. . Squid version 3 is a major rewrite of Squid in C++ and introduces a number of new features including ICAP and ESI support. . This package contains a small utility that can be used to get URLs from the command line. Package: squid-cgi Architecture: any Depends: apache2 | httpd, ${shlibs:Depends}, ${misc:Depends} Provides: squid3-cgi Conflicts: squid3-cgi Replaces: squid3-cgi Description: Full featured Web Proxy cache (HTTP proxy) - control CGI Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, ICY and HTTP data objects. . Squid version 3 is a major rewrite of Squid in C++ and introduces a number of new features including ICAP and ESI support. . This package contains a CGI program that can be used to query and administrate a `squid' proxy cache through a web browser. Package: squid-purge Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: Full featured Web Proxy cache (HTTP proxy) - control utility Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, ICY and HTTP data objects. . Squid version 3 is a major rewrite of Squid in C++ and introduces a number of new features including ICAP and ESI support. . This package contains a small utility that can be used to manage the disk cache from the command line. Package: squid Architecture: any Depends: ${misc:Depends}, squid3 (= ${binary:Version}) Description: dependency package from squid to squid3 Dependency package to install squid3 as the default squid. debian/squid3-common.links0000664000000000000000000000006312252041564012730 0ustar /usr/share/squid-langpack /usr/share/squid3/errors debian/squid3.ufw.profile0000664000000000000000000000016712252041564012567 0ustar [Squid] title=Squid proxy cache description=Internet object cache (WWW proxy cache) ports=2048,3128,3130,3401,4827/tcp debian/squidclient.install0000664000000000000000000000006512252041564013106 0ustar usr/bin/squidclient usr/share/man/man1/squidclient.1 debian/squid3.postrm0000664000000000000000000000124012252041564011644 0ustar #! /bin/sh set -e case "$1" in remove) ;; purge) echo "Purging logfiles..." rm -rf /var/log/squid3 if [ -f /etc/squid3/squid.conf ]; then echo "Removing the config-file .." rm -f /etc/squid3/squid.conf fi # # We do not remove /var/spool/squid3 because that might # take a lot of time. Most of the time it is on a seperate # disk anyway and it is faster to do a mkfs on it.. # echo "Please, remove /var/spool/squid3 yourself." ;; failed-upgrade) ;; upgrade|abort-install|abort-upgrade|disappear) ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/watch0000664000000000000000000000016112252041564010220 0ustar version=3 http://www.squid-cache.org/Versions/v3/3.3/squid-([\.\d]+)\.(?:zip|tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz))) debian/README.Debian0000664000000000000000000000211012252041564011224 0ustar This is the next-generation Squid. In version 3.x squid has been ported to C++ for code manageability. Since squid 2.x is not developed anymore except for bug fixing, this package is where new features will be added. Squid 3.3 supports IPv6, WCCPv2, ICAP, Edge Side Include, SSL offloading, etc. Please note that not all of the new feature have been enabled in Debian package. Squid 3.3 is configured by the /etc/squid3/squid.conf file. Syntax of that file is the same of previous versions of squid and each directive is largely commented there. Configuration files from 2.x versions of squid will mostly work in squid 3.3. Changes to the configuration file are reported in /usr/share/doc/squid3-common/RELEASENOTES.html This package can be installed alongside a squid-2.x package, for testing and migration purpose. Please note that the default http_port for both packages is 3128 and at least one has to be changed. The squid homepage is at http://www.squid-cache.org/ Squid was downloaded from that site with HTTP. -- Luigi Gangitano , Mon, 21 Sep 2009 20:27:00 +0200 debian/squid3.logrotate0000664000000000000000000000052312252041564012323 0ustar # # Logrotate fragment for squid3. # /var/log/squid3/*.log { daily compress delaycompress rotate 2 missingok nocreate sharedscripts prerotate test ! -x /usr/sbin/sarg-reports || /usr/sbin/sarg-reports endscript postrotate test ! -e /var/run/squid3.pid || test ! -x /usr/sbin/squid3 || /usr/sbin/squid3 -k rotate endscript } debian/squid3-common.install0000664000000000000000000000021112252041564013251 0ustar usr/share/squid3/icons usr/share/squid3/mib.txt usr/share/squid3/mime.conf etc/squid3/squid.conf.documented /usr/share/doc/squid3-common debian/patches/0000775000000000000000000000000012252043165010617 5ustar debian/patches/90-cf.data.ubuntu.patch0000664000000000000000000000063112252041564014710 0ustar --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -4545,6 +4545,9 @@ NOCOMMENT_START refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 +refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880 +# example lin deb packages +#refresh_pattern (\.deb|\.udeb)$ 129600 100% 129600 refresh_pattern . 0 20% 4320 NOCOMMENT_END DOC_END debian/patches/fix-pod2man-config.test.patch0000664000000000000000000000217212252041564016210 0ustar Description: fix config.test, pod2man _can_ format manpages Author: Dmitrijs Ledkovs --- a/helpers/basic_auth/DB/config.test +++ b/helpers/basic_auth/DB/config.test @@ -2,6 +2,6 @@ ## Test: do we have perl to build the helper scripts? ## Test: do we have pod2man to build the manual? -perl --version >/dev/null && echo | pod2man >/dev/null +perl --version >/dev/null && echo "=head1 NAME" | pod2man >/dev/null exit $? --- a/helpers/external_acl/SQL_session/config.test +++ b/helpers/external_acl/SQL_session/config.test @@ -2,6 +2,6 @@ ## Test: do we have perl to build the helper scripts? ## Test: do we have pod2man to build the manual? -perl --version >/dev/null && echo | pod2man >/dev/null +perl --version >/dev/null && echo "=head1 NAME" | pod2man >/dev/null exit $? --- a/helpers/log_daemon/DB/config.test +++ b/helpers/log_daemon/DB/config.test @@ -2,6 +2,6 @@ ## Test: do we have perl to build the helper scripts? ## Test: do we have pod2man to build the manual? -perl --version >/dev/null && echo | pod2man >/dev/null +perl --version >/dev/null && echo "=head1 NAME" | pod2man >/dev/null exit $? debian/patches/01-cf.data.debian.patch0000664000000000000000000000735112252041564014606 0ustar Author: Luigi Gangitano Description: Default configuration file for debian --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -327,7 +327,7 @@ If you want to use the traditional NCSA proxy authentication, set this line to something like - auth_param basic program @DEFAULT_PREFIX@/libexec/basic_ncsa_auth @DEFAULT_PREFIX@/etc/passwd + auth_param basic program @DEFAULT_PREFIX@/lib/squid3/basic_ncsa_auth @DEFAULT_PREFIX@/etc/passwd "utf8" on|off HTTP uses iso-latin-1 as character set, while some authentication @@ -400,7 +400,7 @@ If you want to use a digest authenticator, set this line to something like - auth_param digest program @DEFAULT_PREFIX@/bin/digest_pw_auth @DEFAULT_PREFIX@/etc/digpass + auth_param digest program @DEFAULT_PREFIX@/lib/squid3/digest_pw_auth @DEFAULT_PREFIX@/etc/digpass "utf8" on|off HTTP uses iso-latin-1 as character set, while some authentication @@ -477,6 +477,9 @@ of type proxy_auth. By default, the NTLM authenticator_program is not used. + NOTE: In Debian the ntlm_auth program is distributed in the winbindd package + which is required for this auth scheme to work + auth_param ntlm program /usr/bin/ntlm_auth "children" numberofchildren [startup=N] [idle=N] @@ -518,6 +521,9 @@ The only supported program for this role is the ntlm_auth program distributed as part of Samba, version 4 or later. + NOTE: In Debian the ntlm_auth program is distributed in the winbindd package + which is required for this auth scheme to work + auth_param negotiate program /usr/bin/ntlm_auth --helper-protocol=gss-spnego "children" numberofchildren [startup=N] [idle=N] @@ -1009,11 +1015,11 @@ # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed -acl localnet src 10.0.0.0/8 # RFC1918 possible internal network -acl localnet src 172.16.0.0/12 # RFC1918 possible internal network -acl localnet src 192.168.0.0/16 # RFC1918 possible internal network -acl localnet src fc00::/7 # RFC 4193 local private network range -acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines +#acl localnet src 10.0.0.0/8 # RFC1918 possible internal network +#acl localnet src 172.16.0.0/12 # RFC1918 possible internal network +#acl localnet src 192.168.0.0/16 # RFC1918 possible internal network +#acl localnet src fc00::/7 # RFC 4193 local private network range +#acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http @@ -1194,7 +1200,7 @@ # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed -http_access allow localnet +#http_access allow localnet http_access allow localhost # And finally deny all other access to this proxy @@ -3889,7 +3895,7 @@ NAME: logfile_rotate TYPE: int -DEFAULT: 10 +DEFAULT: 0 LOC: Config.Log.rotateNumber DOC_START Specifies the number of logfile rotations to make when you @@ -3908,6 +3914,9 @@ Note, from Squid-3.1 this option is only a default for cache.log, that log can be rotated separately by using debug_options. + + Note2, for Debian/Linux the default of logfile_rotate is + zero, since it includes external logfile-rotation methods. DOC_END NAME: emulate_httpd_log @@ -7982,8 +7991,8 @@ WARNING: This option will restrict the situations under which IPv6 - connectivity is used (and tested). Hiding network problems - which would otherwise be detected and warned about. + connectivity is used (and tested), potentially hiding network + problems which would otherwise be detected and warned about. DOC_END NAME: ipcache_size debian/patches/99-ubuntu-ssl-cert-snakeoil.patch0000664000000000000000000000103112252041564016752 0ustar --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -2728,6 +2728,19 @@ DOC_START If 'sslkey' is not specified 'sslcert' is assumed to reference a combined file containing both the certificate and the key. + + Notes: + + On Debian/Ubuntu systems a default snakeoil certificate is + available in /etc/ss and users can set: + + cert=/etc/ssl/certs/ssl-cert-snakeoil.pem + + and + + key=/etc/ssl/private/ssl-cert-snakeoil.key + + for testing. sslversion=1|2|3|4|5|6 The SSL version to use when connecting to this peer debian/patches/16-ipc-statedir.patch0000664000000000000000000000225212252041564014456 0ustar Author: Luigi Gangitano Description: Change default statedir for IPC to /var/run/squid3 --- a/src/ipc/Makefile.am +++ b/src/ipc/Makefile.am @@ -59,7 +59,7 @@ mem/Segment.cc \ mem/Segment.h -DEFS += -DDEFAULT_STATEDIR=\"$(localstatedir)/run/squid\" +DEFS += -DDEFAULT_STATEDIR=\"$(localstatedir)/run/squid3\" install-data-local: - $(mkinstalldirs) $(DESTDIR)$(localstatedir)/run/squid; + $(mkinstalldirs) $(DESTDIR)$(localstatedir)/run/squid3; --- a/src/ipc/Makefile.in +++ b/src/ipc/Makefile.in @@ -128,7 +128,7 @@ DEFAULT_LOG_DIR = @DEFAULT_LOG_DIR@ DEFAULT_PID_FILE = @DEFAULT_PID_FILE@ DEFAULT_SWAP_DIR = @DEFAULT_SWAP_DIR@ -DEFS = @DEFS@ -DDEFAULT_STATEDIR=\"$(localstatedir)/run/squid\" +DEFS = @DEFS@ -DDEFAULT_STATEDIR=\"$(localstatedir)/run/squid3\" DEPDIR = @DEPDIR@ DIGEST_AUTH_HELPERS = @DIGEST_AUTH_HELPERS@ DISK_LIBS = @DISK_LIBS@ @@ -821,7 +821,7 @@ .PHONY: testHeaders install-data-local: - $(mkinstalldirs) $(DESTDIR)$(localstatedir)/run/squid; + $(mkinstalldirs) $(DESTDIR)$(localstatedir)/run/squid3; # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. debian/patches/15-cachemgr-default-config.patch0000664000000000000000000000254612252041564016531 0ustar Author: Luigi Gangitano Description: Fix path for cachemgr.cgi default configuration file --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -68,7 +68,7 @@ ## ##### cachemgr.cgi ##### -DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf +DEFAULT_CACHEMGR_CONFIG = /etc/squid/cachemgr.conf libexec_PROGRAMS = cachemgr$(CGIEXT) @@ -91,6 +91,7 @@ ## Shared install-data-local: + test -z "/etc/squid" || $(MKDIR_P) "$(DESTDIR)/etc/squid" $(INSTALL_DATA) $(srcdir)/cachemgr.conf $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG).default @if test -f $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG) ; then \ echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG)" ; \ --- a/tools/Makefile.in +++ b/tools/Makefile.in @@ -434,7 +434,7 @@ test_tools.cc \ time.cc -DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf +DEFAULT_CACHEMGR_CONFIG = /etc/squid/cachemgr.conf cachemgr__CGIEXT__SOURCES = cachemgr.cc \ stub_debug.cc \ test_tools.cc \ @@ -1237,6 +1237,7 @@ $(SUBSTITUTE) < $(srcdir)/cachemgr.cgi.8.in > $@ install-data-local: + test -z "/etc/squid" || $(MKDIR_P) "$(DESTDIR)/etc/squid" $(INSTALL_DATA) $(srcdir)/cachemgr.conf $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG).default @if test -f $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG) ; then \ echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG)" ; \ debian/patches/02-makefile-defaults.patch0000664000000000000000000000112612252041564015442 0ustar Author: Luigi Gangitano Description: Change default file locations for debian --- a/src/Makefile.in +++ b/src/Makefile.in @@ -2802,7 +2802,7 @@ DEFAULT_PREFIX = $(prefix) DEFAULT_CONFIG_DIR = $(sysconfdir) DEFAULT_CONFIG_FILE = $(DEFAULT_CONFIG_DIR)/squid.conf -DEFAULT_MIME_TABLE = $(DEFAULT_CONFIG_DIR)/mime.conf +DEFAULT_MIME_TABLE = $(datadir)/mime.conf DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'` DEFAULT_SSL_CRTD = $(libexecdir)/`echo ssl_crtd | sed '$(transform);s/$$/$(EXEEXT)/'` DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR) debian/patches/fix-distribution.patch0000664000000000000000000013031512252041564015147 0ustar Author: Yolanda Robla Description: Added patch to show distribution when using squid3 -v Last-Update: 2013-11-11 Index: squid3/configure.ac =================================================================== --- squid3.orig/configure.ac 2013-11-07 04:15:15.147895000 +0000 +++ squid3/configure.ac 2013-11-07 04:15:15.143895000 +0000 @@ -216,6 +216,14 @@ AC_DEFINE_UNQUOTED(SQUID_CONFIGURE_OPTIONS, "$ac_configure_args", [configure command line used to configure Squid]) +# define distribution +if test -x /usr/bin/lsb_release && lsb_release -si; then + SQUID_DISTRIBUTION=" ($(lsb_release -si))" +else + SQUID_DISTRIBUTION="" +fi +AC_DEFINE_UNQUOTED(SQUID_DISTRIBUTION, "$SQUID_DISTRIBUTION", Squid distribution) + CACHE_EFFECTIVE_USER="nobody" AC_ARG_WITH(default-user, AS_HELP_STRING([--with-default-user=USER],[System user account for squid permissions. Default: nobody]), Index: squid3/include/autoconf.h.in =================================================================== --- squid3.orig/include/autoconf.h.in 2013-11-08 14:28:00.515895000 +0000 +++ squid3/include/autoconf.h.in 2013-11-08 14:28:00.415895000 +0000 @@ -1193,6 +1193,9 @@ /* Squid extended build info field for "squid -v" output */ #undef SQUID_BUILD_INFO +/* Squid distribution field for "squid -v" output */ +#undef SQUID_DISTRIBUTION + /* configure command line used to configure Squid */ #undef SQUID_CONFIGURE_OPTIONS Index: squid3/src/main.cc =================================================================== --- squid3.orig/src/main.cc 2013-11-08 14:28:00.515895000 +0000 +++ squid3/src/main.cc 2013-11-08 14:28:00.427895000 +0000 @@ -169,6 +169,10 @@ #define SQUID_BUILD_INFO "" #endif +#if !defined(SQUID_DISTRIBUTION) +#define SQUID_DISTRIBUTION "" +#endif + static char *opt_syslog_facility = NULL; static int icpPortNumOverride = 1; /* Want to detect "-u 0" */ static int configured_once = 0; @@ -577,6 +581,8 @@ /** \par v * Display squid version and build information. Then exit. */ printf("Squid Cache: Version %s\n" ,version_string); + if (strlen(SQUID_DISTRIBUTION)) + printf("%s\n", SQUID_DISTRIBUTION); if (strlen(SQUID_BUILD_INFO)) printf("%s\n",SQUID_BUILD_INFO); printf( "configure options: %s\n", SQUID_CONFIGURE_OPTIONS); Index: squid3/configure =================================================================== --- squid3.orig/configure 2013-11-08 14:28:00.515895000 +0000 +++ squid3/configure 2013-11-08 14:28:00.511895000 +0000 @@ -1,14 +1,12 @@ #! /bin/sh # From configure.ac Revision. # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.68 for Squid Web Proxy 3.3.8. +# Generated by GNU Autoconf 2.69 for Squid Web Proxy 3.3.8. # # Report bugs to . # # -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software -# Foundation, Inc. +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # # # This configure script is free software; the Free Software Foundation @@ -137,6 +135,31 @@ # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh @@ -170,7 +193,8 @@ else exitcode=1; echo positional parameters were not saved. fi -test x\$exitcode = x0 || exit 1" +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && @@ -223,21 +247,25 @@ if test "x$CONFIG_SHELL" != x; then : - # We cannot yet assume a decent shell, so we have to provide a - # neutralization value for shells without unset; and this also - # works around shells that cannot unset nonexistent variables. - # Preserve -v and -x to the replacement shell. - BASH_ENV=/dev/null - ENV=/dev/null - (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV - export CONFIG_SHELL - case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; - esac - exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"} + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 fi if test x$as_have_required = xno; then : @@ -340,6 +368,14 @@ } # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take @@ -461,6 +497,10 @@ chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). @@ -495,16 +535,16 @@ # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -516,28 +556,8 @@ as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -912,13 +932,11 @@ enable_strict_error_checking enable_loadable_modules enable_shared -enable_shared enable_static with_pic enable_fast_install with_gnu_ld enable_libtool_lock -with_gnu_ld with_included_ltdl with_ltdl_include with_ltdl_lib @@ -1014,9 +1032,6 @@ CPPFLAGS CXX CXXFLAGS -LDFLAGS -LIBS -CPPFLAGS CCC CXXCPP CPP @@ -1483,8 +1498,6 @@ if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe - $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. - If a cross compiler is detected then cross compile mode will be used" >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -2015,9 +2028,9 @@ if $ac_init_version; then cat <<\_ACEOF Squid Web Proxy configure 3.3.8 -generated by GNU Autoconf 2.68 +generated by GNU Autoconf 2.69 -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -2369,7 +2382,7 @@ test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || - $as_test_x conftest$ac_exeext + test -x conftest$ac_exeext }; then : ac_retval=0 else @@ -2513,7 +2526,7 @@ test ! -s conftest.err } && test -s conftest$ac_exeext && { test "$cross_compiling" = yes || - $as_test_x conftest$ac_exeext + test -x conftest$ac_exeext }; then : ac_retval=0 else @@ -2819,7 +2832,8 @@ main () { static int test_array [1 - 2 * !(($2) >= 0)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2835,7 +2849,8 @@ main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2861,7 +2876,8 @@ main () { static int test_array [1 - 2 * !(($2) < 0)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2877,7 +2893,8 @@ main () { static int test_array [1 - 2 * !(($2) >= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -2911,7 +2928,8 @@ main () { static int test_array [1 - 2 * !(($2) <= $ac_mid)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -3005,7 +3023,8 @@ main () { static int test_array [1 - 2 * !(0 < ($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 1))]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -3021,7 +3040,8 @@ { static int test_array [1 - 2 * !(($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 1) < ($ac_type) ((((($ac_type) 1 << N) << N) - 1) * 2 + 2))]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -3078,7 +3098,8 @@ main () { static int test_array [1 - 2 * !((($ac_type) -1 >> ($2 / 2 - 1)) >> ($2 / 2 - 1) == 3)]; -test_array [0] = 0 +test_array [0] = 0; +return test_array [0]; ; return 0; @@ -3111,7 +3132,7 @@ running configure, to aid debugging if configure makes a mistake. It was created by Squid Web Proxy $as_me 3.3.8, which was -generated by GNU Autoconf 2.68. Invocation command line was +generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3530,7 +3551,7 @@ # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. @@ -3699,7 +3720,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3739,7 +3760,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3790,7 +3811,7 @@ test -z "$as_dir" && as_dir=. for ac_prog in mkdir gmkdir; do for ac_exec_ext in '' $ac_executable_extensions; do - { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue + as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( 'mkdir (GNU coreutils) '* | \ 'mkdir (coreutils) '* | \ @@ -3843,7 +3864,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AWK="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4422,7 +4443,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4462,7 +4483,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4515,7 +4536,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4556,7 +4577,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -4614,7 +4635,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -4658,7 +4679,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -5104,8 +5125,7 @@ /* end confdefs.h. */ #include #include -#include -#include +struct stat; /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); @@ -5533,7 +5553,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -5577,7 +5597,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CXX="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6140,7 +6160,7 @@ for ac_prog in grep ggrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue + as_fn_executable_p "$ac_path_GREP" || continue # Check for GNU ac_path_GREP and select it if it is found. # Check for GNU $ac_path_GREP case `"$ac_path_GREP" --version 2>&1` in @@ -6206,7 +6226,7 @@ for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue + as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in @@ -6413,8 +6433,8 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -# define __EXTENSIONS__ 1 - $ac_includes_default +# define __EXTENSIONS__ 1 + $ac_includes_default int main () { @@ -6653,7 +6673,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6693,7 +6713,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -6896,7 +6916,7 @@ for ac_prog in egrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue + as_fn_executable_p "$ac_path_EGREP" || continue # Check for GNU ac_path_EGREP and select it if it is found. # Check for GNU $ac_path_EGREP case `"$ac_path_EGREP" --version 2>&1` in @@ -6963,7 +6983,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_SH="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7004,7 +7024,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_FALSE="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7045,7 +7065,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_TRUE="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7086,7 +7106,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_MV="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7127,7 +7147,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_MKDIR="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7168,7 +7188,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_LN="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7209,7 +7229,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_CHMOD="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7250,7 +7270,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_TR="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7291,7 +7311,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_RM="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7332,7 +7352,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_CPPUNITCONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7375,7 +7395,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PERL="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7422,7 +7442,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_POD2MAN="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7465,7 +7485,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_AR="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -7727,7 +7747,7 @@ for ac_prog in sed gsed; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue + as_fn_executable_p "$ac_path_SED" || continue # Check for GNU ac_path_SED and select it if it is found. # Check for GNU $ac_path_SED case `"$ac_path_SED" --version 2>&1` in @@ -7806,7 +7826,7 @@ for ac_prog in fgrep; do for ac_exec_ext in '' $ac_executable_extensions; do ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue + as_fn_executable_p "$ac_path_FGREP" || continue # Check for GNU ac_path_FGREP and select it if it is found. # Check for GNU $ac_path_FGREP case `"$ac_path_FGREP" --version 2>&1` in @@ -8062,7 +8082,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8106,7 +8126,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8435,7 +8455,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8475,7 +8495,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OBJDUMP="objdump" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8756,7 +8776,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_AR="${ac_tool_prefix}ar" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8796,7 +8816,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_AR="ar" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8861,7 +8881,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_STRIP="${ac_tool_prefix}strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8901,7 +8921,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_STRIP="strip" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -8960,7 +8980,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9000,7 +9020,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_RANLIB="ranlib" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9577,7 +9597,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9617,7 +9637,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9669,7 +9689,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9709,7 +9729,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_NMEDIT="nmedit" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9761,7 +9781,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_LIPO="${ac_tool_prefix}lipo" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9801,7 +9821,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_LIPO="lipo" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9853,7 +9873,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL="${ac_tool_prefix}otool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9893,7 +9913,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL="otool" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9945,7 +9965,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -9985,7 +10005,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_OTOOL64="otool64" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -18619,7 +18639,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_WIN32_PSAPI="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -18680,6 +18700,18 @@ _ACEOF +# define distribution +if test -x /usr/bin/lsb_release && lsb_release -si; then + SQUID_DISTRIBUTION="$(lsb_release -si)" +else + SQUID_DISTRIBUTION="" +fi + +cat >>confdefs.h <<_ACEOF +#define SQUID_DISTRIBUTION "$SQUID_DISTRIBUTION" +_ACEOF + + CACHE_EFFECTIVE_USER="nobody" # Check whether --with-default-user was given. @@ -18849,7 +18881,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_BZR="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -20376,7 +20408,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -20419,7 +20451,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -22785,7 +22817,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_krb5_config="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -22826,7 +22858,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_krb5_config="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -22865,7 +22897,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_krb5_config="yes" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -25177,11 +25209,11 @@ int main () { -/* FIXME: Include the comments suggested by Paul. */ + #ifndef __cplusplus - /* Ultrix mips cc rejects this. */ + /* Ultrix mips cc rejects this sort of thing. */ typedef int charset[2]; - const charset cs; + const charset cs = { 0, 0 }; /* SunOS 4.1.1 cc rejects this. */ char const *const *pcpcc; char **ppc; @@ -25198,8 +25230,9 @@ ++pcpcc; ppc = (char**) pcpcc; pcpcc = (char const *const *) ppc; - { /* SCO 3.2v4 cc rejects this. */ - char *t; + { /* SCO 3.2v4 cc rejects this sort of thing. */ + char tx; + char *t = &tx; char const *s = 0 ? (char *) 0 : (char const *) 0; *t++ = 0; @@ -25215,10 +25248,10 @@ iptr p = 0; ++p; } - { /* AIX XL C 1.02.0.0 rejects this saying + { /* AIX XL C 1.02.0.0 rejects this sort of thing, saying "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */ - struct s { int j; const int *ap[3]; }; - struct s *b; b->j = 5; + struct s { int j; const int *ap[3]; } bx; + struct s *b = &bx; b->j = 5; } { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ const int foo = 10; @@ -26477,23 +26510,20 @@ /* end confdefs.h. */ $ac_includes_default int -find_stack_direction () +find_stack_direction (int *addr, int depth) { - static char *addr = 0; - auto char dummy; - if (addr == 0) - { - addr = &dummy; - return find_stack_direction (); - } - else - return (&dummy > addr) ? 1 : -1; + int dir, dummy = 0; + if (! addr) + addr = &dummy; + *addr = addr < &dummy ? 1 : addr == &dummy ? 0 : -1; + dir = depth ? find_stack_direction (addr, depth - 1) : 0; + return dir + dummy; } int -main () +main (int argc, char **argv) { - return find_stack_direction () < 0; + return find_stack_direction (0, argc + !argv + 20) < 0; } _ACEOF if ac_fn_cxx_try_run "$LINENO"; then : @@ -30885,7 +30915,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PO2HTML="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -30977,7 +31007,7 @@ IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_path_PO2TEXT="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -31699,16 +31729,16 @@ # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. + # In both cases, we have to default to `cp -pR'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' + as_ln_s='cp -pR' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi else - as_ln_s='cp -p' + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -31768,28 +31798,16 @@ as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in #( - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -31811,7 +31829,7 @@ # values after options handling. ac_log=" This file was extended by Squid Web Proxy $as_me 3.3.8, which was -generated by GNU Autoconf 2.68. Invocation command line was +generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -31877,10 +31895,10 @@ ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ Squid Web Proxy config.status 3.3.8 -configured by $0, generated by GNU Autoconf 2.68, +configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -31971,7 +31989,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' @@ -33999,9 +34017,6 @@ # Remove --cache-file, --srcdir, and --disable-option-checking arguments # so they do not pile up. ac_sub_configure_args= - # Add --quiet option if used - test "$silent" = yes && - ac_sub_configure_args="$ac_sub_configure_args --quiet" ac_prev= eval "set x $ac_configure_args" shift debian/patches/series0000664000000000000000000000033112252041564012032 0ustar 01-cf.data.debian.patch 02-makefile-defaults.patch 15-cachemgr-default-config.patch 16-ipc-statedir.patch 90-cf.data.ubuntu.patch 99-ubuntu-ssl-cert-snakeoil.patch fix-pod2man-config.test.patch fix-distribution.patch debian/squid3.preinst0000664000000000000000000000440212252041564012007 0ustar #! /bin/sh set -e case "$1" in upgrade|install-upgrade) ;; abort-upgrade) exit 0 ;; esac # # Add the "proxy" user/group to /etc/passwd if needed. # if ! grep -q "^proxy:" /etc/passwd then # # Let's hope that this works; if /var/spool/squid3 is # already present this fails :( # adduser --system --home /var/spool/squid3 --group proxy # # Change the shell so that cron jobs will work. # (They run as root now, but you can never know). # chsh -s /bin/sh proxy fi disable_profile() { APP_CONFFILE="/etc/apparmor.d/usr.sbin.squid3" APP_DISABLE="/etc/apparmor.d/disable/usr.sbin.squid3" # Create a symlink to the yet-to-be-unpacked profile if [ ! -e "$APP_CONFFILE" ]; then mkdir -p `dirname $APP_DISABLE` 2>/dev/null || true ln -sf $APP_CONFFILE $APP_DISABLE fi } if [ "$1" = "install" ]; then # Disable AppArmor profile on install disable_profile elif [ "$1" = "upgrade" ] && dpkg --compare-versions "$2" lt "3.1.19-1ubuntu4" ; then # Disable AppArmor on upgrade from earlier than when we first shipped # the profile if the user does not already have a profile defined disable_profile fi # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# # Because of this bug: # https://bugs.launchpad.net/bugs/573853 # Upstart may have lost track of squid. Correct that by using the # pid file to stop it and then start the job back up if [ "$1" = "upgrade" ] \ && [ -f "/var/run/squid.pid" ] \ && [ -f "/etc/init/squid3.conf" ] then SQUID_PID=`cat /var/run/squid3.pid` # is this still running, and actually squid if [ -d "/proc/${SQUID_PID}" ] \ && [ "`stat -L -c %D%i /proc/${SQUID_PID}/exe`" = "`stat -L -c %D%i /usr/sbin/squid`" ] then UPSTART_SQUID_PID=`initctl status squid3 | awk -F'process ' '/start\/running, process / { print $2 }'` PIDFILE_PPID=`awk '{print $4}' /proc/$SQUID_PID/stat` # If the user has disabled expect fork the pids will be the same if [ "$UPSTART_SQUID_PID" != "$SQUID_PID" -a "$PIDFILE_PPID" != "$UPSTART_SQUID_PID" ] then # stop the job if invoke-rc.d squid3 stop then # kill the pid file pid kill ${SQUID_PID} # start the job again invoke-rc.d squid3 start fi fi fi fi #DEBHELPER# exit 0