diff --git a/net/squid/Makefile b/net/squid/Makefile new file mode 100644 index 0000000000..1a768c522d --- /dev/null +++ b/net/squid/Makefile @@ -0,0 +1,132 @@ +# +# Copyright (C) 2006-2015 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# + +include $(TOPDIR)/rules.mk + +PKG_NAME:=squid +PKG_VERSION:=3.4.10 +PKG_RELEASE:=1 + +PKG_LICENSE:=GPL-2.0 +PKG_MAINTAINER:=Luka Perkov + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_URL:=http://www.squid-cache.org/Versions/v3/3.4/ +PKG_MD5SUM:=3136edfe9bc2458e725671b0d2455702 + +PKG_BUILD_PARALLEL:=1 +PKG_INSTALL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/squid/Default + SECTION:=net + CATEGORY:=Network + SUBMENU:=Web Servers/Proxies + URL:=http://www.squid-cache.org/ +endef + +define Package/squid + $(call Package/squid/Default) + MENU:=1 + DEPENDS:=+libopenssl +libpthread +librt +libltdl +libstdcpp + TITLE:=full-featured Web proxy cache +endef + +define Package/squid/description + Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. + It reduces bandwidth and improves response times by caching and reusing + frequently-requested web pages. +endef + +define Package/squid-mod-cachemgr + $(call Package/squid/Default) + DEPENDS:=squid + TITLE:=Web based proxy manager and reporting tool +endef + +CONFIGURE_ARGS += \ + --config-cache \ + --datadir=/usr/share/squid \ + --libexecdir=/usr/lib/squid \ + --sysconfdir=/etc/squid \ + --enable-shared \ + --disable-static \ + --enable-icmp \ + --enable-delay-pools \ + --enable-icap-client \ + --enable-kill-parent-hack \ + --disable-snmp \ + --enable-ssl \ + --enable-cache-digests \ + --enable-auth \ + --enable-auth-basic \ + --enable-auth-ntlm \ + --enable-auth-negotiate \ + --enable-auth-digest \ + --enable-linux-netfilter \ + --disable-unlinkd \ + --enable-x-accelerator-vary \ + --disable-translation \ + --disable-auto-locale \ + --with-dl \ + --with-pthreads \ + --without-expat \ + --without-libxml2 \ + --without-nettle \ + --with-openssl=$(STAGING_DIR)/usr \ + --enable-epoll \ + --with-maxfd=4096 \ + --disable-external-acl-helpers \ + --disable-auth-negotiate \ + --disable-auth-ntlm \ + --disable-auth-digest \ + --disable-auth-basic \ + --disable-arch-native \ + --with-krb5-config=no \ + --without-libcap + +CONFIGURE_VARS += \ + ac_cv_header_linux_netfilter_ipv4_h=yes \ + ac_cv_epoll_works=yes \ + +define Build/Compile + $(MAKE) -C $(PKG_BUILD_DIR)/lib \ + all + $(MAKE) -C $(PKG_BUILD_DIR) \ + DESTDIR="$(PKG_INSTALL_DIR)" \ + install +endef + +define Package/squid/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/squid $(1)/usr/sbin/ + + $(INSTALL_DIR) $(1)/etc/config + $(INSTALL_CONF) ./files/squid.config $(1)/etc/config/squid + + $(INSTALL_DIR) $(1)/etc/squid + $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/squid/mime.conf $(1)/etc/squid/ + $(INSTALL_CONF) ./files/squid.conf $(1)/etc/squid/ + + $(INSTALL_DIR) $(1)/etc/init.d/ + $(INSTALL_BIN) ./files/squid.init $(1)/etc/init.d/squid + + $(INSTALL_DIR) $(1)/usr/share/squid/icons/ + $(CP) $(PKG_INSTALL_DIR)/usr/share/squid/icons/* $(1)/usr/share/squid/icons/ + + $(INSTALL_DIR) $(1)/usr/share/squid/errors/templates/ + $(CP) $(PKG_INSTALL_DIR)/usr/share/squid/errors/templates/* $(1)/usr/share/squid/errors/templates/ +endef + +define Package/squid-mod-cachemgr/install + $(INSTALL_DIR) $(1)/www/cgi-bin/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/squid/cachemgr.cgi $(1)/www/cgi-bin/ +endef + +$(eval $(call BuildPackage,squid)) +$(eval $(call BuildPackage,squid-mod-cachemgr)) diff --git a/net/squid/files/squid.conf b/net/squid/files/squid.conf new file mode 100644 index 0000000000..96333ad7eb --- /dev/null +++ b/net/squid/files/squid.conf @@ -0,0 +1,44 @@ +acl localnet src 10.0.0.0/8 +acl localnet src 172.16.0.0/12 +acl localnet src 192.168.0.0/16 +acl localnet src fc00::/7 +acl localnet src fe80::/10 + +acl ssl_ports port 443 + +acl safe_ports port 80 +acl safe_ports port 21 +acl safe_ports port 443 +acl safe_ports port 70 +acl safe_ports port 210 +acl safe_ports port 1025-65535 +acl safe_ports port 280 +acl safe_ports port 488 +acl safe_ports port 591 +acl safe_ports port 777 +acl connect method connect + +http_access deny !safe_ports +http_access deny connect !ssl_ports + +http_access allow localhost manager +http_access deny manager + +http_access deny to_localhost + +http_access allow localnet +http_access allow localhost + +http_access deny all + +refresh_pattern ^ftp: 1440 20% 10080 +refresh_pattern ^gopher: 1440 0% 1440 +refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 +refresh_pattern . 0 20% 4320 + +access_log none +cache_log /dev/null +cache_store_log /dev/null +logfile_rotate 0 + +logfile_daemon /dev/null diff --git a/net/squid/files/squid.config b/net/squid/files/squid.config new file mode 100644 index 0000000000..4c0daae95c --- /dev/null +++ b/net/squid/files/squid.config @@ -0,0 +1,5 @@ +config squid 'squid' + option config_file '/etc/squid/squid.conf' + option http_port '3128' + option coredump_dir '/tmp/squid' + option visible_hostname 'OpenWrt' diff --git a/net/squid/files/squid.init b/net/squid/files/squid.init new file mode 100644 index 0000000000..8b3094840d --- /dev/null +++ b/net/squid/files/squid.init @@ -0,0 +1,52 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2015 OpenWrt.org + +START=90 +STOP=10 + +USE_PROCD=1 +PROG=/usr/sbin/squid +CONFIGFILE="/tmp/squid/squid.conf" + +validate_squid_section() { + uci_validate_section squid squid "${1}" \ + 'config_file:string' \ + 'http_port:port:3128' \ + 'coredump_dir:string' \ + 'visible_hostname:string:OpenWrt' \ + 'pinger_enable:string:off' +} + +start_service() { + local config_file http_port coredump_dir visible_hostname pinger_enable + + validate_squid_section squid || { + echo "validation failed" + return 1 + } + + mkdir -p $(dirname $CONFIGFILE) + + cat $config_file > $CONFIGFILE + echo http_port $http_port >> $CONFIGFILE + echo coredump_dir $coredump_dir >> $CONFIGFILE + echo visible_hostname $visible_hostname >> $CONFIGFILE + echo pinger_enable $pinger_enable >> $CONFIGFILE + + procd_open_instance + procd_set_param command $PROG -s -f $CONFIGFILE -N + procd_set_param file $CONFIGFILE + procd_set_param respawn + procd_close_instance +} + +stop_service() +{ + ${PROG} -f $CONFIGFILE -N -k shutdown 2>/dev/null +} + +service_triggers() +{ + procd_add_reload_trigger "squid" + procd_add_validation validate_squid_section +} diff --git a/net/squid/patches/001-cross_compile.patch b/net/squid/patches/001-cross_compile.patch new file mode 100644 index 0000000000..c30f0346fd --- /dev/null +++ b/net/squid/patches/001-cross_compile.patch @@ -0,0 +1,49 @@ +--- a/src/Makefile.in ++++ b/src/Makefile.in +@@ -7742,7 +7742,7 @@ cache_cf.o: cf_parser.cci + + # cf_gen builds the configuration files. + cf_gen$(EXEEXT): $(cf_gen_SOURCES) $(cf_gen_DEPENDENCIES) cf_gen_defines.cci +- $(HOSTCXX) -o $@ $(srcdir)/cf_gen.cc -I$(srcdir) -I$(top_builddir)/include/ -I$(top_builddir)/src ++ g++ -o $@ $(srcdir)/cf_gen.cc -I$(srcdir) -I$(top_builddir)/include/ -I$(top_builddir)/src + + # squid.conf.default is built by cf_gen when making cf_parser.cci + squid.conf.default squid.conf.documented: cf_parser.cci +--- a/configure ++++ b/configure +@@ -22223,7 +22223,7 @@ $as_echo_n "checking whether the SSL_get + if test "$cross_compiling" = yes; then : + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 + $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +-as_fn_error $? "cannot run test program while cross compiling ++_as_fn_error $? "cannot run test program while cross compiling + See \`config.log' for more details" "$LINENO" 5; } + else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +@@ -22271,7 +22271,7 @@ $as_echo_n "checking whether the workaro + if test "$cross_compiling" = yes; then : + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 + $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +-as_fn_error $? "cannot run test program while cross compiling ++_as_fn_error $? "cannot run test program while cross compiling + See \`config.log' for more details" "$LINENO" 5; } + else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +@@ -24921,7 +24921,7 @@ else + if test "$cross_compiling" = yes; then : + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 + $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +-as_fn_error $? "cannot run test program while cross compiling ++_as_fn_error $? "cannot run test program while cross compiling + See \`config.log' for more details" "$LINENO" 5; } + else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +@@ -24946,7 +24946,7 @@ else + if test "$cross_compiling" = yes; then : + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 + $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +-as_fn_error $? "cannot run test program while cross compiling ++_as_fn_error $? "cannot run test program while cross compiling + See \`config.log' for more details" "$LINENO" 5; } + else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext diff --git a/net/squid/patches/100-mime.patch b/net/squid/patches/100-mime.patch new file mode 100644 index 0000000000..72915ae8f4 --- /dev/null +++ b/net/squid/patches/100-mime.patch @@ -0,0 +1,29 @@ +--- a/src/mime.conf.default ++++ b/src/mime.conf.default +@@ -1,19 +1,3 @@ +-# This file associates filename extensions (for servers or services +-# that don't automatically include them - like ftp) with a mime type +-# and a graphical icon. +-# +-# +-# This file has the format : +-# regex content-type icon content-encoding transfer-mode +-#----------------------------------------------------------------------------------- +-# +-# +-# Content-Encodings are taken from section 3.1 of RFC2068 (HTTP/1.1) +-# +-# +-# +-# regexp content-type icon encoding mode actions +-#-------------------------------------------------------------------------------------------------------- + \.gif$ image/gif silk/image.png - image +download + \.mime$ www/mime silk/page_white_text.png - ascii +download + ^internal-dirup$ - silk/arrow_up.png - - +@@ -190,6 +174,4 @@ + \.xml$ text/xml silk/page_world.png - ascii +download + \.xsl$ text/xml silk/layout.png - ascii +download + \.xyz$ chemical/x-xyz silk/chart_line.png - image +download +- +-# the default + . text/plain silk/bullet_red.png - image +download +view