aboutsummaryrefslogtreecommitdiffstats
path: root/main/squid/APKBUILD
blob: 97de7a35468fc46984bacb735711aa8f2badb848 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=squid
pkgver=3.5.27
pkgrel=4
pkgdesc="A full-featured Web proxy cache server."
url="http://www.squid-cache.org"
install="squid.pre-install squid.pre-upgrade"
pkgusers="squid"
pkggroups="squid"
arch="all"
license="GPL-2.0"
depends="logrotate"
makedepends="libressl-dev perl-dev autoconf automake heimdal-dev libtool
	libcap-dev linux-headers"
subpackages="$pkgname-doc"
linguas="af ar az bg ca cs da de el es et fa fi fr he hu hy id it ja ka ko lt
	lv ms nl oc pl pt ro ru sk sl sr sv th tr uk uz vi zh"
langdir="/usr/share/squid/errors"
source="http://www.squid-cache.org/Versions/v3/${pkgver%.*}/squid-${pkgver}.tar.xz
	SQUID-2018_1.patch
	SQUID-2018_2.patch
	SQUID-2018_3.patch
	bug-3679.patch
	CVE-2019-13345.patch
	CVE-2019-18679.patch
	CVE-2019-12528.patch
	CVE-2020-8517.patch
	SQUID-2020_1.patch

	squid.initd
	squid.confd
	$pkgname.logrotate
	"
pkgusers="squid"
pkggroups="squid"
builddir="$srcdir"/$pkgname-$pkgver

# secfixes:
#   3.5.27-r4:
#     - CVE-2019-12528
#     - CVE-2020-8449
#     - CVE-2020-8450
#     - CVE-2020-8517
#   3.5.27-r3:
#     - CVE-2019-13345
#   3.5.27-r2:
#     - CVE-2018-1000024
#     - CVE-2018-1000027
#     - CVE-2018-1172

prepare() {
	cd "$builddir"
	for i in $source; do
		case $i in
		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
		esac
	done
	find -name config.sub | xargs chmod u+w
}

build() {
	cd "$builddir"

	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--datadir=/usr/share/squid \
		--sysconfdir=/etc/squid \
		--libexecdir=/usr/lib/squid \
		--localstatedir=/var \
		--with-logdir=/var/log/squid \
		--disable-strict-error-checking \
		--disable-arch-native \
		--enable-removal-policies="lru,heap" \
		--enable-auth-digest \
		--enable-auth-basic="getpwnam,NCSA,SMB,SMB_LM,RADIUS" \
		--enable-epoll \
		--enable-external-acl-helpers="file_userip,unix_group,wbinfo_group,session" \
		--enable-auth-ntlm="fake,smb_lm" \
		--enable-auth-negotiate="kerberos,wrapper" \
		--disable-mit \
		--enable-heimdal \
		--enable-delay-pools \
		--enable-arp-acl \
		--enable-openssl \
		--enable-ssl-crtd \
		--enable-linux-netfilter \
		--enable-ident-lookups \
		--enable-useragent-log \
		--enable-cache-digests \
		--enable-referer-log \
		--enable-async-io \
		--enable-truncate \
		--enable-arp-acl \
		--enable-htcp \
		--enable-carp \
		--enable-poll \
		--enable-follow-x-forwarded-for \
		--with-large-files \
		--with-default-user=squid \
		--with-openssl \
		|| return 1

	make || return 1
}

package() {
	cd "$builddir"
	make DESTDIR="$pkgdir" install

	install -m755 -D "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname
	install -m644 -D "$srcdir"/$pkgname.confd "$pkgdir"/etc/conf.d/$pkgname
	install -m644 -D "$srcdir"/$pkgname.logrotate \
		"$pkgdir"/etc/logrotate.d/squid

	install -d -o squid -g squid \
		"$pkgdir"/var/cache/squid \
		"$pkgdir"/var/log/squid \
		"$pkgdir"/var/run/squid
	chmod +x "$pkgdir"/usr/lib/squid/*
}

squid_kerb_auth() {
	pkgdesc="Squid kerberos authetication helper"
	install -d "$subpkgdir"/usr/lib/squid
	mv "$pkgdir"/usr/lib/squid/squid_kerb_auth "$subpkgdir"/usr/lib/squid/
}
sha512sums="4172a053c3b7ffe7a12dfb3febac96942d0fbbe7e98e3f797f22cd75b0a3a89cbbfe7260b5daad099e79d5e9303bb5dfbfee7499cb30a90590aa1bd242ff4817  squid-3.5.27.tar.xz
d08d87d4cf97e794735e29ed2a273e27757a9ef95059cf6a2e2855a0c56e92d9e665b85115c9f3b699974447a7b9cccadb0a8ce606beedb41d27df8361241f8b  SQUID-2018_1.patch
392442527ead5cbb045f6eded522c9aff6ce395034ca028e7298394eccb6ed5b06c814f966ddc6cb264b9a37bf7ae2751e3ed87853566b1d7b757d99280fe60c  SQUID-2018_2.patch
20a036b34f7a595d83e707180d831c4adc9b7432f09be5341cfe7b3b00cbe3e5c0de07376a67834b94e08c849703822371eb71938a024307cb52cf8ef52138e8  SQUID-2018_3.patch
d44d0688a416ce993e186afe77051f764c7b01f452cfe27474a7876bc7f58e36c15c06978eedb189b98e276f512aa3bd58992a08668e89a5ef9cd843c22af72a  bug-3679.patch
9ca3f86fbce36f109a35c35cdb0a9ed21a6fe5cbe7bbb4b92f4527fedd57c19599d338087b099e048084db0374b2ea28bdcbe1798fa37aea8a13d54f6cc0d6a4  CVE-2019-13345.patch
92ca019640d8aecf8b5ed8a1a03a040089ea5e5529fe36aa4b8cb457a4514b00ee1676b559b62efe1309a43b9932c1a1d85b3dd0ce09ff4e503f5bc26260d1f7  CVE-2019-18679.patch
f651183f885a7d43ec9fd8f452c4399a7119ba66e9dbca6f995ea5741f2825437de7248b2c40235a7d4c4f05125f302c068a624d6494e6b03df2cee4600a91a0  CVE-2019-12528.patch
fca27d9dd00f9d080b1bf666392830cc38d4ae7854410f7d5c53ddb54e40216a6bef217b10fa8f4c7c6c6dda317d8071f7814ab9639937c30024085674c28463  CVE-2020-8517.patch
697ce7af015a1ca3147ef58e4d1cd15bfbd70f1d032d76122f038223287c7b54cd1cd1f16c1405420233afbdd11a73c43b5e2bbba0c5bb3f749e253b979df928  SQUID-2020_1.patch
15d95f7d787be8c2e6619ef1661fd8aae8d2c1ede706748764644c7dc3d7c34515ef6e8b7543295fddc4e767bbd74a7cf8c42e77cf60b3d574ff11b3f6e336c9  squid.initd
7292661de344e8a87d855c83afce49511685d2680effab3afab110e45144c0117935f3bf73ab893c9e6d43f7fb5ba013635e24f6da6daf0eeb895ef2e9b5baa9  squid.confd
89a703fa4f21b6c7c26e64a46fd52407e20f00c34146ade0bea0c4b63d050117c0f8e218f2256a1fbf6abb84f4ec9b0472c9a4092ff6e78f07c4f5a25d0892a5  squid.logrotate"