svn commit: r384005 - in head/www/squid: . files

Tue Apr 14 16:34:41 UTC 2015

Author: pi
Date: Tue Apr 14 16:34:36 2015
New Revision: 384005
URL: https://svnweb.freebsd.org/changeset/ports/384005

Log:
  www/squid: 3.4.12 -> 3.5.3
  
  As it is written on http://www.squid-cache.org/Versions/ for 3.4.x
  versions: they are no longer intended for general use in new installations.
  So this is a big upgrade.
  
  Changes to squid-3.5.3 (28 Mar 2015):
  
  - Regression Bug 4213: negotiate_kerberos_auth: freeing non-dynamic memory
  - Regression Bug 4206: Incorrect connection close on expect:100-continue
  - Bug 4204: ./configure does not abort when required helpers cannot be built
  - Bug 3805: support shared memory on MacOS X in Mem::IPC::Segment
  - Bug 2907: high CPU usage on CONNECT when using delay pools
  - basic_getpwnam_auth: fail authentication on crypt() failures
  - basic_nis_auth: fail authentication on crypt() failures
  - ext_kerberos_ldap_group_acl: Heimdal support improvements
  - ext_wbinfo_group_acl: Perl 5.20 support
  - ... and several compile issues
  
  Changes to squid-3.5.2 (18 Feb 2015):
  
  - Regression Bug 4176: Digest auth too many helper lookups
  - Regression Bug 4180: not-fully-initialized data member in ACLUserData
  - Bug 4172: Solaris broken krb5-config
  - Bug 4073: Cygwin compile errors
  - Bug 3919: remove several never-true / never-false comparisons
  - HTTPS: Add missing root CAs when validating chains that passed
    internal checks
  - Fix some cbdataFree related memory leaks
  - Quieten CBDATA 'leak' messages
  - Set SNI information in transparent bumping mode
  - negotiate_kerberos_auth: fix krb5.conf backward compatibility
  - Fix memory leaks in cachemgr.cgi URL parser
  - Fix sslproxy_options in peek-and-splice mode
  - ... and fix several portability and build issues
  - ... and some documentation updates
  - ... and all fixes from squid 3.4.11
  
  Changes to squid-3.5.1 (13 Jan 2015):
  
  - Fix handling of invalid SSL server certificates when splicing connections
  - basic_smb_lm_auth: Simplified MSNT basic auth helper
  - squidclient: Fix -A and -P options
  - ... and several portability fixes
  - ... and all fixes from squid 3.4.11
  - ... and a lot of documentation updates
  
  Changes to squid-3.5.0.4 (21 Dec 2014):
  
  - Bug 3826: pt 2: Provide a systemd .service file for Squid
  - Support http_access denials of SslBump "peeked" connections.
  - Fix DONT_VERIFY_DOMAIN ssl flag
  - Fix peek-and-splice mode: certificate validation for domain mismatched errors
  - negotiate_kerberos_auth: MEMORY keytab and replay cache support
  - ... and some documentation updates
  - ... and a large amount of code polishing (non-logic changes)
  
  Changes to squid-3.5.0.3 (09 Dec 2014):
  
  - Bug 4146: workaround SSL Bump crash on Linux
  - Bug 4135: Support \-escaped characters in regex patterns
  - Bug 4131: SIGSEGV at store.cc:962 content_length > store_maxobjsize
  - Fix delay_parameters parsing
  - HTTP/2: handle 'PRI' method found in HTTP/1.x traffic
  - ... and all changes from squid 3.4.10
  - ... and a lot of documentation updates
  
  Changes to squid-3.5.0.2 (31 Oct 2014):
  
  - Fix FTP socket opening during reconfigure
  - ... and all changes from 3.4.9
  - ... and some build errors in rarely used code
  - ... and several documentation updates
  
  Changes to squid-3.5.0.1 (17 Oct 2014):
  
  - Port from 2.7: redirector and logging urlgroup feature
  - Bug 4093: source-maintenance.sh bad perl -i option
  - Bug 3608: per-service name for workers UDS sockets
  - Bug 2554: 32-bit wrap in AUFS counters
  - Bug 1961 pt1: URL handling redesign
  - Bug 1202 pt1: documentation for refresh_pattern algorithms
  - Update Squid boilerplate copyright/license
  - Update the http(s)_port directives protocol= parameter
  - Update forward_max_tries to permit 25 server paths
  - Update Kerberos library detection and build options
  - Support ACLs on ftp_epsv directive
  - Support >32KB objects in cache_dir rock storage
  - Support client connection annotation by helpers via clt_conn_tag=TAG
  - Support native FTP Relay
  - Support libgnugss Kerberos library
  - Support libecap v1.0
  - Support SSL Peek and Splice feature
  - Support receiving PROXY protocol version 1 and 2
  - Replace --enable-ssl build option with --with-openssl
  - Enable -n service name command line option for all Squid builds
  - Enable ICAP client by default
  - Fix configuration file parsing bugs, related to quoted strings
  - Fix Windows MinGW build errors
  - Fix multiple TCP outgoing TOS/DiffServ bugs
  - Fix Cygwin /etc/resolv.conf parsing
  - Fix crash when sending %ssl::cert_subject to external ACL w/o certificate
  - Fix crash reading malformed config files
  - Send selected SSL version and cipher to the certificate validation helper
  - Validate server certificates without bumping
  - Add zero-copy string buffer support
  - Add automated squid.conf parser testing with squid -k parse
  - Add adaptation_service ACL
  - Add logformat code %tS to log transaction start time
  - Add logformat code %>rd to log client URL domain name
  - Add key_extras to proxy authentication
  - Add url_rewrite_extras and store_id_extras directives
  - Add send_hit and store_miss directives
  - Add collapsed_forwarding directive
  - Add sslproxy_cert_sign_hash directive
  - Add SMP SSL session cache
  - Add cache_peer standby connections
  - Add helper ext_delayer_acl
  - Add TCP_TUNNEL log code for CONNECT tunnels which are not SSL-bumped
  - Add BUILDCXX and BUILDCXXFLAGS configure options for cross-compile
  - Remove COSS storage in favour of Rock storage
  - Remove dnsserver and external DNS helper API in favour of mDNS
  - Remove broken mallinfo() accounting and memory tracing
  - Remove hierarchy_stoplist in favour of always_direct
  - Deprecate tag ACL type in favour of note ACL type
  - Deprecate urlgroup feature in favour of note ACL type
  - HTTP/1.1: method names are case-sensitive
  - HTTP/1.1: register new headers from RFC 723x
  - squidclient: polish and update help display
  - squidclient: support TLS with GnuTLS 3.1.5+
  - squidclient: support verbosity levels
  - squidclient: --ping mode module support
  - url_fake_rewrite: support concurrency
  - storeid_file_rewrite: support concurrency
  - digest_file_auth: support concurrency
  - digest_edirectory_auth: support concurrency
  - digest_ldap_auth: support concurrency
  - ... and many error page translation updates
  - ... and much code cleanup and polishing
  
  PR:		198089
  Submitted by:	Pavel Timofeev <timp87 at gmail.com>
  Tested by:	John Marshall <john.marshall at riverwillow.com.au>

Added:
  head/www/squid/files/extra-patch-build-8-9   (contents, props changed)
  head/www/squid/files/patch-bug4190   (contents, props changed)
  head/www/squid/files/patch-configure_NIS   (contents, props changed)
  head/www/squid/files/patch-configure_crypt.h   (contents, props changed)
Deleted:
  head/www/squid/files/patch-compat_Makefile.in
  head/www/squid/files/patch-compat_strlen.c
  head/www/squid/files/patch-configure
Modified:
  head/www/squid/Makefile
  head/www/squid/distinfo
  head/www/squid/files/patch-compat_compat.h
  head/www/squid/files/patch-src-cf.data.pre
  head/www/squid/pkg-plist

Modified: head/www/squid/Makefile
==============================================================================

--- head/www/squid/Makefile	Tue Apr 14 16:24:00 2015	(r384004)
+++ head/www/squid/Makefile	Tue Apr 14 16:34:36 2015	(r384005)
@@ -1,7 +1,7 @@
 # $FreeBSD$
 
 PORTNAME=	squid
-PORTVERSION=	3.4.12
+PORTVERSION=	3.5.3
 CATEGORIES=	www ipv6
 MASTER_SITES=	http://www.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \
 		http://www2.us.squid-cache.org/Versions/v3/${PORTVERSION:R}/ \
@@ -26,8 +26,6 @@ COMMENT=	HTTP Caching Proxy
 LICENSE=	GPLv2
 LICENSE_FILE=	${WRKSRC}/COPYING
 
-CONFLICTS_INSTALL=	squid33-*
-
 USES=		compiler cpe perl5 shebangfix tar:xz
 CPE_VENDOR=	squid-cache
 SHEBANG_FILES=	scripts/*.pl contrib/*.pl src/*.pl tools/*.pl \
@@ -44,16 +42,16 @@ PORTEXAMPLES=	*
 SUB_FILES+=	pkg-install pkg-message
 
 OPTIONS_SUB=	yes
-OPTIONS_DEFINE=	ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB \
-		AUTH_SQL CACHE_DIGESTS DEBUG DELAY_POOLS DNS_HELPER ECAP ESI \
+OPTIONS_DEFINE=	ARP_ACL AUTH_LDAP AUTH_NIS AUTH_SASL AUTH_SMB \
+		AUTH_SQL CACHE_DIGESTS DEBUG DELAY_POOLS ECAP ESI \
 		FOLLOW_XFF FS_AUFS FS_DISKD FS_ROCK HTCP ICAP ICMP IDENT IPV6 \
 		KQUEUE LARGEFILE NETTLE SNMP SSL SSL_CRTD STACKTRACES LAX_HTTP \
 		TP_IPF TP_IPFW TP_PF VIA_DB WCCP WCCPV2 DOCS EXAMPLES
 
-# Note: FS_FCOSS was removed from OPTIONS, it is broken and only experimental
-#OPTIONS_DEFINE+=	FS_COSS
+OPTIONS_SINGLE=	GSSAPI
+OPTIONS_SINGLE_GSSAPI=	GSSAPI_NONE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
 
-OPTIONS_DEFAULT=AUTH_KERB AUTH_NIS FS_AUFS FS_DISKD HTCP IDENT KQUEUE SNMP \
+OPTIONS_DEFAULT=GSSAPI_BASE AUTH_NIS FS_AUFS FS_DISKD HTCP IDENT KQUEUE SNMP \
 		WCCP WCCPV2
 
 ARP_ACL_CONFIGURE_ENABLE=	eui
@@ -70,7 +68,6 @@ AUTH_SQL_RUN_DEPENDS=		p5-DBD-mysql>=0:$
 AUTH_SQL_USE=			MYSQL=yes
 CACHE_DIGESTS_CONFIGURE_ENABLE=	cache-digests
 DELAY_POOLS_CONFIGURE_ENABLE=	delay-pools
-DNS_HELPER_CONFIGURE_ON=	--disable-internal-dns
 ECAP_CFLAGS=			-I${LOCALBASE}/include
 ECAP_CONFIGURE_ENABLE=		ecap
 ECAP_LDFLAGS=			-L${LOCALBASE}/lib
@@ -106,11 +103,28 @@ VIA_DB_CONFIGURE_ENABLE=	forw-via-db
 WCCPV2_CONFIGURE_ENABLE=	wccpv2
 WCCP_CONFIGURE_ENABLE=		wccp
 
+GSSAPI_NONE_CONFIGURE_ON=	--without-heimdal-krb5 \
+				--without-mit-krb5 \
+				--without-gss
+
+GSSAPI_BASE_USES=		gssapi
+GSSAPI_BASE_CONFIGURE_ON=	--with-heimdal-krb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
+
+GSSAPI_HEIMDAL_USES=		gssapi:heimdal
+GSSAPI_HEIMDAL_CONFIGURE_ON=	--with-heimdal-krb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
+
+GSSAPI_MIT_USES=		gssapi:mit
+GSSAPI_MIT_CONFIGURE_ON=	--with-mit-krb5=${GSSAPIBASEDIR} ${GSSAPI_CONFIGURE_ARGS}
+
 # TODO:
 # add an option for external_acl/session (requires some kind of external
 # Berkeley DB support, unsure which one)
 ARP_ACL_DESC=		ARP/MAC/EUI based authentification
-AUTH_KERB_DESC=		Install Kerberos authentication helpers
+GSSAPI_DESC=		Install Kerberos authentication helpers
+GSSAPI_NONE_DESC=	Build without Kerberos support
+GSSAPI_BASE_DESC=	Build with Kerberos support from base
+GSSAPI_HEIMDAL_DESC=	Build with Kerberos support from security/heimdal
+GSSAPI_MIT_DESC=	Build with Kerberos support from security/krb5
 AUTH_LDAP_DESC=		Install LDAP authentication helpers
 AUTH_NIS_DESC=		Install NIS/YP authentication helpers
 AUTH_SASL_DESC=		Install SASL authentication helpers
@@ -119,14 +133,12 @@ AUTH_SQL_DESC=		Install SQL based auth (
 CACHE_DIGESTS_DESC=	Use cache digests
 DEBUG_DESC=		Build with extended debugging support
 DELAY_POOLS_DESC=	Delay pools (bandwidth limiting)
-DNS_HELPER_DESC=	Use external dnsserver processes for DNS
 ECAP_DESC=		Loadable content adaptation modules
 ESI_DESC=		ESI support
 FOLLOW_XFF_DESC=	Support for the X-Following-For header
 FS_AUFS_DESC=		AUFS (threaded-io) support
-FS_COSS_DESC=		COSS (not stable yet)
 FS_DISKD_DESC=		DISKD storage engine controlled by separate service
-FS_ROCK_DESC=		ROCK (unstable)
+FS_ROCK_DESC=		ROCK storage engine
 HTCP_DESC=		HTCP support
 ICAP_DESC=		the ICAP client
 ICMP_DESC=		ICMP pinging and network measurement
@@ -151,12 +163,12 @@ change_files=	ChangeLog \
 		contrib/nextstep/post_install \
 		errors/Makefile.am \
 		errors/Makefile.in \
-		helpers/basic_auth/MSNT/Makefile.am \
-		helpers/basic_auth/MSNT/Makefile.in \
+		helpers/basic_auth/SMB_LM/README.html \
 		src/Makefile.am \
 		src/Makefile.in \
 		src/cf_gen.cc \
 		src/squid.8.in \
+		test-suite/Makefile.in \
 		tools/Makefile.am \
 		tools/Makefile.in
 
@@ -177,6 +189,7 @@ CONFIGURE_ARGS=	--with-default-user=squi
 		--with-logdir=/var/log/squid \
 		--with-pidfile=/var/run/squid/squid.pid \
 		--with-swapdir=/var/squid/cache \
+		--without-gnutls \
 		--enable-auth \
 		--enable-build-info \
 		--enable-loadable-modules \
@@ -191,7 +204,7 @@ CONFIGURE_ARGS=	--with-default-user=squi
 
 # Authentication methods and modules:
 
-basic_auth=	DB MSNT MSNT-multi-domain NCSA PAM POP3 RADIUS fake getpwnam
+basic_auth=	DB SMB_LM MSNT-multi-domain NCSA PAM POP3 RADIUS fake getpwnam
 digest_auth=	file
 external_acl=	file_userip time_quota unix_group
 ntlm_auth=	fake smb_lm
@@ -220,18 +233,21 @@ basic_auth+=	NIS
 .endif
 
 # POLA: allow the old global make.conf(5) (pre src.conf(5)) defines, too:
-.if ${PORT_OPTIONS:MAUTH_KERB} && !defined(NO_KERBEROS) && !defined(WITHOUT_KERBEROS)
-negotiate_auth=	kerberos wrapper
-. if ${OPSYS} == DragonFly
-LIB_DEPENDS+=	libkrb5.so:${PORTSDIR}/security/krb5
-CFLAGS+=	-I${LOCALBASE}/include
-. endif
-# the kerberos_ldap_group external helper also depends on LDAP and SASL:
+.if ${PORT_OPTIONS:MGSSAPI_NONE} || defined(NO_KERBEROS) || defined(WITHOUT_KERBEROS)
+negotiate_auth=	none
+PLIST_SUB+=	AUTH_KERB="@comment "
+.else
+# The kerberos_ldap_group external helper also depends on LDAP and SASL:
 . if ${PORT_OPTIONS:MAUTH_LDAP} && ${PORT_OPTIONS:MAUTH_SASL}
 external_acl+=	kerberos_ldap_group
 . endif
-.else
-negotiate_auth=	none
+negotiate_auth=	kerberos wrapper
+PLIST_SUB+=	AUTH_KERB=""
+.endif
+
+# Make it build on FreeBSD < 10
+.if ${PORT_OPTIONS:MGSSAPI_BASE}
+EXTRA_PATCHES+=		${FILESDIR}/extra-patch-build-8-9
 .endif
 
 CONFIGURE_ARGS+=	--enable-auth-basic="${basic_auth}" \
@@ -240,6 +256,10 @@ CONFIGURE_ARGS+=	--enable-auth-basic="${
 			--enable-auth-negotiate="${negotiate_auth}" \
 			--enable-auth-ntlm="${ntlm_auth}"
 
+.if ${PORT_OPTIONS:MECAP}
+BROKEN=			It needs eCAP 1.0 lib, which isn't in ports tree now
+.endif
+
 # Storage schemes:
 storage_schemes=	ufs
 diskio_modules=		AIO Blocking IpcIo Mmapped
@@ -254,11 +274,6 @@ LDFLAGS+=		-pthread
 CONFIGURE_ARGS+=	--without-pthreads
 .endif
 
-.if ${PORT_OPTIONS:MFS_COSS}
-BROKEN=			FS_COSS does not compile
-storage_schemes+=	coss
-.endif
-
 .if ${PORT_OPTIONS:MFS_DISKD}
 storage_schemes+=	diskd
 diskio_modules+=	DiskDaemon
@@ -290,7 +305,7 @@ CONFIGURE_ARGS+=	--enable-storeid-rewrit
 # works when it is defined before bsd.port{.pre}.mk is .included.
 # This makes it currently impossible to combine this macro with OPTIONS to
 # conditionally include OpenSSL support.
-# XXX: is this still true with OptionsNG as of 2014-09?
+# XXX: is this still true with OptionsNG as of 2015-03?
 #.include "${.CURDIR}/../../Mk/bsd.openssl.mk"
 .include "${PORTSDIR}/Mk/bsd.openssl.mk"
 CONFIGURE_ARGS+=	--with-openssl="${OPENSSLBASE}"
@@ -320,8 +335,6 @@ post-patch:
 		-e 's|\.conf\.default|.conf.sample|' \
 		-e 's|)\.default|).sample|' \
 		${change_files})
-	@(cd ${WRKSRC} && ${MV} helpers/basic_auth/MSNT/msntauth.conf.default \
-		helpers/basic_auth/MSNT/msntauth.conf.sample)
 	@(cd ${WRKSRC} && ${MV} src/mime.conf.default src/mime.conf.sample)
 
 .if !${PORT_OPTIONS:MIPV6}
@@ -346,7 +359,7 @@ post-install:
 .include <bsd.port.pre.mk>
 
 .if ${COMPILER_TYPE} == clang
-CXXFLAGS+=	-Wno-unused-private-field
+#CXXFLAGS+=	-Wno-unused-private-field
 .if ${COMPILER_VERSION} >= 35
 CXXFLAGS+=	-Wno-undefined-bool-conversion -Wno-tautological-undefined-compare -Wno-dynamic-class-memaccess
 .endif

Modified: head/www/squid/distinfo
==============================================================================
--- head/www/squid/distinfo	Tue Apr 14 16:24:00 2015	(r384004)
+++ head/www/squid/distinfo	Tue Apr 14 16:34:36 2015	(r384005)
@@ -1,2 +1,2 @@
-SHA256 (squid3.4/squid-3.4.12.tar.xz) = a3f4f18fa17e81a8d8e1a2ec059cdbe3211a90ccd1717c3d9e092c0afdde2864
-SIZE (squid3.4/squid-3.4.12.tar.xz) = 2162096
+SHA256 (squid3.5/squid-3.5.3.tar.xz) = 73ec65a08384a3ec93ccc17e89ef7a06ba221816551946f2f051cc736c2981c0
+SIZE (squid3.5/squid-3.5.3.tar.xz) = 2283580

Added: head/www/squid/files/extra-patch-build-8-9
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/squid/files/extra-patch-build-8-9	Tue Apr 14 16:34:36 2015	(r384005)
@@ -0,0 +1,11 @@
+--- helpers/negotiate_auth/kerberos/negotiate_kerberos.h.orig	2015-04-04 11:08:51.000000000 +0400
++++ helpers/negotiate_auth/kerberos/negotiate_kerberos.h	2015-04-04 11:11:10.000000000 +0400
+@@ -135,7 +135,7 @@
+ 
+ char *gethost_name(void);
+ 
+-#if (HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT || HAVE_GSS_MAP_NAME_TO_ANY) && HAVE_KRB5_PAC
++#if (HAVE_GSSKRB5_EXTRACT_AUTHZ_DATA_FROM_SEC_CONTEXT || HAVE_GSS_MAP_NAME_TO_ANY) && HAVE_KRB5_PAC && __FreeBSD__ >= 10
+ #define HAVE_PAC_SUPPORT 1
+ #define MAX_PAC_GROUP_SIZE 200*60
+ typedef struct {

Added: head/www/squid/files/patch-bug4190
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/squid/files/patch-bug4190	Tue Apr 14 16:34:36 2015	(r384005)
@@ -0,0 +1,41 @@
+--- src/auth/User.cc.orig	2015-03-18 13:22:42.134592000 +0300
++++ src/auth/User.cc	2015-03-18 13:26:48.850592000 +0300
+@@ -309,10 +309,7 @@
+ Auth::User::BuildUserKey(const char *username, const char *realm)
+ {
+     SBuf key;
+-    if (realm)
+-        key.Printf("%s:%s", username, realm);
+-    else
+-        key.append(username, strlen(username));
++    key.Printf("%s:%s", username, realm);
+     return key;
+ }
+ 
+@@ -368,11 +365,11 @@
+     if (aString) {
+         assert(!username_);
+         username_ = xstrdup(aString);
+-        // NP: param #2 is working around a c_str() data-copy performance regression
+-        userKey_ = BuildUserKey(username_, (!requestRealm_.isEmpty() ? requestRealm_.c_str() : NULL));
++        if (!requestRealm_.isEmpty())
++            userKey_ = BuildUserKey(username_, requestRealm_.c_str());
++
+     } else {
+         safe_free(username_);
+-        userKey_.clear();
+     }
+ }
+ 
+--- src/auth/User.h.orig	2015-03-18 13:27:30.809059000 +0300
++++ src/auth/User.h	2015-03-18 13:28:22.078121000 +0300
+@@ -65,8 +65,7 @@
+     char const *username() const { return username_; }
+     void username(char const *); ///< set stored username and userKey
+ 
+-    // NP: key is set at the same time as username_. Until then both are empty/NULL.
+-    const char *userKey() {return !userKey_.isEmpty() ? userKey_.c_str() : NULL;}
++    const char *userKey() {return !userKey_.isEmpty() ? userKey_.c_str() : username_;}
+ 
+     /**
+      * How long these credentials are still valid for.

Modified: head/www/squid/files/patch-compat_compat.h
==============================================================================
--- head/www/squid/files/patch-compat_compat.h	Tue Apr 14 16:24:00 2015	(r384004)
+++ head/www/squid/files/patch-compat_compat.h	Tue Apr 14 16:34:36 2015	(r384005)
@@ -1,6 +1,6 @@
---- compat/compat.h.orig	2015-01-13 11:53:17 UTC
-+++ compat/compat.h
-@@ -34,17 +34,6 @@
+--- compat/compat.h.orig	2015-02-26 17:09:19.142090018 +0300
++++ compat/compat.h	2015-02-26 17:09:42.440097986 +0300
+@@ -42,17 +42,6 @@
  #endif
  #endif
  

Added: head/www/squid/files/patch-configure_NIS
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/squid/files/patch-configure_NIS	Tue Apr 14 16:34:36 2015	(r384005)
@@ -0,0 +1,12 @@
+--- configure.orig	2015-03-11 10:22:50.000000000 +0400
++++ configure	2015-03-11 10:27:05.000000000 +0400
+@@ -31858,8 +31858,7 @@
+ #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+ _ACEOF
+ 
+-else
+-  BUILD_HELPER=""
++  BUILD_HELPER="NIS"
+ fi
+ 
+ done

Added: head/www/squid/files/patch-configure_crypt.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/squid/files/patch-configure_crypt.h	Tue Apr 14 16:34:36 2015	(r384005)
@@ -0,0 +1,29 @@
+--- configure.orig	2015-02-27 14:32:14.424780752 +0300
++++ configure	2015-02-27 14:33:30.345774382 +0300
+@@ -31843,7 +31843,7 @@
+ ##
+ 
+ BUILD_HELPER="NIS"
+-for ac_header in sys/types.h rpc/rpc.h rpcsvc/ypclnt.h rpcsvc/yp_prot.h crypt.h
++for ac_header in sys/types.h rpc/rpc.h rpcsvc/ypclnt.h rpcsvc/yp_prot.h rpcsvc/crypt.h
+ do :
+   as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ ac_fn_cxx_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "
+@@ -32319,7 +32319,7 @@
+ 
+   # unconditionally requires crypt(3), for now
+   if test "x$ac_cv_func_crypt" != "x"; then
+-    for ac_header in unistd.h crypt.h shadow.h
++    for ac_header in unistd.h rpcsvc/crypt.h shadow.h
+ do :
+   as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ ac_fn_cxx_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
+@@ -34263,7 +34263,7 @@
+   arpa/nameser.h \
+   assert.h \
+   bstring.h \
+-  crypt.h \
++  rpcsvc/crypt.h \
+   ctype.h \
+   direct.h \
+   errno.h \

Modified: head/www/squid/files/patch-src-cf.data.pre
==============================================================================
--- head/www/squid/files/patch-src-cf.data.pre	Tue Apr 14 16:24:00 2015	(r384004)
+++ head/www/squid/files/patch-src-cf.data.pre	Tue Apr 14 16:34:36 2015	(r384005)
@@ -1,6 +1,6 @@
---- src/cf.data.pre.orig	2013-03-12 11:17:07.000000000 +0100
-+++ src/cf.data.pre	2013-04-09 11:43:01.000000000 +0200
-@@ -3849,6 +3849,10 @@
+--- src/cf.data.pre.orig	2015-02-26 17:56:12.817890613 +0300
++++ src/cf.data.pre	2015-02-26 17:56:41.556917775 +0300
+@@ -4461,6 +4461,10 @@
  LOC: Config.pidFilename
  DOC_START
  	A filename to write the process-id to.  To disable, enter "none".
@@ -10,4 +10,4 @@
 +	%%PREFIX%%/etc/rc.d/squid for details.
  DOC_END
  
- NAME: log_fqdn
+ NAME: client_netmask

Modified: head/www/squid/pkg-plist
==============================================================================
--- head/www/squid/pkg-plist	Tue Apr 14 16:24:00 2015	(r384004)
+++ head/www/squid/pkg-plist	Tue Apr 14 16:34:36 2015	(r384005)
@@ -1,5 +1,7 @@
 @sample %%ETCDIR%%/cachemgr.conf.sample
 @sample %%ETCDIR%%/errorpage.css.sample
+ at sample %%ETCDIR%%/mime.conf.sample
+ at sample %%ETCDIR%%/squid.conf.sample
 %%ETCDIR%%/errors/COPYRIGHT
 %%ETCDIR%%/errors/TRANSLATORS
 %%ETCDIR%%/errors/af/ERR_ACCESS_DENIED
@@ -962,6 +964,49 @@
 %%ETCDIR%%/errors/ja/ERR_WRITE_ERROR
 %%ETCDIR%%/errors/ja/ERR_ZERO_SIZE_OBJECT
 %%ETCDIR%%/errors/ja/error-details.txt
+%%ETCDIR%%/errors/ka-ge
+%%ETCDIR%%/errors/ka/ERR_ACCESS_DENIED
+%%ETCDIR%%/errors/ka/ERR_ACL_TIME_QUOTA_EXCEEDED
+%%ETCDIR%%/errors/ka/ERR_AGENT_CONFIGURE
+%%ETCDIR%%/errors/ka/ERR_AGENT_WPAD
+%%ETCDIR%%/errors/ka/ERR_CACHE_ACCESS_DENIED
+%%ETCDIR%%/errors/ka/ERR_CACHE_MGR_ACCESS_DENIED
+%%ETCDIR%%/errors/ka/ERR_CANNOT_FORWARD
+%%ETCDIR%%/errors/ka/ERR_CONFLICT_HOST
+%%ETCDIR%%/errors/ka/ERR_CONNECT_FAIL
+%%ETCDIR%%/errors/ka/ERR_DIR_LISTING
+%%ETCDIR%%/errors/ka/ERR_DNS_FAIL
+%%ETCDIR%%/errors/ka/ERR_ESI
+%%ETCDIR%%/errors/ka/ERR_FORWARDING_DENIED
+%%ETCDIR%%/errors/ka/ERR_FTP_DISABLED
+%%ETCDIR%%/errors/ka/ERR_FTP_FAILURE
+%%ETCDIR%%/errors/ka/ERR_FTP_FORBIDDEN
+%%ETCDIR%%/errors/ka/ERR_FTP_NOT_FOUND
+%%ETCDIR%%/errors/ka/ERR_FTP_PUT_CREATED
+%%ETCDIR%%/errors/ka/ERR_FTP_PUT_ERROR
+%%ETCDIR%%/errors/ka/ERR_FTP_PUT_MODIFIED
+%%ETCDIR%%/errors/ka/ERR_FTP_UNAVAILABLE
+%%ETCDIR%%/errors/ka/ERR_GATEWAY_FAILURE
+%%ETCDIR%%/errors/ka/ERR_ICAP_FAILURE
+%%ETCDIR%%/errors/ka/ERR_INVALID_REQ
+%%ETCDIR%%/errors/ka/ERR_INVALID_RESP
+%%ETCDIR%%/errors/ka/ERR_INVALID_URL
+%%ETCDIR%%/errors/ka/ERR_LIFETIME_EXP
+%%ETCDIR%%/errors/ka/ERR_NO_RELAY
+%%ETCDIR%%/errors/ka/ERR_ONLY_IF_CACHED_MISS
+%%ETCDIR%%/errors/ka/ERR_PRECONDITION_FAILED
+%%ETCDIR%%/errors/ka/ERR_READ_ERROR
+%%ETCDIR%%/errors/ka/ERR_READ_TIMEOUT
+%%ETCDIR%%/errors/ka/ERR_SECURE_CONNECT_FAIL
+%%ETCDIR%%/errors/ka/ERR_SHUTTING_DOWN
+%%ETCDIR%%/errors/ka/ERR_SOCKET_FAILURE
+%%ETCDIR%%/errors/ka/ERR_TOO_BIG
+%%ETCDIR%%/errors/ka/ERR_UNSUP_HTTPVERSION
+%%ETCDIR%%/errors/ka/ERR_UNSUP_REQ
+%%ETCDIR%%/errors/ka/ERR_URN_RESOLVE
+%%ETCDIR%%/errors/ka/ERR_WRITE_ERROR
+%%ETCDIR%%/errors/ka/ERR_ZERO_SIZE_OBJECT
+%%ETCDIR%%/errors/ka/error-details.txt
 %%ETCDIR%%/errors/ko-kp
 %%ETCDIR%%/errors/ko-kr
 %%ETCDIR%%/errors/ko/ERR_ACCESS_DENIED
@@ -1305,8 +1350,8 @@
 %%ETCDIR%%/errors/pt-br/ERR_WRITE_ERROR
 %%ETCDIR%%/errors/pt-br/ERR_ZERO_SIZE_OBJECT
 %%ETCDIR%%/errors/pt-br/error-details.txt
-%%ETCDIR%%/errors/pt-pt
 %%ETCDIR%%/errors/pt-bz
+%%ETCDIR%%/errors/pt-pt
 %%ETCDIR%%/errors/pt/ERR_ACCESS_DENIED
 %%ETCDIR%%/errors/pt/ERR_ACL_TIME_QUOTA_EXCEEDED
 %%ETCDIR%%/errors/pt/ERR_AGENT_CONFIGURE
@@ -1523,6 +1568,9 @@
 %%ETCDIR%%/errors/sl/ERR_ZERO_SIZE_OBJECT
 %%ETCDIR%%/errors/sl/error-details.txt
 %%ETCDIR%%/errors/sr
+%%ETCDIR%%/errors/sr-cyrl-cs
+%%ETCDIR%%/errors/sr-cyrl-me
+%%ETCDIR%%/errors/sr-cyrl-rs
 %%ETCDIR%%/errors/sr-cyrl/ERR_ACCESS_DENIED
 %%ETCDIR%%/errors/sr-cyrl/ERR_ACL_TIME_QUOTA_EXCEEDED
 %%ETCDIR%%/errors/sr-cyrl/ERR_AGENT_CONFIGURE
@@ -1566,6 +1614,8 @@
 %%ETCDIR%%/errors/sr-cyrl/ERR_ZERO_SIZE_OBJECT
 %%ETCDIR%%/errors/sr-cyrl/error-details.txt
 %%ETCDIR%%/errors/sr-latn-cs
+%%ETCDIR%%/errors/sr-latn-me
+%%ETCDIR%%/errors/sr-latn-rs
 %%ETCDIR%%/errors/sr-latn/ERR_ACCESS_DENIED
 %%ETCDIR%%/errors/sr-latn/ERR_ACL_TIME_QUOTA_EXCEEDED
 %%ETCDIR%%/errors/sr-latn/ERR_AGENT_CONFIGURE
@@ -1608,6 +1658,7 @@
 %%ETCDIR%%/errors/sr-latn/ERR_WRITE_ERROR
 %%ETCDIR%%/errors/sr-latn/ERR_ZERO_SIZE_OBJECT
 %%ETCDIR%%/errors/sr-latn/error-details.txt
+%%ETCDIR%%/errors/sr-rs
 %%ETCDIR%%/errors/sr-sp
 %%ETCDIR%%/errors/sv-fi
 %%ETCDIR%%/errors/sv-se
@@ -1909,93 +1960,100 @@
 %%ETCDIR%%/errors/vi/ERR_WRITE_ERROR
 %%ETCDIR%%/errors/vi/ERR_ZERO_SIZE_OBJECT
 %%ETCDIR%%/errors/vi/error-details.txt
-%%ETCDIR%%/errors/zh-cn/ERR_ACCESS_DENIED
-%%ETCDIR%%/errors/zh-cn/ERR_ACL_TIME_QUOTA_EXCEEDED
-%%ETCDIR%%/errors/zh-cn/ERR_AGENT_CONFIGURE
-%%ETCDIR%%/errors/zh-cn/ERR_AGENT_WPAD
-%%ETCDIR%%/errors/zh-cn/ERR_CACHE_ACCESS_DENIED
-%%ETCDIR%%/errors/zh-cn/ERR_CACHE_MGR_ACCESS_DENIED
-%%ETCDIR%%/errors/zh-cn/ERR_CANNOT_FORWARD
-%%ETCDIR%%/errors/zh-cn/ERR_CONFLICT_HOST
-%%ETCDIR%%/errors/zh-cn/ERR_CONNECT_FAIL
-%%ETCDIR%%/errors/zh-cn/ERR_DIR_LISTING
-%%ETCDIR%%/errors/zh-cn/ERR_DNS_FAIL
-%%ETCDIR%%/errors/zh-cn/ERR_ESI
-%%ETCDIR%%/errors/zh-cn/ERR_FORWARDING_DENIED
-%%ETCDIR%%/errors/zh-cn/ERR_FTP_DISABLED
-%%ETCDIR%%/errors/zh-cn/ERR_FTP_FAILURE
-%%ETCDIR%%/errors/zh-cn/ERR_FTP_FORBIDDEN
-%%ETCDIR%%/errors/zh-cn/ERR_FTP_NOT_FOUND
-%%ETCDIR%%/errors/zh-cn/ERR_FTP_PUT_CREATED
-%%ETCDIR%%/errors/zh-cn/ERR_FTP_PUT_ERROR
-%%ETCDIR%%/errors/zh-cn/ERR_FTP_PUT_MODIFIED
-%%ETCDIR%%/errors/zh-cn/ERR_FTP_UNAVAILABLE
-%%ETCDIR%%/errors/zh-cn/ERR_GATEWAY_FAILURE
-%%ETCDIR%%/errors/zh-cn/ERR_ICAP_FAILURE
-%%ETCDIR%%/errors/zh-cn/ERR_INVALID_REQ
-%%ETCDIR%%/errors/zh-cn/ERR_INVALID_RESP
-%%ETCDIR%%/errors/zh-cn/ERR_INVALID_URL
-%%ETCDIR%%/errors/zh-cn/ERR_LIFETIME_EXP
-%%ETCDIR%%/errors/zh-cn/ERR_NO_RELAY
-%%ETCDIR%%/errors/zh-cn/ERR_ONLY_IF_CACHED_MISS
-%%ETCDIR%%/errors/zh-cn/ERR_PRECONDITION_FAILED
-%%ETCDIR%%/errors/zh-cn/ERR_READ_ERROR
-%%ETCDIR%%/errors/zh-cn/ERR_READ_TIMEOUT
-%%ETCDIR%%/errors/zh-cn/ERR_SECURE_CONNECT_FAIL
-%%ETCDIR%%/errors/zh-cn/ERR_SHUTTING_DOWN
-%%ETCDIR%%/errors/zh-cn/ERR_SOCKET_FAILURE
-%%ETCDIR%%/errors/zh-cn/ERR_TOO_BIG
-%%ETCDIR%%/errors/zh-cn/ERR_UNSUP_HTTPVERSION
-%%ETCDIR%%/errors/zh-cn/ERR_UNSUP_REQ
-%%ETCDIR%%/errors/zh-cn/ERR_URN_RESOLVE
-%%ETCDIR%%/errors/zh-cn/ERR_WRITE_ERROR
-%%ETCDIR%%/errors/zh-cn/ERR_ZERO_SIZE_OBJECT
-%%ETCDIR%%/errors/zh-cn/error-details.txt
+%%ETCDIR%%/errors/zh-cn
+%%ETCDIR%%/errors/zh-hans-cn
+%%ETCDIR%%/errors/zh-hans-sg
+%%ETCDIR%%/errors/zh-hans/ERR_ACCESS_DENIED
+%%ETCDIR%%/errors/zh-hans/ERR_ACL_TIME_QUOTA_EXCEEDED
+%%ETCDIR%%/errors/zh-hans/ERR_AGENT_CONFIGURE
+%%ETCDIR%%/errors/zh-hans/ERR_AGENT_WPAD
+%%ETCDIR%%/errors/zh-hans/ERR_CACHE_ACCESS_DENIED
+%%ETCDIR%%/errors/zh-hans/ERR_CACHE_MGR_ACCESS_DENIED
+%%ETCDIR%%/errors/zh-hans/ERR_CANNOT_FORWARD
+%%ETCDIR%%/errors/zh-hans/ERR_CONFLICT_HOST
+%%ETCDIR%%/errors/zh-hans/ERR_CONNECT_FAIL
+%%ETCDIR%%/errors/zh-hans/ERR_DIR_LISTING
+%%ETCDIR%%/errors/zh-hans/ERR_DNS_FAIL
+%%ETCDIR%%/errors/zh-hans/ERR_ESI
+%%ETCDIR%%/errors/zh-hans/ERR_FORWARDING_DENIED
+%%ETCDIR%%/errors/zh-hans/ERR_FTP_DISABLED
+%%ETCDIR%%/errors/zh-hans/ERR_FTP_FAILURE
+%%ETCDIR%%/errors/zh-hans/ERR_FTP_FORBIDDEN
+%%ETCDIR%%/errors/zh-hans/ERR_FTP_NOT_FOUND
+%%ETCDIR%%/errors/zh-hans/ERR_FTP_PUT_CREATED
+%%ETCDIR%%/errors/zh-hans/ERR_FTP_PUT_ERROR
+%%ETCDIR%%/errors/zh-hans/ERR_FTP_PUT_MODIFIED
+%%ETCDIR%%/errors/zh-hans/ERR_FTP_UNAVAILABLE
+%%ETCDIR%%/errors/zh-hans/ERR_GATEWAY_FAILURE
+%%ETCDIR%%/errors/zh-hans/ERR_ICAP_FAILURE
+%%ETCDIR%%/errors/zh-hans/ERR_INVALID_REQ
+%%ETCDIR%%/errors/zh-hans/ERR_INVALID_RESP
+%%ETCDIR%%/errors/zh-hans/ERR_INVALID_URL
+%%ETCDIR%%/errors/zh-hans/ERR_LIFETIME_EXP
+%%ETCDIR%%/errors/zh-hans/ERR_NO_RELAY
+%%ETCDIR%%/errors/zh-hans/ERR_ONLY_IF_CACHED_MISS
+%%ETCDIR%%/errors/zh-hans/ERR_PRECONDITION_FAILED
+%%ETCDIR%%/errors/zh-hans/ERR_READ_ERROR
+%%ETCDIR%%/errors/zh-hans/ERR_READ_TIMEOUT
+%%ETCDIR%%/errors/zh-hans/ERR_SECURE_CONNECT_FAIL
+%%ETCDIR%%/errors/zh-hans/ERR_SHUTTING_DOWN
+%%ETCDIR%%/errors/zh-hans/ERR_SOCKET_FAILURE
+%%ETCDIR%%/errors/zh-hans/ERR_TOO_BIG
+%%ETCDIR%%/errors/zh-hans/ERR_UNSUP_HTTPVERSION
+%%ETCDIR%%/errors/zh-hans/ERR_UNSUP_REQ
+%%ETCDIR%%/errors/zh-hans/ERR_URN_RESOLVE
+%%ETCDIR%%/errors/zh-hans/ERR_WRITE_ERROR
+%%ETCDIR%%/errors/zh-hans/ERR_ZERO_SIZE_OBJECT
+%%ETCDIR%%/errors/zh-hans/error-details.txt
+%%ETCDIR%%/errors/zh-hant-hk
+%%ETCDIR%%/errors/zh-hant-mo
+%%ETCDIR%%/errors/zh-hant-tw
+%%ETCDIR%%/errors/zh-hant/ERR_ACCESS_DENIED
+%%ETCDIR%%/errors/zh-hant/ERR_ACL_TIME_QUOTA_EXCEEDED
+%%ETCDIR%%/errors/zh-hant/ERR_AGENT_CONFIGURE
+%%ETCDIR%%/errors/zh-hant/ERR_AGENT_WPAD
+%%ETCDIR%%/errors/zh-hant/ERR_CACHE_ACCESS_DENIED
+%%ETCDIR%%/errors/zh-hant/ERR_CACHE_MGR_ACCESS_DENIED
+%%ETCDIR%%/errors/zh-hant/ERR_CANNOT_FORWARD
+%%ETCDIR%%/errors/zh-hant/ERR_CONFLICT_HOST
+%%ETCDIR%%/errors/zh-hant/ERR_CONNECT_FAIL
+%%ETCDIR%%/errors/zh-hant/ERR_DIR_LISTING
+%%ETCDIR%%/errors/zh-hant/ERR_DNS_FAIL
+%%ETCDIR%%/errors/zh-hant/ERR_ESI
+%%ETCDIR%%/errors/zh-hant/ERR_FORWARDING_DENIED
+%%ETCDIR%%/errors/zh-hant/ERR_FTP_DISABLED
+%%ETCDIR%%/errors/zh-hant/ERR_FTP_FAILURE
+%%ETCDIR%%/errors/zh-hant/ERR_FTP_FORBIDDEN
+%%ETCDIR%%/errors/zh-hant/ERR_FTP_NOT_FOUND
+%%ETCDIR%%/errors/zh-hant/ERR_FTP_PUT_CREATED
+%%ETCDIR%%/errors/zh-hant/ERR_FTP_PUT_ERROR
+%%ETCDIR%%/errors/zh-hant/ERR_FTP_PUT_MODIFIED
+%%ETCDIR%%/errors/zh-hant/ERR_FTP_UNAVAILABLE
+%%ETCDIR%%/errors/zh-hant/ERR_GATEWAY_FAILURE
+%%ETCDIR%%/errors/zh-hant/ERR_ICAP_FAILURE
+%%ETCDIR%%/errors/zh-hant/ERR_INVALID_REQ
+%%ETCDIR%%/errors/zh-hant/ERR_INVALID_RESP
+%%ETCDIR%%/errors/zh-hant/ERR_INVALID_URL
+%%ETCDIR%%/errors/zh-hant/ERR_LIFETIME_EXP
+%%ETCDIR%%/errors/zh-hant/ERR_NO_RELAY
+%%ETCDIR%%/errors/zh-hant/ERR_ONLY_IF_CACHED_MISS
+%%ETCDIR%%/errors/zh-hant/ERR_PRECONDITION_FAILED
+%%ETCDIR%%/errors/zh-hant/ERR_READ_ERROR
+%%ETCDIR%%/errors/zh-hant/ERR_READ_TIMEOUT
+%%ETCDIR%%/errors/zh-hant/ERR_SECURE_CONNECT_FAIL
+%%ETCDIR%%/errors/zh-hant/ERR_SHUTTING_DOWN
+%%ETCDIR%%/errors/zh-hant/ERR_SOCKET_FAILURE
+%%ETCDIR%%/errors/zh-hant/ERR_TOO_BIG
+%%ETCDIR%%/errors/zh-hant/ERR_UNSUP_HTTPVERSION
+%%ETCDIR%%/errors/zh-hant/ERR_UNSUP_REQ
+%%ETCDIR%%/errors/zh-hant/ERR_URN_RESOLVE
+%%ETCDIR%%/errors/zh-hant/ERR_WRITE_ERROR
+%%ETCDIR%%/errors/zh-hant/ERR_ZERO_SIZE_OBJECT
+%%ETCDIR%%/errors/zh-hant/error-details.txt
 %%ETCDIR%%/errors/zh-hk
 %%ETCDIR%%/errors/zh-mo
 %%ETCDIR%%/errors/zh-sg
-%%ETCDIR%%/errors/zh-tw/ERR_ACCESS_DENIED
-%%ETCDIR%%/errors/zh-tw/ERR_ACL_TIME_QUOTA_EXCEEDED
-%%ETCDIR%%/errors/zh-tw/ERR_AGENT_CONFIGURE
-%%ETCDIR%%/errors/zh-tw/ERR_AGENT_WPAD
-%%ETCDIR%%/errors/zh-tw/ERR_CACHE_ACCESS_DENIED
-%%ETCDIR%%/errors/zh-tw/ERR_CACHE_MGR_ACCESS_DENIED
-%%ETCDIR%%/errors/zh-tw/ERR_CANNOT_FORWARD
-%%ETCDIR%%/errors/zh-tw/ERR_CONFLICT_HOST
-%%ETCDIR%%/errors/zh-tw/ERR_CONNECT_FAIL
-%%ETCDIR%%/errors/zh-tw/ERR_DIR_LISTING
-%%ETCDIR%%/errors/zh-tw/ERR_DNS_FAIL
-%%ETCDIR%%/errors/zh-tw/ERR_ESI
-%%ETCDIR%%/errors/zh-tw/ERR_FORWARDING_DENIED
-%%ETCDIR%%/errors/zh-tw/ERR_FTP_DISABLED
-%%ETCDIR%%/errors/zh-tw/ERR_FTP_FAILURE
-%%ETCDIR%%/errors/zh-tw/ERR_FTP_FORBIDDEN
-%%ETCDIR%%/errors/zh-tw/ERR_FTP_NOT_FOUND
-%%ETCDIR%%/errors/zh-tw/ERR_FTP_PUT_CREATED
-%%ETCDIR%%/errors/zh-tw/ERR_FTP_PUT_ERROR
-%%ETCDIR%%/errors/zh-tw/ERR_FTP_PUT_MODIFIED
-%%ETCDIR%%/errors/zh-tw/ERR_FTP_UNAVAILABLE
-%%ETCDIR%%/errors/zh-tw/ERR_GATEWAY_FAILURE
-%%ETCDIR%%/errors/zh-tw/ERR_ICAP_FAILURE
-%%ETCDIR%%/errors/zh-tw/ERR_INVALID_REQ
-%%ETCDIR%%/errors/zh-tw/ERR_INVALID_RESP
-%%ETCDIR%%/errors/zh-tw/ERR_INVALID_URL
-%%ETCDIR%%/errors/zh-tw/ERR_LIFETIME_EXP
-%%ETCDIR%%/errors/zh-tw/ERR_NO_RELAY
-%%ETCDIR%%/errors/zh-tw/ERR_ONLY_IF_CACHED_MISS
-%%ETCDIR%%/errors/zh-tw/ERR_PRECONDITION_FAILED
-%%ETCDIR%%/errors/zh-tw/ERR_READ_ERROR
-%%ETCDIR%%/errors/zh-tw/ERR_READ_TIMEOUT
-%%ETCDIR%%/errors/zh-tw/ERR_SECURE_CONNECT_FAIL
-%%ETCDIR%%/errors/zh-tw/ERR_SHUTTING_DOWN
-%%ETCDIR%%/errors/zh-tw/ERR_SOCKET_FAILURE
-%%ETCDIR%%/errors/zh-tw/ERR_TOO_BIG
-%%ETCDIR%%/errors/zh-tw/ERR_UNSUP_HTTPVERSION
-%%ETCDIR%%/errors/zh-tw/ERR_UNSUP_REQ
-%%ETCDIR%%/errors/zh-tw/ERR_URN_RESOLVE
-%%ETCDIR%%/errors/zh-tw/ERR_WRITE_ERROR
-%%ETCDIR%%/errors/zh-tw/ERR_ZERO_SIZE_OBJECT
-%%ETCDIR%%/errors/zh-tw/error-details.txt
+%%ETCDIR%%/errors/zh-tw
 %%ETCDIR%%/icons/SN.png
 %%ETCDIR%%/icons/silk/application.png
 %%ETCDIR%%/icons/silk/arrow_up.png
@@ -2048,15 +2106,11 @@
 %%ETCDIR%%/icons/silk/script_gear.png
 %%ETCDIR%%/icons/silk/script_palette.png
 %%ETCDIR%%/mib.txt
- at sample %%ETCDIR%%/mime.conf.sample
- at sample %%ETCDIR%%/msntauth.conf.sample
 %%ETCDIR%%/squid.conf.documented
- at sample %%ETCDIR%%/squid.conf.sample
 libexec/squid/basic_db_auth
 libexec/squid/basic_fake_auth
 libexec/squid/basic_getpwnam_auth
 %%AUTH_LDAP%%libexec/squid/basic_ldap_auth
-libexec/squid/basic_msnt_auth
 libexec/squid/basic_msnt_multi_domain_auth
 libexec/squid/basic_ncsa_auth
 %%AUTH_NIS%%libexec/squid/basic_nis_auth
@@ -2066,12 +2120,12 @@ libexec/squid/basic_radius_auth
 %%AUTH_SASL%%libexec/squid/basic_sasl_auth
 %%AUTH_SMB%%libexec/squid/basic_smb_auth
 %%AUTH_SMB%%libexec/squid/basic_smb_auth.sh
+libexec/squid/basic_smb_lm_auth
 libexec/squid/cachemgr.cgi
 %%AUTH_KERB%%%%AUTH_LDAP%%%%AUTH_SASL%%libexec/squid/cert_tool
 %%SSL%%libexec/squid/cert_valid.pl
 libexec/squid/digest_file_auth
 %%FS_DISKD%%libexec/squid/diskd
-%%DNS_HELPER%%libexec/squid/dnsserver
 libexec/squid/ext_file_userip_acl
 %%AUTH_KERB%%%%AUTH_LDAP%%%%AUTH_SASL%%libexec/squid/ext_kerberos_ldap_group_acl
 %%AUTH_LDAP%%libexec/squid/ext_ldap_group_acl
@@ -2092,17 +2146,18 @@ libexec/squid/ntlm_smb_lm_auth
 %%ICMP%%@group
 %%ICMP%%@mode
 %%SSL_CRTD%%libexec/squid/ssl_crtd
+libexec/squid/storeid_file_rewrite
 %%UNLINKD%%libexec/squid/unlinkd
 libexec/squid/url_fake_rewrite
 libexec/squid/url_fake_rewrite.sh
-libexec/squid/storeid_file_rewrite
-man/man8/storeid_file_rewrite.8.gz
 man/man1/squidclient.1.gz
 man/man8/basic_db_auth.8.gz
 man/man8/basic_getpwnam_auth.8.gz
 %%AUTH_LDAP%%man/man8/basic_ldap_auth.8.gz
+man/man8/basic_msnt_multi_domain_auth.8.gz
 man/man8/basic_ncsa_auth.8.gz
 man/man8/basic_pam_auth.8.gz
+man/man8/basic_pop3_auth.8.gz
 man/man8/basic_radius_auth.8.gz
 %%AUTH_SASL%%man/man8/basic_sasl_auth.8.gz
 man/man8/cachemgr.cgi.8.gz
@@ -2115,10 +2170,11 @@ man/man8/ext_unix_group_acl.8.gz
 %%AUTH_SMB%%man/man8/ext_wbinfo_group_acl.8.gz
 %%AUTH_KERB%%man/man8/negotiate_kerberos_auth.8.gz
 man/man8/squid.8.gz
+man/man8/storeid_file_rewrite.8.gz
 sbin/purge
 sbin/squid
 sbin/squidclient
 @dir(squid,squid,750) /var/log/squid
+ at dir(squid,squid,750) /var/squid
 @dir(squid,squid,750) /var/squid/cache
 @dir(squid,squid,750) /var/squid/logs
- at dir(squid,squid,750) /var/squid
