# -*- coding: utf-8; mode: tcl; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- vim:fenc=utf-8:ft=tcl:et:sw=4:ts=4:sts=4

PortSystem 1.0

name            squid
version         7.3
categories      net
license         GPL-2+
maintainers     {jmr @jmroot} openmaintainer
description     advanced proxy caching server for http, https, ftp
long_description    Squid is a high-performance proxy caching server for \
                web clients, supporting FTP and HTTP data \
                objects. Squid keeps metadata and \
                especially hot objects cached in RAM, caches DNS \
                lookups, supports non-blocking DNS lookups, and \
                implements negative caching of failed requests. \
                Squid 6.x is the latest release series, and needs a \
                C++17 compiler to build.

homepage        http://www.squid-cache.org/
master_sites    https://github.com/squid-cache/squid/releases/download/SQUID_[string map {. _} ${version}]/

use_xz          yes
checksums       md5 5a137c74c6bb74b2d29ab9fca37f7634 \
                sha1 135c4a5a3c2d57851f6c33256f6dc6f138e34805 \
                rmd160 34363698da66a5fbe7fae1fcf4add2ac5a59f6d5 \
                sha256 dadc2a9a3926ce1b3babeaa7a7d7b21cbb089025876daa3f5c19e7eb6391ddcd

patchfiles      patch-compat_types.h.diff \
                patch-basic_pam_auth.cc.diff \
                kerberos_ldap_group_Makefile.in.diff \
                ltdl-lib.patch

platform darwin {
    if {${os.major} == 10} {
        # ticket #37102, /usr/include/rpcsvc/yp_prot.h tries to redefine bool
        patchfiles-append snowleopard-bool.diff
    } elseif {${os.major} >= 11 && ${os.major} <= 16} {
        # symbols missing from libc++
        patchfiles-append bad_optional_access.patch
        if {${os.major} == 11} {
            # https://bugs.llvm.org/show_bug.cgi?id=10817
            patchfiles-append   getline-workaround.patch
        }
    }
}

depends_build   path:bin/pkg-config:pkgconfig
depends_lib     port:libtool port:zlib

conflicts       squid2 squid3

compiler.cxx_standard   2017

configure.args  --mandir=${prefix}/share/man \
                --sysconfdir=${prefix}/etc/squid \
                --datadir=${prefix}/share/squid \
                --localstatedir=${prefix}/var/squid \
                --libexecdir=${prefix}/libexec/squid \
                --with-swapdir=${prefix}/var/squid/cache \
                --with-pidfile=${prefix}/var/run/squid/squid.pid \
                --with-ltdl-include=${prefix}/include \
                --with-ltdl-lib=${prefix}/lib \
                --disable-strict-error-checking \
                --disable-arch-native \
                --without-cppunit \
                --without-gss \
                --without-gnutls \
                --without-xml2 \
                --without-mit-krb5 \
                --without-heimdal-krb5 \
                --without-nettle \
                --without-openssl \
                --enable-delay-pools \
                --enable-follow-x-forwarded-for \
                --enable-zph-qos \
                --enable-removal-policies \
                --enable-storeio=ufs,aufs,diskd,rock \
                --enable-log-daemon-helpers \
                --with-default-user=squid \
                --enable-auth \
                --enable-auth-basic \
                --enable-auth-digest \
                --enable-auth-negotiate="wrapper" \
                --enable-auth-ntlm

platform darwin {
    # Doesn't work and just generates failure messages in the log
    configure.args-append   --disable-eui
}

post-configure {
    if {[variant_exists universal] && [variant_isset universal]} {
        system -W ${worksrcpath} "ed - include/autoconf.h < ${filespath}/include_autoconf.h.ed && touch include/stamp-h1"
    }
}

startupitem.create      yes
startupitem.name        Squid
startupitem.netchange   yes
startupitem.executable  ${prefix}/sbin/squid -s --foreground

add_users       squid group=squid home=${prefix}/var/squid

notes "Before starting $name for the first time, create the cache directories\
with:
    ${prefix}/sbin/squid -s -z --foreground"

post-destroot   {
    xinstall -o squid -g squid -m 755 -d \
        ${destroot}${prefix}/var/run/squid ${destroot}${prefix}/var/squid \
        ${destroot}${prefix}/var/squid/cache ${destroot}${prefix}/var/squid/logs
    file delete -force ${destroot}${prefix}/etc/squid/squid.conf \
                       ${destroot}${prefix}/etc/squid/mime.conf \
                       ${destroot}${prefix}/etc/squid/errorpage.css
}
destroot.keepdirs   ${destroot}${prefix}/var/run/squid \
                ${destroot}${prefix}/var/squid/cache \
                ${destroot}${prefix}/var/squid/logs

post-activate {
    # Make sure initial conf files are present and setup correctly
    foreach f {squid.conf mime.conf errorpage.css} {
        if {![file exists ${prefix}/etc/squid/${f}]} {
            file copy ${prefix}/etc/squid/${f}.default \
                ${prefix}/etc/squid/${f}
        }
    }
}

variant openssl conflicts gnutls description "Enable SSL/TLS support using OpenSSL" {
    depends_lib-append      path:lib/libssl.dylib:openssl
    configure.args-delete   --without-openssl
    configure.args-append   --with-openssl=${prefix}
}

if {![variant_isset gnutls]} {
    default_variants    +openssl
}

variant gnutls conflicts openssl description "Enable SSL/TLS support using GnuTLS (experimental)" {
    depends_lib-append      path:lib/pkgconfig/gnutls.pc:gnutls
    configure.args-delete   --without-gnutls
}

variant ipfw_transparent description "Enable transparent proxy support using IPFW" {
    configure.args-append   --enable-ipfw-transparent
}

variant kerberos description "Enable MIT kerberos support" {
    depends_lib-append port:kerberos5
    configure.args-delete --enable-auth-negotiate="wrapper" \
                          --without-mit-krb5
    configure.args-append --enable-auth-negotiate
}

variant ssl_crtd requires openssl description "Enable use of external certificate generator (for SSL-Bump)" {
    configure.args-append   --enable-ssl-crtd
}

livecheck.type  regex
livecheck.url   https://api.github.com/repos/squid-cache/squid/releases/latest
livecheck.regex {"name":\s+"v([0-9.]+)",}
