| blob | bdfdc2f562d63267ee644525d4c162f6e4f22da5 |
1 { lib, stdenv, fetchurl, perl, openldap, pam, db, cyrus_sasl, libcap
2 , expat, libxml2, openssl, pkg-config, systemd
3 , cppunit
4 }:
6 stdenv.mkDerivation (finalAttrs: {
7 pname = "squid";
8 version = "6.8";
10 src = fetchurl {
11 url = "http://www.squid-cache.org/Versions/v6/squid-${finalAttrs.version}.tar.xz";
12 hash = "sha256-EcxWULUYCdmUg8z64kdEouUc0WGZ9f8MkX6E/OaVhw8=";
13 };
15 nativeBuildInputs = [ pkg-config ];
16 buildInputs = [
17 perl openldap db cyrus_sasl expat libxml2 openssl
18 ] ++ lib.optionals stdenv.isLinux [ libcap pam systemd ];
20 enableParallelBuilding = true;
22 configureFlags = [
23 "--enable-ipv6"
24 "--disable-strict-error-checking"
25 "--disable-arch-native"
26 "--with-openssl"
27 "--enable-ssl-crtd"
28 "--enable-storeio=ufs,aufs,diskd,rock"
29 "--enable-removal-policies=lru,heap"
30 "--enable-delay-pools"
31 "--enable-x-accelerator-vary"
32 "--enable-htcp"
33 ] ++ lib.optional (stdenv.isLinux && !stdenv.hostPlatform.isMusl)
34 "--enable-linux-netfilter";
36 doCheck = true;
37 nativeCheckInputs = [ cppunit ];
38 preCheck = ''
39 # tests attempt to copy around "/bin/true" to make some things
40 # no-ops but this doesn't work if our "true" is a multi-call
41 # binary, so make our own fake "true" which will work when used
42 # this way
43 echo "#!$SHELL" > fake-true
44 chmod +x fake-true
45 grep -rlF '/bin/true' test-suite/ | while read -r filename ; do
46 substituteInPlace "$filename" \
47 --replace "$(type -P true)" "$(realpath fake-true)" \
48 --replace "/bin/true" "$(realpath fake-true)"
49 done
50 '';
52 meta = with lib; {
53 description = "Caching proxy for the Web supporting HTTP, HTTPS, FTP, and more";
54 homepage = "http://www.squid-cache.org";
55 license = licenses.gpl2Plus;
56 platforms = platforms.linux;
57 maintainers = with maintainers; [ raskin ];
58 knownVulnerabilities = [ "Squid has multiple unresolved security vulnerabilities, for more information see https://megamansec.github.io/Squid-Security-Audit/" ];
59 };
60 })