From 5c8a377c8729aa68ff5c61e93550517c8b3d73ac Mon Sep 17 00:00:00 2001
From: thuynguyenduc <thuynguyenduc@gmail.com>
Date: Fri, 17 May 2013 11:33:33 +0700
Subject: Update squid.inc

Fix missing last error language directory
---
 config/squid/squid.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/squid/squid.inc b/config/squid/squid.inc
index bd0c8634..34186407 100644
--- a/config/squid/squid.inc
+++ b/config/squid/squid.inc
@@ -295,7 +295,7 @@ function squid_before_form_general($pkg) {
 	}
 	$field = &$pkg['fields']['field'][$i];
 
-	for ($i = 0; $i < count($values) - 1; $i++)
+	for ($i = 0; $i < count($values); $i++)
 		$field['options']['option'][] = array('name' => $names[$i], 'value' => $values[$i]);
 }
 
-- 
cgit v1.2.3


From b3d17e3d4887fa9a73b2fc060c15e0537f1eb3e3 Mon Sep 17 00:00:00 2001
From: Marcello Coutinho <marcellocoutinho@gmail.com>
Date: Fri, 17 May 2013 17:47:49 -0300
Subject: squid3-dev - include antivirus depend packages to pkg_config

---
 pkg_config.8.xml       | 4 +++-
 pkg_config.8.xml.amd64 | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index 44c10176..28796ad8 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -1280,11 +1280,13 @@
 		<depends_on_package>squid-3.3.4.tbz</depends_on_package>
 		<depends_on_package>libltdl-2.4.2.tbz</depends_on_package>
 		<depends_on_package>libwww-5.4.0_4.tbz</depends_on_package>
+		<depends_on_package>squidclamav-6.10_1.tbz</depends_on_package>
+		<depends_on_package>clamav-0.97.8.tbz</depends_on_package>
 		<depends_on_package>ca_root_nss-3.14.1.tbz</depends_on_package>
 		<build_pbi>
 			<ports_before>www/libwww</ports_before>
 			<port>www/squid33</port>
-			<ports_after>www/squid_radius_auth security/clamav www/squidclamav security/ca_root_nss</ports_after>
+			<ports_after>www/squid_radius_auth security/clamav www/squidclamav security/ca_root_nss www/c-icap-modules</ports_after>
 		</build_pbi>
 		<build_options>c-icap_UNSET=IPV6 squid33_UNSET=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI SNMP ECAP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES;squid33_SET=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options>
 		<config_file>http://www.pfsense.org/packages/config/squid3/33/squid.xml</config_file>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index 471bd094..b81b5f71 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -1267,11 +1267,13 @@
 		<depends_on_package>squid-3.3.4.tbz</depends_on_package>
 		<depends_on_package>libltdl-2.4.2.tbz</depends_on_package>
 		<depends_on_package>libwww-5.4.0_4.tbz</depends_on_package>
+		<depends_on_package>squidclamav-6.10_1.tbz</depends_on_package>
+		<depends_on_package>clamav-0.97.8.tbz</depends_on_package>
 		<depends_on_package>ca_root_nss-3.14.1.tbz</depends_on_package>
 		<build_pbi>
 			<ports_before>www/libwww</ports_before>
 			<port>www/squid33</port>
-			<ports_after>www/squid_radius_auth security/clamav www/squidclamav security/ca_root_nss</ports_after>
+			<ports_after>www/squid_radius_auth security/clamav www/squidclamav security/ca_root_nss www/c-icap-modules</ports_after>
 		</build_pbi>
 		<build_options>c-icap_UNSET=IPV6 squid33_UNSET=AUTH_SMB AUTH_SQL DNS_HELPER FS_COSS ESI ECAP SNMP STACKTRACES STRICT_HTTP TP_IPF TP_IPFW VIA_DB DEBUG DOCS EXAMPLES;squid33_SET=ARP_ACL AUTH_KERB AUTH_LDAP AUTH_NIS AUTH_SASL CACHE_DIGESTS DELAY_POOLS FOLLOW_XFF TP_PF MSSL_CRTD WCCP WCCPV2 FS_AUFS HTCP ICAP ICMP IDENT IPV6 KQUEUE LARGEFILE SSL SSL_CRTD</build_options>
 		<config_file>http://www.pfsense.org/packages/config/squid3/33/squid.xml</config_file>
-- 
cgit v1.2.3


From 61944b680cd6269aa1a6b57b703084ed19b62fb6 Mon Sep 17 00:00:00 2001
From: Marcello Coutinho <marcellocoutinho@gmail.com>
Date: Fri, 17 May 2013 19:59:28 -0300
Subject: squid3-dev - improve icap antivirus integration code.

---
 config/squid3/33/squid.inc | 35 +++++++++++++++++++++++------------
 1 file changed, 23 insertions(+), 12 deletions(-)

diff --git a/config/squid3/33/squid.inc b/config/squid3/33/squid.inc
index 8eb9f2fa..a29fb3c6 100755
--- a/config/squid3/33/squid.inc
+++ b/config/squid3/33/squid.inc
@@ -427,6 +427,10 @@ function squid_validate_general($post, $input_errors) {
 		$input_errors[] = "You can not run squid on the same port as the webgui";
 	}
 
+	if (($post['ssl_proxy'] == 'on') && ( $post['dca'] == '')) {
+		$input_errors[] = "SSL interception cannot be enabled without a CA.";
+	}
+	
 	foreach (array('defined_ip_proxy_off') as $hosts) {
 		foreach (explode(";", $post[$hosts]) as $host) {
 			$host = trim($host);
@@ -783,7 +787,7 @@ function squid_check_ca_hashes(){
 	#check certificates
 	$cert_count=0;
 	if (is_dir(SQUID_LOCALBASE. '/share/certs'))
-		if ($handle = opendir(SQUID_LOCALBASE.'/usr/local/share/certs')) {
+		if ($handle = opendir(SQUID_LOCALBASE.'/share/certs')) {
     		while (false !== ($file = readdir($handle)))
         		if (preg_match ("/\d+.0/",$file))
             		$cert_count++;
@@ -1345,9 +1349,9 @@ EOF;
 		if (!file_exists(SQUID_LOCALBASE."/etc/c-icap/squidclamav.conf.sample"))
 			if (file_exists(SQUID_LOCALBASE."/etc/c-icap/squidclamav.conf.default")){
 				$sample_file=file_get_contents(SQUID_LOCALBASE."/etc/c-icap/squidclamav.conf.default");
-				$matches[0]="@/var/run/clamav/clamd.ctl@";
-				$replaces[0]="/var/run/clamav/clamd.sock";
-				file_put_contents(SQUID_LOCALBASE."/etc/c-icap/squidclamav.conf.sample",preg_replace($matches,$replaces,$sample_file),LOCK_EX);
+				$clamav_m[0]="@/var/run/clamav/clamd.ctl@";
+				$clamav_r[0]="/var/run/clamav/clamd.sock";
+				file_put_contents(SQUID_LOCALBASE."/etc/c-icap/squidclamav.conf.sample",preg_replace($clamav_m,$clamav_r,$sample_file),LOCK_EX);
 			}
 		#c-icap.conf
 		if (!file_exists(SQUID_LOCALBASE."/etc/c-icap/c-icap.conf.sample"))
@@ -1355,8 +1359,6 @@ EOF;
 				$sample_file=file_get_contents(SQUID_LOCALBASE."/etc/c-icap/c-icap.conf.default");
 				if (! preg_match ("/squidclamav/"))
 					$sample_file.="\nService squidclamav squidclamav.so\n";
-				if (! preg_match ("/User proxy/"))
-					$sample_file.="\nUser proxy\n";
 					
 				file_put_contents(SQUID_LOCALBASE."/etc/c-icap/c-icap.conf.sample",$sample_file,LOCK_EX);
 			}
@@ -1378,8 +1380,8 @@ EOF;
 			$antivirus_config = $config['installedpackages']['squidantivirus']['config'][0];		
 		}
 		#check dirs
-		$dirs=array("/var/run/c-icap" => "proxy",
-					"/var/log/c-icap" => "proxy",
+		$dirs=array("/var/run/c-icap" => "clamav",
+					"/var/log/c-icap" => "clamav",
 					"/var/log/clamav" => "clamav",
 					"/var/run/clamav" => "clamav",
 					"/var/db/clamav" => "clamav");
@@ -1404,11 +1406,20 @@ EOF;
 		
 		#check antivirus daemons
 		#check icap
-		if (is_process_running("c-icap"))
-			mwexec_bg("/usr/local/etc/rc.d/c-icap reload");
-		else
+		if (is_process_running("c-icap")){
+			mwexec('/bin/echo -n "reconfigure" > /var/run/c-icap/c-icap.ctl');
+			}
+		else{
+			#check c-icap user on startup file
+				$c_icap_rcfile="/usr/local/etc/rc.d/c-icap";
+			if (file_exists($c_icap_rcfile)){
+				$sample_file=file_get_contents($c_icap_rcfile);
+				$cicapm[0]="@c_icap_user=.*}@";
+				$cicapr[0]='c_icap_user="clamav"}';
+				file_put_contents($c_icap_rcfile,preg_replace($cicapm,$cicapr,$sample_file),LOCK_EX);
+				}
 			mwexec("/usr/local/etc/rc.d/c-icap start");
-			
+			}
 		#check clamav
 		if (is_process_running("clamd"))
 			mwexec_bg("/usr/local/etc/rc.d/clamav-clamd reload");
-- 
cgit v1.2.3