Log message:
Update squid package to squid-2.5.2nb2.  Add two official patches.

o egmentation fault in idnsGrokReply() on certain platforms

	synopsis	A bug in how Squid processes certain DNS
			replies can cause segmentation faults on
			certain platforms. Linux and FreeBSD on X86
			platforms seems unaffected however.
	severity	Major
	bugzilla	#605
	versions	Squid-2.5 and earlier
	platforms	Solaris SPARC and several other
	patch		squid-2.5.STABLE2-dns_root_label.patch
	workaround	Recompile squid with --disable-internal-dns

o The example header_access paranoid setting is missing WWW-Authenticate

	synopsis	The paranoid header_access example is missing
			WWW-Authenticate, and thereby unintentionally
			denying authentication to web sites if used
			without modifitaions.
	severity	Cosmetic
	bugzilla	#600
	versions	Squid-2.5
	platforms	All
	patch		squid-2.5.STABLE2-header_access_paranoid.patch

Log message:
Update squid package to 2.5.2nb1.

- Squid may hang or behave oddly on shutdown while requests is being processed.

  synopsis	Squid may hang or otherwise behave oddly in shutdown
		if there is new requests processed at the same
		time. On shutdown Squid internally shut down DNS,
		redirectors and external acls while still processing
		new requests already received. In combination with the
		external acl queue overload bug this can completely
		hang Squid, preventing it from shutting down.
  severity	Minor
  bugzilla	#590
  versions	Squid-2.5 and earlier
  platforms	All

- external acl lookups does not deal well with queue overload

  synopsis	If there is a queue overload for external acl lookups
		then Squid logs "externalAclLookup: 'xxx' queue
		overload" at a very high rate in cache.log until the
		condition clears up.
  severity	Major
  bugzilla	#590
  versions	Squid-2.5
  platforms	All

- cache_effective_user documentation unclear

  synopsis	The cache_effective_user/group documentation was
		unclear on what happens if only one of the directives
		is set, or when Squid is started as a non-root user.
  severity	Cosmetic
  versions	Squid-2.5 and earlier
  platforms	All

- cache_peer documentation missing for htcp and carp

  synopsis	The cache_peer documentation for the htcp and carp
		related options was missing
  severity	Cosmetic
  versions	Squid-2.5 and earlier
  platforms	All

Log message:
Place WRKSRC where it belongs, to make pkglint happy; ok'ed by wiz.

Log message:
Remove manual creation/deletion PKG_SYSCONFDIR since it handled by
bsd.pkg.install.mk.

Log message:
Update squid package to 2.5.2.

pkgsrc change: install some supplemental documents.

Changes to squid-2.5.STABLE2 (Mars 17, 2003):

	- Contrib files added back to the distribution
	- Several compiler warnings fixed when using --disable-ident or
	  --disable-http-violations
	- authentication can now be used in most access controls, but
	  must in most cases first be enforced in http_access to force
	  the user to authenticate.
	- cleanups in the developer bootstrap.sh process when preparing
	  the sources.
	- several squid.conf.default documentation updated to correctly
	  refer to the current names when refering to other directives
	- authenticate_ip_ttl documentation updates
	- several assertion faults and segmentation violations corrected
	- the RunCache/RunAccel and squid.rc scripts updated to refer to
	  the squid binary in sbin rather than the old bin location.
	- squid_ldap_auth command line processing fixes when specifying
	  the LDAP server last on the line instead of -h option
	- aufs data corruption bugfix
	- aufs performance improvement for low traffic systems
	- aufs stability improvements
	- external_acl corrected to properly deal with quoted strings
	- WCCPv1 bugfix to make sure the router accepts the hash assignments
	- "Total accounted memory" now correctly reported in cachemgr
	- several small memory leaks (mostly reconfigure related)
	- new squid.conf option to allow GET/HEAD requests with a request
	  entity
	- "make uninstall" no longer removes squid.conf
	- cachemgr.cgi now uses POST to avoid having the cachemgr password
	  logged in the web server logs
	- authentication schemes which are known to not be proxyable are now
	  filtered out from forwarded server replies to avoid that the clients
	  tries to use such schemes when we know for a fact it won't work
	- spelling corrections in various error messages
	- now possible to define acl values with spaces in them
	  by using the "include file" feature
	- squid_ldap_group updated to 2.10 to fix compilation issues with
	  recent (and older) OpenLDAP libraries and to make the helper deal
	  correctly with true LDAP groups by first looking up the user DN.
	- Some internal code cleanups
	- now verifies that programs etc exists iside the chroot directory
	  when using chroot_dir. No longer neccesary to set up a split view
	  environment where the same paths works both inside the chroot and
	  outside just to convince Squid that the files is actually there..
	- improved memory usage reporting
	- --disable-hostname-checks configure option
	- no longer ignores double dots in host names. Any hostname with
	  double dots is now rejected as invalid.
	- log_mime_hdrs no longer logs garbage if very long headers
	  are seen.
	- 'select_fds_hist' object added to cachemgr 'histogram' output
	- pid file now unlinked when squid has really shut down, not
	  immediately when the shutdown request is received. This allows
	  the pid file to be monitored to determine when Squid has shut down
	  properly
	- correct authentication scheme setups on some platforms or compilers
	- several squid.conf.default documentation updates to remove references
	  to renamed or replaced directives by changing them to their current
	  names.
	- the SSL reverse proxy support updated to allow building with
	  OpenSSL 0.9.7 and and later.
	- Corrected a minor performance problem while processing HEAD replies
	  from various broken web servers not sending a correct HTTP reply
	- time acls can now specify multiple times in the same acl name, like
	  most other acl types.
	- winbind helpers updated to match Samba-2.2.7a and should
	  work with Samba-2.2.6 or later (required). For compability with
	  older Samba versions A new configure option --with-samba-sources=...
	  has been added to allow you to specify which Samba version the
	  helpers should be built for if different than the above versions.
	- Squid MIB definition syntax correction to work better with newer
	  (and older) SNMP tools.
	- Fixed access.log format when logging "error:invalid-HTTP-ident" on
	  requests where parsing the HTTP identifier (HTTP/1.0) failed.
	- "make distclean" no longer removes the icons, this avoids the
	  dependency on "uudecode" to rebuild Squid after "make \ 
distclean"
	- User name returned by external acl lookups (external_acl_type)
	  is now available as "ident" in later acl checks in addition to
	  the logging in access.log.
	- Incorrect behaviour of Digest authentication partly corrected - it
	  will not handle sessions, but will always enforce password
	  correctness.. (patch submitted by Sean Burford).
	- Issue with persistent connections and PUT/POST request corrected

Log message:
Update squid package to squid-2.5.1nb4.

- include more official squid patches.

   o Make external_acl user names available as IDENT in later acl processing
   o digest authentication security issue
   o external_acl Assertion failed: auth_user_request != NULL
   o make install fails to install icons after make distclean
   o "error: invalid HTTP-ident" breaks log processing

Log message:
Remove patches/patch-cd since squid-2.5.STABLE1-mib.patch's content is fixed.

Log message:
Update checksum for "squid-2.5.STABLE1-disable-http-violations.patch".

Log message:
- Add more official patches, last one is applied as patches/patch-cd
  since it is broken (reported to squid-bugs@squid-cache.org.)
- use DIST_SUBDIR.
- bump PKG_REVISION.

Log message:
Instead of including bsd.pkg.install.mk directly in a package Makefile,
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES".  This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile.  Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.