Accepting request 355597 from server:proxy:Test

squid 4 is Beta, revert to 3.5.x, update to 3.5.13 OBS-URL: https://build.opensuse.org/request/show/355597 OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=97
2016-01-24 21:09:22 +00:00 · 2016-01-24 21:09:22 +00:00 · e1b4411a42
commit e1b4411a42
parent 921e22a00d
8 changed files with 134 additions and 182 deletions
--- a/squid-3.5.13.tar.xz
+++ b/squid-3.5.13.tar.xz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:e75d94671895270272883187296f17e26954bf00a090c97bfea8a4fc264a5b40
 size 2379460
--- a/squid-3.5.13.tar.xz.asc
+++ b/squid-3.5.13.tar.xz.asc
@ -0,0 +1,20 @@
 File: squid-3.5.13.tar.xz
 Date: Thu Jan  7 04:33:15 UTC 2016
 Size: 2379460
 MD5 : 7a22503cfc99e1f89cb309b5facfbbc3
 SHA1: 3c45f8a8522c67c633c85c65dbfe63ccaf6df0e8
 Key : 0xFF5CF463 <squid3@treenet.co.nz>
      fingerprint = EA31 CC5E 9488 E516 8D2D  CC5E B268 E706 FF5C F463
      keyring = http://www.squid-cache.org/pgp.asc
      keyserver = subkeys.pgp.net
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 iQEcBAABAgAGBQJWkOegAAoJELJo5wb/XPRjWIcIAK0RQqBz4QcEE6bZba5qLK+l
 T/hoKPMNi2QTjpR4WGIWhuw2YoX9HrWUceP8BZ0HsA9HssAG8Te5du0hjjOHNbxy
 3jMdSchM3KVLw7xlotDsp3CWRzFgYp3UE5Czcvy4vakggGNTPJ7NddgX1dda3ChG
 tl4yDlzOw6hkab4wEGbT0V8/WUbNEWtGFtZNCFdhL1hdtfKBXqtLwSo3/vLxqFJT
 85aQNU5C6bOAiz4LBLhIv7uY81vwIK73zFgGsiY3RBXe0ekC7Q9TvAh5wkejLM/b
 mp4xVXk6ZJXFBggbeUzBVR+OGEl4GhqEwI+6MULTc6DXVE4m5PvpF6wcn5yf9yg=
 =U8vk
 -----END PGP SIGNATURE-----
--- a/squid-4.0.3.tar.xz
+++ b/squid-4.0.3.tar.xz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:81986fe42f2ee1423452799a9e9b3e0d575543e945fa922175ecbb80c9827947
 size 2341200
--- a/squid-4.0.3.tar.xz.asc
+++ b/squid-4.0.3.tar.xz.asc
@ -1,20 +0,0 @@
 File: squid-4.0.3.tar.xz
 Date: Sat Nov 28 16:16:30 UTC 2015
 Size: 2341200
 MD5 : 1b2c7e775d494993ea260ba959515162
 SHA1: 039396491f13c2da8f20252cce16509ce31ccaf3
 Key : 0xFF5CF463 <squid3@treenet.co.nz>
      fingerprint = EA31 CC5E 9488 E516 8D2D  CC5E B268 E706 FF5C F463
      keyring = http://www.squid-cache.org/pgp.asc
      keyserver = subkeys.pgp.net
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 iQEcBAABAgAGBQJWWdSjAAoJELJo5wb/XPRjxtQIAMmFTrgiFwNo0gioSaUG7m8l
 7VlewDor+dRzhJ+KYPt0VhLbO8V6KjgoDmp1ISDpnQ3PgQaFP1v0tLLh5pfGRuUf
 rO8OQEowrmxIu/oe9/8Reh3ci1nsT/xXFC1DBWxhVwzy1I081xzmuEDS5s0OqhtE
 PlcyOPmWhT5fYiNfzmdIuJC+3NWW8k82nOtbFlR4vWdjtHWaIaZjgb3MCW3Y2mgb
 1dPSEUDLbB7V70qN8iE9pwh923eRMo7Y6u9ejImxbYzwZVA3kn/bnqyPFCAbYVmg
 D6fPumqfh5wab2Et1csNNK2daxpEelaAFTFX7eEUBLfRWCepDYU1U5KKtUxNaeg=
 =eU8K
 -----END PGP SIGNATURE-----
--- a/squid-brokenad.patch
+++ b/squid-brokenad.patch
@ -2,7 +2,7 @@ Index: helpers/external_acl/kerberos_ldap_group/support_krb5.cc
 ===================================================================
 --- helpers/external_acl/kerberos_ldap_group/support_krb5.cc.orig
 +++ helpers/external_acl/kerberos_ldap_group/support_krb5.cc
-@@ -80,7 +80,7 @@ k5_error(const char* msg, krb5_error_cod
+@@ -81,7 +81,7 @@ k5_error(const char* msg, krb5_error_cod
  * create Kerberos memory cache
  */
 int
@ -10,59 +10,59 @@ Index: helpers/external_acl/kerberos_ldap_group/support_krb5.cc
 +krb5_create_cache(struct main_args *margs, char *domain)
 {
-     krb5_keytab keytab = NULL;
+     krb5_keytab keytab = 0;
-@@ -288,8 +288,17 @@ krb5_create_cache(char *domain)
+@@ -178,8 +178,17 @@ krb5_create_cache(char *domain)
-                 if (code) {
+             if (code) {
-                     k5_error("Error while unparsing principal name",code);
+                 k5_error("Error while unparsing principal name",code);
-                 } else {
+             } else {
-                    debug((char *) "%s| %s: DEBUG: Found principal name: %s\n", LogTime(), PROGRAM, principal_name);
+-                debug((char *) "%s| %s: DEBUG: Found principal name: %s\n", LogTime(), PROGRAM, principal_name);
-                    found = 1;
+-                found = 1;
-+                    if (margs->brokenad == 1) {
+		if (margs->brokenad == 1) {
-+                        if (!strncmp(principal_name,"HTTP/",strlen("HTTP/"))==0){
+                    if (!strncmp(principal_name,"HTTP/",strlen("HTTP/"))==0){
-+                            debug((char *) "%s| %s: DEBUG: Found principal without 'HTTP/' service name: %s NOT USING IT\n", LogTime(), PROGRAM, principal_name);
+                        debug((char *) "%s| %s: DEBUG: Found principal without 'HTTP/' service name: %s NOT USING IT\n", LogTime(), PROGRAM, principal_name);
 +                        } else {
 +                            debug((char *) "%s| %s: DEBUG: Found principal with 'HTTP/' service name: %s\n", LogTime(), PROGRAM, principal_name);
 +                            found = 1;
 +                        }
 +                    } else {
-+                        debug((char *) "%s| %s: DEBUG: Found principal  name: %s\n", LogTime(), PROGRAM, principal_name);
+                        debug((char *) "%s| %s: DEBUG: Found principal with 'HTTP/' service name: %s\n", LogTime(), PROGRAM, principal_name);
 +                        found = 1;
 +                    }
-                 }
+                } else {
 +                    debug((char *) "%s| %s: DEBUG: Found principal  name: %s\n", LogTime(), PROGRAM, principal_name);
 +                    found = 1;
 +                }
             }
         }
 #if USE_HEIMDAL_KRB5 || ( HAVE_KRB5_KT_FREE_ENTRY && HAVE_DECL_KRB5_KT_FREE_ENTRY )
 Index: helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc
 ===================================================================
 --- helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc.orig
 +++ helpers/external_acl/kerberos_ldap_group/kerberos_ldap_group.cc
-@@ -79,6 +79,7 @@ init_args(struct main_args *margs)
+@@ -61,6 +61,7 @@ init_args(struct main_args *margs)
     margs->rc_allow = 0;
     margs->AD = 0;
     margs->mdepth = 5;
     margs->nokerberos = 0;
 +    margs->brokenad = 0;
     margs->ddomain = NULL;
     margs->groups = NULL;
     margs->ndoms = NULL;
-@@ -202,7 +203,7 @@ main(int argc, char *const argv[])
+@@ -179,7 +180,7 @@ main(int argc, char *const argv[])
     init_args(&margs);
-    while (-1 != (opt = getopt(argc, argv, "diasng:D:N:S:u:U:t:T:p:l:b:m:h"))) {
+-    while (-1 != (opt = getopt(argc, argv, "diasg:D:N:S:u:U:t:T:p:l:b:m:h"))) {
-+    while (-1 != (opt = getopt(argc, argv, "diasnxg:D:N:S:u:U:t:T:p:l:b:m:h"))) {
+    while (-1 != (opt = getopt(argc, argv, "diasxg:D:N:S:u:U:t:T:p:l:b:m:h"))) {
         switch (opt) {
         case 'd':
             debug_enabled = 1;
-@@ -219,6 +220,9 @@ main(int argc, char *const argv[])
+@@ -231,6 +232,9 @@ main(int argc, char *const argv[])
-         case 'n':
+         case 'S':
-             margs.nokerberos = 1;
+             margs.llist = xstrdup(optarg);
             break;
 +        case 'x':
 +            margs.brokenad = 1;
 +            break;
-         case 'g':
+         case 'h':
-             margs.glist = xstrdup(optarg);
+             fprintf(stderr, "Usage: \n");
-             break;
+             fprintf(stderr, "squid_kerb_ldap [-d] [-i] -g group list [-D domain] [-N netbios domain map] [-s] [-u ldap user] [-p ldap user password] [-l ldap url] [-b ldap bind path] [-a] [-m max depth] [-h]\n");
-@@ -274,6 +278,7 @@ main(int argc, char *const argv[])
+@@ -247,6 +251,7 @@ main(int argc, char *const argv[])
             fprintf(stderr, "-l ldap url\n");
             fprintf(stderr, "-b ldap bind path\n");
             fprintf(stderr, "-s use SSL encryption with Kerberos authentication\n");
@ -74,18 +74,18 @@ Index: helpers/external_acl/kerberos_ldap_group/support.h
 ===================================================================
 --- helpers/external_acl/kerberos_ldap_group/support.h.orig
 +++ helpers/external_acl/kerberos_ldap_group/support.h
-@@ -106,6 +106,7 @@ struct main_args {
+@@ -105,6 +105,7 @@ struct main_args {
     int rc_allow;
     int AD;
     int mdepth;
     int nokerberos;
 +    int brokenad;
     char *ddomain;
     struct gdstruct *groups;
     struct ndstruct *ndoms;
-@@ -181,7 +182,7 @@ struct kstruct {
+@@ -164,7 +165,7 @@ int create_nd(struct main_args *margs);
-     char* mem_ccache[MAX_DOMAINS];
+ int create_ls(struct main_args *margs);
-     int ncache;
+ 
- };
+ #ifdef HAVE_KRB5
 -int krb5_create_cache(char *domain);
 +int krb5_create_cache(struct main_args *margs, char *domain);
 void krb5_cleanup(void);
@ -95,12 +95,12 @@ Index: helpers/external_acl/kerberos_ldap_group/support_ldap.cc
 ===================================================================
 --- helpers/external_acl/kerberos_ldap_group/support_ldap.cc.orig
 +++ helpers/external_acl/kerberos_ldap_group/support_ldap.cc
-@@ -902,7 +902,7 @@ get_memberof(struct main_args *margs, ch
+@@ -898,7 +898,7 @@ get_memberof(struct main_args *margs, ch
-             kc = 1;
+         debug((char *) "%s| %s: DEBUG: Setup Kerberos credential cache\n", LogTime(), PROGRAM);
-             debug((char *) "%s| %s: DEBUG: Kerberos is disabled. Use username/password with ldap url instead\n", LogTime(), PROGRAM);
+ 
-         } else {
+ #if HAVE_KRB5
-            kc = krb5_create_cache(domain);
+-        kc = krb5_create_cache(domain);
-+            kc = krb5_create_cache(margs,domain);
+        kc = krb5_create_cache(margs,domain);
-             if (kc) {
+         if (kc) {
-                 error((char *) "%s| %s: ERROR: Error during setup of Kerberos credential cache\n", LogTime(), PROGRAM);
+             error((char *) "%s| %s: ERROR: Error during setup of Kerberos credential cache\n", LogTime(), PROGRAM);
-             }
+         }
--- a/squid-config.patch
+++ b/squid-config.patch
@ -2,7 +2,7 @@ Index: src/cf.data.pre
 ===================================================================
 --- src/cf.data.pre.orig
 +++ src/cf.data.pre
-@@ -1498,6 +1498,8 @@ http_access deny manager
+@@ -1464,6 +1464,8 @@ http_access deny manager
 # Adapt localnet in the ACL section to list your (internal) IP networks
 # from where browsing should be allowed
 http_access allow localnet
@ -11,7 +11,7 @@ Index: src/cf.data.pre
 http_access allow localhost
 # And finally deny all other access to this proxy
-@@ -3672,6 +3674,10 @@ DOC_START
+@@ -3761,6 +3763,10 @@ DOC_START
 	Instead, if you want Squid to use the entire disk drive,
 	subtract 20% and use that value.
@ -22,7 +22,7 @@ Index: src/cf.data.pre
 	'L1' is the number of first-level subdirectories which
 	will be created under the 'Directory'.  The default is 16.
-@@ -3790,7 +3796,7 @@ DOC_START
+@@ -3879,7 +3885,7 @@ DOC_START
 NOCOMMENT_START
 # Uncomment and adjust the following to add a disk cache directory.
@ -31,7 +31,7 @@ Index: src/cf.data.pre
 NOCOMMENT_END
 DOC_END
-@@ -4504,7 +4510,7 @@ DOC_END
+@@ -4576,7 +4582,7 @@ DOC_END
 NAME: logfile_rotate
 TYPE: int
@ -39,4 +39,4 @@ Index: src/cf.data.pre
 +DEFAULT: 0
 LOC: Config.Log.rotateNumber
 DOC_START
- 	Specifies the default number of logfile rotations to make when you
+ 	Specifies the number of logfile rotations to make when you
--- a/squid.changes
+++ b/squid.changes
@ -1,33 +1,38 @@
 -------------------------------------------------------------------
-Wed Dec  9 10:11:36 UTC 2015 - mpluskal@suse.com
+Sun Jan 24 18:28:45 UTC 2016 - chris@computersalat.de
- Update to 4.0.3
+- Changes to squid-3.5.13 (06 Jan 2016):
-  * Bug 4372: missing template files
+  * Bug 4397: DragonFly BSD, POSIX shared memory is implemented as filepath
-  * Bug 4371: compile errors: no such file or directory: 
+  * Bug 4387: Kerberos build errors on Solaris
-		DiskIO/*/*DiskIOModule.o
+  * TLS: Support Ephemeral Elliptic Curve Diffie-Hellman (EECDH) key exchange
-  * Bug 4368: A simpler and more robust HTTP request line parser
+  * TLS: Complete certificate chains using external intermediate certificates
-  * Fix compile erorr on clang undefined reference to 
+  * Avoid memory leaks when an X.509 certificate validator is used with SslBump
-		'__atomic_load_8'
+  * Fix connection retry and fallback after failed server TLS connections
-  * ext_kerberos_ldap_group_acl: Add missing workarounds for 
+  * Fix GnuTLS detection via pkg-config
-		Heimdal Kerberos
+  * Fix startup crash with a misconfigured (too-small) shared memory cache
-  * ext_ldap_group_acl: Allow unlimited LDAP search filter
+  * ... and some documentation updates
-  * ext_unix_group_acl: Support -r parameter to strip @REALM from 
+- Changes to squid-3.5.12 (28 Nov 2015):
-		usernames
+  * Bug 4374: refresh_pattern config parser (%)
-  * ... and much code cleanup and polishing
+  * Bug 4373: assertion 'calloutContext->redirect_state == REDIRECT_NONE'
-  * ... and all fixes from squid 3.5.11
+  * Bug 4228: links with krb5 libs despite --without options
-	Changes for squid-4.0.2
+  * Fix SSL_get_certificate() problem detection
-  * Regression Bug 4351: compile errors when authentication modules 
+  * Fix TLS handshake problem during Renegotiation
-		disabled
+  * Fix cache_peer forceddomain= in CONNECT
-  * Regression fix: HTTP/1.1 Transfer-Encoding:chunked parsing
+  * Fix status code-based HTTP reason phrase for eCAP-generated messages
-  * Bug 4359: assertion failure 'Comm::IsConnOpen(conn)' within 
+  * Fix build errors in cpuafinity.cc
-		ConnStateData::requestTimeout
+  * ... and several documentation updates
-  * Bug 4356: segmentation fault using proxy_auth ACL
+- Changes to squid-3.5.11 (01 Nov 2015):
-  * Bug 4352: compile errors in OS X 10.11
+  * Bug 3574: crashes on reconfigure and startup
-  * Bug 4021: ext_user_regex does exact match
+  * Bug 4347: compile errors with LibreSSL 2.3
-  * Bug 3574: avoid crashes, prohibit reconfiguration during 
+  * Bug 4281: copy-paste typos in src/tools.cc
-		shutdown
+  * Bug 4279: No response from proxy for FTP-download of non-existing file
-  * Support re-assigning delay pools based on HTTP reply details
+  * Bug 4188: Bumping intercepted SSL connections does not work on Solaris
- 	* ... and all fixes from squid 3.5.11
+  * Fix incorrect authentication headers on cache digest requests
  * Fix connection stats, including %<lp, missing for persistent connections
  * Fix invalid memory access issues in SBuf
  * Avoid errors when parsing manager ACL in old squid.conf
 - rebase squid-config.patch
 - disable pre scriptlet (sed -i '/emulate_httpd_log/d' /etc/{name}/{name}.conf)
 -------------------------------------------------------------------
 Sat Dec  5 00:36:04 UTC 2015 - boris@steki.net
@ -37,63 +42,6 @@ Sat Dec  5 00:36:04 UTC 2015 - boris@steki.net
  - pre scriptlet updated to not change configuration file without real need
    for configuration updates
 -------------------------------------------------------------------
 Tue Oct 27 17:12:19 UTC 2015 - chris@computersalat.de
 - update to 4.0.1
  * Bug 4329: GCC 5.2 no known conversion for argument
  * Bug 4292: negotiate_wrapper: Unreleased Resources
  * Bug 4269: ignore-must-revalidate broken
  * Bug 4190: assertion 'hash_remove_link' from Auth::User::cacheCleanup
  * Bug 3920: Splay::remove() reference counting inconsistent
  * Bug 3069: CONNECT method bytes sent logging
  * Bug 2741 partial: libsecurity API for GnuTLS support
  * Bug 1961 partial: redesign of URL handling
  * Fix crash when parsing invalid squid.conf
  * Fix eCAP: Return 'unknown body size' for bodies with unknown body sizes
  * Remove unused OS detection: Sun, SysV, Ultrix, BSDi
  * Remove cache_peer_domain directive
  * RFC 6176 compliance: Remove SSLv2 support
  * HTTP/1.1: Remove refresh_pattern ignore-auth and ignore-must-revalidate
  * Remove GCC 2.x and 3.x detection and support
  * C++11 compiler support is now mandatory
  * Enable flexible transport protocol
  * Enable long (--foo) command line parameters on squid binary
  * Add per-rule refresh_pattern matching statistics
  * Replace sslversion=N with tls-min-version=1.N
  * Replace sslproxy_* directives with tls_outgoing_options
  * Replace GNU atomics and related hacks with C++11 std::atomic
  * Replace external_acl_type format %macros with logformat codes
  * Support Ephemeral Elliptic Curve Diffie-Hellman (EECDH) key exchange
  * Support Secure ICAP services
  * Support rotate=N option on access_log
  * Support bypass for non-HTTP intercepted traffic (on_unsupported_protocol)
  * Support lifetime timeout for persistent connections (pconn_lifetime)
  * Support timeout for URL-rewrite helper lookups (url_rewrite_timeout)
  * Support logging fast things (nanosecond log resolution)
  * Support ICAP/eCAP adaptation for 100-continue responses
  * Support configurable helper queue size, with consistent defaults
    and better overflow handling.
  * Support named service PID file by default (pid_filename)
  * url_lfs_rewrite: Add URL-rewriter based on local file existence
  * negotiate_kerberos_auth: output group= kv-pair
  * helper-mux: add man(8) page
  * purge: convert README to man(1) page
  * basic_msnt_multi_domain_auth: Superceeded by basic_smb_lm_auth
  * basic_sspi_auth: fix MinGW compile errors
  * negotiate_sspi_auth: fix various build errors
  * Crypto-NG: libnettle Base64 algorithm support
  * Parser-NG: HTTP Parser structural redesign
  * libltdl: copyright updated to LGPL version 2.1
  * ... and several performance optimizations
  * ... and many documentation changes
  * ... and much code cleanup and polishing
 - fix dependency (C++11)
  * gcc >= 4.7
 - rebase squid-config.patch
 - rebase and fix squid-brokenad.patch
 -------------------------------------------------------------------
 Thu Oct 15 14:57:13 UTC 2015 - jkeil@suse.de
--- a/squid.spec
+++ b/squid.spec
@ -1,7 +1,7 @@
 #
 # spec file for package squid
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -20,14 +20,14 @@
 %define         squidconfdir %{_sysconfdir}/squid
 Name:           squid
-Version:        4.0.3
+Version:        3.5.13
 Release:        0
 Summary:        A fully featured HTTP/1.0 proxy
 License:        GPL-2.0+
 Group:          Productivity/Networking/Web/Proxy
-Url:            http://www.squid-cache.org/Versions/v4
+Url:            http://www.squid-cache.org/Versions/v3/3.5
-Source0:        http://www.squid-cache.org/Versions/v4/%{name}-%{version}.tar.xz
+Source0:        http://www.squid-cache.org/Versions/v3/3.5/%{name}-%{version}.tar.xz
-Source1:        http://www.squid-cache.org/Versions/v4/%{name}-%{version}.tar.xz.asc
+Source1:        http://www.squid-cache.org/Versions/v3/3.5/%{name}-%{version}.tar.xz.asc
 Source3:        squid.init
 Source4:        squid.sysconfig
@ -57,7 +57,7 @@ BuildRequires:  ed
 BuildRequires:  expat
 #
 BuildRequires:  fdupes
-BuildRequires:  gcc-c++ >= 4.7
+BuildRequires:  gcc-c++
 BuildRequires:  krb5-devel
 BuildRequires:  libcap-devel
 BuildRequires:  libexpat-devel
@ -106,20 +106,26 @@ Requires(pre):  %insserv_prereq
 Requires:       logrotate
 Provides:       http_proxy
-%description
+# due to package rename
-Squis is a fully-featured HTTP/1.0 proxy which is almost (but not quite - we're getting there!) a fully-featured HTTP/1.1 proxy. Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications. Squid offers a rich set of traffic optimization options, most of which are enabled by default for simpler installation and high performance. 
+# Wed Aug 15 17:40:30 UTC 2012
 Provides:       %{name}3 = %{version}
 Obsoletes:      %{name}3 < %{version}
-Squid 4 represents a new feature release above 3.5.
+%description
 Squid is a fully-featured HTTP/1.0 proxy which is almost (but not quite - we're getting there!) a fully-featured HTTP/1.1 proxy. Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications. Squid offers a rich set of traffic optimization options, most of which are enabled by default for simpler installation and high performance. 
 Squid 3.5 represents a new feature release above 3.4.
 The most important of these new features are:
-    Configurable helper queue size
+  * Support libecap v1.0
-    Helper concurrency channels changes
+  * Authentication helper query extensions
-    SSL support removal
+  * Support named services
-    MSNT-multi-domain helper removal
+  * Upgraded squidclient tool
-    Secure ICAP
+  * Helper support for concurrency channels
-    Elliptic Curve Diffie-Hellman (ECDH)
+  * Native FTP Relay
-    Improved SMP support
+  * Receive PROXY protocol, Versions 1 & 2
  * Basic authentication MSNT helper changes
 %prep
 %setup -q
@ -307,12 +313,11 @@ if [ "$1" -gt "1" ]; then
    mv %{_sysconfdir}/%{name}.conf %{_sysconfdir}/%{name}/%{name}.conf
  fi
 fi
-# emulate_httpd_log is gone with 3.5
+# emulate_httpd_log is gone with 3.2 not 3.5
-if [ -e %{_sysconfdir}/%{name}/%{name}.conf ]; then
+### rpmlint is complaining about modifying squid.conf
-  if [ $(grep -c emulate_httpd_log %{_sysconfdir}/%{name}/%{name}.conf) -gt 0 ];then
+#if [ -e etc/%{name}/%{name}.conf ]; then
-     sed -i '/emulate_httpd_log/d' %{_sysconfdir}/%{name}/%{name}.conf
+#  sed -i '/emulate_httpd_log/d' /etc/%{name}/%{name}.conf
-  fi
+#fi
 fi
 %pretrans -p <lua>
 -- Directory to symlink is not working in RPM so workaround it
@ -435,7 +440,7 @@ end
 %{_sbindir}/digest_edirectory_auth
 ## will get removed in 3.6 series
 # http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html#toc2.8
-#%%{_sbindir}/basic_msnt_multi_domain_auth
+%{_sbindir}/basic_msnt_multi_domain_auth
 ##
 %{_sbindir}/basic_ncsa_auth
 %{_sbindir}/basic_nis_auth
@ -465,7 +470,7 @@ end
 %{_sbindir}/ext_session_acl
 %{_sbindir}/ext_unix_group_acl
 %{_sbindir}/ext_wbinfo_group_acl
-%{_sbindir}/helper-mux
+%{_sbindir}/helper-mux.pl
 %{_sbindir}/log_db_daemon
 %{_sbindir}/log_file_daemon
 %{_sbindir}/negotiate_kerberos_auth
@ -485,7 +490,6 @@ end
 %{_sbindir}/unlinkd
 %{_sbindir}/url_fake_rewrite
 %{_sbindir}/url_fake_rewrite.sh
 %{_sbindir}/url_lfs_rewrite
 %if 0%{?suse_version}
 %{_sbindir}/rc%{name}
 %{_localstatedir}/adm/fillup-templates/sysconfig.%{name}