[squid-users] Different squid-3.5.2 compile error on OpenBSD 5.6

Stuart Henderson stu at spacehopper.org
Mon Mar 2 13:36:58 UTC 2015 

On 2015-02-26, Alan Palmer <alanpalmer72 at yahoo.com> wrote:
> While waiting with baited breath for --with-libressl support, I 
> installed openssl-1.02 on openbsd-5.6 to
> get squid to compile, but got this error in the final linking:
>
> MemStore.o(.text+0x4fe0): In function 
> `MemStore::copyFromShm(StoreEntry&, int, Ipc::StoreMapAnchor const&)':
>: undefined reference to `__sync_fetch_and_add_8'
> MemStore.o(.text+0x5197): more undefined references to 
> `__sync_fetch_and_add_8' follow
>
> Now this is a bit odd because, from the config.log:
>
> configure:20105: inlining optimizations enabled: yes
> configure:20124: checking for GNU atomic operations support
> configure:20151: c++ -o conftest -O2 -pipe -I/usr/local/include 
> -L/usr/local/lib
>   conftest.cpp  >&5
> configure:20151: $? = 0
> configure:20151: ./conftest
> configure:20151: $? = 0
> configure:20156: result: yes
>
> now configure only checks for __sync_fetch_and_add not 
> __sync_fetch_and_add_8.

64-bit atomics are supported on some but not all OpenBSD machine
architectures. Squid's autoconf test only tries to use 32-bit atomic
operations; success of this does not imply that 64-bit operations will
also work. In the squid port, I've modified the test, patch below.

> The issue, I believe, is libc++ hasnt been ported to openbsd so it uses 
> libstdc++

Correct that libc++ hasn't been ported to OpenBSD, but that's not a show-
stopper. In ports, we are using gcc 4.8 with its newer libstdc++ to build
squid-3.5.2.

You will also run into some issues with libressl if you are building
with SSL inspection support:

- SSLv2 and compression (which AIUI only ever applied to SSLv2?) were
completely removed from libressl (same for google's boringssl).
Patch for this below.

- In the version of libressl in OpenBSD 5.6 (and in boringssl),
the *_cipher_by_char functions were removed; they've been re-added in
newer libressl releases and in -current OpenBSD, Squid uses these so
you'll probably want to run -current for now. (This will be in
OpenBSD 5.7 as well).

3.4-style bumping works for me, though I occasionally run into issues
with EADDRINUSE when binding to sockets (especially when restarting).
I haven't tested peek/splice yet.

There's one other known issue with squid on OpenBSD, rock doesn't work
(creates the initial db, but fails with EMSGSIZE when it tries to open
it at startup, I haven't had chance to investigate this further).
Sorry I haven't got round to opening tickets on the tracker for any
of these yet.


--- configure.ac.orig	Sun Dec 21 05:15:31 2014
+++ configure.ac	Tue Jan  6 22:32:47 2015
@@ -426,7 +426,7 @@ dnl Check for atomic operations support in the compile
 dnl
 AC_MSG_CHECKING([for GNU atomic operations support])
 AC_RUN_IFELSE([AC_LANG_PROGRAM([[
-    int n = 0;
+    long long n = 0;
 ]],[[
     __sync_add_and_fetch(&n, 10); // n becomes 10
     __sync_fetch_and_add(&n, 20); // n becomes 30

--- src/ssl/bio.cc.orig	Fri Feb  6 15:36:07 2015
+++ src/ssl/bio.cc	Fri Feb  6 15:47:15 2015
@@ -151,7 +151,10 @@ Ssl::Bio::stateChanged(const SSL *ssl, int where, int 
 bool
 Ssl::ClientBio::isClientHello(int state)
 {
-    return (state == SSL2_ST_GET_CLIENT_HELLO_A ||
+    return (
+#ifdef SSL2_ST_GET_CLIENT_HELLO_A
+            state == SSL2_ST_GET_CLIENT_HELLO_A ||
+#endif
             state == SSL3_ST_SR_CLNT_HELLO_A ||
             state == SSL23_ST_SR_CLNT_HELLO_A ||
             state == SSL23_ST_SR_CLNT_HELLO_B ||
@@ -325,7 +328,11 @@ adjustSSL(SSL *ssl, Ssl::Bio::sslFeatures &features)
 
     // If the client supports compression but our context does not support
     // we can not adjust.
+#ifdef OPENSSL_NO_COMP
+    if (features.compressMethod) {
+#else
     if (features.compressMethod && ssl->ctx->comp_methods == NULL) {
+#endif
         debugs(83, 5, "Client Hello Data supports compression, but we do not!");
         return false;
     }
@@ -669,9 +676,11 @@ Ssl::Bio::sslFeatures::get(const SSL *ssl)
     debugs(83, 7, "SNI server name: " << serverName);
 #endif
 
+#ifndef OPENSSL_NO_COMP
     if (ssl->session->compress_meth)
         compressMethod = ssl->session->compress_meth;
     else if (sslVersion >= 3) //if it is 3 or newer version then compression is disabled
+#endif
         compressMethod = 0;
     debugs(83, 7, "SSL compression: " << compressMethod);

More information about the squid-users mailing list