[squid-users] any way to get squid-4 compiled on CentOS-6?

Amos Jeffries squid3 at treenet.co.nz
Wed Feb 24 22:24:40 UTC 2016


On 24/02/2016 1:25 p.m., Dan Charlesworth wrote:
> That’s the version I’m on actually (RPM compiled by me):
> 
> squid-3.5.13-1.el6.x86_64
> openssl-1.0.1e-42.el6_7.2.x86_64
> 
> I’m not setting sslproxy_cipher in my config, so I guess that’s not it. My openssl library the problem perhaps?

Perhapse. I expect that library is new enough not to have problems with
anything.

It could still be the same DH problem. For the DH and ECDH type ciphers
you have to supply the Diffi-Helman parameters and/or Curve name or
Squid will still not be able to use / negotiate them.

You could try setting up the tls-dh= parameter and see if it solves the
problem.


Of course you might just be seeing malware attacks intentionally trying
to force low-security ciphers and being rejected with that error logged.

Amos



More information about the squid-users mailing list