[squid-users] Squid 4.4 security_file_certgen helpers crashing
johnrefwe at mail.com
Thu Dec 27 21:30:45 UTC 2018
I am having trouble running squid 4.4 on ubuntu 14.04. I have successfully
built squid, and it runs fine if I'm not trying to SSL bump, but once I SSL
bump traffic, it starts crashing.
I've tried various ssl bump configurations with the same net result, so I
don't believe the configuration is relevant, but here it is:
sslcrtd_children 2 startup=2 idle=1
http_port 3129 ssl-bump generate-host-certificates=on
acl step1 at_step SslBump1
ssl_bump stare step1
ssl_bump bump all
After browsing to a https site, squid crashes and I find the following in
the cache log:
2018/12/27 21:15:40 kid1| WARNING:
/usr/local/squid/var/cache/squid/ssl_db -M 4MB #Hlpr1 exited
2018/12/27 21:15:40 kid1| FATAL: The
/usr/local/squid/var/cache/squid/ssl_db -M 4MB helpers are crashing too
rapidly, need help!
I ran the security_gen_helper under GDB and it seems to be crashing here:
My squid version output is as follows:
Squid Cache: Version 4.4
Service Name: squid
This binary uses OpenSSL 1.0.1f 6 Jan 2014. For legal restrictions on
distribution see https://www.openssl.org/source/license.html
configure options: '--disable-arch-native' '--disable-dependency-tracking'
'--enable-follow-x-forwarded-for' '--enable-ssl-crtd' '--with-openssl'
I specifically mention ubuntu 14.04, because I compiled and ran squid 4.4 on
ubuntu 18.04 with the same config and it ran successfully. I was
successfully able to run squid 4.3 on ubuntu 14.04 and 18.04, so I think
this might be something newly introduced in the code? I saw a commit
supporting a newer version of openssl, I wonder if that may have mistakenly
broken support for older versions of openssl?
Thank you for any help!
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
More information about the squid-users