[squid-users] FW: squid tproxy ssl-bump and Protocol error (TLS code: SQUID_ERR_SSL_HANDSHAKE)
Marc
gaardiolor at gmail.com
Mon Oct 10 13:53:40 UTC 2016
On Mon, Oct 10, 2016 at 11:41 AM, Eliezer Croitoru <eliezer at ngtech.co.il> wrote:
> Thanks for updating!
>
> May I ask what version of Linux are you using squid ontop?
> I have released couple RPMs and am working on releasing a drop-in tar.xz for debian based systems.
Yeah sure, I'm using Fedora Core 24.
- Installed squid source RPM
- changed the specfile; changed version, removed patches, removed some
configure flags, added --disable-strict-error-checking otherwise it
didn't want to compile.
- built a new rpm .. works on my system, but ymmv
- patch against the Fedora source rpm spec file:
--- rpmbuild-squid-3.5.21/SPECS/squid.spec 2016-10-09
00:33:42.490934810 +0200
+++ rpmbuild-squid-4.0.14/SPECS/squid.spec 2016-10-09
17:33:26.739659533 +0200
@@ -1,7 +1,7 @@
%define __perl_requires %{SOURCE98}
Name: squid
-Version: 3.5.21
+Version: 4.0.14
Release: 1%{?dist}
Summary: The Squid proxy caching server
Epoch: 7
@@ -9,8 +9,8 @@
License: GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain)
Group: System Environment/Daemons
URL: http://www.squid-cache.org
-Source0: http://www.squid-cache.org/Versions/v3/3.5/squid-%{version}.tar.xz
-Source1: http://www.squid-cache.org/Versions/v3/3.5/squid-%{version}.tar.xz.asc
+Source0: http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz
+Source1: http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz.asc
Source2: squid.logrotate
Source3: squid.sysconfig
Source4: squid.pam
@@ -27,11 +27,6 @@
# Local patches
# Applying upstream patches first makes it less likely that local patches
# will break upstream ones.
-Patch201: squid-3.1.0.9-config.patch
-Patch202: squid-3.1.0.9-location.patch
-Patch203: squid-3.0.STABLE1-perlpath.patch
-Patch204: squid-3.5.9-include-guards.patch
-Patch205: 0001-cppunit-config-no-longer-exists-use-pkg-config.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: bash >= 2.0
@@ -87,11 +82,6 @@
# Backported patches
# Local patches
-%patch201 -p1 -b .config
-%patch202 -p1 -b .location
-%patch203 -p1 -b .perlpath
-%patch204 -p0 -b .include-guards
-%patch205 -p1 -b .cppunit-config
%build
# cppunit-config patch changes configure.ac
@@ -114,8 +104,8 @@
--enable-eui \
--enable-follow-x-forwarded-for \
--enable-auth \
- --enable-auth-basic="DB,LDAP,MSNT-multi-domain,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB,getpwnam"
\
- --enable-auth-ntlm="smb_lm,fake" \
+ --enable-auth-basic="DB,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB,getpwnam" \
+ --enable-auth-ntlm="fake" \
--enable-auth-digest="file,LDAP" \
--enable-auth-negotiate="kerberos" \
--enable-external-acl-helpers="LDAP_group,time_quota,session,unix_group,wbinfo_group"
\
@@ -145,7 +135,8 @@
--with-openssl \
--with-pthreads \
--disable-arch-native \
- --with-pic
+ --with-pic \
+ --disable-strict-error-checking
make \
DEFAULT_SWAP_DIR=%{_localstatedir}/spool/squid \
@@ -191,7 +182,7 @@
install -m 644 %{SOURCE5}
$RPM_BUILD_ROOT%{_sysconfdir}/NetworkManager/dispatcher.d/20-squid
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/squid
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/spool/squid
-chmod 644 contrib/url-normalizer.pl contrib/rredir.* contrib/user-agents.pl
+chmod 644 contrib/url-normalizer.pl contrib/user-agents.pl
iconv -f ISO88591 -t UTF8 ChangeLog -o ChangeLog.tmp
mv -f ChangeLog.tmp ChangeLog
@@ -213,7 +204,7 @@
%defattr(-,root,root,-)
%license COPYING
%doc CONTRIBUTORS README ChangeLog QUICKSTART src/squid.conf.documented
-%doc contrib/url-normalizer.pl contrib/rredir.* contrib/user-agents.pl
+%doc contrib/url-normalizer.pl contrib/user-agents.pl
%{_unitdir}/squid.service
%attr(755,root,root) %dir %{_libexecdir}/squid
@@ -286,6 +277,9 @@
More information about the squid-users
mailing list