Re: [squid-users] Latest ssl and Squid stable compile issue
On 23/06/2016 10:56 p.m., James Lay wrote: > Ah...well I went with this repo: > git clone https://github.com/openssl/openssl.git > And the errors I posted were where I stoppedunfortunately I've > already nuked the repo off the drive otherwise I'd give you the exact > info. I can tell you I got the same errors with both 3.5.19 and > 4.0.11. Also compile line: > ./configure --prefix=/opt --with-openssl=/opt/libressl --enable-ssl -- > enable-ssl-crtd --enable-linux-netfilter --enable-follow-x-forwarded- > for --with-large-files --sysconfdir=/opt/etc/squid --enable-external- > acl-helpers=none > Sorry Amos...the one time you ask me for information and I don't have > it for you..: - ( > James > No worries. Just my interest. Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Latest ssl and Squid stable compile issue
On Thu, 2016-06-23 at 17:47 +1200, Amos Jeffries wrote: > Yay that you got it going with LibreSSL. > > But I'm still interested in why you got the errors in the first place > with OpenSSL. It is supposed to be the better supported one :-P > > So if you have the time to assist my edufication; > > what version OpenSSL was this exactly that you built against? > ("git pulled latest" doesnt tell me much about what branch/version > etc > you ended up with.) > > And was it only the libssl you built with, or also the matching > libcrypto ? (libcrypto is what defines the OpenSSL CRYPTO_LOCK_* > stuff). > > Amos > > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users Ah...well I went with this repo: git clone https://github.com/openssl/openssl.git And the errors I posted were where I stoppedunfortunately I've already nuked the repo off the drive otherwise I'd give you the exact info. I can tell you I got the same errors with both 3.5.19 and 4.0.11. Also compile line: ./configure --prefix=/opt --with-openssl=/opt/libressl --enable-ssl -- enable-ssl-crtd --enable-linux-netfilter --enable-follow-x-forwarded- for --with-large-files --sysconfdir=/opt/etc/squid --enable-external- acl-helpers=none Sorry Amos...the one time you ask me for information and I don't have it for you..: - ( James___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Latest ssl and Squid stable compile issue
Yay that you got it going with LibreSSL. But I'm still interested in why you got the errors in the first place with OpenSSL. It is supposed to be the better supported one :-P So if you have the time to assist my edufication; what version OpenSSL was this exactly that you built against? ("git pulled latest" doesnt tell me much about what branch/version etc you ended up with.) And was it only the libssl you built with, or also the matching libcrypto ? (libcrypto is what defines the OpenSSL CRYPTO_LOCK_* stuff). Amos ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Latest ssl and Squid stable compile issue
It already has :) Jun 22 09:41:09 gateway (squid-1): 192.168.1.109 - - [22/Jun/2016:09:41:09 -0600] "CONNECT 31.13.76.84:443 HTTP/1.1" i.instagram.com - 200 0 TAG_NONE:ORIGINAL_DST Jun 22 15:09:26 gateway (squid-1): 192.168.1.109 - - [22/Jun/2016:15:09:26 -0600] "CONNECT 31.13.76.84:443 HTTP/1.1" i.instagram.com - 200 43538 TCP_TUNNEL:ORIGINAL_DST The ole before and after trick :) And: strings /opt/libressl/bin/openssl | grep chacha EVP_aead_chacha20_poly1305 chacha chacha20-poly1305 chacha20 poly1305 EVP_aead_chacha20_poly1305 EVP_aead_chacha20_poly1305 Woo hoo! James On 2016-06-22 15:17, Yuri Voinov wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I suggest this will not solve your unknown cipher issue. :) 23.06.2016 3:12, James Lay пишет: Had zero issues when compiling against libressl-2.4.1. I now have ChaCha Poly cipher support...happy days! James On 2016-06-22 13:29, James Lay wrote: So yea...git pulled latest ssl, here's my results: make[3]: Entering directory `/home/nobackup/build/squid-3.5.19/src/anyp' depbase=`echo PortCfg.lo | sed 's|[^/]*$|.deps/&|;s|\.lo$||'`;\ /bin/bash ../../libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include-I/opt/openssl/include -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Woverloaded-virtual -Werror -pipe -D_REENTRANT -m64 -g -O2 -march=native -std=c++11 -MT PortCfg.lo -MD -MP -MF $depbase.Tpo -c -o PortCfg.lo PortCfg.cc &&\ mv -f $depbase.Tpo $depbase.Plo libtool: compile: g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include -I/opt/openssl/include -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Woverloaded-virtual -Werror -pipe -D_REENTRANT -m64 -g -O2 -march=native -std=c++11 -MT PortCfg.lo -MD -MP -MF .deps/PortCfg.Tpo -c PortCfg.cc -fPIC -DPIC -o .libs/PortCfg.o In file included from ../../src/anyp/PortCfg.h:18:0, from PortCfg.cc:10: ../../src/ssl/gadgets.h:83:45: error: ‘CRYPTO_LOCK_X509’ was not declared in this scope typedef LockingPointerX509_Pointer; ^ ../../src/ssl/gadgets.h:83:61: error: template argument 3 is invalid typedef LockingPointer X509_Pointer; ^ ../../src/ssl/gadgets.h:83:75: error: invalid type in declaration before ‘;’ token typedef LockingPointer X509_Pointer; ^ ../../src/ssl/gadgets.h:89:53: error: ‘CRYPTO_LOCK_EVP_PKEY’ was not declared in this scope typedef LockingPointer EVP_PKEY_Pointer; ^ ../../src/ssl/gadgets.h:89:73: error: template argument 3 is invalid typedef LockingPointer EVP_PKEY_Pointer; ^ ../../src/ssl/gadgets.h:89:91: error: invalid type in declaration before ‘;’ token typedef LockingPointer EVP_PKEY_Pointer; ^ ../../src/ssl/gadgets.h:116:43: error: ‘CRYPTO_LOCK_SSL’ was not declared in this scope typedef LockingPointer SSL_Pointer; ^ ../../src/ssl/gadgets.h:116:58: error: template argument 3 is invalid typedef LockingPointer SSL_Pointer; ^ ../../src/ssl/gadgets.h:116:71: error: invalid type in declaration before ‘;’ token typedef LockingPointer SSL_Pointer; ^ make[3]: *** [PortCfg.lo] Error 1 make[3]: Leaving directory `/home/jlay/nobackup/build/squid-3.5.19/src/anyp' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/home/jlay/nobackup/build/squid-3.5.19/src' make[1]: *** [all] Error 2 make[1]: Leaving directory `/home/jlay/nobackup/build/squid-3.5.19/src' make: *** [all-recursive] Error 1 This is to hopefully compile in chacha supportshould I go with dev 4.0.11 squid instead? Thank you. James ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXawB+AAoJENNXIZxhPexGzXwH/3WAFGluGUDHx1BAIHjzCNvM zGB0qFQaLTcSNACG7B7bNs5oDErCdxH7BUhwWC082L4Tu0FhZAivUYgD3GZZKuzr QLjZ7wYcocXQsa1EVyVQaiQg4MdIpO6PRZniBq6pKephJrTFj9b3l3MYNcECNF6F 7Qla/Cocyf5hJpN7U6WxyzXOBB4CbecViGwMyQIBZ4s+B6B3BAHZaFg54UNGstqA /qjwlMehh5Al/WntrJ1Ozfa59r0efiIO/VrvOylQf8HoR9gYBULq7tsl3EFGrsV2 08pcmXzQSJausCcllBWBnXKKTi4CWo/apkPE4puxYEcHLGSklqbOl7MK4oHkW44= =TjQy -END PGP
Re: [squid-users] Latest ssl and Squid stable compile issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I suggest this will not solve your unknown cipher issue. :) 23.06.2016 3:12, James Lay пишет: > Had zero issues when compiling against libressl-2.4.1. I now have ChaCha > Poly cipher support...happy days! > > James > > On 2016-06-22 13:29, James Lay wrote: >> So yea...git pulled latest ssl, here's my results: >> >> make[3]: Entering directory >> `/home/nobackup/build/squid-3.5.19/src/anyp' >> depbase=`echo PortCfg.lo | sed 's|[^/]*$|.deps/&|;s|\.lo$||'`;\ >> /bin/bash ../../libtool --tag=CXX --mode=compile g++ >> -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src >> -I../../include-I/opt/openssl/include -Wall -Wpointer-arith >> -Wwrite-strings -Wcomments -Wshadow -Woverloaded-virtual -Werror -pipe >> -D_REENTRANT -m64 -g -O2 -march=native -std=c++11 -MT PortCfg.lo -MD >> -MP -MF $depbase.Tpo -c -o PortCfg.lo PortCfg.cc &&\ >> mv -f $depbase.Tpo $depbase.Plo >> libtool: compile: g++ -DHAVE_CONFIG_H -I../.. -I../../include >> -I../../lib -I../../src -I../../include -I/opt/openssl/include -Wall >> -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow >> -Woverloaded-virtual -Werror -pipe -D_REENTRANT -m64 -g -O2 >> -march=native -std=c++11 -MT PortCfg.lo -MD -MP -MF .deps/PortCfg.Tpo >> -c PortCfg.cc -fPIC -DPIC -o .libs/PortCfg.o >> In file included from ../../src/anyp/PortCfg.h:18:0, >> from PortCfg.cc:10: >> ../../src/ssl/gadgets.h:83:45: error: ‘CRYPTO_LOCK_X509’ was not >> declared in this scope >> typedef LockingPointer>> X509_Pointer; >> ^ >> ../../src/ssl/gadgets.h:83:61: error: template argument 3 is invalid >> typedef LockingPointer >> X509_Pointer; >> ^ >> ../../src/ssl/gadgets.h:83:75: error: invalid type in declaration >> before ‘;’ token >> typedef LockingPointer >> X509_Pointer; >> >> ^ >> ../../src/ssl/gadgets.h:89:53: error: ‘CRYPTO_LOCK_EVP_PKEY’ was >> not declared in this scope >> typedef LockingPointer > CRYPTO_LOCK_EVP_PKEY> EVP_PKEY_Pointer; >> ^ >> ../../src/ssl/gadgets.h:89:73: error: template argument 3 is invalid >> typedef LockingPointer > CRYPTO_LOCK_EVP_PKEY> EVP_PKEY_Pointer; >> >> ^ >> ../../src/ssl/gadgets.h:89:91: error: invalid type in declaration >> before ‘;’ token >> typedef LockingPointer > CRYPTO_LOCK_EVP_PKEY> EVP_PKEY_Pointer; >> >> ^ >> ../../src/ssl/gadgets.h:116:43: error: ‘CRYPTO_LOCK_SSL’ was not >> declared in this scope >> typedef LockingPointer >> SSL_Pointer; >>^ >> ../../src/ssl/gadgets.h:116:58: error: template argument 3 is invalid >> typedef LockingPointer >> SSL_Pointer; >> ^ >> ../../src/ssl/gadgets.h:116:71: error: invalid type in declaration >> before ‘;’ token >> typedef LockingPointer >> SSL_Pointer; >> >> ^ >> make[3]: *** [PortCfg.lo] Error 1 >> make[3]: Leaving directory >> `/home/jlay/nobackup/build/squid-3.5.19/src/anyp' >> make[2]: *** [all-recursive] Error 1 >> make[2]: Leaving directory >> `/home/jlay/nobackup/build/squid-3.5.19/src' >> make[1]: *** [all] Error 2 >> make[1]: Leaving directory >> `/home/jlay/nobackup/build/squid-3.5.19/src' >> make: *** [all-recursive] Error 1 >> >> This is to hopefully compile in chacha supportshould I go with dev >> 4.0.11 squid instead? Thank you. >> >> James >> ___ >> squid-users mailing list >> squid-users@lists.squid-cache.org >> http://lists.squid-cache.org/listinfo/squid-users > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQEcBAEBCAAGBQJXawB+AAoJENNXIZxhPexGzXwH/3WAFGluGUDHx1BAIHjzCNvM zGB0qFQaLTcSNACG7B7bNs5oDErCdxH7BUhwWC082L4Tu0FhZAivUYgD3GZZKuzr QLjZ7wYcocXQsa1EVyVQaiQg4MdIpO6PRZniBq6pKephJrTFj9b3l3MYNcECNF6F 7Qla/Cocyf5hJpN7U6WxyzXOBB4CbecViGwMyQIBZ4s+B6B3BAHZaFg54UNGstqA /qjwlMehh5Al/WntrJ1Ozfa59r0efiIO/VrvOylQf8HoR9gYBULq7tsl3EFGrsV2 08pcmXzQSJausCcllBWBnXKKTi4CWo/apkPE4puxYEcHLGSklqbOl7MK4oHkW44= =TjQy -END PGP SIGNATURE- 0x613DEC46.asc Description: application/pgp-keys ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] Latest ssl and Squid stable compile issue
So yea...git pulled latest ssl, here's my results: make[3]: Entering directory `/home/nobackup/build/squid- 3.5.19/src/anyp' depbase=`echo PortCfg.lo | sed 's|[^/]*$|.deps/&|;s|\.lo$||'`;\ /bin/bash ../../libtool --tag=CXX --mode=compile g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include-I/opt/openssl/include -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Woverloaded-virtual -Werror -pipe -D_REENTRANT -m64 -g -O2 -march=native -std=c++11 -MT PortCfg.lo -MD -MP -MF $depbase.Tpo -c -o PortCfg.lo PortCfg.cc &&\ mv -f $depbase.Tpo $depbase.Plo libtool: compile: g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src -I../../include -I/opt/openssl/include -Wall -Wpointer-arith -Wwrite-strings -Wcomments -Wshadow -Woverloaded- virtual -Werror -pipe -D_REENTRANT -m64 -g -O2 -march=native -std=c++11 -MT PortCfg.lo -MD -MP -MF .deps/PortCfg.Tpo -c PortCfg.cc -fPIC -DPIC -o .libs/PortCfg.o In file included from ../../src/anyp/PortCfg.h:18:0, from PortCfg.cc:10: ../../src/ssl/gadgets.h:83:45: error: ‘CRYPTO_LOCK_X509’ was not declared in this scope typedef LockingPointerX509_Pointer; ^ ../../src/ssl/gadgets.h:83:61: error: template argument 3 is invalid typedef LockingPointer X509_Pointer; ^ ../../src/ssl/gadgets.h:83:75: error: invalid type in declaration before ‘;’ token typedef LockingPointer X509_Pointer; ^ ../../src/ssl/gadgets.h:89:53: error: ‘CRYPTO_LOCK_EVP_PKEY’ was not declared in this scope typedef LockingPointer EVP_PKEY_Pointer; ^ ../../src/ssl/gadgets.h:89:73: error: template argument 3 is invalid typedef LockingPointer EVP_PKEY_Pointer; ^ ../../src/ssl/gadgets.h:89:91: error: invalid type in declaration before ‘;’ token typedef LockingPointer EVP_PKEY_Pointer; ^ ../../src/ssl/gadgets.h:116:43: error: ‘CRYPTO_LOCK_SSL’ was not declared in this scope typedef LockingPointer SSL_Pointer; ^ ../../src/ssl/gadgets.h:116:58: error: template argument 3 is invalid typedef LockingPointer SSL_Pointer; ^ ../../src/ssl/gadgets.h:116:71: error: invalid type in declaration before ‘;’ token typedef LockingPointer SSL_Pointer; ^ make[3]: *** [PortCfg.lo] Error 1 make[3]: Leaving directory `/home/jlay/nobackup/build/squid- 3.5.19/src/anyp' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/home/jlay/nobackup/build/squid-3.5.19/src' make[1]: *** [all] Error 2 make[1]: Leaving directory `/home/jlay/nobackup/build/squid-3.5.19/src' make: *** [all-recursive] Error 1 This is to hopefully compile in chacha supportshould I go with dev 4.0.11 squid instead? Thank you. James___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users