On Tue, 2016-09-20 at 11:05 +0930, LYMN wrote:
> On Mon, Sep 19, 2016 at 07:20:14PM -0600, James Lay wrote:
> >
> >
> > Well last word on this...squid starts but dies with:
> > /squid: symbol lookup error: ./squid: undefined symbol:
> > SSL_set_alpn_protos
> > So at this point I'll just go back t
On Mon, Sep 19, 2016 at 07:20:14PM -0600, James Lay wrote:
>
> Well last word on this...squid starts but dies with:
> /squid: symbol lookup error: ./squid: undefined symbol:
> SSL_set_alpn_protos
> So at this point I'll just go back to linking to libressl. Thanks all.
>
What does a "ldd squid" o
On Mon, 2016-09-19 at 18:44 -0600, James Lay wrote:
> On Tue, 2016-09-20 at 10:12 +0930, LYMN wrote:
> > On Mon, Sep 19, 2016 at 06:37:44PM -0600, Alex Rousskov wrote:
> > >
> > > On 09/19/2016 06:22 PM, James Lay wrote:
> > > >
> > > > Ok so this is with the 1.0.2 branch of openssl:
> > > >
> >
On Tue, 2016-09-20 at 10:26 +0930, LYMN wrote:
> On Mon, Sep 19, 2016 at 06:44:38PM -0600, James Lay wrote:
> >
> > >
> > > >
> > > >
> > > At a guess add this to the libraries list after openssl: -ldl
> > >
> > Thank you...where would I add that to? My config line? Here it
> > is:
> > ./con
On Tue, 2016-09-20 at 10:12 +0930, LYMN wrote:
> On Mon, Sep 19, 2016 at 06:37:44PM -0600, Alex Rousskov wrote:
> >
> > On 09/19/2016 06:22 PM, James Lay wrote:
> > >
> > > Ok so this is with the 1.0.2 branch of openssl:
> > >
> > > dso_dlfcn.c:(.text+0x11): undefined reference to `dlopen'
> > >
On Mon, Sep 19, 2016 at 06:37:44PM -0600, Alex Rousskov wrote:
> On 09/19/2016 06:22 PM, James Lay wrote:
> > Ok so this is with the 1.0.2 branch of openssl:
> >
> > dso_dlfcn.c:(.text+0x11): undefined reference to `dlopen'
> > dso_dlfcn.c:(.text+0x24): undefined reference to `dlsym'
> > dso_dlfcn
Thanks...off to git cloning the 1.0.1 branch...all this work for chacha
and poly...yugh 8-|
James
On Mon, 2016-09-19 at 18:37 -0600, Alex Rousskov wrote:
> On 09/19/2016 06:22 PM, James Lay wrote:
> >
> > Ok so this is with the 1.0.2 branch of openssl:
> >
> > dso_dlfcn.c:(.text+0x11): undefined
On 09/19/2016 06:22 PM, James Lay wrote:
> Ok so this is with the 1.0.2 branch of openssl:
>
> dso_dlfcn.c:(.text+0x11): undefined reference to `dlopen'
> dso_dlfcn.c:(.text+0x24): undefined reference to `dlsym'
> dso_dlfcn.c:(.text+0x2f): undefined reference to `dlclose'
You can probably force y
Ok so this is with the 1.0.2 branch of openssl:
make[3]: Entering directory `/home//nobackup/build/squid-
3.5.20/src/ssl'
/bin/bash ../../libtool --tag=CXX --mode=link g++ -Wall -Wpointer-
arith -Wwrite-strings -Wcomments -Wshadow -Woverloaded-virtual -Werror
-pipe -D_REENTRANT -m64 -g -O2 -m
On 2016-09-19 16:05, Alex Rousskov wrote:
On 09/19/2016 04:01 PM, James Lay wrote:
Openssl git latest commit version commit
e2562bbbe1e1c68ec5a3e02c1f151fd6149ee2ae.
Please see http://bugs.squid-cache.org/show_bug.cgi?id=4599
Thank you,
Alex.
And there you go...thanks Alex.
James
__
On 09/19/2016 04:01 PM, James Lay wrote:
> Openssl git latest commit version commit
> e2562bbbe1e1c68ec5a3e02c1f151fd6149ee2ae.
Please see http://bugs.squid-cache.org/show_bug.cgi?id=4599
Thank you,
Alex.
___
squid-users mailing list
squid-users@lis
So I know I posted this a while ago...thought I'd give it a shot today,
but still no luck:
make[3]: Entering directory `/home/nobackup/build/squid-3.5.20/src/anyp'
depbase=`echo PortCfg.lo | sed 's|[^/]*$|.deps/&|;s|\.lo$||'`;\
/bin/bash ../../libtool --tag=CXX --mode=compile g++
-DH
On 09/19/2016 06:29 AM, ysu yang wrote:
>> A. Define "session" in HTTP or Squid terms that Squid understands. Write
>> ACLs (likely including an external ACL or an eCAP adapter) that will
>> define a "session" for any given transaction and annotate same-session
>> transactions acc
On Mon, Sep 19, 2016 at 10:39 AM, erdosain9 wrote:
> mm
> so...
> i think this is working for non take the certificate
>
> acl step1 at_step SslBump1
> acl excludeSSL ssl::server_name_regex web/.whatsapp/.com
>
wrong slashes... you want "\"
>
> ssl_bump peek step1
> ssl_bump splice
mm
so...
i think this is working for non take the certificate
acl step1 at_step SslBump1
acl excludeSSL ssl::server_name_regex web/.whatsapp/.com
ssl_bump peek step1
ssl_bump splice excludeSSL
ssl_bump bump all
but, anyway something more is happening because well... dosent work.
Hello,
I am using squid 3.5.12(detailed version info is below) on Ubuntu 16.04.1
LTS server. My squid config is at, http://pastebin.com/raw/b8RZ67u9
I have configured squid as intercept proxy bumping all SSL https
connections. Setup is working fine for many things like browsing,
even on command l
First of all.thanks for your advice.
> B. Adjust the ICAP service to store information about "sessions" in
> such
> a way that different service instances can share it. For example, if
> all
> ICAP services run on the same machine, they can use shared memory
> segments to exchan
Yes,
You can fix that by setting the SPN : HTTP/host.you.domain.tld in UPN
I had that too, changed it and it is working perfect now.
See subject : Re: [squid-users] ext_kerberos_ldap_group_acl problem ( 2
minorbugsmaybe )
Greetz,
Louis
> -Oorspronkelijk bericht-
> Van: squid-u
Firstly of all.Thanks for your advice.
> B. Adjust the ICAP service to store information about "sessions" in
> such
> a way that different service instances can share it. For example, if
> all
> ICAP services run on the same machine, they can use shared memory
> segments to exch
On 19.09.2016 14:08, L.P.H. van Belle wrote:
> Well thats strange.
> No i cant speak about openBSD, but below is pretty general.
>
> When you test, did you set this before the test.
> KRB5_KTNAME=/etc/squid/proxy.keytab
> And does that keytab contain the HTTP/SPN
> And test/check if you see ht
Well thats strange.
No i cant speak about openBSD, but below is pretty general.
When you test, did you set this before the test.
KRB5_KTNAME=/etc/squid/proxy.keytab
And does that keytab contain the HTTP/SPN
And test/check if you see http/SPN in the UPN, if not try that also.
After that change
On 16.09.2016 22:11, Markus Moeller wrote:
> Hi Silamael,
>
> Can you perform a kinit u...@example.com ? Does the squid user
> have read access to krb5.conf ?
>
> Markus
Hello Markus,
Yes, the permissions are correctly set up so that Squid and it's
processes can read every file needed.
On 16.09.2016 10:52, L.P.H. van Belle wrote:
> I think you forgot in your test, that you may need to modify the default
> kerberos ticket used.
>
>
>
>
>
> I suggest you change you config a bit to something like
>
>
>
> external_acl_type internet-win-allowed %LOGIN
> /usr/local/libexec/s
23 matches
Mail list logo
