Re: [SQU] SSL Gatewaying from John Castillo on 2001-02-20 (squid-users)

From: John Castillo <john@dont-contact.us>
Date: Tue, 20 Feb 2001 14:47:44 -0800

recently i found this link:

http://list.cineca.it/cgi-bin/wa?A2=ind0102&L=squid&D=0&P=27599

that explains how to get squid-ssl. after following the instructions,
everything seems to checkout fine BUT i was missing a configure script!
so i grabbed the v2/2.5 snapshot and used that one and configure seemed
to run fine however there was no mention of SSL Gatewaying enabled... i
did the make and got these errors.

gcc: @SSL_OBJS@: No such file or directory
gcc: @SSLLIB@: No such file or directory
make[2]: *** [squid] Error 1

i guess SSL_OBJS is supposed to be perhaps ssl_support.o and SSLLIB is
supposed to be -lssl -lcrypto but i'm not really sure. where can i get
a proper configure script so that these two variables are defined and i
can go about my way?

john

> Henrik... anyone... help!
>
> i have a need to setup a transparent proxy for external users.
> basically these external users would want to access internal resources
> limited by ACLs placed in squid. i can do this already, but the
> transparent proxy only works for http and not https enabled
> resources. likewise, if i specify a proxy.pac file and use normal
> proxy mode, squid can be used to access both http and https sites.
> unfortunately, manually configuring ANY clients will prove to be
> overly cumbersome. i've read the many posts on the mailling list and
> Henrik has always explained that squid does not do https in
> transparent mode. however, some ppl have said that if you apply the
> SSL gatewaying patch by Benno Rice, that you could pull it off.
>
> so... followed the link at http://squid.sourceforge.net but the link
> for SSL gatewaying is stale and the new website has little
> information. my question is this.
>
> if i were to figure out how to setup SSL gatewaying with squid,
> 1 - would i then be able to setup a transparent proxy that would
> CLIENT <---over https---> SQUIDPROXY <---over http---> INTERNALRESOUCE ?
>
> 2 - if 1 is true, then how do i retreive the SSL patch ? (i'm very
> unfamiliar with CVS)
> i am currently using squid-2.3.STABLE4-1
>
> 3 - provided that communication between the client and the squidproxy
> would preferrably be secure (and in my case encrypting the traffic
> would be the only financially viable solution), would (1) be a good
> solution? communication between squidproxy and internal resource is
> assumed to be private and secure.
>
> john castillo
>
> --
> To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
>

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

Received on Tue Feb 20 2001 - 15:49:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:58:05 MST