TR: [squid-users] https analyze, squid rpc proxy to rpc proxy ii6 exchange2007 with ntlm

From: Clem <clemfree_at_free.fr>
Date: Thu, 8 Mar 2012 09:51:55 +0100

Hi Amos

I'm trying to install squid-3.1.19-20120306-r10434, with all other versions
I can install it with --enable-ssl options but with this one I have errors
on "make all" command relative to SSL ...

-------------------------------------------------------> ERRORS OF MAKE ALL
In file included from ../../src/squid.h:272,
                 from AsyncCall.cc:5:
../../src/ssl_support.h:62: error: expected constructor, destructor, or type
con
version before '*' token
../../src/ssl_support.h:75: error: 'SSL' was not declared in this scope
../../src/ssl_support.h:75: error: 'ssl' was not declared in this scope
../../src/ssl_support.h:78: error: typedef 'SSLGETATTRIBUTE' is initialized
(use
 decltype instead)
../../src/ssl_support.h:78: error: 'SSL' was not declared in this scope
../../src/ssl_support.h:78: error: expected primary-expression before ','
token
../../src/ssl_support.h:78: error: expected primary-expression before
'const'
../../src/ssl_support.h:81: error: 'SSLGETATTRIBUTE' does not name a type
../../src/ssl_support.h:84: error: 'SSLGETATTRIBUTE' does not name a type
../../src/ssl_support.h:87: error: 'SSL' was not declared in this scope
../../src/ssl_support.h:87: error: 'ssl' was not declared in this scope
../../src/ssl_support.h:90: error: 'SSL' was not declared in this scope
../../src/ssl_support.h:90: error: 'ssl' was not declared in this scope
../../src/ssl_support.h:98: error: expected constructor, destructor, or type
con
version before '*' token
../../src/ssl_support.h:105: error: 'SSL_CTX' was not declared in this scope
../../src/ssl_support.h:105: error: 'sslContext' was not declared in this
scope
../../src/ssl_support.h:112: error: expected constructor, destructor, or
type co
nversion before '*' token
../../src/ssl_support.h:123: error: 'X509' was not declared in this scope
../../src/ssl_support.h:123: error: 'peer_cert' was not declared in this
scope
../../src/ssl_support.h:123: error: expected primary-expression before
'void'
../../src/ssl_support.h:123: error: 'check_func' was not declared in this
scope
../../src/ssl_support.h:123: error: expected primary-expression before
'void'
../../src/ssl_support.h:123: error: 'ASN1_STRING' was not declared in this
scope
../../src/ssl_support.h:123: error: 'cn_data' was not declared in this scope
../../src/ssl_support.h:123: error: initializer expression list treated as
compo
und expression
../../src/ssl_support.h:133: error: 'ASN1_TIME' was not declared in this
scope
../../src/ssl_support.h:133: error: expected primary-expression before ','
token
../../src/ssl_support.h:133: error: expected primary-expression before
'char'
../../src/ssl_support.h:133: error: expected primary-expression before 'int'
../../src/ssl_support.h:133: error: initializer expression list treated as
compo
und expression
In file included from ../../src/squid.h:318,
                 from AsyncCall.cc:5:
../../src/structs.h:618: error: ISO C++ forbids declaration of 'SSL_CTX'
with no
 type
../../src/structs.h:618: error: expected ';' before '*' token
../../src/structs.h:968: error: ISO C++ forbids declaration of 'SSL_CTX'
with no
 type
../../src/structs.h:968: error: expected ';' before '*' token
../../src/structs.h:969: error: ISO C++ forbids declaration of 'SSL_SESSION'
wit
h no type
../../src/structs.h:969: error: expected ';' before '*' token
../../src/structs.h:969: error: ISO C++ forbids declaration of 'SSL_SESSION'
wit
h no type
../../src/structs.h:969: error: expected ';' before '*' token
make[3]: *** [AsyncCall.lo] Erreur 1
make[3]: quittant le répertoire «
/usr/src/squid-3.1.19-20120306-r10434/src/base
 »
make[2]: *** [all-recursive] Erreur 1
make[2]: quittant le répertoire « /usr/src/squid-3.1.19-20120306-r10434/src
»
make[1]: *** [all] Erreur 2
make[1]: quittant le répertoire « /usr/src/squid-3.1.19-20120306-r10434/src
»
make: *** [all-recursive] Erreur 1
----------------------------------------------------------------------------
------------>

How I can install this version with ssl ? Or I 've downloaded the wrong
version I've to download this one 3.1.19.tar.gz?

Thx,

Clem

-----Message d'origine-----
De : Clem [mailto:clemfree_at_free.fr]
Envoyé : mercredi 7 mars 2012 13:05
À : squid-users_at_squid-cache.org
Objet : RE: [squid-users] https analyze, squid rpc proxy to rpc proxy ii6
exchange2007 with ntlm

I use only the last 3.2 releases, but I can try with 3.1.19...

-----Message d'origine-----
De : Amos Jeffries [mailto:squid3_at_treenet.co.nz]
Envoyé : mercredi 7 mars 2012 12:08
À : squid-users_at_squid-cache.org
Objet : Re: [squid-users] https analyze, squid rpc proxy to rpc proxy ii6
exchange2007 with ntlm

On 7/03/2012 11:27 p.m., Clem wrote:
> Thx for your reply Amos,
>
> So the issue is squid doesn't pass through the type-1 message ...
>
> I've check the http version, check this on IIS6 logs, it's 1v1 and same
with
> squid.
> For keepalive, I've used the only squid parameters I know (u gave me them
> later) as :
> client_persistent_connections
> and
> server_persistent_connections
>
> I think the link SQUID -> IIS6 RPC PROXY is represented by the cache_peer
> line on my squid.conf, and I don't know if client_persistent_connections
and
> server_persistent_connections parameters affect cache_peer too ?
>
> Dunno what to do now ...

My interpretation of your report so far is that the client is not even
sending type-1 message when using Squid. Instead it appears that they
are trying to use Kerberos, with NTLM label. Or possibly that you
overlooked some earlier connection(s) with the other LM message types.

If this is not 3.1.19 you can give it a try with that Squid version.

Amos
Received on Thu Mar 08 2012 - 08:52:01 MST

This archive was generated by hypermail 2.2.0 : Thu Mar 08 2012 - 12:00:02 MST