Re: [squid-users] Compiling squid-3.3.5 with SSL on RedHat EL 6

Hey Peter,

At the time it was a thread which indicates that the problem is deep
inside the fact that CentOS didn't fixed the openssl issues.
I could have built squid in a portable format that will include Openssl
but it's much simpler to just compile from source since you already have
the Development Tools.
Just compile new version of OpenSSL in the basic /usr/local/... prefix
and then build squid based on it with the ssl option referring to this
specific location\libs.

I now it's not like installing a RPM but it's far more reliable in your
case.

I hope that you understand the main issues we are having to "force"
CentOS distro to update and upgrade their OpenSSL libs.

Eliezer

On 06/28/2013 07:03 PM, Peter H. Lemieux wrote:
> In May, Eliezer seemed to indicate that using CentOS 6.4 would be
> sufficient to build squid with the --enable-ssl-crtd extension without
> needing to patch the source code.
>
>> The above is known issue with RHEL 6.3 and CentOS 6.3. This issue
>> requires you to either install some custom openssl libs and headers
>> or upgrade to 6.4(which is much more reasonable to me) and use the
>> fixed openssl in 6.4.
>
> I installed a clean version of CentOS 6.4 in a VM, added the
> "Development Tools" packages and all the openssl packages including, of
> course, openssl-devel. I still get same errors Chris Ross reports below
> when trying to compile 3.3.5.
>
> Is it really still not possible to compile 3.3.5 with --enable-ssl-crtd
> on a RedHat or CentOS platform without having to patch the source code?
> I had hoped that upgrading to 6.4 would solve this problem, but that
> does not seem to be the case.
>
> This thread got rather lengthy and convoluted before which made it hard
> for me to see exactly what the solution might be. If there is a patch
> required to resolve this problem, could you please repost it again in
> response to this message?
>
> My openssl packages are both versioned 1.0.0-27.el6.4.2.x86_64, the same
> version Chris reported in another post in this thread.
>
> Thanks!
>
> Peter
>
>
> On 05/21/2013 10:28 AM, Eliezer Croitoru wrote:
>> On 5/21/2013 5:23 PM, Chris Ross wrote:
>>>
>>> I had gotten a patch for compiling with SSL on RHEL6 from the net,
>>> presumably by following something noted on this mailing list. When
>>> 3.3.5 came out yesterday, and the change log noted that this issue had
>>> been addressed, I was pleased to upgrade to 3.3.5.
>>>
>>> However, with an unmodified tree, I seem to still be unable to
>>> compile certificate_db.cc on my x86_64 RedHat EL 6.3 host. The
>>> following are the compilation errors:
>>>
>>> g++ -DHAVE_CONFIG_H -I../.. -I../../include -I../../lib -I../../src
>>> -I../../include -I../../libltdl -Wall -Wpointer-arith
>>> -Wwrite-strings -Wcomments -Werror -pipe -D_REENTRANT -g -O2
>>> -std=c++0x -MT certificate_db.o -MD -MP -MF .deps/certificate_db.Tpo
>>> -c -o certificate_db.o certificate_db.cc
>>> certificate_db.cc: In static member function ‘static void
>>> Ssl::CertificateDb::sq_TXT_DB_delete(TXT_DB*, const char**)’:
>>> certificate_db.cc:170: error: invalid conversion from ‘void*’ to
>>> ‘const _STACK*’
>>> certificate_db.cc:170: error: initializing argument 1 of ‘void*
>>> sk_value(const _STACK*, int)’
>>> certificate_db.cc: In member function ‘bool
>>> Ssl::CertificateDb::deleteInvalidCertificate()’:
>>> certificate_db.cc:520: error: invalid conversion from ‘void*’ to
>>> ‘const _STACK*’
>>> certificate_db.cc:520: error: initializing argument 1 of ‘void*
>>> sk_value(const _STACK*, int)’
>>> certificate_db.cc: In member function ‘bool
>>> Ssl::CertificateDb::deleteOldestCertificate()’:
>>> certificate_db.cc:551: error: invalid conversion from ‘void*’ to
>>> ‘const _STACK*’
>>> certificate_db.cc:551: error: initializing argument 1 of ‘void*
>>> sk_value(const _STACK*, int)’
>>> certificate_db.cc: In member function ‘bool
>>> Ssl::CertificateDb::deleteByHostname(const std::string&)’:
>>> certificate_db.cc:568: error: invalid conversion from ‘void*’ to
>>> ‘const _STACK*’
>>> certificate_db.cc:568: error: initializing argument 1 of ‘void*
>>> sk_value(const _STACK*, int)’
>>> make[3]: *** [certificate_db.o] Error 1
>>>
>>>
>>> Is anyone either in the core squid team, or in the user community,
>>> aware both of the short-coming of the fix for bug 3759, and a way to
>>> address the issue myself in the short term?
>>>
>>> Thanks…
>>>
>>> - Chris
>>>
>> The above is known issue with RHEL 6.3 and CentOS 6.3.
>> This issue requires you to either install some custom openssl libs and
>> headers or upgrade to 6.4(which is much more reasonable to me) and use
>> the fixed openssl in 6.4.
>>
>> Eliezer
>
Received on Sat Jun 29 2013 - 12:51:51 MDT