Squid Compile with custom OpenSSL

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Squid Compile with custom OpenSSL

Dave Lewthwaite

Hello,

 

I am having some trouble compiling squid using a custom build of openssl – it seems it is unable to find the libraries during run-time.

 

OpenSSL 1.1.1g is compiled and installed (setting prefix and openssldir) to /home/centos/openssl – the libraries are present there as are all the headers.

 

Squid is built using –with-openssl=/home/centos/openssl – it builds correctly, references the correct includes, libraries etc. However when the resulting binary is run, it is unable to find the OpenSSL libs – 

 

squid: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory

 

ldd /sbin/squid shows that it is unable to find the libs –

 

                libssl.so.1.1 => not found

                libcrypto.so.1.1 => not found

 

If I install the 1.1.1g libs into  /lib64 then squid will run – have I made an assumption on my part that this isn’t required? I was under the impression that squid would run with an entirely standalone build of OpenSSL.

 

Any advice would be appreciated – it certainly feels as though I’m missing something simple, but I can’t figure out what it is.

 

Versions

CentOS 7 (standard build chain)

Squid 4.13

OpenSSL 1.1.1g

 

Configure commands –

 

Squid - 

 

./configure \

     --prefix=/usr \

     --with-logdir=/var/log/squid \

     --enable-useragent-log \

     --with-filedescriptors=65535 \

     --enable-ssl \

     --enable-http-violations \

     --sysconfdir=/etc/squid \

     --with-default-user="squid" \

     --localstatedir=/var \

     --with-logdir='/var/log/squid' \

     --with-pidfile='/var/run/squid.pid' \

     --enable-stacktraces \

     --with-openssl='/home/centos/openssl' \

     --enable-snmp \

     --disable-arch-native

 

Openssl – 

 

./config --prefix=/home/centos/openssl --openssldir=/home/centos/openssl

 

 

Thanks

 

 

 



This email and any attachments to it may contain confidential information and are intended solely for the addressee.



If you are not the intended recipient of this email or if you believe you have received this email in error, please contact the sender and remove it from your system.Do not use, copy or disclose the information contained in this email or in any attachment.

RealityMine Limited may monitor email traffic data including the content of email for the purposes of security.

RealityMine Limited is a company registered in England and Wales. Registered number: 07920936 Registered office: Warren Bruce Court, Warren Bruce Road, Trafford Park, Manchester M17 1LB


_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Squid Compile with custom OpenSSL

Amos Jeffries
Administrator
On 27/08/20 10:41 pm, Dave Lewthwaite wrote:

> Hello,
>
>  
>
> I am having some trouble compiling squid using a custom build of openssl
> – it seems it is unable to find the libraries during run-time.
>
>  
>
> OpenSSL 1.1.1g is compiled and installed (setting prefix and openssldir)
> to /home/centos/openssl – the libraries are present there as are all the
> headers.
>
>  
>
> Squid is built using –with-openssl=/home/centos/openssl – it builds
> correctly, references the correct includes, libraries etc. However when
> the resulting binary is run, it is unable to find the OpenSSL libs – 
>

Looks like you need to set the environment LD_LIBRARY_PATH variable when
starting Squid.

<https://blog.andrewbeacock.com/2007/10/how-to-add-shared-libraries-to-linuxs.html>

...
> If I install the 1.1.1g libs into  /lib64 then squid will run – have I
> made an assumption on my part that this isn’t required? I was under the
> impression that squid would run with an entirely standalone build of
> OpenSSL.

Squid should, yes.


Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Squid Compile with custom OpenSSL

Dave Lewthwaite

Oh that’s excellent – it worked. I did think by using –with-openssl=, squid would statically link the libs – but I can’t see an option for that.

 

Regardless, I can work with this.

 

Thanks for your help.



This email and any attachments to it may contain confidential information and are intended solely for the addressee.



If you are not the intended recipient of this email or if you believe you have received this email in error, please contact the sender and remove it from your system.Do not use, copy or disclose the information contained in this email or in any attachment.

RealityMine Limited may monitor email traffic data including the content of email for the purposes of security.

RealityMine Limited is a company registered in England and Wales. Registered number: 07920936 Registered office: Warren Bruce Court, Warren Bruce Road, Trafford Park, Manchester M17 1LB


_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users