Hi Rafael, > Il giorno 02 feb 2016, alle ore 08:48, Raphael Hertzog <hert...@debian.org> > ha scritto: > > Hello, > > On Sat, 16 Jan 2016, Amos Jeffries wrote: >>> Can I use https_port without recompiling squid with openssl library? >> >> No. Which is why the error message says what it does. >> >>> Do you plan to build squid with libgnutls-openssl wrapper? Does this >>> make sense? >> >> No. The squid binary requires functionality from OpenSSL APIs which is >> not provided through that wrapper. Upstream is aiming at full native >> GnuTLS support instead. > > And from the Debian packaging point of view, is there any problem > in building squid with --with-openssl ? > > The same feature has also been requested by Kali users: > https://bugs.kali.org/view.php?id=3016 > > It would be nice to support this feature if there aren't any major > downsides in doing so.
Hi Raphael, this issue is related to the explicit upstream permission needed in Debian to ship GPL code linked to OpenSSL. Since squid upstream ownership is assigned to a large number of individual there is no easy way to obtain such permission. Details are in #180886. In the end GnuTLS support was requested upstream. Another option would be, as requested in #641944, provide a squid-ssl version in non-free, and we would probably end doing that while upstream moves to GnuTLS. Best regards, L -- Luigi Gangitano -- <lu...@debian.org> -- <gangit...@lugroma3.org> GPG: 1024D/924C0C26: 12F8 9C03 89D3 DB4A 9972 C24A F19B A618 924C 0C26 GPG: 4096R/2BA97CED: 8D48 5A35 FF1E 6EB7 90E5 0F6D 0284 F20C 2BA9 7CED