Hey Robert, I am not sure I understood what is the meaning of the description: openbsd: Requiring client certificates. linux: Not requiring any client certificates
In what sense? Let say you try You have then next config directives: http_port 3128 ssl-bump \ cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem \ generate-host-certificates=on dynamic_cert_mem_cache_size=16MB https_port 3129 intercept ssl-bump \ cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem \ generate-host-certificates=on dynamic_cert_mem_cache_size=16MB sslcrtd_program /opt/osec/libexec/security_file_certgen -s /opt/osec/etc/ssl_db -M 128MB acl step1 at_step SslBump1 ssl_bump peek step1 ssl_bump bump all ssl_bump splice all Which implies you do want ssl bump to work. To clear out: What is the desired results and where? How do you see that the expected result do not match the expectation? It would help if you would show the expectation using the relevant access.log output when you try to access let say https://www.google.com/404. Try to use the next to make it clear to me and probably others: https_proxy=http://127.0.0.1:3128/ curl https://www.google.com/404 -v https_proxy=http://127.0.0.1:3128/ curl https://www.google.com/404 -v -k I hope this would make more sense into the scenario you are having. Thanks, Eliezer ---- Eliezer Croitoru Tech Support Mobile: +972-5-28704261 Email: ngtech1...@gmail.com Zoom: Coming soon -----Original Message----- From: squid-dev <squid-dev-boun...@lists.squid-cache.org> On Behalf Of Robert Smith Sent: Sunday, March 28, 2021 7:27 PM To: squid-dev@lists.squid-cache.org Subject: [squid-dev] squid-5.0.5-20210223-r4af19cc24 difference in behaviors between openbsd and linux Dear Squid-Dev list: I could use some help on this one: I have a build environment that is identical on linux, openbsd, and macosx In this scenario, I am developing under: Ubuntu 18.04 - All patches and updates applied as of 3/24 OpenBSD 6.8 - All patches and updates applied as of 3/24 I will note that I am really only using the libc from each system whereas every other component dependencies (which are not many! Good job squid team!) are a part of my build system. When building squid with the exact same tool chain and library stack, with the same configure options, I am seeing a difference in behavior on the two platforms: The difference is that after parsing the configuration file, the two systems differ in whether or not they will require client certificates: openbsd: Requiring client certificates. linux: Not requiring any client certificates One would think this was a run-time configuration difference, It is not. They are identical, Please see below: - all configuration, certificates, certificate databases under /opt/osec/etc on both systems are identical - the configuration file on both system is identical I have some suspicions about what the actual issue is. Using the configuration options below without any of the --enable-auth or --enable-auth* options (AUTH OPTIONS), both systems worked just fine and parse the configuration file identically. Of course, without auth. No good. After trying a number of different configure options and combinations, I discovered that on the linux platform, I could add the AUTH OPTIONS and remove the --enable-security-cert* (CERT OPTIONS): # --enable-security-cert-validators \ # --enable-security-cert-generators \ and then it would parse and run the way I was used to using peek & slice. Excited, thinking I'd found the issue, I ran the build on openbsd only to find the differences in functionality. BUILD & RUNTIME INFORMATION I will interleave these to make viewing easier. Please see below: # ## md5 sum of config file: # # openbsd root@openbsd:~# md5 /opt/osec/etc/squid.conf-bump MD5 (/opt/osec/etc/squid.conf-bump) = a0bf93867aaff1f35eb1af23dd5eb49b # linux root@linux:~# md5sum /opt/osec/etc/squid.conf-bump a0bf93867aaff1f35eb1af23dd5eb49b /opt/osec/etc/squid.conf-bump # ## Actual configuration (sanitized) # acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost manager http_access deny manager http_access allow localnet http_access allow localhost http_access deny all http_port 3128 ssl-bump \ cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem \ generate-host-certificates=on dynamic_cert_mem_cache_size=16MB https_port 3129 intercept ssl-bump \ cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem \ generate-host-certificates=on dynamic_cert_mem_cache_size=16MB sslcrtd_program /opt/osec/libexec/security_file_certgen -s /opt/osec/etc/ssl_db -M 128MB acl step1 at_step SslBump1 ssl_bump peek step1 ssl_bump bump all ssl_bump splice all coredump_dir /var/spool/squid refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 cache_access_log /data/logs/access.log cache_log /data/logs/cache.log cache_store_log /data/logs/store.log shutdown_lifetime 5 seconds tls_outgoing_options cafile=/opt/osec/etc/pki/tls/certs/ca-bundle.crt on_unsupported_protocol tunnel all # ## -k parse # # openbsd root@openbsd:~# /root/squid.init conftest 2021/03/28 10:47:31| Startup: Initializing Authentication Schemes ... 2021/03/28 10:47:31| Startup: Initialized Authentication Scheme 'basic' 2021/03/28 10:47:31| Startup: Initialized Authentication Scheme 'digest' 2021/03/28 10:47:31| Startup: Initialized Authentication Scheme 'negotiate' 2021/03/28 10:47:31| Startup: Initialized Authentication Scheme 'ntlm' 2021/03/28 10:47:31| Startup: Initialized Authentication. 2021/03/28 10:47:31| Processing Configuration File: /opt/osec/etc/squid.conf-bump (depth 0) 2021/03/28 10:47:31| Processing: acl localnet src 10.0.0.0/8 # RFC1918 possible internal network 2021/03/28 10:47:31| Processing: acl localnet src 172.16.0.0/12 # RFC1918 possible internal network 2021/03/28 10:47:31| Processing: acl localnet src 192.168.0.0/16 # RFC1918 possible internal network 2021/03/28 10:47:31| Processing: acl SSL_ports port 443 2021/03/28 10:47:31| Processing: acl Safe_ports port 80 # http 2021/03/28 10:47:31| Processing: acl Safe_ports port 21 # ftp 2021/03/28 10:47:31| Processing: acl Safe_ports port 443 # https 2021/03/28 10:47:31| Processing: acl Safe_ports port 70 # gopher 2021/03/28 10:47:31| Processing: acl Safe_ports port 210 # wais 2021/03/28 10:47:31| Processing: acl Safe_ports port 1025-65535 # unregistered ports 2021/03/28 10:47:31| Processing: acl Safe_ports port 280 # http-mgmt 2021/03/28 10:47:31| Processing: acl Safe_ports port 488 # gss-http 2021/03/28 10:47:31| Processing: acl Safe_ports port 591 # filemaker 2021/03/28 10:47:31| Processing: acl Safe_ports port 777 # multiling http 2021/03/28 10:47:31| Processing: acl CONNECT method CONNECT 2021/03/28 10:47:31| Processing: http_access deny !Safe_ports 2021/03/28 10:47:31| Processing: http_access deny CONNECT !SSL_ports 2021/03/28 10:47:31| Processing: http_access allow localhost manager 2021/03/28 10:47:31| Processing: http_access deny manager 2021/03/28 10:47:31| Processing: http_access allow localnet 2021/03/28 10:47:31| Processing: http_access allow localhost 2021/03/28 10:47:31| Processing: http_access deny all 2021/03/28 10:47:31| Processing: http_port 3128 ssl-bump cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=16MB 2021/03/28 10:47:31| Processing: https_port 3129 intercept ssl-bump cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=16MB 2021/03/28 10:47:31| Starting Authentication on port [::]:3129 2021/03/28 10:47:31| Disabling Authentication on port [::]:3129 (interception enabled) 2021/03/28 10:47:31| Processing: sslcrtd_program /opt/osec/libexec/security_file_certgen -s /opt/osec/etc/ssl_db -M 128MB 2021/03/28 10:47:31| Processing: acl step1 at_step SslBump1 2021/03/28 10:47:31| Processing: ssl_bump peek step1 2021/03/28 10:47:31| Processing: ssl_bump bump all 2021/03/28 10:47:31| Processing: ssl_bump splice all 2021/03/28 10:47:31| Processing: coredump_dir /var/spool/squid 2021/03/28 10:47:31| Processing: refresh_pattern ^ftp: 1440 20% 10080 2021/03/28 10:47:31| Processing: refresh_pattern ^gopher: 1440 0% 1440 2021/03/28 10:47:31| Processing: refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 2021/03/28 10:47:31| Processing: refresh_pattern . 0 20% 4320 2021/03/28 10:47:31| Processing: cache_access_log /data/logs/access.log 2021/03/28 10:47:31| Processing: cache_log /data/logs/cache.log 2021/03/28 10:47:31| Processing: cache_store_log /data/logs/store.log 2021/03/28 10:47:31| Processing: shutdown_lifetime 5 seconds 2021/03/28 10:47:31| Processing: acl acl_proxy_out src 172.16.171.0/24 2021/03/28 10:47:31| Processing: tcp_outgoing_address 199.47.196.193 acl_proxy_out 2021/03/28 10:47:31| Processing: tls_outgoing_options cafile=/opt/osec/etc/pki/tls/certs/ca-bundle.crt 2021/03/28 10:47:31| Processing: on_unsupported_protocol tunnel all 2021/03/28 10:47:31| Initializing https:// proxy context 2021/03/28 10:47:31| Requiring client certificates. 2021/03/28 10:47:31| Initializing http_port [::]:3128 TLS contexts 2021/03/28 10:47:31| Using certificate in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Using certificate chain in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Adding issuer CA: /C=US/ST=Kansas/L=Overland Park/O=Company, Inc./OU=Area 77/CN=local.corp.dom/emailAddress=sslad...@company.com 2021/03/28 10:47:31| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Not requiring any client certificates 2021/03/28 10:47:31| Initializing http_port 0.0.0.0:3128 TLS contexts 2021/03/28 10:47:31| Using certificate in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Using certificate chain in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Adding issuer CA: /C=US/ST=Kansas/L=Overland Park/O=Company, Inc./OU=Area 77/CN=local.corp.dom/emailAddress=sslad...@company.com 2021/03/28 10:47:31| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Requiring client certificates. 2021/03/28 10:47:31| Initializing https_port [::]:3129 TLS contexts 2021/03/28 10:47:31| Using certificate in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Using certificate chain in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Adding issuer CA: /C=US/ST=Kansas/L=Overland Park/O=Company, Inc./OU=Area 77/CN=local.corp.dom/emailAddress=sslad...@company.com 2021/03/28 10:47:31| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Not requiring any client certificates 2021/03/28 10:47:31| Initializing https_port 0.0.0.0:3129 TLS contexts 2021/03/28 10:47:31| Using certificate in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Using certificate chain in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Adding issuer CA: /C=US/ST=Kansas/L=Overland Park/O=Company, Inc./OU=Area 77/CN=local.corp.dom/emailAddress=sslad...@company.com 2021/03/28 10:47:31| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:47:31| Requiring client certificates. # linux root@linux:~# /root/squid.init conftest 2021/03/28 10:48:21| Startup: Initializing Authentication Schemes ... 2021/03/28 10:48:21| Startup: Initialized Authentication Scheme 'basic' 2021/03/28 10:48:21| Startup: Initialized Authentication Scheme 'digest' 2021/03/28 10:48:21| Startup: Initialized Authentication Scheme 'negotiate' 2021/03/28 10:48:21| Startup: Initialized Authentication Scheme 'ntlm' 2021/03/28 10:48:21| Startup: Initialized Authentication. 2021/03/28 10:48:21| WARNING: BCP 177 violation. Detected non-functional IPv6 loopback. 2021/03/28 10:48:21| aclIpParseIpData: IPv6 has not been enabled. 2021/03/28 10:48:21| aclIpParseIpData: IPv6 has not been enabled. 2021/03/28 10:48:21| Processing Configuration File: /opt/osec/etc/squid.conf-bump (depth 0) 2021/03/28 10:48:21| Processing: acl localnet src 10.0.0.0/8 # RFC1918 possible internal network 2021/03/28 10:48:21| Processing: acl localnet src 172.16.0.0/12 # RFC1918 possible internal network 2021/03/28 10:48:21| Processing: acl localnet src 192.168.0.0/16 # RFC1918 possible internal network 2021/03/28 10:48:21| Processing: acl SSL_ports port 443 2021/03/28 10:48:21| Processing: acl Safe_ports port 80 # http 2021/03/28 10:48:21| Processing: acl Safe_ports port 21 # ftp 2021/03/28 10:48:21| Processing: acl Safe_ports port 443 # https 2021/03/28 10:48:21| Processing: acl Safe_ports port 70 # gopher 2021/03/28 10:48:21| Processing: acl Safe_ports port 210 # wais 2021/03/28 10:48:21| Processing: acl Safe_ports port 1025-65535 # unregistered ports 2021/03/28 10:48:21| Processing: acl Safe_ports port 280 # http-mgmt 2021/03/28 10:48:21| Processing: acl Safe_ports port 488 # gss-http 2021/03/28 10:48:21| Processing: acl Safe_ports port 591 # filemaker 2021/03/28 10:48:21| Processing: acl Safe_ports port 777 # multiling http 2021/03/28 10:48:21| Processing: acl CONNECT method CONNECT 2021/03/28 10:48:21| Processing: http_access deny !Safe_ports 2021/03/28 10:48:21| Processing: http_access deny CONNECT !SSL_ports 2021/03/28 10:48:21| Processing: http_access allow localhost manager 2021/03/28 10:48:21| Processing: http_access deny manager 2021/03/28 10:48:21| Processing: http_access allow localnet 2021/03/28 10:48:21| Processing: http_access allow localhost 2021/03/28 10:48:21| Processing: http_access deny all 2021/03/28 10:48:21| Processing: http_port 3128 ssl-bump cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=16MB 2021/03/28 10:48:21| Processing: https_port 3129 intercept ssl-bump cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem generate-host-certificates=on dynamic_cert_mem_cache_size=16MB 2021/03/28 10:48:21| Starting Authentication on port 0.0.0.0:3129 2021/03/28 10:48:21| Disabling Authentication on port 0.0.0.0:3129 (interception enabled) 2021/03/28 10:48:21| Processing: sslcrtd_program /opt/osec/libexec/security_file_certgen -s /opt/osec/etc/ssl_db -M 128MB 2021/03/28 10:48:21| Processing: acl step1 at_step SslBump1 2021/03/28 10:48:21| Processing: ssl_bump peek step1 2021/03/28 10:48:21| Processing: ssl_bump bump all 2021/03/28 10:48:21| Processing: ssl_bump splice all 2021/03/28 10:48:21| Processing: coredump_dir /var/spool/squid 2021/03/28 10:48:21| Processing: refresh_pattern ^ftp: 1440 20% 10080 2021/03/28 10:48:21| Processing: refresh_pattern ^gopher: 1440 0% 1440 2021/03/28 10:48:21| Processing: refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 2021/03/28 10:48:21| Processing: refresh_pattern . 0 20% 4320 2021/03/28 10:48:21| Processing: cache_access_log /data/logs/access.log 2021/03/28 10:48:21| Processing: cache_log /data/logs/cache.log 2021/03/28 10:48:21| Processing: cache_store_log /data/logs/store.log 2021/03/28 10:48:21| Processing: shutdown_lifetime 5 seconds 2021/03/28 10:48:21| Processing: acl acl_proxy_out src 172.16.171.0/24 2021/03/28 10:48:21| Processing: tcp_outgoing_address 199.47.196.193 acl_proxy_out 2021/03/28 10:48:21| Processing: tls_outgoing_options cafile=/opt/osec/etc/pki/tls/certs/ca-bundle.crt 2021/03/28 10:48:21| Processing: on_unsupported_protocol tunnel all 2021/03/28 10:48:21| Initializing https:// proxy context 2021/03/28 10:48:21| Requiring client certificates. 2021/03/28 10:48:21| Initializing http_port 0.0.0.0:3128 TLS contexts 2021/03/28 10:48:21| Using certificate in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:48:21| Using certificate chain in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:48:21| Adding issuer CA: /C=US/ST=Kansas/L=Overland Park/O=Company, Inc./OU=Area 77/CN=local.corp.dom/emailAddress=sslad...@company.com 2021/03/28 10:48:21| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:48:21| Not requiring any client certificates 2021/03/28 10:48:21| Initializing https_port 0.0.0.0:3129 TLS contexts 2021/03/28 10:48:21| Using certificate in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:48:21| Using certificate chain in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:48:21| Adding issuer CA: /C=US/ST=Kansas/L=Overland Park/O=Company, Inc./OU=Area 77/CN=local.corp.dom/emailAddress=sslad...@company.com 2021/03/28 10:48:21| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem 2021/03/28 10:48:21| Not requiring any client certificates # ## configure options # # openbsd root@openbsd:~# /opt/osec/sbin/squid -v Squid Cache: Version 5.0.5-20210223-r4af19cc24 Service Name: squid Build by rsmith@devel on openbsd This binary uses OpenSSL 1.1.1j 16 Feb 2021. For legal restrictions on distribution see https://www.openssl.org/source/license.html configure options: '--prefix=/opt/osec' '--enable-auth' '--enable-auth-basic=DB,LDAP,NCSA,POP3,SASL' '--enable-auth-digest' '--enable-auth-negotiate' '--enable-auth-ntlm' '--enable-external-acl-helpers' '--enable-ssl-crtd' '--with-openssl=/opt/osec' '--with-pic' '--with-filedescriptors=131072' '--enable-async-io=128' '--enable-log-daemon-helpers' '--enable-external-acl-helpers=LDAP_group,SQL_session,file_userip,unix_group,wbinfo_group' '--enable-url-rewrite-helpers' '--enable-icap-client' '--enable-inline' '--enable-snmp' '--enable-disk-io=AIO,DiskThreads,IpcIo,Blocking' '--enable-storeio=ufs,aufs,rock' '--enable-referer-log' '--enable-useragent-log' '--enable-large-cache-files' '--with-large-files' '--enable-removal-policies=lru,heap' '--enable-x-accelerator-vary' '--enable-follow-x-forwarded-for' '--enable-pf-transparent' '--enable-icmp' '--enable-build-info=Build by rsmith@devel on openbsd.Company.com' 'CC=clang' 'CFLAGS= -march=native -O2 -fPIC -pipe' 'LDFLAGS=-L/opt/osec/lib -L/opt/osec/ssl/lib -L/opt/osec/mysql/lib/mysql -L/opt/osec/pgsql/lib -L/opt/osec/BerkeleyDB/lib -Wl,-rpath,/opt/osec/lib -Wl,-rpath,/opt/osec/ssl/lib -Wl,-rpath,/opt/osec/mysql/lib/mysql -Wl,-rpath,/opt/osec/pgsql/lib -Wl,-rpath,/opt/osec/BerkeleyDB/lib' 'CPPFLAGS=-I/opt/osec/ssl/include -I/opt/osec/BerkeleyDB/include -I/opt/osec/include -I/opt/osec/mysql/include -I/opt/osec/mysql/include/mysql/server' 'CXX=clang++' 'CPP=clang-cpp' 'PKG_CONFIG=/opt/osec/bin/pkg-config' 'LT_SYS_LIBRARY_PATH=/opt/osec/lib:/opt/osec/BerkeleyDB/lib:/opt/osec/ssl/lib:/opt/osec/mysql/lib/:/opt/osec/mysql/lib/mysql:/opt/osec/pgsql/lib' root@linux:~# /opt/osec/sbin/squid -v Squid Cache: Version 5.0.5-20210223-r4af19cc24 Service Name: squid Build by rsmith@devel on linux This binary uses OpenSSL 1.1.1j 16 Feb 2021. For legal restrictions on distribution see https://www.openssl.org/source/license.html configure options: '--prefix=/opt/osec' '--enable-auth' '--enable-auth-basic=DB,LDAP,NCSA,POP3,SASL' '--enable-auth-digest' '--enable-auth-negotiate' '--enable-auth-ntlm' '--enable-external-acl-helpers' '--enable-ssl-crtd' '--with-openssl=/opt/osec' '--with-pic' '--with-filedescriptors=131072' '--enable-async-io=128' '--enable-log-daemon-helpers' '--enable-external-acl-helpers=LDAP_group,SQL_session,file_userip,unix_group,wbinfo_group' '--enable-url-rewrite-helpers' '--enable-icap-client' '--enable-inline' '--enable-snmp' '--enable-disk-io=AIO,DiskThreads,IpcIo,Blocking' '--enable-storeio=ufs,aufs,rock' '--enable-referer-log' '--enable-useragent-log' '--enable-large-cache-files' '--with-large-files' '--enable-removal-policies=lru,heap' '--enable-x-accelerator-vary' '--enable-follow-x-forwarded-for' '--enable-pf-transparent' '--enable-icmp' '--enable-build-info=Build by rsmith@devel on linux' 'CC=gcc -m64' 'CFLAGS= -O2 -fPIC -pipe -msse -msse2 -mfpmath=sse' 'LDFLAGS=-L/opt/osec/lib -L/opt/osec/ssl/lib -L/opt/osec/mysql/lib/mysql -L/opt/osec/pgsql/lib -L/opt/osec/BerkeleyDB/lib -Wl,-rpath,/opt/osec/lib -Wl,-rpath,/opt/osec/ssl/lib -Wl,-rpath,/opt/osec/mysql/lib/mysql -Wl,-rpath,/opt/osec/pgsql/lib -Wl,-rpath,/opt/osec/BerkeleyDB/lib' 'CPPFLAGS=-I/opt/osec/ssl/include -I/opt/osec/BerkeleyDB/include -I/opt/osec/include -I/opt/osec/mysql/include -I/opt/osec/mysql/include/mysql/server -I/opt/osec/share' 'CXX=g++ -m64' 'PKG_CONFIG=/opt/osec/bin/pkg-config' 'LT_SYS_LIBRARY_PATH=/opt/osec/lib:/opt/osec/ssl/lib:/opt/osec/mysql/lib:/opt/osec/pgsql/lib:/opt/osec/BerkeleyDB/lib' # ## library requirements and rpath # # openbsd root@openbsd:~# objdump -p /opt/osec/sbin/squid /opt/osec/sbin/squid: file format elf64-x86-64 Program Header: PHDR off 0x0000000000000040 vaddr 0x0000000000000040 paddr 0x0000000000000040 align 2**3 filesz 0x00000000000002a0 memsz 0x00000000000002a0 flags r-- INTERP off 0x00000000000002e0 vaddr 0x00000000000002e0 paddr 0x00000000000002e0 align 2**0 filesz 0x0000000000000013 memsz 0x0000000000000013 flags r-- LOAD off 0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**12 filesz 0x00000000002ccdcc memsz 0x00000000002ccdcc flags r-- LOAD off 0x00000000002ccdd0 vaddr 0x00000000002cddd0 paddr 0x00000000002cddd0 align 2**12 filesz 0x0000000000437c10 memsz 0x0000000000437c10 flags r-x LOAD off 0x00000000007049e0 vaddr 0x00000000007069e0 paddr 0x00000000007069e0 align 2**12 filesz 0x000000000002f478 memsz 0x000000000002f478 flags rw- LOAD off 0x0000000000733e60 vaddr 0x0000000000736e60 paddr 0x0000000000736e60 align 2**12 filesz 0x0000000000001cb0 memsz 0x0000000000158bd8 flags rw- DYNAMIC off 0x000000000072f990 vaddr 0x0000000000731990 paddr 0x0000000000731990 align 2**3 filesz 0x0000000000000250 memsz 0x0000000000000250 flags rw- RELRO off 0x00000000007049e0 vaddr 0x00000000007069e0 paddr 0x00000000007069e0 align 2**0 filesz 0x000000000002f478 memsz 0x000000000002f620 flags r-- EH_FRAME off 0x000000000023c450 vaddr 0x000000000023c450 paddr 0x000000000023c450 align 2**2 filesz 0x0000000000016064 memsz 0x0000000000016064 flags r-- OPENBSD_RANDOMIZE off 0x00000000007049e0 vaddr 0x00000000007069e0 paddr 0x00000000007069e0 align 2**3 filesz 0x0000000000007990 memsz 0x0000000000007990 flags rw- STACK off 0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**0 filesz 0x0000000000000000 memsz 0x0000000000000000 flags rw- NOTE off 0x00000000000002f4 vaddr 0x00000000000002f4 paddr 0x00000000000002f4 align 2**2 filesz 0x0000000000000018 memsz 0x0000000000000018 flags r-- Dynamic Section: RUNPATH /opt/osec/lib:/opt/osec/ssl/lib:/opt/osec/mysql/lib/mysql:/opt/osec/pgsql/lib:/opt/osec/BerkeleyDB/lib NEEDED libxml2.so.11.9 NEEDED libz.so.1 NEEDED liblzma.so.7.2 NEEDED libiconv.so NEEDED libexpat.so.6.2 NEEDED libssl.so.1.1 NEEDED libcrypto.so.1.1 NEEDED libgssapi_krb5.so NEEDED libkrb5.so NEEDED libk5crypto.so NEEDED libcom_err.so NEEDED libpthread.so.26.1 NEEDED libm.so.10.1 NEEDED libltdl.so.10.1 NEEDED libc++.so.5.0 NEEDED libc++abi.so.3.0 NEEDED libc.so.96.0 DEBUG 0x0 RELA 0x130758 RELASZ 0x60078 RELAENT 0x18 RELACOUNT 0x3855 JMPREL 0x1907d0 PLTRELSZ 0x3558 PLTGOT 0x734c78 PLTREL 0x7 SYMTAB 0x310 SYMENT 0x18 STRTAB 0x93694 STRSZ 0x9d0bf GNU_HASH 0x5d830 HASH 0x76b44 VERSYM 0x564e8 VERNEED 0x5d7bc VERNEEDNUM 0x3 Version References: required from libxml2.so.11.9: 0x0f4c8be0 0x00 04 LIBXML2_2.4.30 0x08f4cab0 0x00 05 LIBXML2_2.6.0 required from libssl.so.1.1: 0x066d1f10 0x00 03 OPENSSL_1_1_0 required from libcrypto.so.1.1: 0x066d1f10 0x00 02 OPENSSL_1_1_0 # linux root@linux:~# objdump -p /opt/osec/sbin/squid /opt/osec/sbin/squid: file format elf64-x86-64 Program Header: PHDR off 0x0000000000000040 vaddr 0x0000000000000040 paddr 0x0000000000000040 align 2**3 filesz 0x00000000000001f8 memsz 0x00000000000001f8 flags r-- INTERP off 0x0000000000000238 vaddr 0x0000000000000238 paddr 0x0000000000000238 align 2**0 filesz 0x000000000000001c memsz 0x000000000000001c flags r-- LOAD off 0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**21 filesz 0x00000000006d79fb memsz 0x00000000006d79fb flags r-x LOAD off 0x00000000006d8588 vaddr 0x00000000008d8588 paddr 0x00000000008d8588 align 2**21 filesz 0x0000000000027208 memsz 0x0000000000187890 flags rw- DYNAMIC off 0x00000000006fc7c8 vaddr 0x00000000008fc7c8 paddr 0x00000000008fc7c8 align 2**3 filesz 0x00000000000002a0 memsz 0x00000000000002a0 flags rw- NOTE off 0x0000000000000254 vaddr 0x0000000000000254 paddr 0x0000000000000254 align 2**2 filesz 0x0000000000000044 memsz 0x0000000000000044 flags r-- EH_FRAME off 0x000000000061eb38 vaddr 0x000000000061eb38 paddr 0x000000000061eb38 align 2**2 filesz 0x00000000000168c4 memsz 0x00000000000168c4 flags r-- STACK off 0x0000000000000000 vaddr 0x0000000000000000 paddr 0x0000000000000000 align 2**4 filesz 0x0000000000000000 memsz 0x0000000000000000 flags rw- RELRO off 0x00000000006d8588 vaddr 0x00000000008d8588 paddr 0x00000000008d8588 align 2**0 filesz 0x0000000000025a78 memsz 0x0000000000025a78 flags r-- Dynamic Section: NEEDED libpthread.so.0 NEEDED libxml2.so.2 NEEDED libexpat.so.1 NEEDED libssl.so.1.1 NEEDED libcrypto.so.1.1 NEEDED librt.so.1 NEEDED libltdl.so.7 NEEDED libstdc++.so.6 NEEDED libm.so.6 NEEDED libgcc_s.so.1 NEEDED libc.so.6 RUNPATH /opt/osec/lib:/opt/osec/ssl/lib:/opt/osec/mysql/lib/mysql:/opt/osec/pgsql/lib:/opt/osec/BerkeleyDB/lib INIT 0x0000000000162228 FINI 0x00000000005bb550 INIT_ARRAY 0x00000000008d8588 INIT_ARRAYSZ 0x0000000000000e70 FINI_ARRAY 0x00000000008d93f8 FINI_ARRAYSZ 0x0000000000000008 GNU_HASH 0x0000000000000298 STRTAB 0x0000000000070260 SYMTAB 0x0000000000019f80 STRSZ 0x00000000000961cf SYMENT 0x0000000000000018 DEBUG 0x0000000000000000 PLTGOT 0x00000000008fca68 PLTRELSZ 0x00000000000033d8 PLTREL 0x0000000000000007 JMPREL 0x000000000015ee50 RELA 0x000000000010d988 RELASZ 0x00000000000514c8 RELAENT 0x0000000000000018 FLAGS 0x0000000000000008 FLAGS_1 0x0000000008000001 VERNEED 0x000000000010d718 VERNEEDNUM 0x0000000000000009 VERSYM 0x0000000000106430 RELACOUNT 0x0000000000002ec5 Version References: required from libgcc_s.so.1: 0x0b792650 0x00 26 GCC_3.0 required from librt.so.1: 0x09691a75 0x00 20 GLIBC_2.2.5 required from libpthread.so.0: 0x09691972 0x00 24 GLIBC_2.3.2 0x09691a75 0x00 17 GLIBC_2.2.5 required from libm.so.6: 0x09691a75 0x00 13 GLIBC_2.2.5 required from libxml2.so.2: 0x0f4c8be0 0x00 19 LIBXML2_2.4.30 0x08f4cab0 0x00 12 LIBXML2_2.6.0 required from libc.so.6: 0x0d696916 0x00 31 GLIBC_2.6 0x06969187 0x00 29 GLIBC_2.27 0x0d696914 0x00 21 GLIBC_2.4 0x0d696913 0x00 16 GLIBC_2.3 0x09691974 0x00 15 GLIBC_2.3.4 0x0d696917 0x00 11 GLIBC_2.7 0x06969194 0x00 10 GLIBC_2.14 0x09691972 0x00 08 GLIBC_2.3.2 0x09691a75 0x00 06 GLIBC_2.2.5 required from libssl.so.1.1: 0x066d1f10 0x00 04 OPENSSL_1_1_0 required from libcrypto.so.1.1: 0x066d1f10 0x00 03 OPENSSL_1_1_0 required from libstdc++.so.6: 0x0297f864 0x00 30 GLIBCXX_3.4.14 0x0bafd178 0x00 28 CXXABI_1.3.8 0x0297f868 0x00 27 GLIBCXX_3.4.18 0x0297f861 0x00 25 GLIBCXX_3.4.11 0x02297f89 0x00 23 GLIBCXX_3.4.9 0x0bafd173 0x00 22 CXXABI_1.3.3 0x0297f865 0x00 18 GLIBCXX_3.4.15 0x0297f871 0x00 14 GLIBCXX_3.4.21 0x056bafd3 0x00 09 CXXABI_1.3 0x0297f870 0x00 07 GLIBCXX_3.4.20 0x08922974 0x00 05 GLIBCXX_3.4 0x0bafd179 0x00 02 CXXABI_1.3.9 -- Robert Smith USA | T +1 213 785 7800 JPN | T +81 3 4590 9044 _______________________________________________ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev _______________________________________________ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev
