Hey Robert,

I am not sure I understood what is the meaning of the description:
openbsd: Requiring client certificates.
linux: Not requiring any client certificates

In what sense?
Let say you try
You have then next config directives:
http_port 3128 ssl-bump \
  cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem \
  generate-host-certificates=on dynamic_cert_mem_cache_size=16MB
https_port 3129 intercept ssl-bump \
  cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem \
  generate-host-certificates=on dynamic_cert_mem_cache_size=16MB
sslcrtd_program /opt/osec/libexec/security_file_certgen -s /opt/osec/etc/ssl_db 
-M 128MB
acl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump bump all
ssl_bump splice all

Which implies you do want ssl bump to work.
To clear out: What is the desired results and where?
How do you see that the expected result do not match the expectation?
It would help if you would show the expectation using the relevant access.log 
output when you try to access let say https://www.google.com/404.
Try to use the next to make it clear to me and probably others:
https_proxy=http://127.0.0.1:3128/ curl https://www.google.com/404 -v
https_proxy=http://127.0.0.1:3128/ curl https://www.google.com/404 -v -k

I hope this would make more sense into the scenario you are having.


Thanks,
Eliezer

----
Eliezer Croitoru
Tech Support
Mobile: +972-5-28704261
Email: ngtech1...@gmail.com
Zoom: Coming soon


-----Original Message-----
From: squid-dev <squid-dev-boun...@lists.squid-cache.org> On Behalf Of Robert 
Smith
Sent: Sunday, March 28, 2021 7:27 PM
To: squid-dev@lists.squid-cache.org
Subject: [squid-dev] squid-5.0.5-20210223-r4af19cc24 difference in behaviors 
between openbsd and linux

Dear Squid-Dev list:

I could use some help on this one:


I have a build environment that is identical on linux, openbsd, and macosx

In this scenario, I am developing under:

Ubuntu 18.04 - All patches and updates applied as of 3/24
OpenBSD 6.8 - All patches and updates applied as of 3/24


I will note that I am really only using the libc from each system whereas every 
other component dependencies (which are not many! Good job squid team!) are a 
part of my build system.

When building squid with the exact same tool chain and library stack, with the 
same configure options, I am seeing a difference in behavior on the two 
platforms:

The difference is that after parsing the configuration file, the two systems 
differ in whether or not they will require client certificates:


openbsd: Requiring client certificates.

linux: Not requiring any client certificates



One would think this was a run-time configuration difference, It is not. They 
are identical, Please see below:


- all configuration, certificates, certificate databases under /opt/osec/etc on 
both systems are identical
- the configuration file on both system is identical



I have some suspicions about what the actual issue is. Using the configuration 
options below without any of the --enable-auth or --enable-auth* options (AUTH 
OPTIONS), both systems worked just fine and parse the configuration file 
identically. Of course, without auth. No good. After trying a number of 
different configure options and combinations, I discovered that on the linux 
platform, I could add the AUTH OPTIONS and remove the --enable-security-cert* 
(CERT OPTIONS):

#               --enable-security-cert-validators \
#               --enable-security-cert-generators \

and then it would parse and run the way I was used to using peek & slice.

Excited, thinking I'd found the issue, I ran the build on openbsd only to find 
the differences in functionality.



BUILD & RUNTIME INFORMATION



I will interleave these to make viewing easier. Please see below:


#
## md5 sum of config file:
#



# openbsd

root@openbsd:~# md5 /opt/osec/etc/squid.conf-bump
MD5 (/opt/osec/etc/squid.conf-bump) = a0bf93867aaff1f35eb1af23dd5eb49b



# linux

root@linux:~# md5sum /opt/osec/etc/squid.conf-bump
a0bf93867aaff1f35eb1af23dd5eb49b  /opt/osec/etc/squid.conf-bump



#
## Actual configuration (sanitized)
#


acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all
http_port 3128 ssl-bump \
  cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem \
  generate-host-certificates=on dynamic_cert_mem_cache_size=16MB
https_port 3129 intercept ssl-bump \
  cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem \
  generate-host-certificates=on dynamic_cert_mem_cache_size=16MB
sslcrtd_program /opt/osec/libexec/security_file_certgen -s /opt/osec/etc/ssl_db 
-M 128MB
acl step1 at_step SslBump1
ssl_bump peek step1
ssl_bump bump all
ssl_bump splice all
coredump_dir /var/spool/squid
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320
cache_access_log /data/logs/access.log
cache_log /data/logs/cache.log
cache_store_log /data/logs/store.log
shutdown_lifetime 5 seconds
tls_outgoing_options cafile=/opt/osec/etc/pki/tls/certs/ca-bundle.crt
on_unsupported_protocol tunnel all




#
## -k parse
#


# openbsd

root@openbsd:~# /root/squid.init conftest
2021/03/28 10:47:31| Startup: Initializing Authentication Schemes ...
2021/03/28 10:47:31| Startup: Initialized Authentication Scheme 'basic'
2021/03/28 10:47:31| Startup: Initialized Authentication Scheme 'digest'
2021/03/28 10:47:31| Startup: Initialized Authentication Scheme 'negotiate'
2021/03/28 10:47:31| Startup: Initialized Authentication Scheme 'ntlm'
2021/03/28 10:47:31| Startup: Initialized Authentication.
2021/03/28 10:47:31| Processing Configuration File: 
/opt/osec/etc/squid.conf-bump (depth 0)
2021/03/28 10:47:31| Processing: acl localnet src 10.0.0.0/8    # RFC1918 
possible internal network
2021/03/28 10:47:31| Processing: acl localnet src 172.16.0.0/12 # RFC1918 
possible internal network
2021/03/28 10:47:31| Processing: acl localnet src 192.168.0.0/16        # 
RFC1918 possible internal network
2021/03/28 10:47:31| Processing: acl SSL_ports port 443
2021/03/28 10:47:31| Processing: acl Safe_ports port 80         # http
2021/03/28 10:47:31| Processing: acl Safe_ports port 21         # ftp
2021/03/28 10:47:31| Processing: acl Safe_ports port 443                # https
2021/03/28 10:47:31| Processing: acl Safe_ports port 70         # gopher
2021/03/28 10:47:31| Processing: acl Safe_ports port 210                # wais
2021/03/28 10:47:31| Processing: acl Safe_ports port 1025-65535 # unregistered 
ports
2021/03/28 10:47:31| Processing: acl Safe_ports port 280                # 
http-mgmt
2021/03/28 10:47:31| Processing: acl Safe_ports port 488                # 
gss-http
2021/03/28 10:47:31| Processing: acl Safe_ports port 591                # 
filemaker
2021/03/28 10:47:31| Processing: acl Safe_ports port 777                # 
multiling http
2021/03/28 10:47:31| Processing: acl CONNECT method CONNECT
2021/03/28 10:47:31| Processing: http_access deny !Safe_ports
2021/03/28 10:47:31| Processing: http_access deny CONNECT !SSL_ports
2021/03/28 10:47:31| Processing: http_access allow localhost manager
2021/03/28 10:47:31| Processing: http_access deny manager
2021/03/28 10:47:31| Processing: http_access allow localnet
2021/03/28 10:47:31| Processing: http_access allow localhost
2021/03/28 10:47:31| Processing: http_access deny all
2021/03/28 10:47:31| Processing: http_port 3128 ssl-bump 
cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem generate-host-certificates=on 
dynamic_cert_mem_cache_size=16MB
2021/03/28 10:47:31| Processing: https_port 3129 intercept ssl-bump 
cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem generate-host-certificates=on 
dynamic_cert_mem_cache_size=16MB
2021/03/28 10:47:31| Starting Authentication on port [::]:3129
2021/03/28 10:47:31| Disabling Authentication on port [::]:3129 (interception 
enabled)
2021/03/28 10:47:31| Processing: sslcrtd_program 
/opt/osec/libexec/security_file_certgen -s /opt/osec/etc/ssl_db -M 128MB
2021/03/28 10:47:31| Processing: acl step1 at_step SslBump1
2021/03/28 10:47:31| Processing: ssl_bump peek step1
2021/03/28 10:47:31| Processing: ssl_bump bump all
2021/03/28 10:47:31| Processing: ssl_bump splice all
2021/03/28 10:47:31| Processing: coredump_dir /var/spool/squid
2021/03/28 10:47:31| Processing: refresh_pattern ^ftp:          1440    20%     
10080
2021/03/28 10:47:31| Processing: refresh_pattern ^gopher:       1440    0%      
1440
2021/03/28 10:47:31| Processing: refresh_pattern -i (/cgi-bin/|\?) 0    0%      0
2021/03/28 10:47:31| Processing: refresh_pattern .              0       20%     
4320
2021/03/28 10:47:31| Processing: cache_access_log /data/logs/access.log
2021/03/28 10:47:31| Processing: cache_log /data/logs/cache.log
2021/03/28 10:47:31| Processing: cache_store_log /data/logs/store.log
2021/03/28 10:47:31| Processing: shutdown_lifetime 5 seconds
2021/03/28 10:47:31| Processing: acl acl_proxy_out src 172.16.171.0/24
2021/03/28 10:47:31| Processing: tcp_outgoing_address 199.47.196.193 
acl_proxy_out
2021/03/28 10:47:31| Processing: tls_outgoing_options 
cafile=/opt/osec/etc/pki/tls/certs/ca-bundle.crt
2021/03/28 10:47:31| Processing: on_unsupported_protocol tunnel all
2021/03/28 10:47:31| Initializing https:// proxy context
2021/03/28 10:47:31| Requiring client certificates.
2021/03/28 10:47:31| Initializing http_port [::]:3128 TLS contexts
2021/03/28 10:47:31| Using certificate in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Using certificate chain in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Adding issuer CA: /C=US/ST=Kansas/L=Overland 
Park/O=Company, Inc./OU=Area 
77/CN=local.corp.dom/emailAddress=sslad...@company.com
2021/03/28 10:47:31| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Not requiring any client certificates
2021/03/28 10:47:31| Initializing http_port 0.0.0.0:3128 TLS contexts
2021/03/28 10:47:31| Using certificate in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Using certificate chain in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Adding issuer CA: /C=US/ST=Kansas/L=Overland 
Park/O=Company, Inc./OU=Area 
77/CN=local.corp.dom/emailAddress=sslad...@company.com
2021/03/28 10:47:31| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Requiring client certificates.
2021/03/28 10:47:31| Initializing https_port [::]:3129 TLS contexts
2021/03/28 10:47:31| Using certificate in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Using certificate chain in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Adding issuer CA: /C=US/ST=Kansas/L=Overland 
Park/O=Company, Inc./OU=Area 
77/CN=local.corp.dom/emailAddress=sslad...@company.com
2021/03/28 10:47:31| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Not requiring any client certificates
2021/03/28 10:47:31| Initializing https_port 0.0.0.0:3129 TLS contexts
2021/03/28 10:47:31| Using certificate in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Using certificate chain in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Adding issuer CA: /C=US/ST=Kansas/L=Overland 
Park/O=Company, Inc./OU=Area 
77/CN=local.corp.dom/emailAddress=sslad...@company.com
2021/03/28 10:47:31| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:47:31| Requiring client certificates.




# linux

root@linux:~# /root/squid.init conftest
2021/03/28 10:48:21| Startup: Initializing Authentication Schemes ...
2021/03/28 10:48:21| Startup: Initialized Authentication Scheme 'basic'
2021/03/28 10:48:21| Startup: Initialized Authentication Scheme 'digest'
2021/03/28 10:48:21| Startup: Initialized Authentication Scheme 'negotiate'
2021/03/28 10:48:21| Startup: Initialized Authentication Scheme 'ntlm'
2021/03/28 10:48:21| Startup: Initialized Authentication.
2021/03/28 10:48:21| WARNING: BCP 177 violation. Detected non-functional IPv6 
loopback.
2021/03/28 10:48:21| aclIpParseIpData: IPv6 has not been enabled.
2021/03/28 10:48:21| aclIpParseIpData: IPv6 has not been enabled.
2021/03/28 10:48:21| Processing Configuration File: 
/opt/osec/etc/squid.conf-bump (depth 0)
2021/03/28 10:48:21| Processing: acl localnet src 10.0.0.0/8    # RFC1918 
possible internal network
2021/03/28 10:48:21| Processing: acl localnet src 172.16.0.0/12 # RFC1918 
possible internal network
2021/03/28 10:48:21| Processing: acl localnet src 192.168.0.0/16        # 
RFC1918 possible internal network
2021/03/28 10:48:21| Processing: acl SSL_ports port 443
2021/03/28 10:48:21| Processing: acl Safe_ports port 80         # http
2021/03/28 10:48:21| Processing: acl Safe_ports port 21         # ftp
2021/03/28 10:48:21| Processing: acl Safe_ports port 443                # https
2021/03/28 10:48:21| Processing: acl Safe_ports port 70         # gopher
2021/03/28 10:48:21| Processing: acl Safe_ports port 210                # wais
2021/03/28 10:48:21| Processing: acl Safe_ports port 1025-65535 # unregistered 
ports
2021/03/28 10:48:21| Processing: acl Safe_ports port 280                # 
http-mgmt
2021/03/28 10:48:21| Processing: acl Safe_ports port 488                # 
gss-http
2021/03/28 10:48:21| Processing: acl Safe_ports port 591                # 
filemaker
2021/03/28 10:48:21| Processing: acl Safe_ports port 777                # 
multiling http
2021/03/28 10:48:21| Processing: acl CONNECT method CONNECT
2021/03/28 10:48:21| Processing: http_access deny !Safe_ports
2021/03/28 10:48:21| Processing: http_access deny CONNECT !SSL_ports
2021/03/28 10:48:21| Processing: http_access allow localhost manager
2021/03/28 10:48:21| Processing: http_access deny manager
2021/03/28 10:48:21| Processing: http_access allow localnet
2021/03/28 10:48:21| Processing: http_access allow localhost
2021/03/28 10:48:21| Processing: http_access deny all
2021/03/28 10:48:21| Processing: http_port 3128 ssl-bump 
cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem generate-host-certificates=on 
dynamic_cert_mem_cache_size=16MB
2021/03/28 10:48:21| Processing: https_port 3129 intercept ssl-bump 
cert=/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem generate-host-certificates=on 
dynamic_cert_mem_cache_size=16MB
2021/03/28 10:48:21| Starting Authentication on port 0.0.0.0:3129
2021/03/28 10:48:21| Disabling Authentication on port 0.0.0.0:3129 
(interception enabled)
2021/03/28 10:48:21| Processing: sslcrtd_program 
/opt/osec/libexec/security_file_certgen -s /opt/osec/etc/ssl_db -M 128MB
2021/03/28 10:48:21| Processing: acl step1 at_step SslBump1
2021/03/28 10:48:21| Processing: ssl_bump peek step1
2021/03/28 10:48:21| Processing: ssl_bump bump all
2021/03/28 10:48:21| Processing: ssl_bump splice all
2021/03/28 10:48:21| Processing: coredump_dir /var/spool/squid
2021/03/28 10:48:21| Processing: refresh_pattern ^ftp:          1440    20%     
10080
2021/03/28 10:48:21| Processing: refresh_pattern ^gopher:       1440    0%      
1440
2021/03/28 10:48:21| Processing: refresh_pattern -i (/cgi-bin/|\?) 0    0%      0
2021/03/28 10:48:21| Processing: refresh_pattern .              0       20%     
4320
2021/03/28 10:48:21| Processing: cache_access_log /data/logs/access.log
2021/03/28 10:48:21| Processing: cache_log /data/logs/cache.log
2021/03/28 10:48:21| Processing: cache_store_log /data/logs/store.log
2021/03/28 10:48:21| Processing: shutdown_lifetime 5 seconds
2021/03/28 10:48:21| Processing: acl acl_proxy_out src 172.16.171.0/24
2021/03/28 10:48:21| Processing: tcp_outgoing_address 199.47.196.193 
acl_proxy_out
2021/03/28 10:48:21| Processing: tls_outgoing_options 
cafile=/opt/osec/etc/pki/tls/certs/ca-bundle.crt
2021/03/28 10:48:21| Processing: on_unsupported_protocol tunnel all
2021/03/28 10:48:21| Initializing https:// proxy context
2021/03/28 10:48:21| Requiring client certificates.
2021/03/28 10:48:21| Initializing http_port 0.0.0.0:3128 TLS contexts
2021/03/28 10:48:21| Using certificate in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:48:21| Using certificate chain in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:48:21| Adding issuer CA: /C=US/ST=Kansas/L=Overland 
Park/O=Company, Inc./OU=Area 
77/CN=local.corp.dom/emailAddress=sslad...@company.com
2021/03/28 10:48:21| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:48:21| Not requiring any client certificates
2021/03/28 10:48:21| Initializing https_port 0.0.0.0:3129 TLS contexts
2021/03/28 10:48:21| Using certificate in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:48:21| Using certificate chain in 
/opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:48:21| Adding issuer CA: /C=US/ST=Kansas/L=Overland 
Park/O=Company, Inc./OU=Area 
77/CN=local.corp.dom/emailAddress=sslad...@company.com
2021/03/28 10:48:21| Using key in /opt/osec/etc/ssl_cert/squid-ca-cert+key.pem
2021/03/28 10:48:21| Not requiring any client certificates





#
## configure options
#


# openbsd

root@openbsd:~# /opt/osec/sbin/squid -v
Squid Cache: Version 5.0.5-20210223-r4af19cc24
Service Name: squid
Build by rsmith@devel on openbsd

This binary uses OpenSSL 1.1.1j  16 Feb 2021. For legal restrictions on 
distribution see https://www.openssl.org/source/license.html

configure options:  '--prefix=/opt/osec' '--enable-auth' 
'--enable-auth-basic=DB,LDAP,NCSA,POP3,SASL' '--enable-auth-digest' 
'--enable-auth-negotiate' '--enable-auth-ntlm' '--enable-external-acl-helpers' 
'--enable-ssl-crtd' '--with-openssl=/opt/osec' '--with-pic' 
'--with-filedescriptors=131072' '--enable-async-io=128' 
'--enable-log-daemon-helpers' 
'--enable-external-acl-helpers=LDAP_group,SQL_session,file_userip,unix_group,wbinfo_group'
 '--enable-url-rewrite-helpers' '--enable-icap-client' '--enable-inline' 
'--enable-snmp' '--enable-disk-io=AIO,DiskThreads,IpcIo,Blocking' 
'--enable-storeio=ufs,aufs,rock' '--enable-referer-log' 
'--enable-useragent-log' '--enable-large-cache-files' '--with-large-files' 
'--enable-removal-policies=lru,heap' '--enable-x-accelerator-vary' 
'--enable-follow-x-forwarded-for' '--enable-pf-transparent' '--enable-icmp' 
'--enable-build-info=Build by rsmith@devel on openbsd.Company.com' 'CC=clang' 
'CFLAGS= -march=native -O2 -fPIC -pipe' 'LDFLAGS=-L/opt/osec/lib 
-L/opt/osec/ssl/lib -L/opt/osec/mysql/lib/mysql -L/opt/osec/pgsql/lib 
-L/opt/osec/BerkeleyDB/lib -Wl,-rpath,/opt/osec/lib 
-Wl,-rpath,/opt/osec/ssl/lib -Wl,-rpath,/opt/osec/mysql/lib/mysql 
-Wl,-rpath,/opt/osec/pgsql/lib -Wl,-rpath,/opt/osec/BerkeleyDB/lib' 
'CPPFLAGS=-I/opt/osec/ssl/include -I/opt/osec/BerkeleyDB/include 
-I/opt/osec/include -I/opt/osec/mysql/include 
-I/opt/osec/mysql/include/mysql/server' 'CXX=clang++' 'CPP=clang-cpp' 
'PKG_CONFIG=/opt/osec/bin/pkg-config' 
'LT_SYS_LIBRARY_PATH=/opt/osec/lib:/opt/osec/BerkeleyDB/lib:/opt/osec/ssl/lib:/opt/osec/mysql/lib/:/opt/osec/mysql/lib/mysql:/opt/osec/pgsql/lib'




root@linux:~# /opt/osec/sbin/squid -v
Squid Cache: Version 5.0.5-20210223-r4af19cc24
Service Name: squid
Build by rsmith@devel on linux

This binary uses OpenSSL 1.1.1j  16 Feb 2021. For legal restrictions on 
distribution see https://www.openssl.org/source/license.html

configure options:  '--prefix=/opt/osec' '--enable-auth' 
'--enable-auth-basic=DB,LDAP,NCSA,POP3,SASL' '--enable-auth-digest' 
'--enable-auth-negotiate' '--enable-auth-ntlm' '--enable-external-acl-helpers' 
'--enable-ssl-crtd' '--with-openssl=/opt/osec' '--with-pic' 
'--with-filedescriptors=131072' '--enable-async-io=128' 
'--enable-log-daemon-helpers' 
'--enable-external-acl-helpers=LDAP_group,SQL_session,file_userip,unix_group,wbinfo_group'
 '--enable-url-rewrite-helpers' '--enable-icap-client' '--enable-inline' 
'--enable-snmp' '--enable-disk-io=AIO,DiskThreads,IpcIo,Blocking' 
'--enable-storeio=ufs,aufs,rock' '--enable-referer-log' 
'--enable-useragent-log' '--enable-large-cache-files' '--with-large-files' 
'--enable-removal-policies=lru,heap' '--enable-x-accelerator-vary' 
'--enable-follow-x-forwarded-for' '--enable-pf-transparent' '--enable-icmp' 
'--enable-build-info=Build by rsmith@devel on linux' 'CC=gcc -m64' 'CFLAGS= -O2 
-fPIC -pipe -msse -msse2 -mfpmath=sse' 'LDFLAGS=-L/opt/osec/lib 
-L/opt/osec/ssl/lib -L/opt/osec/mysql/lib/mysql -L/opt/osec/pgsql/lib 
-L/opt/osec/BerkeleyDB/lib -Wl,-rpath,/opt/osec/lib 
-Wl,-rpath,/opt/osec/ssl/lib -Wl,-rpath,/opt/osec/mysql/lib/mysql 
-Wl,-rpath,/opt/osec/pgsql/lib -Wl,-rpath,/opt/osec/BerkeleyDB/lib' 
'CPPFLAGS=-I/opt/osec/ssl/include -I/opt/osec/BerkeleyDB/include 
-I/opt/osec/include -I/opt/osec/mysql/include 
-I/opt/osec/mysql/include/mysql/server -I/opt/osec/share' 'CXX=g++ -m64' 
'PKG_CONFIG=/opt/osec/bin/pkg-config' 
'LT_SYS_LIBRARY_PATH=/opt/osec/lib:/opt/osec/ssl/lib:/opt/osec/mysql/lib:/opt/osec/pgsql/lib:/opt/osec/BerkeleyDB/lib'



#
## library requirements and rpath
#


# openbsd

root@openbsd:~# objdump -p /opt/osec/sbin/squid

/opt/osec/sbin/squid:     file format elf64-x86-64

Program Header:
    PHDR off    0x0000000000000040 vaddr 0x0000000000000040 paddr 
0x0000000000000040 align 2**3
         filesz 0x00000000000002a0 memsz 0x00000000000002a0 flags r--
  INTERP off    0x00000000000002e0 vaddr 0x00000000000002e0 paddr 
0x00000000000002e0 align 2**0
         filesz 0x0000000000000013 memsz 0x0000000000000013 flags r--
    LOAD off    0x0000000000000000 vaddr 0x0000000000000000 paddr 
0x0000000000000000 align 2**12
         filesz 0x00000000002ccdcc memsz 0x00000000002ccdcc flags r--
    LOAD off    0x00000000002ccdd0 vaddr 0x00000000002cddd0 paddr 
0x00000000002cddd0 align 2**12
         filesz 0x0000000000437c10 memsz 0x0000000000437c10 flags r-x
    LOAD off    0x00000000007049e0 vaddr 0x00000000007069e0 paddr 
0x00000000007069e0 align 2**12
         filesz 0x000000000002f478 memsz 0x000000000002f478 flags rw-
    LOAD off    0x0000000000733e60 vaddr 0x0000000000736e60 paddr 
0x0000000000736e60 align 2**12
         filesz 0x0000000000001cb0 memsz 0x0000000000158bd8 flags rw-
 DYNAMIC off    0x000000000072f990 vaddr 0x0000000000731990 paddr 
0x0000000000731990 align 2**3
         filesz 0x0000000000000250 memsz 0x0000000000000250 flags rw-
   RELRO off    0x00000000007049e0 vaddr 0x00000000007069e0 paddr 
0x00000000007069e0 align 2**0
         filesz 0x000000000002f478 memsz 0x000000000002f620 flags r--
EH_FRAME off    0x000000000023c450 vaddr 0x000000000023c450 paddr 
0x000000000023c450 align 2**2
         filesz 0x0000000000016064 memsz 0x0000000000016064 flags r--
OPENBSD_RANDOMIZE off    0x00000000007049e0 vaddr 0x00000000007069e0 paddr 
0x00000000007069e0 align 2**3
         filesz 0x0000000000007990 memsz 0x0000000000007990 flags rw-
   STACK off    0x0000000000000000 vaddr 0x0000000000000000 paddr 
0x0000000000000000 align 2**0
         filesz 0x0000000000000000 memsz 0x0000000000000000 flags rw-
    NOTE off    0x00000000000002f4 vaddr 0x00000000000002f4 paddr 
0x00000000000002f4 align 2**2
         filesz 0x0000000000000018 memsz 0x0000000000000018 flags r--

Dynamic Section:
  RUNPATH     
/opt/osec/lib:/opt/osec/ssl/lib:/opt/osec/mysql/lib/mysql:/opt/osec/pgsql/lib:/opt/osec/BerkeleyDB/lib
  NEEDED      libxml2.so.11.9
  NEEDED      libz.so.1
  NEEDED      liblzma.so.7.2
  NEEDED      libiconv.so
  NEEDED      libexpat.so.6.2
  NEEDED      libssl.so.1.1
  NEEDED      libcrypto.so.1.1
  NEEDED      libgssapi_krb5.so
  NEEDED      libkrb5.so
  NEEDED      libk5crypto.so
  NEEDED      libcom_err.so
  NEEDED      libpthread.so.26.1
  NEEDED      libm.so.10.1
  NEEDED      libltdl.so.10.1
  NEEDED      libc++.so.5.0
  NEEDED      libc++abi.so.3.0
  NEEDED      libc.so.96.0
  DEBUG       0x0
  RELA        0x130758
  RELASZ      0x60078
  RELAENT     0x18
  RELACOUNT   0x3855
  JMPREL      0x1907d0
  PLTRELSZ    0x3558
  PLTGOT      0x734c78
  PLTREL      0x7
  SYMTAB      0x310
  SYMENT      0x18
  STRTAB      0x93694
  STRSZ       0x9d0bf
  GNU_HASH    0x5d830
  HASH        0x76b44
  VERSYM      0x564e8
  VERNEED     0x5d7bc
  VERNEEDNUM  0x3

Version References:
  required from libxml2.so.11.9:
    0x0f4c8be0 0x00 04 LIBXML2_2.4.30
    0x08f4cab0 0x00 05 LIBXML2_2.6.0
  required from libssl.so.1.1:
    0x066d1f10 0x00 03 OPENSSL_1_1_0
  required from libcrypto.so.1.1:
    0x066d1f10 0x00 02 OPENSSL_1_1_0




# linux

root@linux:~# objdump -p /opt/osec/sbin/squid

/opt/osec/sbin/squid:     file format elf64-x86-64

Program Header:
    PHDR off    0x0000000000000040 vaddr 0x0000000000000040 paddr 
0x0000000000000040 align 2**3
         filesz 0x00000000000001f8 memsz 0x00000000000001f8 flags r--
  INTERP off    0x0000000000000238 vaddr 0x0000000000000238 paddr 
0x0000000000000238 align 2**0
         filesz 0x000000000000001c memsz 0x000000000000001c flags r--
    LOAD off    0x0000000000000000 vaddr 0x0000000000000000 paddr 
0x0000000000000000 align 2**21
         filesz 0x00000000006d79fb memsz 0x00000000006d79fb flags r-x
    LOAD off    0x00000000006d8588 vaddr 0x00000000008d8588 paddr 
0x00000000008d8588 align 2**21
         filesz 0x0000000000027208 memsz 0x0000000000187890 flags rw-
 DYNAMIC off    0x00000000006fc7c8 vaddr 0x00000000008fc7c8 paddr 
0x00000000008fc7c8 align 2**3
         filesz 0x00000000000002a0 memsz 0x00000000000002a0 flags rw-
    NOTE off    0x0000000000000254 vaddr 0x0000000000000254 paddr 
0x0000000000000254 align 2**2
         filesz 0x0000000000000044 memsz 0x0000000000000044 flags r--
EH_FRAME off    0x000000000061eb38 vaddr 0x000000000061eb38 paddr 
0x000000000061eb38 align 2**2
         filesz 0x00000000000168c4 memsz 0x00000000000168c4 flags r--
   STACK off    0x0000000000000000 vaddr 0x0000000000000000 paddr 
0x0000000000000000 align 2**4
         filesz 0x0000000000000000 memsz 0x0000000000000000 flags rw-
   RELRO off    0x00000000006d8588 vaddr 0x00000000008d8588 paddr 
0x00000000008d8588 align 2**0
         filesz 0x0000000000025a78 memsz 0x0000000000025a78 flags r--

Dynamic Section:
  NEEDED               libpthread.so.0
  NEEDED               libxml2.so.2
  NEEDED               libexpat.so.1
  NEEDED               libssl.so.1.1
  NEEDED               libcrypto.so.1.1
  NEEDED               librt.so.1
  NEEDED               libltdl.so.7
  NEEDED               libstdc++.so.6
  NEEDED               libm.so.6
  NEEDED               libgcc_s.so.1
  NEEDED               libc.so.6
  RUNPATH              
/opt/osec/lib:/opt/osec/ssl/lib:/opt/osec/mysql/lib/mysql:/opt/osec/pgsql/lib:/opt/osec/BerkeleyDB/lib
  INIT                 0x0000000000162228
  FINI                 0x00000000005bb550
  INIT_ARRAY           0x00000000008d8588
  INIT_ARRAYSZ         0x0000000000000e70
  FINI_ARRAY           0x00000000008d93f8
  FINI_ARRAYSZ         0x0000000000000008
  GNU_HASH             0x0000000000000298
  STRTAB               0x0000000000070260
  SYMTAB               0x0000000000019f80
  STRSZ                0x00000000000961cf
  SYMENT               0x0000000000000018
  DEBUG                0x0000000000000000
  PLTGOT               0x00000000008fca68
  PLTRELSZ             0x00000000000033d8
  PLTREL               0x0000000000000007
  JMPREL               0x000000000015ee50
  RELA                 0x000000000010d988
  RELASZ               0x00000000000514c8
  RELAENT              0x0000000000000018
  FLAGS                0x0000000000000008
  FLAGS_1              0x0000000008000001
  VERNEED              0x000000000010d718
  VERNEEDNUM           0x0000000000000009
  VERSYM               0x0000000000106430
  RELACOUNT            0x0000000000002ec5

Version References:
  required from libgcc_s.so.1:
    0x0b792650 0x00 26 GCC_3.0
  required from librt.so.1:
    0x09691a75 0x00 20 GLIBC_2.2.5
  required from libpthread.so.0:
    0x09691972 0x00 24 GLIBC_2.3.2
    0x09691a75 0x00 17 GLIBC_2.2.5
  required from libm.so.6:
    0x09691a75 0x00 13 GLIBC_2.2.5
  required from libxml2.so.2:
    0x0f4c8be0 0x00 19 LIBXML2_2.4.30
    0x08f4cab0 0x00 12 LIBXML2_2.6.0
  required from libc.so.6:
    0x0d696916 0x00 31 GLIBC_2.6
    0x06969187 0x00 29 GLIBC_2.27
    0x0d696914 0x00 21 GLIBC_2.4
    0x0d696913 0x00 16 GLIBC_2.3
    0x09691974 0x00 15 GLIBC_2.3.4
    0x0d696917 0x00 11 GLIBC_2.7
    0x06969194 0x00 10 GLIBC_2.14
    0x09691972 0x00 08 GLIBC_2.3.2
    0x09691a75 0x00 06 GLIBC_2.2.5
  required from libssl.so.1.1:
    0x066d1f10 0x00 04 OPENSSL_1_1_0
  required from libcrypto.so.1.1:
    0x066d1f10 0x00 03 OPENSSL_1_1_0
  required from libstdc++.so.6:
    0x0297f864 0x00 30 GLIBCXX_3.4.14
    0x0bafd178 0x00 28 CXXABI_1.3.8
    0x0297f868 0x00 27 GLIBCXX_3.4.18
    0x0297f861 0x00 25 GLIBCXX_3.4.11
    0x02297f89 0x00 23 GLIBCXX_3.4.9
    0x0bafd173 0x00 22 CXXABI_1.3.3
    0x0297f865 0x00 18 GLIBCXX_3.4.15
    0x0297f871 0x00 14 GLIBCXX_3.4.21
    0x056bafd3 0x00 09 CXXABI_1.3
    0x0297f870 0x00 07 GLIBCXX_3.4.20
    0x08922974 0x00 05 GLIBCXX_3.4
    0x0bafd179 0x00 02 CXXABI_1.3.9








-- 

Robert Smith

USA | T  +1 213 785 7800
JPN  | T  +81 3 4590 9044


_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev

_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev

Reply via email to