If you need an SSL-proxy connection via squid on Debian/Linux you need to recompile the squid-2.7 package with –enable-ssl option.
Here a short step by step tutorial how to rebuild a squid .deb package with –enable-ssl option.
Enable source repository on your buildmachine. To describe it in words what we will do is downloading the source packages where the original package of squid in the Debian distribution is build from and rebuild this sources with the activated ssl option to get an self build .deb file which you can install on your Debian machine. This procedure works for the most Debian packages the same way not just for squid.
edit: /etc/apt/sources.list
for example add:
deb-src http://ftp.de.debian.org/debian lenny main contrib non-free deb-src http://backports.debian.org/debian-backports lenny-backports main contrib non-free deb-src http://volatile.debian.org/debian-volatile/ lenny/volatile main contrib non-free
change directory to /usr/src:
cd /usr/src
download squid sources:
apt-get source squid
download squid build dependencies:
apt-get build-dep squid
download sources for openssh:
apt-get build-dep openssh
download sources for openssl:
apt-get build-dep openssl
download and install necessary stuff for build process:
apt-get install devscripts build-essential fakeroot
change directory:
cd squid-<version>
edit the build rules and add the –enable-ssl option to the configure section:
vim debian/rules
configure the new options (don’t do a make or make install !!!) :
./configure
compile and build package:
debuild -us -uc -b
No related posts.
Comments 12
Tried this, step-by-step, and it failed.
Posted 02 Aug 2011 at 4:37 pm ¶However, I substituted squid with squid3.
Every ran without errors until the debuild:
root@w-prd04:/usr/src/squid3-3.1.6# debuild -us -uc -b
dpkg-buildpackage -rfakeroot -D -us -uc -b
dpkg-buildpackage: warning: using a gain-root-command while being root
dpkg-buildpackage: export CFLAGS from dpkg-buildflags (origin: vendor): -g -O2
dpkg-buildpackage: export CPPFLAGS from dpkg-buildflags (origin: vendor):
dpkg-buildpackage: export CXXFLAGS from dpkg-buildflags (origin: vendor): -g -O2
dpkg-buildpackage: export FFLAGS from dpkg-buildflags (origin: vendor): -g -O2
dpkg-buildpackage: export LDFLAGS from dpkg-buildflags (origin: vendor):
dpkg-buildpackage: source package squid3
dpkg-buildpackage: source version 3.1.6-1.2
dpkg-buildpackage: source changed by Ben Hutchings
dpkg-source –before-build squid3-3.1.6
dpkg-buildpackage: host architecture amd64
fakeroot debian/rules clean
/usr/share/cdbs/1/rules/dpatch.mk:33: WARNING: dpatch.mk is deprecated – please use source format 3.0 (quilt) instead
debian/rules:41: *** commands commence before first target. Stop.
dpkg-buildpackage: error: fakeroot debian/rules clean gave error exit status 2
debuild: fatal error at line 1325:
dpkg-buildpackage -rfakeroot -D -us -uc -b failed
…And now I have to remove all the build packages this added onto the machine. Damn
Posted 02 Aug 2011 at 4:39 pm ¶problem found. The copy and paste of –enable-ssl had replaced the — with another character.
Posted 02 Aug 2011 at 4:45 pm ¶Hi,
One important step was missed out: You forgot to mention that this procedure will build the .deb packages in /usr/src!
Of course, not knowing this, I ran a ‘make install’ afterwards (from the INSTALL text file in the distribution), and sprayed random files across the Debian box.
Now I have to carefully remove all this mess, and then hope that I can install the debs, without the missed files I have to remove tripping it up.
Really messy results.
Please update your page to note this important part, otherwise many others will end up in the same mess.
Apart from this, the guide is really good.
Best regards,
Posted 02 Aug 2011 at 5:12 pm ¶B
Hi Bill,
thanks for the hint. I added some more information.
In this case you should be familiar with the build process of debian packages or follow exactly the tutorial. The make install did what it was made for, it installed all the mess in your system .. but not the proper Debian style I think. Most of the stuff should be located under /usr/local but I am not sure about that. I hope you get your system clean and working again.
Regards,
Dominik
Posted 02 Aug 2011 at 6:56 pm ¶Hi Banym,
Thank you for this info.
I am trying with Squid3 but on debuild I get the following:
debian/rules: line 1: deb-src: command not found
debian/rules: line 3: include: command not found
debian/rules: line 4: include: command not found
debian/rules: line 5: include: command not found
debian/rules: line 7: CURDIR: command not found
Thanks again.
Regards,
AlexG
Posted 17 Aug 2011 at 4:44 am ¶Hi,
I was able to resolve my debian/rules issue above by making the file executable:
chmod 755 debian/rules
I also had to install the libssl-dev package first to fix the CTX error reported by debuild.
Thanks.
AlexG
Posted 23 Aug 2011 at 1:00 am ¶Thanks for sharing. I will include it in my tutorial for squid 3 as soon as possible.
Regards,
Dominik
Posted 23 Aug 2011 at 6:34 pm ¶Hi Banym,
I followed your instructions to the letter. Everything was fine until I reached debuild.
FYI – I’m currently working on Debian Squeeze ( 6.0.2 )
$ sudo debuild -us -uc -b
Output -
[..]
dpkg-gencontrol -isp -psquid
dpkg –build debian/tmp ..
dpkg-deb: building package `squid’ in `../squid_2.7.STABLE9-2.1_amd64.deb’.
rm -f debian/substvars
rm -rf debian/tmp
dpkg-genchanges -b >../squid_2.7.STABLE9-2.1_amd64.changes
dpkg-genchanges: binary-only upload – not including any source code
dpkg-source –after-build squid-2.7.STABLE9
dpkg-buildpackage: binary only upload (no source included)
Now running lintian…
warning: lintian’s authors do not recommend running it with root privileges!
E: squid: possible-gpl-code-linked-with-openssl
N: 6 tags overridden (6 warnings)
Finished running lintian.
The file ../squid_2.7.STABLE9-2.1_amd64.deb is not created because of the error, “E: squid: possible-gpl-code-linked-with-openssl”.
I’ve even tried ‘checkinstall’, but it failed too.
$ sudo checkinstall
log file output -
(Reading database … 54269 files and directories currently installed.)
Unpacking squid (from …/squid_2.7.STABLE9-1_amd64.deb) …
dpkg: error processing /usr/src/squid-2.7.STABLE9/squid_2.7.STABLE9-1_amd64.deb (–install):
unable to create `/etc/squid/mime.conf.default.dpkg-new’ (while processing `./etc/squid/mime.conf.default’): No such file or directory
dpkg-deb: subprocess paste killed by signal (Broken pipe)
Errors were encountered while processing:
/usr/src/squid-2.7.STABLE9/squid_2.7.STABLE9-1_amd64.deb
Where have I gone wrong?
Posted 21 Sep 2011 at 8:29 am ¶You should include for the newbies who never recomplled a debian package the debian way:
———-
Normal compile ending:
dpkg-buildpackage: binary only upload (no source included)
Now running lintian…
warning: lintian’s authors do not recommend running it with root privileges!
E: squid: possible-gpl-code-linked-with-openssl
N: 6 tags overridden (6 warnings)
Finished running lintian.
.deb package is in /usr/src, so cd /usr/src
then:
dpkg -i squid_2.7.STABLE9-2.1_amd64.deb squid-common_2.7.STABLE9-2.1_all.deb
Something for this posting form captcha: When klicking the captcha box the cursor jumps back to “Website”, I had to click and hold the mouse while typing the captcha
Posted 25 Sep 2011 at 4:01 pm ¶Hi,
I figured it out. I ran debuild as non root user, and this time it worked ( even with those errors from lintian ) –
I had to get the sources from non root user.
$ apt-get sources squid3
for Squid3, the following deb files were generated -
squid3_3.1.6-1.2+squeeze1_i386.deb
squid3-common_3.1.6-1.2+squeeze1_all.deb
squid3-dbg_3.1.6-1.2+squeeze1_i386.deb
squid-cgi_3.1.6-1.2+squeeze1_i386.deb
squidclient_3.1.6-1.2+squeeze1_i386.deb
And for Squid, the following deb files were generated -
Posted 27 Oct 2011 at 6:33 am ¶squid_2.7.STABLE9-4_i386.deb
squid-common_2.7.STABLE9-4_all.deb
Are openssh sources necessary?
Posted 21 Dec 2011 at 2:42 pm ¶On problem with OpenSSL MD5 headers (error during compilation: “Cannot find OpenSSL MD5 headers”) one should install ssl headers:
apt-get install libssl-dev
(on Debian 6.0 Squeeze)
Post a Comment