I found out why the squid didnt start with sslBump, it is related to
the TODO here :
https://github.com/squid-cache/squid/blob/master/src/anyp/PortCfg.cc#L123
// TODO: AYJ: 2009-07-18: for now SSL does not clone. Configure
separate ports with IPs and SSL settings
More precisely put an ip in front of your :port in http(s)_port
I feel ill after reading this c++ code.
On Tue, Dec 9, 2014 at 6:53 AM, Stuart Henderson <st...@openbsd.org> wrote:
> On 2014/12/09 03:48, Jiri B wrote:
>> > > Index: Makefile.inc
>> > > ===================================================================
>> > > RCS file: /cvs/ports/www/squid/Makefile.inc,v
>> > > retrieving revision 1.9
>> > > diff -u -p -r1.9 Makefile.inc
>> > > --- Makefile.inc 15 May 2014 21:24:33 -0000 1.9
>> > > +++ Makefile.inc 5 Dec 2014 13:54:30 -0000
>> > > @@ -66,6 +66,7 @@ CONFIGURE_ARGS+= ${CONFIGURE_SHARED} \
>> > > --enable-referer-log \
>> > > --enable-removal-policies="lru heap" \
>> > > --enable-ssl \
>> > > + --enable-ssl-crtd \
>> > > --with-openssl \
>> > > --enable-storeio="aufs ufs diskd" \
>> > > --with-default-user="_squid" \
>
> I'll add this when I've finished with the update of snapshot to 3.5.0.2,
> which is delayed while I find time to work around libressl incompatibility.
>
> Obviously there were several missing parts to the diff that was sent.
>
>> and what about this as well?
>>
>> --enable-http-violations
>>
>> cf.
>> http://wiki.squid-cache.org/SquidFaq/ConfiguringSquid#Can_Squid_anonymize_HTTP_requests.3F
>>
>> j.
>>
>
> Not by default. I'll have a think about adding this as a flavour.
>
--
---------------------------------------------------------------------------------------------------------------------
() ascii ribbon campaign - against html e-mail
/\
