Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need help on dansguardian SSL filtering compilation feature

    Scheduled Pinned Locked Moved pfSense Packages
    5 Posts 3 Posters 5.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcellocM
      marcelloc
      last edited by

      I've tested almost all features in dansguardian 2.12 new package, but when started testing last feature I got no response from it.

      I've checked out dansguardian build files and found that SSL filtering feature is not fully implemented on 2.12

      There is no ./configure option to enable it and changelog file says:

      · Added experimental SSL MITM. (read source code for how to use it)
      · Added experimental SSL certificate checking. (read source code for how to use it)

      Well, I did some hacks to dansguardian-devel Makefile to workaround this ./configure limitation and got dansguardian compiling.
      But I'm getting now missing functions from openssl/x509.

      If somebody could help me to find out how to finish this compilation on freebsd, I'll really appreciate.

      This is the new Makefile for dansguarian-devel

      # New ports collection makefile for:	dansguardian
# Date created:				April 02, 2002
# Whom:					Freddie Cash <fjwcash@gmail.com>#
# $FreeBSD: ports/www/dansguardian-devel/Makefile,v 1.34 2012/01/05 01:20:28 garga Exp $
#

PORTNAME=	dansguardian
PORTVERSION=	2.12.0.0
CATEGORIES=	www
MASTER_SITES=	# empty, see below

MAINTAINER=	garga@FreeBSD.org
COMMENT=	A fast, feature-rich web content filter for Squid proxy servers

RUN_DEPENDS=	${LOCALBASE}/sbin/squid:${PORTSDIR}/www/squid
LIB_DEPENDS+=	pcre.0:${PORTSDIR}/devel/pcre

USE_RC_SUBR=	dansguardian
USE_GNOME=	pkgconfig

CONFLICTS=	dansguardian-2.10.*
LATEST_LINK=	dansguardian-devel

GNU_CONFIGURE=	yes
CONFIGURE_ARGS=	--localstatedir=/var \
		--with-logdir=/var/log \
		--with-piddir=/var/run \
		--with-libiconv=${LOCALBASE} \
		--enable-fancydm

MAN8=		dansguardian.8

OPTIONS=	APACHE  "Enable Apache support for access denied page" on \
		TRICKLE "Enable the trickle download manager" on \
		CLISCAN "Enable support for CLI content scanners" off \
		CLAMD   "Enable ClamAV daemon support (clamd)" off \
		ICAP    "Enable ICAP AV content scanner support (testing)" off \
		KAV     "Enable Kaspersky AV support (testing)" off \
		NTLM    "Enable NTLM authentication plugin" off \
		EMAIL   "Enable e-mail reporting support" off \
		DEBUG   "Enable debug options - not for production use" off \
		SSL	"Enable ssl filtering and cert verify" off
DG_URL=		http://dansguardian.org/index.php?page=copyright2
CONFDIR=	${PREFIX}/etc/dansguardian

RESTRICTED=	Redistribution and commercial download is restricted.  Check ${DG_URL} for more info

.include <bsd.port.pre.mk>.if !defined(WITHOUT_APACHE)
USE_APACHE=	20+
.endif

.if !defined(WITHOUT_TRICKLE)
CONFIGURE+=		--enable-trickledm
PLIST_SUB+=		TRICKLECONF=""
.else
PLIST_SUB+=		TRICKLECONF="@comment "
.endif

.if defined(WITH_CLISCAN)
CONFIGURE_ARGS+=	--enable-commandline
PLIST_SUB+=		CLISCANCONF=""
.else
PLIST_SUB+=		CLISCANCONF="@comment "
.endif

.if defined(WITH_CLAMD)
CONFIGURE_ARGS+=	--enable-clamd
RUN_DEPENDS+=		${LOCALBASE}/sbin/clamd:${PORTSDIR}/security/clamav
PLIST_SUB+=		CLAMDCONF=""
.else
PLIST_SUB+=		CLAMDCONF="@comment "
.endif

.if defined(WITH_ICAP)
CONFIGURE_ARGS+=	--enable-icap
PLIST_SUB+=		ICAPCONF=""
.else
PLIST_SUB+=		ICAPCONF="@comment "
.endif

.if defined(WITH_KAV)
CONFIGURE_ARGS+=	--enable-kavd
PLIST_SUB+=		KAVDCONF=""
.else
PLIST_SUB+=		KAVDCONF="@comment "
.endif

.if defined(WITH_CLAMD) || defined(WITH_ICAP) || defined(WITH_KAV) || defined(WITH_CLISCAN)
PLIST_SUB+=		SCANNERS=""
.else
PLIST_SUB+=		SCANNERS="@comment "
.endif

.if defined(WITH_NTLM)
CONFIGURE_ARGS+=	--enable-ntlm --with-libiconv=${LOCALBASE}
USE_ICONV=	yes
PLIST_SUB+=		NTLMCONF=""
.else
PLIST_SUB+=		NTLMCONF="@comment "
.endif

.if defined(WITH_EMAIL)
CONFIGURE_ARGS+=	--enable-email
PLIST_SUB+=		EMAILCONF=""
.else
PLIST_SUB+=		EMAILCONF="@comment "
.endif

.if defined(WITH_DEBUG)
CONFIGURE_ARGS+=	--with-dgdebug
.endif

#.if defined(NOPORTDOCS)
#PLISTSUB+=              DOCINST="@comment "
#.else
#PLISTSUB+=              DOCINST=""
#.endif

# User needs to manually download the distfile
.if !(exists(${DISTDIR}/${DISTNAME}${EXTRACT_SUFX})) && !defined(PACKAGE_BUILDING)
IGNORE=	commercial source download is restricted.  Please visit and read ${DG_URL} and download ${DISTNAME}${EXTRACT_SUFX} into ${DISTDIR} before running make
.endif

post-patch:
.if defined(NOPORTDOCS)
	@${REINPLACE_CMD} -e '/install-data-am/ s|install-dist_docDATA||' \
		${WRKSRC}/doc/Makefile.in
.endif

.if defined(WITH_SSL)
	@${REINPLACE_CMD} -e 's|ifdef __SSLMITM|ifndef __SSLMITM|' \
		${WRKSRC}/src/*pp
	@${REINPLACE_CMD} -e 's|ifdef __SSLCERT|ifndef __SSLCERT|' \
		${WRKSRC}/src/*pp
	@${REINPLACE_CMD} -e 's|ifndef __SSLCERT|ifdef __SSLCERT|' \
		${WRKSRC}/src/Auth.cpp
.endif

post-install:
# Display post-install message
	@${CAT} pkg-message

.include</bsd.port.pre.mk></fjwcash@gmail.com>

      And the compile error I'm getting

      ===>  Building for dansguardian-2.12.0.0
make  all-recursive
Making all in doc
Making all in .
Making all in data
Making all in languages
Making all in .
Making all in scripts
Making all in .
Making all in configs
Making all in lists
Making all in phraselists
Making all in .
Making all in blacklists
Making all in authplugins
Making all in .
Making all in bannedrooms
Making all in .
Making all in contentscanners
Making all in .
Making all in downloadmanagers
Making all in .
Making all in downloadmanagers
Making all in .
Making all in authplugins
Making all in .
Making all in .
Making all in contentscanners
Making all in .
Making all in src
c++ -I/usr/local/include  -O2 -pipe -fno-strict-aliasing    -o dansguardian dansguardian-String.o  dansguardian-FDTunnel.o  dansguardian-ConnectionHandler.o  dansguardian-DataBuffer.o  dansguardian-HTTPHeader.o  dansguardian-NaughtyFilter.o  dansguardian-BackedStore.o  dansguardian-RegExp.o dansguardian-FDFuncs.o  dansguardian-BaseSocket.o  dansguardian-Socket.o  dansguardian-FatController.o  dansguardian-UDSocket.o dansguardian-SysV.o  dansguardian-ListContainer.o  dansguardian-Auth.o  dansguardian-HTMLTemplate.o  dansguardian-LanguageContainer.o  dansguardian-DynamicURLList.o  dansguardian-DynamicIPList.o  dansguardian-ImageContainer.o  dansguardian-IPList.o  dansguardian-OptionContainer.o  dansguardian-FOptionContainer.o  dansguardian-ListManager.o dansguardian-md5.o  dansguardian-DownloadManager.o  dansguardian-ConfigVar.o  dansguardian-ContentScanner.o  dansguardian-SocketArray.o  dansguardian-dansguardian.o  dansguardian-CertificateAuthority.o dansguardian-icapscan.o   dansguardian-clamdscan.o    dansguardian-default.o dansguardian-fancy.o   dansguardian-proxy.o dansguardian-ident.o  dansguardian-ip.o dansguardian-ntlm.o dansguardian-digest.o -lpcreposix -L/usr/local/lib -lpcre  -L/usr/local/lib -liconv -lz
dansguardian-ConnectionHandler.o(.text+0x960): In function `ConnectionHandler::checkCertificate(String&, Socket*, NaughtyFilter*)':
: undefined reference to `X509_verify_cert_error_string'
dansguardian-ConnectionHandler.o(.text+0x14c62): In function `ConnectionHandler::handleConnection(Socket&, String&, Socket&)':
: undefined reference to `X509_free'
dansguardian-ConnectionHandler.o(.text+0x14c70): In function `ConnectionHandler::handleConnection(Socket&, String&, Socket&)':
: undefined reference to `EVP_PKEY_free'
dansguardian-Socket.o(.text+0x233): In function `Socket::writeToSocket(char const*, int, unsigned int, int, bool, bool)':
: undefined reference to `SSL_write'
dansguardian-Socket.o(.text+0x428): In function `Socket::readFromSocket(char*, int, unsigned int, int, bool, bool)':
: undefined reference to `SSL_read'
dansguardian-Socket.o(.text+0x4f9): In function `Socket::checkForInput()':
: undefined reference to `SSL_peek'
dansguardian-Socket.o(.text+0x524): In function `Socket::checkCertValid()':
: undefined reference to `SSL_get_peer_certificate'
dansguardian-Socket.o(.text+0x530): In function `Socket::checkCertValid()':
: undefined reference to `X509_free'
dansguardian-Socket.o(.text+0x58b): In function `Socket::stopSsl()':
: undefined reference to `SSL_shutdown'
dansguardian-Socket.o(.text+0x599): In function `Socket::stopSsl()':
: undefined reference to `SSL_free'
dansguardian-Socket.o(.text+0x5bc): In function `Socket::stopSsl()':
: undefined reference to `SSL_CTX_free'
dansguardian-Socket.o(.text+0x5d7): In function `Socket::stopSsl()':
: undefined reference to `SSL_shutdown'
dansguardian-Socket.o(.text+0x5e9): In function `Socket::stopSsl()':
: undefined reference to `SSL_get_fd'
dansguardian-Socket.o(.text+0x654): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSLv23_server_method'
dansguardian-Socket.o(.text+0x65c): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_CTX_new'
dansguardian-Socket.o(.text+0x68d): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_CTX_set_timeout'
dansguardian-Socket.o(.text+0x6ab): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_CTX_use_certificate'
dansguardian-Socket.o(.text+0x6c9): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_CTX_use_PrivateKey'
dansguardian-Socket.o(.text+0x6e0): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_new'
dansguardian-Socket.o(.text+0x706): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_ctrl'
dansguardian-Socket.o(.text+0x72c): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_ctrl'
dansguardian-Socket.o(.text+0x73a): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_set_accept_state'
dansguardian-Socket.o(.text+0x754): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_set_fd'
dansguardian-Socket.o(.text+0x762): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_accept'
dansguardian-Socket.o(.text+0x77d): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
: undefined reference to `SSL_do_handshake'
dansguardian-Socket.o(.text+0x13d4): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSLv23_client_method'
dansguardian-Socket.o(.text+0x13dc): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_CTX_new'
dansguardian-Socket.o(.text+0x140d): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_CTX_set_timeout'
dansguardian-Socket.o(.text+0x1435): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_CTX_load_verify_locations'
dansguardian-Socket.o(.text+0x144b): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_new'
dansguardian-Socket.o(.text+0x1471): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_ctrl'
dansguardian-Socket.o(.text+0x1497): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_ctrl'
dansguardian-Socket.o(.text+0x14a5): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_set_connect_state'
dansguardian-Socket.o(.text+0x14bf): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_set_fd'
dansguardian-Socket.o(.text+0x14cd): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_connect'
dansguardian-Socket.o(.text+0x14f4): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_CTX_free'
dansguardian-Socket.o(.text+0x150b): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `ERR_print_errors_fp'
dansguardian-Socket.o(.text+0x1519): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_free'
dansguardian-Socket.o(.text+0x1527): In function `Socket::startSslClient(std::string const&)':
: undefined reference to `SSL_CTX_free'
dansguardian-Socket.o(.text+0x16af): In function `Socket::readFromSocketn(char*, int, unsigned int, int)':
: undefined reference to `SSL_read'
dansguardian-Socket.o(.text+0x1da6): In function `Socket::getLine(char*, int, int, bool, bool*, bool*)':
: undefined reference to `SSL_read'
dansguardian-Socket.o(.text+0x1df0): In function `Socket::getLine(char*, int, int, bool, bool*, bool*)':
: undefined reference to `SSL_get_error'
dansguardian-Socket.o(.text+0x255b): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `SSL_get_peer_certificate'
dansguardian-Socket.o(.text+0x2599): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `X509_get_ext_d2i'
dansguardian-Socket.o(.text+0x25a4): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `sk_num'
dansguardian-Socket.o(.text+0x25de): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `sk_value'
dansguardian-Socket.o(.text+0x25f5): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `ASN1_STRING_to_UTF8'
dansguardian-Socket.o(.text+0x2646): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `CRYPTO_free'
dansguardian-Socket.o(.text+0x275f): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `GENERAL_NAME_free'
dansguardian-Socket.o(.text+0x2767): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `sk_pop_free'
dansguardian-Socket.o(.text+0x2784): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `X509_get_subject_name'
dansguardian-Socket.o(.text+0x27a2): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `X509_NAME_get_entry'
dansguardian-Socket.o(.text+0x27aa): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `X509_NAME_ENTRY_get_data'
dansguardian-Socket.o(.text+0x27b9): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `ASN1_STRING_to_UTF8'
dansguardian-Socket.o(.text+0x280a): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `CRYPTO_free'
dansguardian-Socket.o(.text+0x2917): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `X509_NAME_get_index_by_NID'
dansguardian-Socket.o(.text+0x2952): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `X509_free'
dansguardian-Socket.o(.text+0x2974): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `X509_free'
dansguardian-Socket.o(.text+0x2bc2): In function `Socket::checkCertHostname(std::string const&)':
: undefined reference to `X509_free'
dansguardian-Socket.o(.text+0x543): In function `Socket::checkCertValid()':
: undefined reference to `SSL_get_verify_result'
dansguardian-FatController.o(.text+0xbc8d): In function `fc_controlit()':
: undefined reference to `SSL_load_error_strings'
dansguardian-FatController.o(.text+0xbc92): In function `fc_controlit()':
: undefined reference to `OPENSSL_add_all_algorithms_noconf'
dansguardian-FatController.o(.text+0xbc97): In function `fc_controlit()':
: undefined reference to `OpenSSL_add_all_digests'
dansguardian-FatController.o(.text+0xbca1): In function `fc_controlit()':
: undefined reference to `SSL_library_init'
dansguardian-CertificateAuthority.o(.text+0x124): In function `CertificateAuthority::getServerPkey()':
: undefined reference to `CRYPTO_add_lock'
dansguardian-CertificateAuthority.o(.text+0x156): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `EVP_md5'
dansguardian-CertificateAuthority.o(.text+0x160): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `EVP_MD_CTX_init'
dansguardian-CertificateAuthority.o(.text+0x174): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `EVP_DigestInit_ex'
dansguardian-CertificateAuthority.o(.text+0x194): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `EVP_DigestUpdate'
dansguardian-CertificateAuthority.o(.text+0x1ae): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `EVP_DigestFinal_ex'
dansguardian-CertificateAuthority.o(.text+0x1ba): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `EVP_MD_CTX_cleanup'
dansguardian-CertificateAuthority.o(.text+0x1d1): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `BN_bin2bn'
dansguardian-CertificateAuthority.o(.text+0x1e7): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `BN_to_ASN1_INTEGER'
dansguardian-CertificateAuthority.o(.text+0x1f1): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `BN_free'
dansguardian-CertificateAuthority.o(.text+0x20a): In function `CertificateAuthority::getSerial(char const*)':
: undefined reference to `EVP_MD_CTX_cleanup'
dansguardian-CertificateAuthority.o(.text+0x22d): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_new'
dansguardian-CertificateAuthority.o(.text+0x247): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_set_version'
dansguardian-CertificateAuthority.o(.text+0x274): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_set_serialNumber'
dansguardian-CertificateAuthority.o(.text+0x284): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `ASN1_INTEGER_free'
dansguardian-CertificateAuthority.o(.text+0x29b): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `ASN1_TIME_set'
dansguardian-CertificateAuthority.o(.text+0x2bb): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `ASN1_TIME_set'
dansguardian-CertificateAuthority.o(.text+0x2d2): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_set_pubkey'
dansguardian-CertificateAuthority.o(.text+0x2e2): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_get_subject_name'
dansguardian-CertificateAuthority.o(.text+0x323): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_NAME_add_entry_by_txt'
dansguardian-CertificateAuthority.o(.text+0x332): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_get_subject_name'
dansguardian-CertificateAuthority.o(.text+0x344): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_set_issuer_name'
dansguardian-CertificateAuthority.o(.text+0x34d): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `EVP_sha1'
dansguardian-CertificateAuthority.o(.text+0x35f): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_sign'
dansguardian-CertificateAuthority.o(.text+0x377): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_free'
dansguardian-CertificateAuthority.o(.text+0x389): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_NAME_free'
dansguardian-CertificateAuthority.o(.text+0x393): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_free'
dansguardian-CertificateAuthority.o(.text+0x39f): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `X509_free'
dansguardian-CertificateAuthority.o(.text+0x3a7): In function `CertificateAuthority::generateCertificate(char const*)':
: undefined reference to `ASN1_INTEGER_free'
dansguardian-CertificateAuthority.o(.text+0x3c9): In function `CertificateAuthority::~CertificateAuthority()':
: undefined reference to `X509_free'
dansguardian-CertificateAuthority.o(.text+0x3d3): In function `CertificateAuthority::~CertificateAuthority()':
: undefined reference to `EVP_PKEY_free'
dansguardian-CertificateAuthority.o(.text+0x3de): In function `CertificateAuthority::~CertificateAuthority()':
: undefined reference to `EVP_PKEY_free'
dansguardian-CertificateAuthority.o(.text+0x6d9): In function `CertificateAuthority::~CertificateAuthority()':
: undefined reference to `X509_free'
dansguardian-CertificateAuthority.o(.text+0x6e3): In function `CertificateAuthority::~CertificateAuthority()':
: undefined reference to `EVP_PKEY_free'
dansguardian-CertificateAuthority.o(.text+0x6ee): In function `CertificateAuthority::~CertificateAuthority()':
: undefined reference to `EVP_PKEY_free'
dansguardian-CertificateAuthority.o(.text+0x9f9): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
: undefined reference to `ASN1_INTEGER_to_BN'
dansguardian-CertificateAuthority.o(.text+0xa03): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
: undefined reference to `BN_bn2hex'
dansguardian-CertificateAuthority.o(.text+0xa23): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
: undefined reference to `CRYPTO_free'
dansguardian-CertificateAuthority.o(.text+0xa2b): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
: undefined reference to `BN_free'
dansguardian-CertificateAuthority.o(.text+0xa33): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
: undefined reference to `ASN1_INTEGER_free'
dansguardian-CertificateAuthority.o(.text+0xbf5): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
: undefined reference to `PEM_write_X509'
dansguardian-CertificateAuthority.o(.text+0x16cc): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
: undefined reference to `PEM_read_X509'
dansguardian-CertificateAuthority.o(.text+0x171c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
: undefined reference to `PEM_read_PrivateKey'
dansguardian-CertificateAuthority.o(.text+0x176b): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
: undefined reference to `PEM_read_PrivateKey'
dansguardian-CertificateAuthority.o(.text+0x1a3c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
: undefined reference to `PEM_read_X509'
dansguardian-CertificateAuthority.o(.text+0x1a8c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
: undefined reference to `PEM_read_PrivateKey'
dansguardian-CertificateAuthority.o(.text+0x1adb): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
: undefined reference to `PEM_read_PrivateKey'
dansguardian-CertificateAuthority.o(.text+0x1d79): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
: undefined reference to `ASN1_INTEGER_to_BN'
dansguardian-CertificateAuthority.o(.text+0x1d83): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
: undefined reference to `BN_bn2hex'
dansguardian-CertificateAuthority.o(.text+0x1da3): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
: undefined reference to `CRYPTO_free'
dansguardian-CertificateAuthority.o(.text+0x1dab): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
: undefined reference to `BN_free'
dansguardian-CertificateAuthority.o(.text+0x1db3): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
: undefined reference to `ASN1_INTEGER_free'
dansguardian-CertificateAuthority.o(.text+0x1e45): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
: undefined reference to `PEM_read_X509'
*** Error code 1

Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0/src.
*** Error code 1

Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0.
*** Error code 1

Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0.
*** Error code 1

Stop in /usr/ports/www/dansguardian-devel.
*** Error code 1

Stop in /usr/ports/www/dansguardian-devel.

      Treinamentos de Elite: http://sys-squad.com

      Help a community developer! ;D

      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by

        From what i see you need to add to LDFLAGS -lssl -lcrypto

        1 Reply Last reply Reply Quote 0
        • marcellocM
          marcelloc
          last edited by

          @ermal:

          From what i see you need to add to LDFLAGS -lssl -lcrypto

          YES! that was it.

          Included it to ports Makefile and it compiled  ;D

          Thank you very much ermal. I could compile and create package. I'll post new Makefile to update dansguardian ports package.

          After installing it and configuring certs using pfsense cert manager, I'm getting now ssl negotiation erros from dansguardian logs.

          Getting ssl certificate for client connection
Generating serial no for www.facebook.com
Serial no is 660328A7F9004D462085AA67A82065DB
Searching for certificate for www.facebook.com
Certificate not found. Creating one
Generating serial no for www.facebook.com
Serial no is 660328A7F9004D462085AA67A82065DB
Going SSL on the peer connection
Error doing ssl hanshake
ssl stopping
this is a client connection
SSL_RECIEVED_SHUTDOWN IS SET
calling ssl shutdown
done
SSL Interception failed Failed to negotiate ssl connection to client
Not looking for log-only category; current cat string is: SSL Site (8)
Building raw log data string... ...built
uds connect:/tmp/.dguardianipc
received a log request
read into buffer; bufflen: 169
Shutting down ssl to proxy
ssl stopping
Shutting down ssl to client
ssl stopping
Attempting graceful connection close
27 2012.2.15 0:14:26 172.16.1.152 172.16.1.152 https://www.facebook.com:443 *DENIED* Failed to negotiate ssl connection to client CONNECT 0 0 SSL Site 1 200 -  Default   - -

          On browser:
          sec_error_invalid_time
          sec_error_reused_issuer_and_serial

          Treinamentos de Elite: http://sys-squad.com

          Help a community developer! ;D

          1 Reply Last reply Reply Quote 0
          • M
            mahoon
            last edited by

            Hi Marcello ;

            Have you achive ssl content filtering with DG 2.12 ?

            The Dansguardian Mailing list not reponse to me, so I have waiting for ssl filtering from you.

            Saygılar..

            1 Reply Last reply Reply Quote 0
            • marcellocM
              marcelloc
              last edited by

              @mahoon:

              Hi Marcello ;

              Have you achive ssl content filtering with DG 2.12 ?

              The Dansguardian Mailing list not reponse to me, so I have waiting for ssl filtering from you.

              I'm still on the same point.  :(
              I get only invalid certificates time/date error from browsers.

              Treinamentos de Elite: http://sys-squad.com

              Help a community developer! ;D

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.