Need help on dansguardian SSL filtering compilation feature



  • I've tested almost all features in dansguardian 2.12 new package, but when started testing last feature I got no response from it.

    I've checked out dansguardian build files and found that SSL filtering feature is not fully implemented on 2.12

    There is no ./configure option to enable it and changelog file says:

    · Added experimental SSL MITM. (read source code for how to use it)
    · Added experimental SSL certificate checking. (read source code for how to use it)

    Well, I did some hacks to dansguardian-devel Makefile to workaround this ./configure limitation and got dansguardian compiling.
    But I'm getting now missing functions from openssl/x509.

    If somebody could help me to find out how to finish this compilation on freebsd, I'll really appreciate.

    This is the new Makefile for dansguarian-devel

    # New ports collection makefile for:	dansguardian
    # Date created:				April 02, 2002
    # Whom:					Freddie Cash <fjwcash@gmail.com>#
    # $FreeBSD: ports/www/dansguardian-devel/Makefile,v 1.34 2012/01/05 01:20:28 garga Exp $
    #
    
    PORTNAME=	dansguardian
    PORTVERSION=	2.12.0.0
    CATEGORIES=	www
    MASTER_SITES=	# empty, see below
    
    MAINTAINER=	garga@FreeBSD.org
    COMMENT=	A fast, feature-rich web content filter for Squid proxy servers
    
    RUN_DEPENDS=	${LOCALBASE}/sbin/squid:${PORTSDIR}/www/squid
    LIB_DEPENDS+=	pcre.0:${PORTSDIR}/devel/pcre
    
    USE_RC_SUBR=	dansguardian
    USE_GNOME=	pkgconfig
    
    CONFLICTS=	dansguardian-2.10.*
    LATEST_LINK=	dansguardian-devel
    
    GNU_CONFIGURE=	yes
    CONFIGURE_ARGS=	--localstatedir=/var \
    		--with-logdir=/var/log \
    		--with-piddir=/var/run \
    		--with-libiconv=${LOCALBASE} \
    		--enable-fancydm
    
    MAN8=		dansguardian.8
    
    OPTIONS=	APACHE  "Enable Apache support for access denied page" on \
    		TRICKLE "Enable the trickle download manager" on \
    		CLISCAN "Enable support for CLI content scanners" off \
    		CLAMD   "Enable ClamAV daemon support (clamd)" off \
    		ICAP    "Enable ICAP AV content scanner support (testing)" off \
    		KAV     "Enable Kaspersky AV support (testing)" off \
    		NTLM    "Enable NTLM authentication plugin" off \
    		EMAIL   "Enable e-mail reporting support" off \
    		DEBUG   "Enable debug options - not for production use" off \
    		SSL	"Enable ssl filtering and cert verify" off
    DG_URL=		http://dansguardian.org/index.php?page=copyright2
    CONFDIR=	${PREFIX}/etc/dansguardian
    
    RESTRICTED=	Redistribution and commercial download is restricted.  Check ${DG_URL} for more info
    
    .include <bsd.port.pre.mk>.if !defined(WITHOUT_APACHE)
    USE_APACHE=	20+
    .endif
    
    .if !defined(WITHOUT_TRICKLE)
    CONFIGURE+=		--enable-trickledm
    PLIST_SUB+=		TRICKLECONF=""
    .else
    PLIST_SUB+=		TRICKLECONF="@comment "
    .endif
    
    .if defined(WITH_CLISCAN)
    CONFIGURE_ARGS+=	--enable-commandline
    PLIST_SUB+=		CLISCANCONF=""
    .else
    PLIST_SUB+=		CLISCANCONF="@comment "
    .endif
    
    .if defined(WITH_CLAMD)
    CONFIGURE_ARGS+=	--enable-clamd
    RUN_DEPENDS+=		${LOCALBASE}/sbin/clamd:${PORTSDIR}/security/clamav
    PLIST_SUB+=		CLAMDCONF=""
    .else
    PLIST_SUB+=		CLAMDCONF="@comment "
    .endif
    
    .if defined(WITH_ICAP)
    CONFIGURE_ARGS+=	--enable-icap
    PLIST_SUB+=		ICAPCONF=""
    .else
    PLIST_SUB+=		ICAPCONF="@comment "
    .endif
    
    .if defined(WITH_KAV)
    CONFIGURE_ARGS+=	--enable-kavd
    PLIST_SUB+=		KAVDCONF=""
    .else
    PLIST_SUB+=		KAVDCONF="@comment "
    .endif
    
    .if defined(WITH_CLAMD) || defined(WITH_ICAP) || defined(WITH_KAV) || defined(WITH_CLISCAN)
    PLIST_SUB+=		SCANNERS=""
    .else
    PLIST_SUB+=		SCANNERS="@comment "
    .endif
    
    .if defined(WITH_NTLM)
    CONFIGURE_ARGS+=	--enable-ntlm --with-libiconv=${LOCALBASE}
    USE_ICONV=	yes
    PLIST_SUB+=		NTLMCONF=""
    .else
    PLIST_SUB+=		NTLMCONF="@comment "
    .endif
    
    .if defined(WITH_EMAIL)
    CONFIGURE_ARGS+=	--enable-email
    PLIST_SUB+=		EMAILCONF=""
    .else
    PLIST_SUB+=		EMAILCONF="@comment "
    .endif
    
    .if defined(WITH_DEBUG)
    CONFIGURE_ARGS+=	--with-dgdebug
    .endif
    
    #.if defined(NOPORTDOCS)
    #PLISTSUB+=              DOCINST="@comment "
    #.else
    #PLISTSUB+=              DOCINST=""
    #.endif
    
    # User needs to manually download the distfile
    .if !(exists(${DISTDIR}/${DISTNAME}${EXTRACT_SUFX})) && !defined(PACKAGE_BUILDING)
    IGNORE=	commercial source download is restricted.  Please visit and read ${DG_URL} and download ${DISTNAME}${EXTRACT_SUFX} into ${DISTDIR} before running make
    .endif
    
    post-patch:
    .if defined(NOPORTDOCS)
    	@${REINPLACE_CMD} -e '/install-data-am/ s|install-dist_docDATA||' \
    		${WRKSRC}/doc/Makefile.in
    .endif
    
    .if defined(WITH_SSL)
    	@${REINPLACE_CMD} -e 's|ifdef __SSLMITM|ifndef __SSLMITM|' \
    		${WRKSRC}/src/*pp
    	@${REINPLACE_CMD} -e 's|ifdef __SSLCERT|ifndef __SSLCERT|' \
    		${WRKSRC}/src/*pp
    	@${REINPLACE_CMD} -e 's|ifndef __SSLCERT|ifdef __SSLCERT|' \
    		${WRKSRC}/src/Auth.cpp
    .endif
    
    post-install:
    # Display post-install message
    	@${CAT} pkg-message
    
    .include</bsd.port.pre.mk></fjwcash@gmail.com> 
    

    And the compile error I'm getting

    ===>  Building for dansguardian-2.12.0.0
    make  all-recursive
    Making all in doc
    Making all in .
    Making all in data
    Making all in languages
    Making all in .
    Making all in scripts
    Making all in .
    Making all in configs
    Making all in lists
    Making all in phraselists
    Making all in .
    Making all in blacklists
    Making all in authplugins
    Making all in .
    Making all in bannedrooms
    Making all in .
    Making all in contentscanners
    Making all in .
    Making all in downloadmanagers
    Making all in .
    Making all in downloadmanagers
    Making all in .
    Making all in authplugins
    Making all in .
    Making all in .
    Making all in contentscanners
    Making all in .
    Making all in src
    c++ -I/usr/local/include  -O2 -pipe -fno-strict-aliasing    -o dansguardian dansguardian-String.o  dansguardian-FDTunnel.o  dansguardian-ConnectionHandler.o  dansguardian-DataBuffer.o  dansguardian-HTTPHeader.o  dansguardian-NaughtyFilter.o  dansguardian-BackedStore.o  dansguardian-RegExp.o dansguardian-FDFuncs.o  dansguardian-BaseSocket.o  dansguardian-Socket.o  dansguardian-FatController.o  dansguardian-UDSocket.o dansguardian-SysV.o  dansguardian-ListContainer.o  dansguardian-Auth.o  dansguardian-HTMLTemplate.o  dansguardian-LanguageContainer.o  dansguardian-DynamicURLList.o  dansguardian-DynamicIPList.o  dansguardian-ImageContainer.o  dansguardian-IPList.o  dansguardian-OptionContainer.o  dansguardian-FOptionContainer.o  dansguardian-ListManager.o dansguardian-md5.o  dansguardian-DownloadManager.o  dansguardian-ConfigVar.o  dansguardian-ContentScanner.o  dansguardian-SocketArray.o  dansguardian-dansguardian.o  dansguardian-CertificateAuthority.o dansguardian-icapscan.o   dansguardian-clamdscan.o    dansguardian-default.o dansguardian-fancy.o   dansguardian-proxy.o dansguardian-ident.o  dansguardian-ip.o dansguardian-ntlm.o dansguardian-digest.o -lpcreposix -L/usr/local/lib -lpcre  -L/usr/local/lib -liconv -lz
    dansguardian-ConnectionHandler.o(.text+0x960): In function `ConnectionHandler::checkCertificate(String&, Socket*, NaughtyFilter*)':
    : undefined reference to `X509_verify_cert_error_string'
    dansguardian-ConnectionHandler.o(.text+0x14c62): In function `ConnectionHandler::handleConnection(Socket&, String&, Socket&)':
    : undefined reference to `X509_free'
    dansguardian-ConnectionHandler.o(.text+0x14c70): In function `ConnectionHandler::handleConnection(Socket&, String&, Socket&)':
    : undefined reference to `EVP_PKEY_free'
    dansguardian-Socket.o(.text+0x233): In function `Socket::writeToSocket(char const*, int, unsigned int, int, bool, bool)':
    : undefined reference to `SSL_write'
    dansguardian-Socket.o(.text+0x428): In function `Socket::readFromSocket(char*, int, unsigned int, int, bool, bool)':
    : undefined reference to `SSL_read'
    dansguardian-Socket.o(.text+0x4f9): In function `Socket::checkForInput()':
    : undefined reference to `SSL_peek'
    dansguardian-Socket.o(.text+0x524): In function `Socket::checkCertValid()':
    : undefined reference to `SSL_get_peer_certificate'
    dansguardian-Socket.o(.text+0x530): In function `Socket::checkCertValid()':
    : undefined reference to `X509_free'
    dansguardian-Socket.o(.text+0x58b): In function `Socket::stopSsl()':
    : undefined reference to `SSL_shutdown'
    dansguardian-Socket.o(.text+0x599): In function `Socket::stopSsl()':
    : undefined reference to `SSL_free'
    dansguardian-Socket.o(.text+0x5bc): In function `Socket::stopSsl()':
    : undefined reference to `SSL_CTX_free'
    dansguardian-Socket.o(.text+0x5d7): In function `Socket::stopSsl()':
    : undefined reference to `SSL_shutdown'
    dansguardian-Socket.o(.text+0x5e9): In function `Socket::stopSsl()':
    : undefined reference to `SSL_get_fd'
    dansguardian-Socket.o(.text+0x654): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSLv23_server_method'
    dansguardian-Socket.o(.text+0x65c): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_CTX_new'
    dansguardian-Socket.o(.text+0x68d): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_CTX_set_timeout'
    dansguardian-Socket.o(.text+0x6ab): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_CTX_use_certificate'
    dansguardian-Socket.o(.text+0x6c9): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_CTX_use_PrivateKey'
    dansguardian-Socket.o(.text+0x6e0): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_new'
    dansguardian-Socket.o(.text+0x706): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_ctrl'
    dansguardian-Socket.o(.text+0x72c): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_ctrl'
    dansguardian-Socket.o(.text+0x73a): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_set_accept_state'
    dansguardian-Socket.o(.text+0x754): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_set_fd'
    dansguardian-Socket.o(.text+0x762): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_accept'
    dansguardian-Socket.o(.text+0x77d): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)':
    : undefined reference to `SSL_do_handshake'
    dansguardian-Socket.o(.text+0x13d4): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSLv23_client_method'
    dansguardian-Socket.o(.text+0x13dc): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_CTX_new'
    dansguardian-Socket.o(.text+0x140d): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_CTX_set_timeout'
    dansguardian-Socket.o(.text+0x1435): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_CTX_load_verify_locations'
    dansguardian-Socket.o(.text+0x144b): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_new'
    dansguardian-Socket.o(.text+0x1471): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_ctrl'
    dansguardian-Socket.o(.text+0x1497): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_ctrl'
    dansguardian-Socket.o(.text+0x14a5): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_set_connect_state'
    dansguardian-Socket.o(.text+0x14bf): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_set_fd'
    dansguardian-Socket.o(.text+0x14cd): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_connect'
    dansguardian-Socket.o(.text+0x14f4): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_CTX_free'
    dansguardian-Socket.o(.text+0x150b): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `ERR_print_errors_fp'
    dansguardian-Socket.o(.text+0x1519): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_free'
    dansguardian-Socket.o(.text+0x1527): In function `Socket::startSslClient(std::string const&)':
    : undefined reference to `SSL_CTX_free'
    dansguardian-Socket.o(.text+0x16af): In function `Socket::readFromSocketn(char*, int, unsigned int, int)':
    : undefined reference to `SSL_read'
    dansguardian-Socket.o(.text+0x1da6): In function `Socket::getLine(char*, int, int, bool, bool*, bool*)':
    : undefined reference to `SSL_read'
    dansguardian-Socket.o(.text+0x1df0): In function `Socket::getLine(char*, int, int, bool, bool*, bool*)':
    : undefined reference to `SSL_get_error'
    dansguardian-Socket.o(.text+0x255b): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `SSL_get_peer_certificate'
    dansguardian-Socket.o(.text+0x2599): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `X509_get_ext_d2i'
    dansguardian-Socket.o(.text+0x25a4): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `sk_num'
    dansguardian-Socket.o(.text+0x25de): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `sk_value'
    dansguardian-Socket.o(.text+0x25f5): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `ASN1_STRING_to_UTF8'
    dansguardian-Socket.o(.text+0x2646): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `CRYPTO_free'
    dansguardian-Socket.o(.text+0x275f): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `GENERAL_NAME_free'
    dansguardian-Socket.o(.text+0x2767): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `sk_pop_free'
    dansguardian-Socket.o(.text+0x2784): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `X509_get_subject_name'
    dansguardian-Socket.o(.text+0x27a2): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `X509_NAME_get_entry'
    dansguardian-Socket.o(.text+0x27aa): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `X509_NAME_ENTRY_get_data'
    dansguardian-Socket.o(.text+0x27b9): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `ASN1_STRING_to_UTF8'
    dansguardian-Socket.o(.text+0x280a): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `CRYPTO_free'
    dansguardian-Socket.o(.text+0x2917): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `X509_NAME_get_index_by_NID'
    dansguardian-Socket.o(.text+0x2952): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `X509_free'
    dansguardian-Socket.o(.text+0x2974): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `X509_free'
    dansguardian-Socket.o(.text+0x2bc2): In function `Socket::checkCertHostname(std::string const&)':
    : undefined reference to `X509_free'
    dansguardian-Socket.o(.text+0x543): In function `Socket::checkCertValid()':
    : undefined reference to `SSL_get_verify_result'
    dansguardian-FatController.o(.text+0xbc8d): In function `fc_controlit()':
    : undefined reference to `SSL_load_error_strings'
    dansguardian-FatController.o(.text+0xbc92): In function `fc_controlit()':
    : undefined reference to `OPENSSL_add_all_algorithms_noconf'
    dansguardian-FatController.o(.text+0xbc97): In function `fc_controlit()':
    : undefined reference to `OpenSSL_add_all_digests'
    dansguardian-FatController.o(.text+0xbca1): In function `fc_controlit()':
    : undefined reference to `SSL_library_init'
    dansguardian-CertificateAuthority.o(.text+0x124): In function `CertificateAuthority::getServerPkey()':
    : undefined reference to `CRYPTO_add_lock'
    dansguardian-CertificateAuthority.o(.text+0x156): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `EVP_md5'
    dansguardian-CertificateAuthority.o(.text+0x160): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `EVP_MD_CTX_init'
    dansguardian-CertificateAuthority.o(.text+0x174): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `EVP_DigestInit_ex'
    dansguardian-CertificateAuthority.o(.text+0x194): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `EVP_DigestUpdate'
    dansguardian-CertificateAuthority.o(.text+0x1ae): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `EVP_DigestFinal_ex'
    dansguardian-CertificateAuthority.o(.text+0x1ba): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `EVP_MD_CTX_cleanup'
    dansguardian-CertificateAuthority.o(.text+0x1d1): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `BN_bin2bn'
    dansguardian-CertificateAuthority.o(.text+0x1e7): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `BN_to_ASN1_INTEGER'
    dansguardian-CertificateAuthority.o(.text+0x1f1): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `BN_free'
    dansguardian-CertificateAuthority.o(.text+0x20a): In function `CertificateAuthority::getSerial(char const*)':
    : undefined reference to `EVP_MD_CTX_cleanup'
    dansguardian-CertificateAuthority.o(.text+0x22d): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_new'
    dansguardian-CertificateAuthority.o(.text+0x247): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_set_version'
    dansguardian-CertificateAuthority.o(.text+0x274): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_set_serialNumber'
    dansguardian-CertificateAuthority.o(.text+0x284): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `ASN1_INTEGER_free'
    dansguardian-CertificateAuthority.o(.text+0x29b): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `ASN1_TIME_set'
    dansguardian-CertificateAuthority.o(.text+0x2bb): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `ASN1_TIME_set'
    dansguardian-CertificateAuthority.o(.text+0x2d2): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_set_pubkey'
    dansguardian-CertificateAuthority.o(.text+0x2e2): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_get_subject_name'
    dansguardian-CertificateAuthority.o(.text+0x323): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_NAME_add_entry_by_txt'
    dansguardian-CertificateAuthority.o(.text+0x332): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_get_subject_name'
    dansguardian-CertificateAuthority.o(.text+0x344): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_set_issuer_name'
    dansguardian-CertificateAuthority.o(.text+0x34d): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `EVP_sha1'
    dansguardian-CertificateAuthority.o(.text+0x35f): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_sign'
    dansguardian-CertificateAuthority.o(.text+0x377): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_free'
    dansguardian-CertificateAuthority.o(.text+0x389): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_NAME_free'
    dansguardian-CertificateAuthority.o(.text+0x393): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_free'
    dansguardian-CertificateAuthority.o(.text+0x39f): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `X509_free'
    dansguardian-CertificateAuthority.o(.text+0x3a7): In function `CertificateAuthority::generateCertificate(char const*)':
    : undefined reference to `ASN1_INTEGER_free'
    dansguardian-CertificateAuthority.o(.text+0x3c9): In function `CertificateAuthority::~CertificateAuthority()':
    : undefined reference to `X509_free'
    dansguardian-CertificateAuthority.o(.text+0x3d3): In function `CertificateAuthority::~CertificateAuthority()':
    : undefined reference to `EVP_PKEY_free'
    dansguardian-CertificateAuthority.o(.text+0x3de): In function `CertificateAuthority::~CertificateAuthority()':
    : undefined reference to `EVP_PKEY_free'
    dansguardian-CertificateAuthority.o(.text+0x6d9): In function `CertificateAuthority::~CertificateAuthority()':
    : undefined reference to `X509_free'
    dansguardian-CertificateAuthority.o(.text+0x6e3): In function `CertificateAuthority::~CertificateAuthority()':
    : undefined reference to `EVP_PKEY_free'
    dansguardian-CertificateAuthority.o(.text+0x6ee): In function `CertificateAuthority::~CertificateAuthority()':
    : undefined reference to `EVP_PKEY_free'
    dansguardian-CertificateAuthority.o(.text+0x9f9): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
    : undefined reference to `ASN1_INTEGER_to_BN'
    dansguardian-CertificateAuthority.o(.text+0xa03): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
    : undefined reference to `BN_bn2hex'
    dansguardian-CertificateAuthority.o(.text+0xa23): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
    : undefined reference to `CRYPTO_free'
    dansguardian-CertificateAuthority.o(.text+0xa2b): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
    : undefined reference to `BN_free'
    dansguardian-CertificateAuthority.o(.text+0xa33): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
    : undefined reference to `ASN1_INTEGER_free'
    dansguardian-CertificateAuthority.o(.text+0xbf5): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)':
    : undefined reference to `PEM_write_X509'
    dansguardian-CertificateAuthority.o(.text+0x16cc): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
    : undefined reference to `PEM_read_X509'
    dansguardian-CertificateAuthority.o(.text+0x171c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
    : undefined reference to `PEM_read_PrivateKey'
    dansguardian-CertificateAuthority.o(.text+0x176b): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
    : undefined reference to `PEM_read_PrivateKey'
    dansguardian-CertificateAuthority.o(.text+0x1a3c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
    : undefined reference to `PEM_read_X509'
    dansguardian-CertificateAuthority.o(.text+0x1a8c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
    : undefined reference to `PEM_read_PrivateKey'
    dansguardian-CertificateAuthority.o(.text+0x1adb): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)':
    : undefined reference to `PEM_read_PrivateKey'
    dansguardian-CertificateAuthority.o(.text+0x1d79): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
    : undefined reference to `ASN1_INTEGER_to_BN'
    dansguardian-CertificateAuthority.o(.text+0x1d83): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
    : undefined reference to `BN_bn2hex'
    dansguardian-CertificateAuthority.o(.text+0x1da3): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
    : undefined reference to `CRYPTO_free'
    dansguardian-CertificateAuthority.o(.text+0x1dab): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
    : undefined reference to `BN_free'
    dansguardian-CertificateAuthority.o(.text+0x1db3): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
    : undefined reference to `ASN1_INTEGER_free'
    dansguardian-CertificateAuthority.o(.text+0x1e45): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)':
    : undefined reference to `PEM_read_X509'
    *** Error code 1
    
    Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0/src.
    *** Error code 1
    
    Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0.
    *** Error code 1
    
    Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0.
    *** Error code 1
    
    Stop in /usr/ports/www/dansguardian-devel.
    *** Error code 1
    
    Stop in /usr/ports/www/dansguardian-devel.
    
    


  • From what i see you need to add to LDFLAGS -lssl -lcrypto



  • @ermal:

    From what i see you need to add to LDFLAGS -lssl -lcrypto

    YES! that was it.

    Included it to ports Makefile and it compiled  ;D

    Thank you very much ermal. I could compile and create package. I'll post new Makefile to update dansguardian ports package.

    After installing it and configuring certs using pfsense cert manager, I'm getting now ssl negotiation erros from dansguardian logs.

    Getting ssl certificate for client connection
    Generating serial no for www.facebook.com
    Serial no is 660328A7F9004D462085AA67A82065DB
    Searching for certificate for www.facebook.com
    Certificate not found. Creating one
    Generating serial no for www.facebook.com
    Serial no is 660328A7F9004D462085AA67A82065DB
    Going SSL on the peer connection
    Error doing ssl hanshake
    ssl stopping
    this is a client connection
    SSL_RECIEVED_SHUTDOWN IS SET
    calling ssl shutdown
    done
    SSL Interception failed Failed to negotiate ssl connection to client
    Not looking for log-only category; current cat string is: SSL Site (8)
    Building raw log data string... ...built
    uds connect:/tmp/.dguardianipc
    received a log request
    read into buffer; bufflen: 169
    Shutting down ssl to proxy
    ssl stopping
    Shutting down ssl to client
    ssl stopping
    Attempting graceful connection close
    27 2012.2.15 0:14:26 172.16.1.152 172.16.1.152 https://www.facebook.com:443 *DENIED* Failed to negotiate ssl connection to client CONNECT 0 0 SSL Site 1 200 -  Default   - -
    
    

    On browser:
    sec_error_invalid_time
    sec_error_reused_issuer_and_serial



  • Hi Marcello ;

    Have you achive ssl content filtering with DG 2.12 ?

    The Dansguardian Mailing list not reponse to me, so I have waiting for ssl filtering from you.



  • @mahoon:

    Hi Marcello ;

    Have you achive ssl content filtering with DG 2.12 ?

    The Dansguardian Mailing list not reponse to me, so I have waiting for ssl filtering from you.

    I'm still on the same point.  :(
    I get only invalid certificates time/date error from browsers.


Log in to reply