Need help on dansguardian SSL filtering compilation feature
-
I've tested almost all features in dansguardian 2.12 new package, but when started testing last feature I got no response from it.
I've checked out dansguardian build files and found that SSL filtering feature is not fully implemented on 2.12
There is no ./configure option to enable it and changelog file says:
· Added experimental SSL MITM. (read source code for how to use it)
· Added experimental SSL certificate checking. (read source code for how to use it)Well, I did some hacks to dansguardian-devel Makefile to workaround this ./configure limitation and got dansguardian compiling.
But I'm getting now missing functions from openssl/x509.If somebody could help me to find out how to finish this compilation on freebsd, I'll really appreciate.
This is the new Makefile for dansguarian-devel
# New ports collection makefile for: dansguardian # Date created: April 02, 2002 # Whom: Freddie Cash <fjwcash@gmail.com># # $FreeBSD: ports/www/dansguardian-devel/Makefile,v 1.34 2012/01/05 01:20:28 garga Exp $ # PORTNAME= dansguardian PORTVERSION= 2.12.0.0 CATEGORIES= www MASTER_SITES= # empty, see below MAINTAINER= garga@FreeBSD.org COMMENT= A fast, feature-rich web content filter for Squid proxy servers RUN_DEPENDS= ${LOCALBASE}/sbin/squid:${PORTSDIR}/www/squid LIB_DEPENDS+= pcre.0:${PORTSDIR}/devel/pcre USE_RC_SUBR= dansguardian USE_GNOME= pkgconfig CONFLICTS= dansguardian-2.10.* LATEST_LINK= dansguardian-devel GNU_CONFIGURE= yes CONFIGURE_ARGS= --localstatedir=/var \ --with-logdir=/var/log \ --with-piddir=/var/run \ --with-libiconv=${LOCALBASE} \ --enable-fancydm MAN8= dansguardian.8 OPTIONS= APACHE "Enable Apache support for access denied page" on \ TRICKLE "Enable the trickle download manager" on \ CLISCAN "Enable support for CLI content scanners" off \ CLAMD "Enable ClamAV daemon support (clamd)" off \ ICAP "Enable ICAP AV content scanner support (testing)" off \ KAV "Enable Kaspersky AV support (testing)" off \ NTLM "Enable NTLM authentication plugin" off \ EMAIL "Enable e-mail reporting support" off \ DEBUG "Enable debug options - not for production use" off \ SSL "Enable ssl filtering and cert verify" off DG_URL= http://dansguardian.org/index.php?page=copyright2 CONFDIR= ${PREFIX}/etc/dansguardian RESTRICTED= Redistribution and commercial download is restricted. Check ${DG_URL} for more info .include <bsd.port.pre.mk>.if !defined(WITHOUT_APACHE) USE_APACHE= 20+ .endif .if !defined(WITHOUT_TRICKLE) CONFIGURE+= --enable-trickledm PLIST_SUB+= TRICKLECONF="" .else PLIST_SUB+= TRICKLECONF="@comment " .endif .if defined(WITH_CLISCAN) CONFIGURE_ARGS+= --enable-commandline PLIST_SUB+= CLISCANCONF="" .else PLIST_SUB+= CLISCANCONF="@comment " .endif .if defined(WITH_CLAMD) CONFIGURE_ARGS+= --enable-clamd RUN_DEPENDS+= ${LOCALBASE}/sbin/clamd:${PORTSDIR}/security/clamav PLIST_SUB+= CLAMDCONF="" .else PLIST_SUB+= CLAMDCONF="@comment " .endif .if defined(WITH_ICAP) CONFIGURE_ARGS+= --enable-icap PLIST_SUB+= ICAPCONF="" .else PLIST_SUB+= ICAPCONF="@comment " .endif .if defined(WITH_KAV) CONFIGURE_ARGS+= --enable-kavd PLIST_SUB+= KAVDCONF="" .else PLIST_SUB+= KAVDCONF="@comment " .endif .if defined(WITH_CLAMD) || defined(WITH_ICAP) || defined(WITH_KAV) || defined(WITH_CLISCAN) PLIST_SUB+= SCANNERS="" .else PLIST_SUB+= SCANNERS="@comment " .endif .if defined(WITH_NTLM) CONFIGURE_ARGS+= --enable-ntlm --with-libiconv=${LOCALBASE} USE_ICONV= yes PLIST_SUB+= NTLMCONF="" .else PLIST_SUB+= NTLMCONF="@comment " .endif .if defined(WITH_EMAIL) CONFIGURE_ARGS+= --enable-email PLIST_SUB+= EMAILCONF="" .else PLIST_SUB+= EMAILCONF="@comment " .endif .if defined(WITH_DEBUG) CONFIGURE_ARGS+= --with-dgdebug .endif #.if defined(NOPORTDOCS) #PLISTSUB+= DOCINST="@comment " #.else #PLISTSUB+= DOCINST="" #.endif # User needs to manually download the distfile .if !(exists(${DISTDIR}/${DISTNAME}${EXTRACT_SUFX})) && !defined(PACKAGE_BUILDING) IGNORE= commercial source download is restricted. Please visit and read ${DG_URL} and download ${DISTNAME}${EXTRACT_SUFX} into ${DISTDIR} before running make .endif post-patch: .if defined(NOPORTDOCS) @${REINPLACE_CMD} -e '/install-data-am/ s|install-dist_docDATA||' \ ${WRKSRC}/doc/Makefile.in .endif .if defined(WITH_SSL) @${REINPLACE_CMD} -e 's|ifdef __SSLMITM|ifndef __SSLMITM|' \ ${WRKSRC}/src/*pp @${REINPLACE_CMD} -e 's|ifdef __SSLCERT|ifndef __SSLCERT|' \ ${WRKSRC}/src/*pp @${REINPLACE_CMD} -e 's|ifndef __SSLCERT|ifdef __SSLCERT|' \ ${WRKSRC}/src/Auth.cpp .endif post-install: # Display post-install message @${CAT} pkg-message .include</bsd.port.pre.mk></fjwcash@gmail.com>
And the compile error I'm getting
===> Building for dansguardian-2.12.0.0 make all-recursive Making all in doc Making all in . Making all in data Making all in languages Making all in . Making all in scripts Making all in . Making all in configs Making all in lists Making all in phraselists Making all in . Making all in blacklists Making all in authplugins Making all in . Making all in bannedrooms Making all in . Making all in contentscanners Making all in . Making all in downloadmanagers Making all in . Making all in downloadmanagers Making all in . Making all in authplugins Making all in . Making all in . Making all in contentscanners Making all in . Making all in src c++ -I/usr/local/include -O2 -pipe -fno-strict-aliasing -o dansguardian dansguardian-String.o dansguardian-FDTunnel.o dansguardian-ConnectionHandler.o dansguardian-DataBuffer.o dansguardian-HTTPHeader.o dansguardian-NaughtyFilter.o dansguardian-BackedStore.o dansguardian-RegExp.o dansguardian-FDFuncs.o dansguardian-BaseSocket.o dansguardian-Socket.o dansguardian-FatController.o dansguardian-UDSocket.o dansguardian-SysV.o dansguardian-ListContainer.o dansguardian-Auth.o dansguardian-HTMLTemplate.o dansguardian-LanguageContainer.o dansguardian-DynamicURLList.o dansguardian-DynamicIPList.o dansguardian-ImageContainer.o dansguardian-IPList.o dansguardian-OptionContainer.o dansguardian-FOptionContainer.o dansguardian-ListManager.o dansguardian-md5.o dansguardian-DownloadManager.o dansguardian-ConfigVar.o dansguardian-ContentScanner.o dansguardian-SocketArray.o dansguardian-dansguardian.o dansguardian-CertificateAuthority.o dansguardian-icapscan.o dansguardian-clamdscan.o dansguardian-default.o dansguardian-fancy.o dansguardian-proxy.o dansguardian-ident.o dansguardian-ip.o dansguardian-ntlm.o dansguardian-digest.o -lpcreposix -L/usr/local/lib -lpcre -L/usr/local/lib -liconv -lz dansguardian-ConnectionHandler.o(.text+0x960): In function `ConnectionHandler::checkCertificate(String&, Socket*, NaughtyFilter*)': : undefined reference to `X509_verify_cert_error_string' dansguardian-ConnectionHandler.o(.text+0x14c62): In function `ConnectionHandler::handleConnection(Socket&, String&, Socket&)': : undefined reference to `X509_free' dansguardian-ConnectionHandler.o(.text+0x14c70): In function `ConnectionHandler::handleConnection(Socket&, String&, Socket&)': : undefined reference to `EVP_PKEY_free' dansguardian-Socket.o(.text+0x233): In function `Socket::writeToSocket(char const*, int, unsigned int, int, bool, bool)': : undefined reference to `SSL_write' dansguardian-Socket.o(.text+0x428): In function `Socket::readFromSocket(char*, int, unsigned int, int, bool, bool)': : undefined reference to `SSL_read' dansguardian-Socket.o(.text+0x4f9): In function `Socket::checkForInput()': : undefined reference to `SSL_peek' dansguardian-Socket.o(.text+0x524): In function `Socket::checkCertValid()': : undefined reference to `SSL_get_peer_certificate' dansguardian-Socket.o(.text+0x530): In function `Socket::checkCertValid()': : undefined reference to `X509_free' dansguardian-Socket.o(.text+0x58b): In function `Socket::stopSsl()': : undefined reference to `SSL_shutdown' dansguardian-Socket.o(.text+0x599): In function `Socket::stopSsl()': : undefined reference to `SSL_free' dansguardian-Socket.o(.text+0x5bc): In function `Socket::stopSsl()': : undefined reference to `SSL_CTX_free' dansguardian-Socket.o(.text+0x5d7): In function `Socket::stopSsl()': : undefined reference to `SSL_shutdown' dansguardian-Socket.o(.text+0x5e9): In function `Socket::stopSsl()': : undefined reference to `SSL_get_fd' dansguardian-Socket.o(.text+0x654): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSLv23_server_method' dansguardian-Socket.o(.text+0x65c): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_CTX_new' dansguardian-Socket.o(.text+0x68d): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_CTX_set_timeout' dansguardian-Socket.o(.text+0x6ab): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_CTX_use_certificate' dansguardian-Socket.o(.text+0x6c9): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_CTX_use_PrivateKey' dansguardian-Socket.o(.text+0x6e0): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_new' dansguardian-Socket.o(.text+0x706): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_ctrl' dansguardian-Socket.o(.text+0x72c): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_ctrl' dansguardian-Socket.o(.text+0x73a): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_set_accept_state' dansguardian-Socket.o(.text+0x754): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_set_fd' dansguardian-Socket.o(.text+0x762): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_accept' dansguardian-Socket.o(.text+0x77d): In function `Socket::startSslServer(x509_st*, evp_pkey_st*)': : undefined reference to `SSL_do_handshake' dansguardian-Socket.o(.text+0x13d4): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSLv23_client_method' dansguardian-Socket.o(.text+0x13dc): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_CTX_new' dansguardian-Socket.o(.text+0x140d): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_CTX_set_timeout' dansguardian-Socket.o(.text+0x1435): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_CTX_load_verify_locations' dansguardian-Socket.o(.text+0x144b): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_new' dansguardian-Socket.o(.text+0x1471): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_ctrl' dansguardian-Socket.o(.text+0x1497): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_ctrl' dansguardian-Socket.o(.text+0x14a5): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_set_connect_state' dansguardian-Socket.o(.text+0x14bf): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_set_fd' dansguardian-Socket.o(.text+0x14cd): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_connect' dansguardian-Socket.o(.text+0x14f4): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_CTX_free' dansguardian-Socket.o(.text+0x150b): In function `Socket::startSslClient(std::string const&)': : undefined reference to `ERR_print_errors_fp' dansguardian-Socket.o(.text+0x1519): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_free' dansguardian-Socket.o(.text+0x1527): In function `Socket::startSslClient(std::string const&)': : undefined reference to `SSL_CTX_free' dansguardian-Socket.o(.text+0x16af): In function `Socket::readFromSocketn(char*, int, unsigned int, int)': : undefined reference to `SSL_read' dansguardian-Socket.o(.text+0x1da6): In function `Socket::getLine(char*, int, int, bool, bool*, bool*)': : undefined reference to `SSL_read' dansguardian-Socket.o(.text+0x1df0): In function `Socket::getLine(char*, int, int, bool, bool*, bool*)': : undefined reference to `SSL_get_error' dansguardian-Socket.o(.text+0x255b): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `SSL_get_peer_certificate' dansguardian-Socket.o(.text+0x2599): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `X509_get_ext_d2i' dansguardian-Socket.o(.text+0x25a4): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `sk_num' dansguardian-Socket.o(.text+0x25de): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `sk_value' dansguardian-Socket.o(.text+0x25f5): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `ASN1_STRING_to_UTF8' dansguardian-Socket.o(.text+0x2646): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `CRYPTO_free' dansguardian-Socket.o(.text+0x275f): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `GENERAL_NAME_free' dansguardian-Socket.o(.text+0x2767): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `sk_pop_free' dansguardian-Socket.o(.text+0x2784): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `X509_get_subject_name' dansguardian-Socket.o(.text+0x27a2): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `X509_NAME_get_entry' dansguardian-Socket.o(.text+0x27aa): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `X509_NAME_ENTRY_get_data' dansguardian-Socket.o(.text+0x27b9): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `ASN1_STRING_to_UTF8' dansguardian-Socket.o(.text+0x280a): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `CRYPTO_free' dansguardian-Socket.o(.text+0x2917): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `X509_NAME_get_index_by_NID' dansguardian-Socket.o(.text+0x2952): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `X509_free' dansguardian-Socket.o(.text+0x2974): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `X509_free' dansguardian-Socket.o(.text+0x2bc2): In function `Socket::checkCertHostname(std::string const&)': : undefined reference to `X509_free' dansguardian-Socket.o(.text+0x543): In function `Socket::checkCertValid()': : undefined reference to `SSL_get_verify_result' dansguardian-FatController.o(.text+0xbc8d): In function `fc_controlit()': : undefined reference to `SSL_load_error_strings' dansguardian-FatController.o(.text+0xbc92): In function `fc_controlit()': : undefined reference to `OPENSSL_add_all_algorithms_noconf' dansguardian-FatController.o(.text+0xbc97): In function `fc_controlit()': : undefined reference to `OpenSSL_add_all_digests' dansguardian-FatController.o(.text+0xbca1): In function `fc_controlit()': : undefined reference to `SSL_library_init' dansguardian-CertificateAuthority.o(.text+0x124): In function `CertificateAuthority::getServerPkey()': : undefined reference to `CRYPTO_add_lock' dansguardian-CertificateAuthority.o(.text+0x156): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `EVP_md5' dansguardian-CertificateAuthority.o(.text+0x160): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `EVP_MD_CTX_init' dansguardian-CertificateAuthority.o(.text+0x174): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `EVP_DigestInit_ex' dansguardian-CertificateAuthority.o(.text+0x194): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `EVP_DigestUpdate' dansguardian-CertificateAuthority.o(.text+0x1ae): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `EVP_DigestFinal_ex' dansguardian-CertificateAuthority.o(.text+0x1ba): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `EVP_MD_CTX_cleanup' dansguardian-CertificateAuthority.o(.text+0x1d1): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `BN_bin2bn' dansguardian-CertificateAuthority.o(.text+0x1e7): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `BN_to_ASN1_INTEGER' dansguardian-CertificateAuthority.o(.text+0x1f1): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `BN_free' dansguardian-CertificateAuthority.o(.text+0x20a): In function `CertificateAuthority::getSerial(char const*)': : undefined reference to `EVP_MD_CTX_cleanup' dansguardian-CertificateAuthority.o(.text+0x22d): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_new' dansguardian-CertificateAuthority.o(.text+0x247): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_set_version' dansguardian-CertificateAuthority.o(.text+0x274): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_set_serialNumber' dansguardian-CertificateAuthority.o(.text+0x284): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `ASN1_INTEGER_free' dansguardian-CertificateAuthority.o(.text+0x29b): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `ASN1_TIME_set' dansguardian-CertificateAuthority.o(.text+0x2bb): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `ASN1_TIME_set' dansguardian-CertificateAuthority.o(.text+0x2d2): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_set_pubkey' dansguardian-CertificateAuthority.o(.text+0x2e2): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_get_subject_name' dansguardian-CertificateAuthority.o(.text+0x323): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_NAME_add_entry_by_txt' dansguardian-CertificateAuthority.o(.text+0x332): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_get_subject_name' dansguardian-CertificateAuthority.o(.text+0x344): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_set_issuer_name' dansguardian-CertificateAuthority.o(.text+0x34d): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `EVP_sha1' dansguardian-CertificateAuthority.o(.text+0x35f): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_sign' dansguardian-CertificateAuthority.o(.text+0x377): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_free' dansguardian-CertificateAuthority.o(.text+0x389): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_NAME_free' dansguardian-CertificateAuthority.o(.text+0x393): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_free' dansguardian-CertificateAuthority.o(.text+0x39f): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `X509_free' dansguardian-CertificateAuthority.o(.text+0x3a7): In function `CertificateAuthority::generateCertificate(char const*)': : undefined reference to `ASN1_INTEGER_free' dansguardian-CertificateAuthority.o(.text+0x3c9): In function `CertificateAuthority::~CertificateAuthority()': : undefined reference to `X509_free' dansguardian-CertificateAuthority.o(.text+0x3d3): In function `CertificateAuthority::~CertificateAuthority()': : undefined reference to `EVP_PKEY_free' dansguardian-CertificateAuthority.o(.text+0x3de): In function `CertificateAuthority::~CertificateAuthority()': : undefined reference to `EVP_PKEY_free' dansguardian-CertificateAuthority.o(.text+0x6d9): In function `CertificateAuthority::~CertificateAuthority()': : undefined reference to `X509_free' dansguardian-CertificateAuthority.o(.text+0x6e3): In function `CertificateAuthority::~CertificateAuthority()': : undefined reference to `EVP_PKEY_free' dansguardian-CertificateAuthority.o(.text+0x6ee): In function `CertificateAuthority::~CertificateAuthority()': : undefined reference to `EVP_PKEY_free' dansguardian-CertificateAuthority.o(.text+0x9f9): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)': : undefined reference to `ASN1_INTEGER_to_BN' dansguardian-CertificateAuthority.o(.text+0xa03): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)': : undefined reference to `BN_bn2hex' dansguardian-CertificateAuthority.o(.text+0xa23): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)': : undefined reference to `CRYPTO_free' dansguardian-CertificateAuthority.o(.text+0xa2b): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)': : undefined reference to `BN_free' dansguardian-CertificateAuthority.o(.text+0xa33): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)': : undefined reference to `ASN1_INTEGER_free' dansguardian-CertificateAuthority.o(.text+0xbf5): In function `CertificateAuthority::writeCertificate(char const*, x509_st*)': : undefined reference to `PEM_write_X509' dansguardian-CertificateAuthority.o(.text+0x16cc): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)': : undefined reference to `PEM_read_X509' dansguardian-CertificateAuthority.o(.text+0x171c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)': : undefined reference to `PEM_read_PrivateKey' dansguardian-CertificateAuthority.o(.text+0x176b): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)': : undefined reference to `PEM_read_PrivateKey' dansguardian-CertificateAuthority.o(.text+0x1a3c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)': : undefined reference to `PEM_read_X509' dansguardian-CertificateAuthority.o(.text+0x1a8c): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)': : undefined reference to `PEM_read_PrivateKey' dansguardian-CertificateAuthority.o(.text+0x1adb): In function `CertificateAuthority::CertificateAuthority(char const*, char const*, char const*, char const*, char const*)': : undefined reference to `PEM_read_PrivateKey' dansguardian-CertificateAuthority.o(.text+0x1d79): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)': : undefined reference to `ASN1_INTEGER_to_BN' dansguardian-CertificateAuthority.o(.text+0x1d83): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)': : undefined reference to `BN_bn2hex' dansguardian-CertificateAuthority.o(.text+0x1da3): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)': : undefined reference to `CRYPTO_free' dansguardian-CertificateAuthority.o(.text+0x1dab): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)': : undefined reference to `BN_free' dansguardian-CertificateAuthority.o(.text+0x1db3): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)': : undefined reference to `ASN1_INTEGER_free' dansguardian-CertificateAuthority.o(.text+0x1e45): In function `CertificateAuthority::getServerCertificate(char const*, x509_st**)': : undefined reference to `PEM_read_X509' *** Error code 1 Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0/src. *** Error code 1 Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0. *** Error code 1 Stop in /usr/ports/www/dansguardian-devel/work/dansguardian-2.12.0.0. *** Error code 1 Stop in /usr/ports/www/dansguardian-devel. *** Error code 1 Stop in /usr/ports/www/dansguardian-devel.
-
From what i see you need to add to LDFLAGS -lssl -lcrypto
-
@ermal:
From what i see you need to add to LDFLAGS -lssl -lcrypto
YES! that was it.
Included it to ports Makefile and it compiled ;D
Thank you very much ermal. I could compile and create package. I'll post new Makefile to update dansguardian ports package.
After installing it and configuring certs using pfsense cert manager, I'm getting now ssl negotiation erros from dansguardian logs.
Getting ssl certificate for client connection Generating serial no for www.facebook.com Serial no is 660328A7F9004D462085AA67A82065DB Searching for certificate for www.facebook.com Certificate not found. Creating one Generating serial no for www.facebook.com Serial no is 660328A7F9004D462085AA67A82065DB Going SSL on the peer connection Error doing ssl hanshake ssl stopping this is a client connection SSL_RECIEVED_SHUTDOWN IS SET calling ssl shutdown done SSL Interception failed Failed to negotiate ssl connection to client Not looking for log-only category; current cat string is: SSL Site (8) Building raw log data string... ...built uds connect:/tmp/.dguardianipc received a log request read into buffer; bufflen: 169 Shutting down ssl to proxy ssl stopping Shutting down ssl to client ssl stopping Attempting graceful connection close 27 2012.2.15 0:14:26 172.16.1.152 172.16.1.152 https://www.facebook.com:443 *DENIED* Failed to negotiate ssl connection to client CONNECT 0 0 SSL Site 1 200 - Default - -
On browser:
sec_error_invalid_time
sec_error_reused_issuer_and_serial -
Hi Marcello ;
Have you achive ssl content filtering with DG 2.12 ?
The Dansguardian Mailing list not reponse to me, so I have waiting for ssl filtering from you.
-
Hi Marcello ;
Have you achive ssl content filtering with DG 2.12 ?
The Dansguardian Mailing list not reponse to me, so I have waiting for ssl filtering from you.
I'm still on the same point. :(
I get only invalid certificates time/date error from browsers.