Project

General

Profile

Bug #9652

Squid Proxy Server /var/squid/lib/ssl_db directory not found in squid.inc

Added by Brett Vernor 8 months ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Category:
Squid
Target version:
-
Start date:
07/27/2019
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.5
Affected Architecture:
All

Description

When using the Squid Proxy Server package and Enabling SSL filtering in pfSense 2.5.0, I create an internal-CA and assign it. When trying to start the Squid Proxy Server after adding the internal-CA, it crashes with the following log. Same steps work fine in pfSense2.4.4.

Crash report begins.  Anonymous machine information:

amd64
12.0-RELEASE-p8
FreeBSD 12.0-RELEASE-p8 2ffab8b5708(RELENG_2_5) pfSense

Crash report details:

PHP Errors:
[27-Jul-2019 21:32:05 Etc/UTC] PHP Warning: chown(): No such file or directory in /usr/local/pkg/squid.inc on line 104
[27-Jul-2019 21:32:05 Etc/UTC] PHP Warning: chgrp(): No such file or directory in /usr/local/pkg/squid.inc on line 105
[27-Jul-2019 21:32:05 Etc/UTC] PHP Warning: opendir(/var/squid/lib/ssl_db): failed to open dir: No such file or directory in /usr/local/pkg/squid.inc on line 106
[27-Jul-2019 21:32:17 Etc/UTC] PHP Warning: chown(): No such file or directory in /usr/local/pkg/squid.inc on line 104
[27-Jul-2019 21:32:17 Etc/UTC] PHP Warning: chgrp(): No such file or directory in /usr/local/pkg/squid.inc on line 105
[27-Jul-2019 21:32:17 Etc/UTC] PHP Warning: opendir(/var/squid/lib/ssl_db): failed to open dir: No such file or directory in /usr/local/pkg/squid.inc on line 106

No FreeBSD crash data found.

History

#1 Updated by Jim Pingle 8 months ago

  • Project changed from pfSense to pfSense Packages
  • Category changed from Package System to Squid

#3 Updated by Jim Pingle 4 months ago

  • Status changed from New to Pull Request Review

#4 Updated by Jim Pingle 4 months ago

This will need picked back to RELENG_2_4_5 when merged.

#5 Updated by Stefano Mereghetti 4 months ago

Hello
I modified squid.inc adding security_file_certgen instead ssl_crtd (PF ver 2.4.5) but the result is:

20.12.2019 17:07:28     FATAL: The /usr/local/libexec/squid/security_file_certgen -s /var/squid/lib/ssl_db -M 4MB -b 2048 helpers are crashing too rapidly, need help!
20.12.2019 17:07:28     WARNING: /usr/local/libexec/squid/security_file_certgen -s /var/squid/lib/ssl_db -M 4MB -b 2048 #Hlpr1 exited

Second error:

20.12.2019 17:07:28     Squid Cache (Version 4.9): Terminated abnormally.
01.01.1970 01:00:00     
20.12.2019 17:07:28     FATAL: Ipc::Mem::Segment::open failed to shm_open(/var/run/squid/tls_session_cache.shm): (2) No such file or directory

Regards

#6 Updated by Peter Moreno 4 months ago

Looks like the new program called 'security_file_certgen' replace ssl_crtd in the latest version of squid.
Exist 1 step before we can use the new program but squid.inc need to be fix.
https://obsigna.com/articles/1563917142.html
This affect 2.4.5 and 2.5_dev.

#7 Updated by Renato Botelho 3 months ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • Target version changed from 2.5.0 to 2.4.5
  • % Done changed from 0 to 100
  • Affected Version changed from 2.5.0 to 2.4.5

PR has been merged. Thanks!

#8 Updated by Stefano Mereghetti 3 months ago

Hello, thanks.

just tested with the last merge (2.4.5.a.20191231.0928) and squid package (0.4.44_12) and after the activation appear what I warned in my previous post:

01.01.1970 01:00:00    
31.12.2019 17:42:09    Squid Cache (Version 4.9): Terminated abnormally.
01.01.1970 01:00:00    
31.12.2019 17:42:09    FATAL: Ipc::Mem::Segment::open failed to shm_open(/var/run/squid/tls_session_cache.shm): (2) No such file or directory

here all the log:

01.01.1970 01:00:00    
31.12.2019 17:42:07    Squid Cache (Version 4.9): Terminated abnormally.
01.01.1970 01:00:00    
31.12.2019 17:42:07    FATAL: Ipc::Mem::Segment::open failed to shm_open(/var/run/squid/tls_session_cache.shm): (2) No such file or directory
01.01.1970 01:00:00    
01.01.1970 01:00:00    
01.01.1970 01:00:00    
31.12.2019 17:42:06    Squid Cache (Version 4.9): Terminated abnormally.
01.01.1970 01:00:00    
31.12.2019 17:42:06    FATAL: The /usr/local/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048 helpers are crashing too rapidly, need help!
31.12.2019 17:42:06    WARNING: /usr/local/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048 #Hlpr1 exited
31.12.2019 17:42:06    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 17:42:06    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 17:42:06    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 17:42:06    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 17:42:06    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 17:42:06    ERROR: Directive 'sslproxy_cipher' is obsolete.
31.12.2019 17:42:06    ERROR: Directive 'sslproxy_options' is obsolete.
31.12.2019 17:42:06    ERROR: Directive 'sslproxy_capath' is obsolete.
31.12.2019 17:30:20    Service Name: squid
31.12.2019 17:30:20    Starting Squid Cache version 4.9 for amd64-portbld-freebsd11.3...
31.12.2019 17:30:12    Service Name: squid
31.12.2019 17:30:12    Starting Squid Cache version 4.9 for amd64-portbld-freebsd11.3...
01.01.1970 01:00:00    
01.01.1970 01:00:00    
01.01.1970 01:00:00    
31.12.2019 17:27:49    Shutdown: Basic authentication.
31.12.2019 17:27:49    Shutdown: Digest authentication.
31.12.2019 17:27:49    Shutdown: Negotiate authentication.
31.12.2019 17:27:49    Shutdown: NTLM authentication.

Regards

#9 Updated by Stefano Mereghetti 3 months ago

I tried to completely remove the squid package from gui and filesystem... probably thinking about some misconfiguration in the files.
After reinstalling it, same problem.


Squid - Cache Logs
Date-Time    Message
01.01.1970 01:00:00    
01.01.1970 01:00:00    
01.01.1970 01:00:00    
31.12.2019 18:34:56    Squid Cache (Version 4.9): Terminated abnormally.
01.01.1970 01:00:00    
31.12.2019 18:34:56    FATAL: The /usr/local/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048 helpers are crashing too rapidly, need help!
31.12.2019 18:34:56    WARNING: /usr/local/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048 #Hlpr1 exited
31.12.2019 18:34:56    pinger: Initialising ICMP pinger ...
31.12.2019 18:34:56    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 18:34:56    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 18:34:56    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 18:34:56    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 18:34:56    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
31.12.2019 18:34:56    Service Name: squid
31.12.2019 18:34:56    Starting Squid Cache version 4.9 for amd64-portbld-freebsd11.3...

Regards

#10 Updated by Jim Pingle 3 months ago

  • Status changed from Feedback to New

#12 Updated by Stefano Mereghetti 3 months ago

Ok, it works.
being the version of PORTREVISION still the 12, I copied the code of the last merge of squid.inc by hand and replaced the local one.
The cache directory was created without problems, no errors during service startup.

Thanks a lot

#13 Updated by Jim Pingle 3 months ago

  • Status changed from New to Pull Request Review

#14 Updated by Luiz Fernando Barros 3 months ago

Here this issue persists, even replacing squid.inc using the code of the last merge.

Version    2.4.5-DEVELOPMENT (amd64)
built on Fri Jan 03 21:55:35 EST 2020
FreeBSD 11.3-STABLE

The system is on the latest version.
Version information updated at Sat Jan 4 17:07:31 UTC 2020
Squid Version 0.4.44_12
01.01.1970 00:00:00    
01.01.1970 00:00:00    
01.01.1970 00:00:00    
04.01.2020 17:34:33    Squid Cache (Version 4.9): Terminated abnormally.
01.01.1970 00:00:00    
04.01.2020 17:34:33    FATAL: The /usr/local/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048 helpers are crashing too rapidly, need help!
04.01.2020 17:34:33    WARNING: /usr/local/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048 #Hlpr1 exited
04.01.2020 17:34:32    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
04.01.2020 17:34:32    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory
04.01.2020 17:34:32    ipcCreate: /usr/local/libexec/squid/ssl_crtd: (2) No such file or directory

#15 Updated by Stefano Mereghetti 3 months ago

In the branch RELENG_2.4.5 (GitHub) the file squid.inc still wrong.

https://github.com/pfsense/FreeBSD-ports/blob/RELENG_2_4_5/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc

The correct file is in a single squashed commit

https://github.com/pfsense/FreeBSD-ports/commit/0df32d8207dbb6df1ab237901975edbaf4e108a7#diff-9eef6dd5be9730300a6d28022f67862f

So, I think we have to wait the merge and a new port version.

#16 Updated by Renato Botelho 3 months ago

  • Status changed from Pull Request Review to Feedback
  • Target version deleted (2.4.5)

PR has been merged. Thanks!

#17 Updated by Viktor Gurov about 1 month ago

  • Status changed from Feedback to Resolved

Renato Botelho wrote:

PR has been merged. Thanks!

works ok on 2.4.5.r.20200222.0000 and 2.5.0.a.20200221.1911 with squid 0.4.44_13

Also available in: Atom PDF