Bug 17298 - squid does not include /usr/lib64/squid/ssl_crtd.
Summary: squid does not include /usr/lib64/squid/ssl_crtd.
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 5
Hardware: x86_64 Linux
Priority: Normal minor
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard: PATCH advisory mga5-32-ok
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2015-12-06 07:00 CET by Rod Emerson
Modified: 2015-12-28 20:24 CET (History)
3 users (show)

See Also:
Source RPM: squid-3.4.13-1.1.mga5.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Rod Emerson 2015-12-06 07:00:31 CET 
Description of problem:

squid does not use --enable-ssl-crtd, thus /usr/lib64/squid/ssl_crtd
is not built.

ssl_crtd is used for ssl bumping.

Version-Release number of selected component (if applicable):

squid-3.4.13-1.1.mga5.src.rpm

How reproducible:

Not applicable.

Steps to Reproduce:
1. $ rpm -qlp squid-3.4.13-1.1.mga5.x86_64.rpm | grep ssl_crtd
/usr/share/man/man8/ssl_crtd.8.xz

2. $ diff -u squid.spec  squid.spec.rod
--- squid.spec
+++ squid.spec
@@ -22,7 +22,7 @@
 Summary:       The Squid proxy caching server %{their_version}
 Name:          squid
 Version:       %{their_version}
-%define subrel 1
+%define subrel 2
 Release:       %mkrel 1
 License:       GPLv2
 Group:         System/Servers
@@ -202,6 +202,7 @@
     --enable-arp-acl \
     --enable-htcp \
     --enable-ssl \
+    --enable-ssl-crtd \
     --enable-forw-via-db \
     --enable-follow-x-forwarded-for \
     --enable-cache-digests \
@@ -515,6 +516,7 @@
 %attr(0755,root,squid) %{_libexecdir}/url_fake_rewrite
 %attr(0755,root,squid) %{_libexecdir}/url_fake_rewrite.sh
 %attr(0755,root,squid) %{_libexecdir}/log_db_daemon
+%attr(0755,root,squid) %{_libexecdir}/ssl_crtd
 
 %{_sbindir}/*
 %attr(0644,root,root) %{_mandir}/man8/*

3. It works, http://users.on.net/~emerson/mga/dokuwiki/web_proxy_server.html#ssl_bump


Reproducible: 

Steps to Reproduce:
Comment 1 Samuel Verschelde 2015-12-07 11:57:46 CET 
Assigning to registered maintainer and adding recent commiters in CC.

CC: (none) => luigiwalser, luis.daniel.lucio
Assignee: bugsquad => bruno
Whiteboard: (none) => PATCH

Comment 2 Bruno Cornec 2015-12-17 00:39:04 CET 
Thanks for this feedback.

This is now fixed with squid-3.5.12-2 for cauldron and squid-3.4.13-1 for mga5 currently being build.

Status: NEW => ASSIGNED

Bruno Cornec 2015-12-19 02:05:44 CET

Assignee: bruno => qa-bugs

Comment 3 claire robinson 2015-12-28 16:42:19 CET 
Testing complete mga5 32

Checked changes using rpmdiff on madb. Simply ensured the relevant file is included in the new package with urpmf.

$ urpmf /usr/lib/squid/ssl_crtd
$ urpmf /usr/lib/squid/ssl_crtd --media Testing
    ftp://distrib-coffee.ipsl.jussieu.fr/pub/linux/Mageia/distrib/5/i586/media/core/updates_testing/media_info/20151228-120925-files.xml.lzma
squid:/usr/lib/squid/ssl_crtd    


Validating. No advisory given and srpm given is incorrect.

Advisory uploaded as..

type: bugfix
subject: Updated squid packages fix missing ssl_crtd
src:
  5:
   core:
     - squid-3.4.13-1.2.mga5
description: |
  Updated squid packages enable ssl-crtd build option, thus now providing
  /usr/lib/squid/ssl_crtd, which is used for ssl bumping.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=17298

Keywords: (none) => validated_update
Whiteboard: PATCH => PATCH advisory mga5-32-ok
CC: (none) => sysadmin-bugs

Comment 4 Mageia Robot 2015-12-28 20:24:14 CET 
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGAA-2015-0212.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.