Hi Alex, On Thu, May 23, Alex Rousskov wrote: > > I use squid 3.3.5 with the ssl-bump feature. > > My private key is crypted and I want to enter the password at start time. > > > > Since 3.3.5 squid wants to execute a program even I haven't configured > > sslpassword_program and start squid with the -N option. > > > > --snip-- > > idvhttpsproxy01:~ # squid -f /etc/squid/squid.conf -NY > > sh: (null): command not found > > FATAL: No valid signing SSL certificate configured for http_port MYIP:8080 > > Squid Cache (Version 3.3.5): Terminated abnormally. > > CPU Usage: 0.004 seconds = 0.000 user + 0.004 sys > > Maximum Resident Size: 21248 KB > > Page faults with physical i/o: 0 > > --snip-- > > > > when I set sslpassword_program to a program which print the password on > > stdout squid starts, but I want to enter the password during start of > > squid. > > > > Is this a bug ? > > > Yes, I think it is. Please check whether the attached patch works when > you start Squid with -N and _without_ sslpassword_program. > > The patch may or may not work when you start Squid without -N and with > sslpassword_program. The outcome depends on whether snprintf() crashes > when given a NULL pointer and on whether your sslpassword_program needs > to know the name of the key file Squid is trying to load (that name will > not be passed to your sslpassword_program). If you can test this > scenario, please do. > > Please let us know what your tests show. I applied this patch against squid-3.3.5-20130521-r12565 and it works as expected. Many thanks for this patch ! Will this patch be included in the next release ? -- Regards Dieter -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the >From field.
