diladele
Squid 4.14 installed on Windows 10 from MSI is missing cygcrypt-2.dll
Hi,
I'm trying to setup Squid to use basic authentication, so I've created / copied a passwd file (using htpasswd on an Ubuntu VM with the default md5 encryption) to my Squid installation and configured it as below:
# Added for basic password authentication
auth_param basic program c:/Squid/lib/squid/basic_ncsa_auth.exe c:/Squid/etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 2 hours
acl auth_users proxy_auth REQUIRED
http_access allow auth_users
But whenever I try to authenticate to the proxy, my log file gets flooded with below error messages:
2021/07/01 12:58:10| Starting new basicauthenticator helpers...
2021/07/01 12:58:10| helperOpenServers: Starting 1/5 'basic_ncsa_auth.exe' processes
2021/07/01 12:58:10| WARNING: no_suid: setuid(0): (22) Invalid argument
2021/07/01 12:58:11| WARNING: basicauthenticator #Hlpr6 exited
2021/07/01 12:58:11| Too few basicauthenticator processes are running (need 1/5)
2021/07/01 12:58:11| Starting new helpers
2021/07/01 12:58:11| helperOpenServers: Starting 1/5 'basic_ncsa_auth.exe' processes
C:/Squid/lib/squid/basic_ncsa_auth.exe: error while loading shared libraries: cygcrypt-2.dll: cannot open shared object file: No such file or directory
2021/07/01 12:58:11| WARNING: no_suid: setuid(0): (22) Invalid argument
2021/07/01 12:58:11| WARNING: basicauthenticator #Hlpr7 exited
I've searched my system and could not find cygcrypt-2.dll anywhere (lib/squid is full with similar dlls, but not this one). I've also tried executing basic_ncsa_auth.exe with an admin command prompt and it also fails with a popup complaining that the dll is missing.
What can I do to solve this? Can I for example use a different encryption when using htpassswd to circumvent this issue?
Thanks!
Thanks a lot for the lightning quick reply!! 👍
Anything I can do already to work around this?
Only build by yourself and manually copy the required dll in place.
I suppose you mean:
- Install Cygwin on Windows
- Compile Squid from source inside Cygwin? ?
Meaning that cygcrypt-2.dll is part of of Squid itself?
Just a crazy idea: Do you perhaps have this dll on your system? Would you mind uploading it somewhere?
Ok I've just tried a couple things: My work laptop (Windows 7) does have Cygwin64 installed, so I tried to find the dll on that, but it didn't exist their either. (only older versions) I don't really know which exact cygwin package I need to install or update to get that exact version, so I tried to google for the dll. I didn't find the required info to build it myself, but I did find a download link for that file. Of course I don't trust a downloaded dll, so I've uploaded it first to virustotal.com to make sure it is clean. After copying it into lib/squid I now no longer get the error that the dll is missing, but it still doesn't work:
2021/07/01 13:19:24| Starting new basicauthenticator helpers...
2021/07/01 13:19:24| helperOpenServers: Starting 1/5 'basic_ncsa_auth.exe' processes
2021/07/01 13:19:24| WARNING: no_suid: setuid(0): (22) Invalid argument
2021/07/01 13:19:24| WARNING: basicauthenticator #Hlpr6 exited
2021/07/01 13:19:24| Too few basicauthenticator processes are running (need 1/5)
2021/07/01 13:19:24| Starting new helpers
2021/07/01 13:19:24| helperOpenServers: Starting 1/5 'basic_ncsa_auth.exe' processes
2021/07/01 13:19:24| WARNING: no_suid: setuid(0): (22) Invalid argument
2021/07/01 13:19:24| WARNING: basicauthenticator #Hlpr7 exited
2021/07/01 13:19:24| Too few basicauthenticator processes are running (need 1/5)
2021/07/01 13:19:24| Starting new helpers
2021/07/01 13:19:24| helperOpenServers: Starting 1/5 'basic_ncsa_auth.exe' processes
2021/07/01 13:19:24| WARNING: no_suid: setuid(0): (22) Invalid argument
2021/07/01 13:19:25| WARNING: basicauthenticator #Hlpr8 exited
2021/07/01 13:19:25| Too few basicauthenticator processes are running (need 1/5)
2021/07/01 13:19:25| Starting new helpers
When executing basic_ncsa_auth.exe from a command prompt, I get a popup with application error 0xc000007b, which still seems to indicate a problem with dlls (not sure if the problem is still with the same dll or a different one though)
Just downloaded the latest cygwin64 and when I search for Squid as package it only has v3.3.3-1 or 3.3.3-2 as an option. No v4 at all? Also are all the dll that I require included in this squid package? Or do I need additional packages (like openssh or something)?
M4stakilla I had same problem as you but solved.
- Download Cygwin installer from https://www.cygwin.com
- Install Cygwin(*1)
- Copy cygwin64\bin\cygcrypt-2.dll to c:\Squid\lib\squid\ and C:\Squid\bin
*1 I select all packages to install but it took very long time and I think it was not necessary. Maybe only need to install is Libcrypt2(https://cygwin.com/packages/summary/libcrypt2.html)
Thanks, in contrary to downloading the dll from the internet, your instructions did work flawlessly!
I now have a working password protected Squid installation...
Just fyi (not sure if this is an actual issue that needs to be solved):
I'm still getting below warning frequently in my log file:
2021/07/06 12:18:52| WARNING: no_suid: setuid(0): (22) Invalid argument
M4stakilla I had same problem as you but solved.
- Download Cygwin installer from https://www.cygwin.com
- Install Cygwin(*1)
- Copy cygwin64\bin\cygcrypt-2.dll to c:\Squid\lib\squid\ and C:\Squid\bin
*1 I select all packages to install but it took very long time and I think it was not necessary. Maybe only need to install is Libcrypt2(https://cygwin.com/packages/summary/libcrypt2.html)
I installed Cygwin but weird I can't find the cygcrypt-2.dll file. I installed all packages in the Cygwin, and libcrypt2 package is not listed in the installer too.
Same problem here, found issue by accident as I tried to run "basic_ncsa_auth.exe" manually. It was putting up a dailog/requester and complained about "cygcrypt-2.dll" not being present (such a requester would block any headless execution I guess? why is it not writing to console?).
- To prevent installing/downloading all the packages, select "All" root node first, then chose "Uninstall".
- Then use the search box at the top to search for "libcrypt2", select "Reinstall" in the checkbox and choose a version.
- After "Next / Next .." and a few seconds I had a file.. ..\cygwin64_setup<chosen mirror url>\x86_64\release\libxcrypt\libcrypt2\libcrypt2-4.4.20-1.tar.xz
- I entered this *.tar.xz file with Directory Opus' integrated archive handler and found the cygcrypt-2.dll in there: libcrypt2-4.4.20-1.tar.xz\usr\bin\cygcrypt-2.dll
- Put dll into "..\Squid\lib\squid.."
- basic_ncsa_auth.exe
now runs, does not complain, process does not quit (I guess that's how it's meant to be).
Squid/the basic authentication is not working yet though.. (playing around with squid for the first time, looking for log file or something right now..).
Any updates on this issue? I am interested if there are any plans to include the cygcrypt-2.dll in the msi.
I am facing the same issue as well on Windows.
Even after manually downloading dll, I still get the following: 2023/10/25 15:11:51.806| helperOpenServers: Starting 1/5 'basic_ncsa_auth.exe' processes 2023/10/25 15:11:51.806| WARNING: no_suid: setuid(0): (22) Invalid argument 2023/10/25 15:11:52| WARNING: basicauthenticator #Hlpr3 exited
Hello, after some researching, these are my findings:
1. Using default
this default auth config needs cygcrypt-2.dll, when i find a replacement from web and tried with it, it gave me the same as second option
auth_param basic program "/cygdrive/c/Squid/lib/squid/basic_ncsa_auth.exe" "/cygdrive/c/Squid/etc/passwd"
2. Copying and using an older version squid's ncsa auth exe directly
WARNING: no_suid: setuid(): (22) Invalid argument cannot stat /cygdrive/c/Squid/etc/passwd
auth_param basic program "/cygdrive/c/Squid/lib/squid/ncsa_auth.exe" "/cygdrive/c/Squid/etc/passwd"
3. i wrote a bat file that checks simple texts
WARNING: no_suid: setuid(0): (22) Invalid argument helperOpenServers: Starting 1/5 'auth.bat' processes WARNING: no_suid: setuid(0): (22) Invalid argument The process tried to write to a nonexistent pipe. WARNING: basicauthenticator #Hlpr1560 exited
auth_param basic program "/cygdrive/c/Squid/auth.bat" "/cygdrive/c/Squid/etc/passwd"
is there a bug on squid at the authentication checking execution file calls? Is something missing or misconfigured when compiling squid for windows? From what i read about, message no_suid: setuid(0) is about a problem for calling an executable with 'elevated privileges' ( setuid - like needing a sudo user's id on linux) ???
Any help would be much appreciated! Thank you.
Links to read:
- https://wiki.squid-cache.org/Features/Authentication#how-do-i-use-authentication-in-access-controls
