From efe69ecf1636c393ad3047489516e5e45b618268 Mon Sep 17 00:00:00 2001
From: Multiconecta <38262036+Multiconecta@users.noreply.github.com>
Date: Thu, 11 Apr 2019 08:47:52 -0300
Subject: [PATCH 1/2] Convert Windows line feeds in squid ca certificate

Avoid FATAL error No valid signing SSL certificate configured load squid with a CA certificate imported from Windows
---
 www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc b/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc
index 1024717066fb..6359082483f6 100644
--- a/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc
+++ b/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc
@@ -1175,7 +1175,7 @@ function squid_resync_general() {
 					// Should never get here
 					$sslproxy_dhparams = "";
 				}
-				file_put_contents($crt_pk, base64_decode($srv_cert['prv']) . base64_decode($srv_cert['crt']));
+				file_put_contents($crt_pk, str_replace("\r\n", "\n", base64_decode($srv_cert['prv']) . base64_decode($srv_cert['crt'])));
 				$sslcrtd_children = ($settings['sslcrtd_children'] ? $settings['sslcrtd_children'] : 5);
 				$ssl_interception .= "ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=" . ($sslcrtd_children*2) . "MB cert={$crt_pk} capath={$crt_capath} cipher={$sslproxy_cipher} {$sslproxy_dhparams} options={$sslproxy_options}\n";
 				$interception_checks = "sslcrtd_program " . SQUID_LOCALBASE . "/libexec/squid/ssl_crtd -s " . SQUID_SSL_DB . " -M 4MB -b 2048\n";

From bfe3efe250f9422dafeacbbb6758d9e178a06c95 Mon Sep 17 00:00:00 2001
From: Multiconecta <38262036+Multiconecta@users.noreply.github.com>
Date: Thu, 11 Apr 2019 16:19:46 -0300
Subject: [PATCH 2/2] Using unixnewlines function

instead of str_replace and assuring a new line between key and certificate
---
 www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc b/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc
index 6359082483f6..4cd5a36c1e70 100644
--- a/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc
+++ b/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc
@@ -1175,7 +1175,7 @@ function squid_resync_general() {
 					// Should never get here
 					$sslproxy_dhparams = "";
 				}
-				file_put_contents($crt_pk, str_replace("\r\n", "\n", base64_decode($srv_cert['prv']) . base64_decode($srv_cert['crt'])));
+				file_put_contents($crt_pk, unixnewlines(base64_decode($srv_cert['prv']) . "\n" . base64_decode($srv_cert['crt'])));
 				$sslcrtd_children = ($settings['sslcrtd_children'] ? $settings['sslcrtd_children'] : 5);
 				$ssl_interception .= "ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=" . ($sslcrtd_children*2) . "MB cert={$crt_pk} capath={$crt_capath} cipher={$sslproxy_cipher} {$sslproxy_dhparams} options={$sslproxy_options}\n";
 				$interception_checks = "sslcrtd_program " . SQUID_LOCALBASE . "/libexec/squid/ssl_crtd -s " . SQUID_SSL_DB . " -M 4MB -b 2048\n";