]>
Commit | Line | Data |
---|---|---|
5dee515e | 1 | /* |
5dee515e | 2 | * DEBUG: section 28 Access Control |
3 | * AUTHOR: Duane Wessels | |
4 | * | |
5 | * SQUID Web Proxy Cache http://www.squid-cache.org/ | |
6 | * ---------------------------------------------------------- | |
7 | * | |
8 | * Squid is the result of efforts by numerous individuals from | |
9 | * the Internet community; see the CONTRIBUTORS file for full | |
10 | * details. Many organizations have provided support for Squid's | |
11 | * development; see the SPONSORS file for full details. Squid is | |
12 | * Copyrighted (C) 2001 by the Regents of the University of | |
13 | * California; see the COPYRIGHT file for full details. Squid | |
14 | * incorporates software developed and/or copyrighted by other | |
15 | * sources; see the CREDITS file for full details. | |
16 | * | |
17 | * This program is free software; you can redistribute it and/or modify | |
18 | * it under the terms of the GNU General Public License as published by | |
19 | * the Free Software Foundation; either version 2 of the License, or | |
20 | * (at your option) any later version. | |
26ac0430 | 21 | * |
5dee515e | 22 | * This program is distributed in the hope that it will be useful, |
23 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
24 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
25 | * GNU General Public License for more details. | |
26ac0430 | 26 | * |
5dee515e | 27 | * You should have received a copy of the GNU General Public License |
28 | * along with this program; if not, write to the Free Software | |
29 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
30 | * | |
31 | * | |
32 | * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org> | |
33 | */ | |
34 | ||
582c2af2 | 35 | #include "squid.h" |
454e8283 | 36 | |
37 | /* MS Visual Studio Projects are monolithic, so we need the following | |
38 | * #if to exclude the SSL code from compile process when not needed. | |
39 | */ | |
40 | #if USE_SSL | |
41 | ||
127dce76 | 42 | #include "acl/Certificate.h" |
127dce76 | 43 | #include "acl/CertificateData.h" |
602d9612 | 44 | #include "acl/Checklist.h" |
a46d2c0e | 45 | #include "client_side.h" |
582c2af2 FC |
46 | #include "fde.h" |
47 | #include "globals.h" | |
602d9612 | 48 | #include "HttpRequest.h" |
5dee515e | 49 | |
5dee515e | 50 | int |
33810b1d | 51 | ACLCertificateStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist, ACLFlags &) |
5dee515e | 52 | { |
784054ad | 53 | const int fd = checklist->fd(); |
54 | const bool goodDescriptor = 0 <= fd && fd <= Biggest_FD; | |
55 | SSL *ssl = goodDescriptor ? fd_table[fd].ssl : 0; | |
00352183 AR |
56 | X509 *cert = SSL_get_peer_certificate(ssl); |
57 | const bool res = data->match (cert); | |
58 | X509_free(cert); | |
59 | return res; | |
5dee515e | 60 | } |
61 | ||
62 | ACLCertificateStrategy * | |
63 | ACLCertificateStrategy::Instance() | |
64 | { | |
65 | return &Instance_; | |
66 | } | |
67 | ||
68 | ACLCertificateStrategy ACLCertificateStrategy::Instance_; | |
454e8283 | 69 | |
70 | #endif /* USE_SSL */ |