projects / thirdparty / squid.git / blame
| Commit | Line | Data |
|---|---|---|
| 5dee515e | 1 | /* |
| f70aedc4 | 2 | * Copyright (C) 1996-2021 The Squid Software Foundation and contributors |
| 5dee515e | 3 | * |
| bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
| 5 | * contributions from numerous individuals and organizations. | |
| 6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
| 5dee515e | 7 | */ |
| 8 | ||
| bbc27441 AJ |
9 | /* DEBUG: section 28 Access Control */ |
| 10 | ||
| 582c2af2 | 11 | #include "squid.h" |
| 454e8283 | 12 | |
| 13 | /* MS Visual Studio Projects are monolithic, so we need the following | |
| 14 | * #if to exclude the SSL code from compile process when not needed. | |
| 15 | */ | |
| cb4f4424 | 16 | #if USE_OPENSSL |
| 454e8283 | 17 | |
| 127dce76 | 18 | #include "acl/Certificate.h" |
| 127dce76 | 19 | #include "acl/CertificateData.h" |
| 602d9612 | 20 | #include "acl/Checklist.h" |
| a46d2c0e | 21 | #include "client_side.h" |
| 582c2af2 FC |
22 | #include "fde.h" |
| 23 | #include "globals.h" | |
| d3dddfb5 | 24 | #include "http/Stream.h" |
| 602d9612 | 25 | #include "HttpRequest.h" |
| 5dee515e | 26 | |
| 5dee515e | 27 | int |
| 4eac3407 | 28 | ACLCertificateStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist) |
| 5dee515e | 29 | { |
| 784054ad | 30 | const int fd = checklist->fd(); |
| 31 | const bool goodDescriptor = 0 <= fd && fd <= Biggest_FD; | |
| 33cc0629 | 32 | auto ssl = goodDescriptor ? fd_table[fd].ssl.get() : nullptr; |
| 00352183 AR |
33 | X509 *cert = SSL_get_peer_certificate(ssl); |
| 34 | const bool res = data->match (cert); | |
| 35 | X509_free(cert); | |
| 36 | return res; | |
| 5dee515e | 37 | } |
| 38 | ||
| cb4f4424 | 39 | #endif /* USE_OPENSSL */ |
| f53969cc | 40 |