src/acl/Certificate.cc

   1 /*
   2  * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 /* DEBUG: section 28    Access Control */
  10
  11 #include "squid.h"
  12
  13 /* MS Visual Studio Projects are monolithic, so we need the following
  14  * #if to exclude the SSL code from compile process when not needed.
  15  */
  16 #if USE_OPENSSL
  17
  18 #include "acl/Certificate.h"
  19 #include "acl/CertificateData.h"
  20 #include "acl/Checklist.h"
  21 #include "client_side.h"
  22 #include "fde.h"
  23 #include "globals.h"
  24 #include "HttpRequest.h"
  25
  26 int
  27 ACLCertificateStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist, ACLFlags &)
  28 {
  29     const int fd = checklist->fd();
  30     const bool goodDescriptor = 0 <= fd && fd <= Biggest_FD;
  31     SSL *ssl = goodDescriptor ? fd_table[fd].ssl : 0;
  32     X509 *cert = SSL_get_peer_certificate(ssl);
  33     const bool res = data->match (cert);
  34     X509_free(cert);
  35     return res;
  36 }
  37
  38 ACLCertificateStrategy *
  39 ACLCertificateStrategy::Instance()
  40 {
  41     return &Instance_;
  42 }
  43
  44 ACLCertificateStrategy ACLCertificateStrategy::Instance_;
  45
  46 #endif /* USE_OPENSSL */
  47