git.ipfire.org Git - thirdparty/squid.git/commit

Server certificate testing ACLs

This patch add the following ACLs to test the condition of the origin server
certificate: ssl::certHasExpired, ssl::certNotYetValid, ssl::certDomainMismatch,
ssl::certUntrusted and ssl::certSelfSigned.

The above in this patch are predifined acl lists or/and can be used as error
name shortcuts with ssl_error ACL lists

Implementation details:
1) The ssl::certHasExpired, ssl::certNotYetValid, ssl::certDomainMismatch
ssl::certUntrusted and ssl::certSelfSign acl lists are predifined in cf.data.pre

2) The above names can also used as error names. The ssl-error parser
(Ssl::ParseErrorString function) replace them with the appropriate SSL error
list.

3) The Ssl::ParseErrorString function modified to return a list of errors, not
just an error code.

4) I implement the IFDEF /ENDIF block support for cf.data.pre file.

author	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Thu, 2 Feb 2012 10:53:08 +0000 (12:53 +0200)
committer	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Thu, 2 Feb 2012 10:53:08 +0000 (12:53 +0200)
commit	cf1c09f6c73b4e5dd04222444184d3ab738e040c
tree	2878e5c9c3e6f3b7f9e5fe116ccd84a4636fe6d4	tree \| snapshot
parent	de878a55685e0587a7183b23a4a1c5473c856782	commit \| diff

include/CbDataList.h		diff \| blob \| blame \| history
src/Makefile.am		diff \| blob \| blame \| history
src/acl/SslErrorData.cc		diff \| blob \| blame \| history
src/cf.data.pre		diff \| blob \| blame \| history
src/cf_gen.cc		diff \| blob \| blame \| history
src/ssl/ErrorDetail.cc		diff \| blob \| blame \| history
src/ssl/ErrorDetail.h		diff \| blob \| blame \| history