git.ipfire.org Git - thirdparty/squid.git/commit

SSL server certificate fingerprint ACL type

This patch add the "server_ssl_cert_fingerprint" acl type to match against
server SSL certificate fingerprint.
The new acl type has the form:
acl aclname server_ssl_cert_fingerprint [-sha1] fingerprint1 ...

The fingerprint must given in the form:
XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
where X are any valid hexadecimal number

Example usage:
acl BrokeServer dst 192.168.1.23
acl GoodCert server_ssl_cert_fingerprint AB:2A:82:AF:46:AE:1F:31:21:74:65:BF:56:47:25:D1:87:51:41:AE
sslproxy_cert_error allow BrokeServer GoodCert
sslproxy_cert_error deny all

This is a Measurement Factory project

author	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Wed, 5 Dec 2012 14:18:13 +0000 (16:18 +0200)
committer	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Wed, 5 Dec 2012 14:18:13 +0000 (16:18 +0200)
commit	42d33344c68b7e2d42984c88b5b92dceca8e8b5b
tree	1cacbcaa6aa147116182da144a6919d5657a5d8a	tree \| snapshot
parent	bbd84bcdf2e01d1a8fee10b6c5f590d3ec1e4758	commit \| diff
parent	960e100bfa140d94ce96361660883445e5ec8ab1	commit \| diff