]> git.ipfire.org Git - thirdparty/squid.git/commitdiff
projects / thirdparty / squid.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: bbd84bc 960e100)
SSL server certificate fingerprint ACL type
authorChristos Tsantilas <chtsanti@users.sourceforge.net>
Wed, 5 Dec 2012 14:18:13 +0000 (16:18 +0200)
committerChristos Tsantilas <chtsanti@users.sourceforge.net>
Wed, 5 Dec 2012 14:18:13 +0000 (16:18 +0200)
This patch add the "server_ssl_cert_fingerprint" acl type to match against
server SSL certificate fingerprint.
The new acl type has the form:
  acl aclname server_ssl_cert_fingerprint [-sha1] fingerprint1 ...

The fingerprint must given in the form:
    XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
where X are any valid hexadecimal number

Example usage:
acl BrokeServer dst 192.168.1.23
acl GoodCert server_ssl_cert_fingerprint AB:2A:82:AF:46:AE:1F:31:21:74:65:BF:56:47:25:D1:87:51:41:AE
sslproxy_cert_error allow BrokeServer GoodCert
sslproxy_cert_error deny all

This is a Measurement Factory project


Trivial merge
Mirror of https://github.com/squid-cache/squid.git