/// security settings for peer connection
Security::PeerOptions secure;
-
+ Security::ContextPointer sslContext;
#if USE_OPENSSL
- SSL_CTX *sslContext;
SSL_SESSION *sslSession;
#endif
tests/stub_libauth.cc \
tests/stub_libcomm.cc \
tests/stub_libmgr.cc \
+ tests/stub_libsecurity.cc \
tests/stub_libsslsquid.cc \
StatCounters.h \
StatCounters.cc \
mem_node.cc \
Packer.cc \
Parsing.cc \
+ tests/stub_libsecurity.cc \
SquidMath.cc \
StatCounters.cc \
StatCounters.h \
RemovalPolicy.cc \
RequestFlags.h \
RequestFlags.cc \
+ tests/stub_libsecurity.cc \
StatCounters.h \
StatCounters.cc \
StatHist.h \
int.cc \
internal.h \
internal.cc \
- tests/stub_libsecurity.cc \
SquidList.h \
SquidList.cc \
MasterXaction.cc \
tests/stub_libauth_acls.cc \
tests/stub_libauth.cc \
tests/stub_libeui.cc \
+ tests/stub_libsecurity.cc \
tests/stub_store_stats.cc \
time.cc \
tools.h \
internal.cc \
$(IPC_SOURCE) \
ipcache.cc \
- tests/stub_libsecurity.cc \
SquidList.h \
SquidList.cc \
MasterXaction.cc \
tests/stub_external_acl.cc \
tests/stub_ipc_Forwarder.cc \
tests/stub_libeui.cc \
+ tests/stub_libsecurity.cc \
tests/stub_main_cc.cc \
tests/stub_MemStore.cc \
tests/stub_store_stats.cc \
tests/stub_debug.cc \
tests/stub_event.cc \
tests/stub_HelperChildConfig.cc \
+ tests/stub_libsecurity.cc \
tests/stub_stmem.cc \
tests/stub_store.cc \
tests/stub_store_stats.cc \
tests/stub_libauth.cc \
tests/stub_libeui.cc \
tests/stub_libformat.cc \
+ tests/stub_libsecurity.cc \
tests/stub_libsslsquid.cc \
HttpBody.h \
HttpBody.cc \
internal.h \
tests/stub_internal.cc \
tests/stub_libformat.cc \
+ tests/stub_libsecurity.cc \
tests/stub_stat.cc \
store_rebuild.h \
tests/stub_store_rebuild.cc \
tests/stub_libformat.cc \
tests/stub_libicmp.cc \
tests/stub_libmgr.cc \
+ tests/stub_libsecurity.cc \
tests/stub_MemStore.cc \
mime.h \
tests/stub_mime.cc \
int.cc \
internal.h \
internal.cc \
- tests/stub_libsecurity.cc \
SquidList.h \
SquidList.cc \
MasterXaction.cc \
tests/stub_DiskIOModule.cc \
tests/stub_libauth_acls.cc \
tests/stub_libauth.cc \
+ tests/stub_libsecurity.cc \
tests/stub_main_cc.cc \
tests/stub_ipc_Forwarder.cc \
tests/stub_store_stats.cc \
#include "icmp/IcmpConfig.h"
#include "ip/Address.h"
#include "Notes.h"
+#include "security/forward.h"
#include "YesNoNone.h"
#if USE_OPENSSL
-#if HAVE_OPENSSL_SSL_H
-#include <openssl/ssl.h>
-#endif
-
class sslproxy_cert_sign;
class sslproxy_cert_adapt;
#endif
time_t minimum_expiry_time; /* seconds */
external_acl *externalAclHelperList;
-#if USE_OPENSSL
struct {
+ Security::ContextPointer sslContext;
+#if USE_OPENSSL
acl_access *cert_error;
- SSL_CTX *sslContext;
sslproxy_cert_sign *cert_sign;
sslproxy_cert_adapt *cert_adapt;
- } ssl_client;
#endif
+ } ssl_client;
char *accept_filter;
int umask;
Config2.effectiveGroupID = grp->gr_gid;
}
-#if USE_OPENSSL
-
- debugs(3, DBG_IMPORTANT, "Initializing https proxy context");
-
- Config.ssl_client.sslContext = Security::ProxyOutgoingConfig.createContext(false);
+ if (Security::ProxyOutgoingConfig.encryptTransport) {
+ debugs(3, DBG_IMPORTANT, "Initializing https:// proxy context");
+ Config.ssl_client.sslContext = Security::ProxyOutgoingConfig.createClientContext(false);
+ }
for (CachePeer *p = Config.peers; p != NULL; p = p->next) {
if (p->secure.encryptTransport) {
debugs(3, DBG_IMPORTANT, "Initializing cache_peer " << p->name << " SSL context");
- p->sslContext = p->secure.createContext(true);
+ p->sslContext = p->secure.createClientContext(true);
}
}
+#if USE_OPENSSL
for (AnyP::PortCfgPointer s = HttpPortList; s != NULL; s = s->next) {
if (!s->flags.tunnelSslBumping)
continue;
// XXX: make a GnuTLS variant
Security::ContextPointer
-Security::PeerOptions::createContext(bool setOptions)
+Security::PeerOptions::createClientContext(bool setOptions)
{
Security::ContextPointer t = NULL;
/// reset the configuration details to default
void clear() {*this = PeerOptions();}
- /// generate a security context from these configured options
- Security::ContextPointer createContext(bool setOptions);
+ /// generate a security client-context from these configured options
+ Security::ContextPointer createClientContext(bool setOptions);
SBuf certFile; ///< path of file containing PEM format X509 certificate
SBuf privateKeyFile; ///< path of file containing private key in PEM format
#include "security/PeerOptions.h"
Security::PeerOptions Security::ProxyOutgoingConfig;
void Security::PeerOptions::parse(char const*) STUB
-Security::ContextPointer Security::PeerOptions::createContext(bool) STUB_RETVAL(NULL)
+Security::ContextPointer Security::PeerOptions::createClientContext(bool) STUB_RETVAL(NULL)
void parse_securePeerOptions(Security::PeerOptions *) STUB
long Security::ParseOptions(const char *) STUB_RETVAL(0)
projects / thirdparty / squid.git / commitdiff
