Restored support for the https_port clientca option (#252)

author Alex Rousskov <rousskov@measurement-factory.com>

Wed, 18 Jul 2018 04:10:00 +0000 (04:10 +0000)

committer Squid Anubis <squid-anubis@squid-cache.org>

Mon, 23 Jul 2018 04:59:21 +0000 (04:59 +0000)
author Alex Rousskov <rousskov@measurement-factory.com>
Wed, 18 Jul 2018 04:10:00 +0000 (04:10 +0000)
committer Squid Anubis <squid-anubis@squid-cache.org>
Mon, 23 Jul 2018 04:59:21 +0000 (04:59 +0000)
diff --git a/src/security/ServerOptions.cc b/src/security/ServerOptions.cc

index 0f67f4f8d25f6c3523eb24bccb1b2a03e3bc1745..bad120662f663c210c70caf392f3661ed2117c8c 100644 (file)
--- a/src/security/ServerOptions.cc
+++ b/src/security/ServerOptions.cc
@@ -61,7 +61,9 @@ Security::ServerOptions::parse(const char *token)
      }
  
      // parse the server-only options
-    if (strncmp(token, "dh=", 3) == 0) {
+    if (strncmp(token, "clientca=", 9) == 0) {
+        clientCaFile = SBuf(token + 9);
+    } else if (strncmp(token, "dh=", 3) == 0) {
          // clear any previous Diffi-Helman configuration
          dh.clear();
          dhParamsFile.clear();
@@ -264,13 +266,14 @@ Security::ServerOptions::createStaticServerContext(AnyP::PortCfg &port)
          }
  #endif
  
+        if (!loadClientCaFile())
+            return false;
+
+        // by this point all config related files must be loaded
          if (!updateContextConfig(t)) {
              debugs(83, DBG_CRITICAL, "ERROR: Configuring static TLS context");
              return false;
          }
-
-        if (!loadClientCaFile())
-            return false;
      }
  
      staticContext = std::move(t);
author	Alex Rousskov <rousskov@measurement-factory.com>
	Wed, 18 Jul 2018 04:10:00 +0000 (04:10 +0000)
committer	Squid Anubis <squid-anubis@squid-cache.org>
	Mon, 23 Jul 2018 04:59:21 +0000 (04:59 +0000)