From: Amos Jeffries Date: Sat, 13 Feb 2016 16:10:26 +0000 (+1300) Subject: Docs: Fix many mentions of ssl_crtd X-Git-Tag: SQUID_4_0_6~3 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=051da40cdcff1a42717e9c1df778b72cc77e9ceb;p=thirdparty%2Fsquid.git Docs: Fix many mentions of ssl_crtd --- diff --git a/src/security/cert_generators/file/certificate_db.cc b/src/security/cert_generators/file/certificate_db.cc index dc587e5892..a713e26de7 100644 --- a/src/security/cert_generators/file/certificate_db.cc +++ b/src/security/cert_generators/file/certificate_db.cc @@ -22,7 +22,7 @@ #include #endif -#define HERE "(ssl_crtd) " << __FILE__ << ':' << __LINE__ << ": " +#define HERE "(security_file_certgen) " << __FILE__ << ':' << __LINE__ << ": " Ssl::Lock::Lock(std::string const &aFilename) : filename(aFilename), @@ -260,7 +260,7 @@ Ssl::CertificateDb::CertificateDb(std::string const & aDb_path, size_t aMax_db_s if (db_path.empty() && !max_db_size) enabled_disk_store = false; else if ((db_path.empty() && max_db_size) || (!db_path.empty() && !max_db_size)) - throw std::runtime_error("ssl_crtd is missing the required parameter. There should be -s and -M parameters together."); + throw std::runtime_error("security_file_certgen is missing the required parameter. There should be -s and -M parameters together."); } bool Ssl::CertificateDb::find(std::string const & host_name, Security::CertPointer & cert, Ssl::EVP_PKEY_Pointer & pkey) { @@ -498,7 +498,7 @@ void Ssl::CertificateDb::load() { // Load db from file. Ssl::BIO_Pointer in(BIO_new(BIO_s_file())); if (!in || BIO_read_filename(in.get(), db_full.c_str()) <= 0) - throw std::runtime_error("Uninitialized SSL certificate database directory: " + db_path + ". To initialize, run \"ssl_crtd -c -s " + db_path + "\"."); + throw std::runtime_error("Uninitialized SSL certificate database directory: " + db_path + ". To initialize, run \"security_file_certgen -c -s " + db_path + "\"."); bool corrupt = false; Ssl::TXT_DB_Pointer temp_db(TXT_DB_read(in.get(), cnlNumber)); diff --git a/src/security/cert_generators/file/security_file_certgen.cc b/src/security/cert_generators/file/security_file_certgen.cc index 5f57f162b6..2b5aa8dc81 100644 --- a/src/security/cert_generators/file/security_file_certgen.cc +++ b/src/security/cert_generators/file/security_file_certgen.cc @@ -21,25 +21,25 @@ #endif /** - \defgroup ssl_crtd ssl_crtd + \defgroup ssl_crtd security_file_certgen \ingroup ExternalPrograms \par - Because the standart generation of ssl certificate for + Because the standard generation of SSL certificates for sslBump feature, Squid must use external proccess to actually make these calls. This process generate new ssl certificates and worked with ssl certificates disk cache. - Typically there will be five ssl_crtd processes spawned - from Squid. Communication occurs via TCP sockets bound - to the loopback interface. The class in helper.h are - primally concerned with starting and stopping the ssl_crtd. - Reading and writing to and from the ssl_crtd occurs in the + Typically there will be five certificate generator processes + spawned from Squid. Communication occurs via TCP sockets + bound to the loopback interface. The class in helper.h are + primally concerned with starting and stopping the helpers. + Reading and writing to and from the helpers occurs in the \link IPCacheAPI IP\endlink and the dnsservers occurs in the \link IPCacheAPI IP\endlink and \link FQDNCacheAPI FQDN\endlink cache modules. \section ssl_crtdInterface Command Line Interface \verbatim -usage: ssl_crtd -hv -s ssl_storage_path -M storage_max_size +usage: security_file_certgen -hv -s ssl_storage_path -M storage_max_size -h Help -v Version -s ssl_storage_path Path to specific disk storage of ssl server @@ -65,7 +65,7 @@ usage: ssl_crtd -hv -s ssl_storage_path -M storage_max_size Create new private key and certificate request for "host.dom". Sign new request by received certificate and private key. -usage: ssl_crtd -c -s ssl_store_path\n +usage: security_file_certgen -c -s ssl_store_path\n -c Init ssl db directories and exit. \endverbatim @@ -76,10 +76,7 @@ static const char *const B_MBYTES_STR = "MB"; static const char *const B_GBYTES_STR = "GB"; static const char *const B_BYTES_STR = "B"; -/** - \ingroup ssl_crtd - * Get current time. -*/ +/// Get current time. time_t getCurrentTime(void) { struct timeval current_time; @@ -92,7 +89,6 @@ time_t getCurrentTime(void) } /** - \ingroup ssl_crtd * Parse bytes unit. It would be one of the next value: MB, GB, KB or B. * This function is caseinsensitive. */ @@ -116,10 +112,7 @@ static size_t parseBytesUnits(const char * unit) return 0; } -/** - \ingroup ssl_crtd - * Parse uninterrapted string of bytes value. It looks like "4MB". - */ +/// Parse uninterrapted string of bytes value. It looks like "4MB". static bool parseBytesOptionValue(size_t * bptr, char const * value) { // Find number from string beginning. @@ -148,10 +141,7 @@ static bool parseBytesOptionValue(size_t * bptr, char const * value) return true; } -/** - \ingroup ssl_crtd - * Print help using response code. - */ +/// Print help using response code. static void usage() { std::string example_host_name = "host.dom"; @@ -159,7 +149,7 @@ static void usage() std::stringstream request_string_size_stream; request_string_size_stream << request_string.length(); std::string help_string = - "usage: ssl_crtd -hv -s ssl_storage_path -M storage_max_size\n" + "usage: security_file_certgen -hv -s ssl_storage_path -M storage_max_size\n" "\t-h Help\n" "\t-v Version\n" "\t-s ssl_storage_path Path to specific disk storage of ssl server\n" @@ -183,15 +173,12 @@ static void usage() "-----END RSA PRIVATE KEY-----\n" "\tCreate new private key and certificate request for \"host.dom\"\n" "\tSign new request by received certificate and private key.\n" - "usage: ssl_crtd -c -s ssl_store_path\n" + "usage: security_file_certgen -c -s ssl_store_path\n" "\t-c Init ssl db directories and exit.\n"; std::cerr << help_string << std::endl; } -/** - \ingroup ssl_crtd - * Proccess new request message. - */ +/// Proccess new request message. static bool proccessNewRequest(Ssl::CrtdMessage & request_message, std::string const & db_path, size_t max_db_size, size_t fs_block_size) { Ssl::CertificateProperties certProperties; @@ -241,7 +228,7 @@ static bool proccessNewRequest(Ssl::CrtdMessage & request_message, std::string c } if (dbFailed) - std::cerr << "ssl_crtd helper database '" << db_path << "' failed: " << error << std::endl; + std::cerr << "security_file_certgen helper database '" << db_path << "' failed: " << error << std::endl; std::string bufferToWrite; if (!Ssl::writeCertAndPrivateKeyToMemory(cert, pkey, bufferToWrite)) @@ -257,10 +244,7 @@ static bool proccessNewRequest(Ssl::CrtdMessage & request_message, std::string c return true; } -/** - \ingroup ssl_crtd - * This is the external ssl_crtd process. - */ +/// This is the external security_file_certgen process. int main(int argc, char *argv[]) { try { @@ -289,7 +273,7 @@ int main(int argc, char *argv[]) } break; case 'v': - std::cout << "ssl_crtd version " << VERSION << std::endl; + std::cout << "security_file_certgen version " << VERSION << std::endl; exit(0); break; case 'c': diff --git a/src/security/cert_generators/helpers.m4 b/src/security/cert_generators/helpers.m4 index acca5fa234..d7f1d1be8a 100644 --- a/src/security/cert_generators/helpers.m4 +++ b/src/security/cert_generators/helpers.m4 @@ -62,6 +62,6 @@ AC_ARG_ENABLE(ssl-crtd, [unrecogized argument to --enable-ssl-crtd: $enableval]) ]) if test "x$enable_ssl_crtd" = "xyes" -a "x$with_openssl" = "xno" ; then - AC_MSG_ERROR([You need ssl gatewaying support to enable ssl_crtd feature. Try to use --with-openssl.]) + AC_MSG_ERROR([You need ssl gatewaying support to enable ssl-crtd feature. Try to use --with-openssl.]) fi -SQUID_DEFINE_BOOL(USE_SSL_CRTD, ${enable_ssl_crtd:=no},[Use ssl_crtd daemon]) +SQUID_DEFINE_BOOL(USE_SSL_CRTD, ${enable_ssl_crtd:=no},[Use ssl-crtd daemon]) diff --git a/src/ssl/gadgets.cc b/src/ssl/gadgets.cc index fba15426a7..218167b3f5 100644 --- a/src/ssl/gadgets.cc +++ b/src/ssl/gadgets.cc @@ -354,7 +354,7 @@ static bool buildCertificate(Security::CertPointer & cert, Ssl::CertificatePrope if (properties.setCommonName || !properties.mimicCert.get()) { // In this case the CN of the certificate given by the user // Ignore errors: it is better to make a certificate with no CN - // than to quit ssl_crtd because we cannot make a certificate. + // than to quit ssl-crtd helper because we cannot make a certificate. // Most errors are caused by user input such as huge domain names. (void)replaceCommonName(cert, properties.commonName); } diff --git a/src/ssl/gadgets.h b/src/ssl/gadgets.h index 8b8afc9128..e6c7324542 100644 --- a/src/ssl/gadgets.h +++ b/src/ssl/gadgets.h @@ -20,9 +20,9 @@ namespace Ssl { /** - \defgroup SslCrtdSslAPI ssl_crtd SSL api. + \defgroup SslCrtdSslAPI SSL certificate generator API These functions must not depend on Squid runtime code such as debug() - because they are used by ssl_crtd. + because they are used by security_file_certgen helper. */ #if SQUID_USE_CONST_SSL_METHOD diff --git a/src/ssl/helper.cc b/src/ssl/helper.cc index bd0bf6134b..741bcef415 100644 --- a/src/ssl/helper.cc +++ b/src/ssl/helper.cc @@ -49,7 +49,7 @@ void Ssl::Helper::Init() if (!found) return; - ssl_crtd = new helper("ssl_crtd"); + ssl_crtd = new helper(Ssl::TheConfig.ssl_crtd); ssl_crtd->childs.updateLimits(Ssl::TheConfig.ssl_crtdChildren); ssl_crtd->ipc_type = IPC_STREAM; // The crtd messages may contain the eol ('\n') character. We are