From: Amos Jeffries Date: Thu, 4 Apr 2019 12:08:56 +0000 (+1300) Subject: Call PeerOptions::parseOptions() as early as possible X-Git-Tag: SQUID_5_0_1~86 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=151644b704c88c7065b8c6a2f57a2f43725aea86;p=thirdparty%2Fsquid.git Call PeerOptions::parseOptions() as early as possible --- diff --git a/src/cache_cf.cc b/src/cache_cf.cc index 208e4e251e..4402486d3b 100644 --- a/src/cache_cf.cc +++ b/src/cache_cf.cc @@ -2360,6 +2360,9 @@ parse_peer(CachePeer ** head) peerDigestCreate(p); #endif + if (p->secure.encryptTransport) + p->secure.parseOptions(); + p->index = ++Config.npeers; while (*head != NULL) @@ -3830,6 +3833,7 @@ parsePortCfg(AnyP::PortCfgPointer *head, const char *optionName) self_destruct(); return; } + s->secure.parseOptions(); } // *_port line should now be fully valid so we can clone it if necessary diff --git a/src/security/PeerOptions.cc b/src/security/PeerOptions.cc index deecc5eb0f..51f9c18ef3 100644 --- a/src/security/PeerOptions.cc +++ b/src/security/PeerOptions.cc @@ -768,5 +768,6 @@ parse_securePeerOptions(Security::PeerOptions *opt) { while(const char *token = ConfigParser::NextToken()) opt->parse(token); + opt->parseOptions(); } diff --git a/src/security/PeerOptions.h b/src/security/PeerOptions.h index 1deeff258f..928295b0af 100644 --- a/src/security/PeerOptions.h +++ b/src/security/PeerOptions.h @@ -32,6 +32,9 @@ public: /// parse a TLS squid.conf option virtual void parse(const char *); + /// parse and verify the [tls-]options= string in sslOptions + void parseOptions(); + /// reset the configuration details to default virtual void clear() {*this = PeerOptions();} @@ -66,7 +69,6 @@ public: virtual void dumpCfg(Packable *, const char *pfx) const; private: - void parseOptions(); ///< parsed value of sslOptions long parseFlags(); void loadCrlFile(); void loadKeysFile();