From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sat, 22 Aug 2015 19:06:46 +0000 (-0700)
Subject: TLS: failure of https:// context non-fatal for non-OpenSSL builds
X-Git-Tag: SQUID_4_0_1~118
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=79ff80236e09df13be0d12a375704c753c313e85;p=thirdparty%2Fsquid.git

TLS: failure of https:// context non-fatal for non-OpenSSL builds

Only OpenSSL library is 'guaranteed' to produce a TLS context at this point
in the conversion to library-agnostic security. Any others may produce
nothing.

Match the DBG_IMPORTANT used for debug level of the 'initializing' message.
---

diff --git a/src/cache_cf.cc b/src/cache_cf.cc
index 6f2a87e11a..3b870684ee 100644
--- a/src/cache_cf.cc
+++ b/src/cache_cf.cc
@@ -869,8 +869,11 @@ configDoConfigure(void)
         debugs(3, DBG_IMPORTANT, "Initializing https:// proxy context");
         Config.ssl_client.sslContext = Security::ProxyOutgoingConfig.createClientContext(false);
         if (!Config.ssl_client.sslContext) {
-            debugs(3, DBG_CRITICAL, "ERROR: Could not initialize https:// proxy context");
-            self_destruct();
+#if USE_OPENSSL
+            fatal("ERROR: Could not initialize https:// proxy context");
+#else
+            debugs(3, DBG_IMPORTANT, "ERROR: proxying https:// currently still requires --with-openssl");
+#endif
         }
     }