git.ipfire.org Git - thirdparty/squid.git/commit

ssl_bump_peeked access list

This access list is a temporary solution for peek-and-splice project and used to
take the final decision "bump" or "splice" in peek-and-splice bumping mode.

This is what this patch try to do:
  - Get Client Hello message
  - Start connection.
  - Inside bio, before write the SSL HELLO message, try to emulate client hello
    message:
     a) extract client hello message features
     b) Check if we are able support client features and if not, splicing is not
        able to be supported.
     c) Creates an SSL object to connect to server and try to set it with
        the extracted features.
        This step currently includes many hacks and modify undocumented SSL
        object members.

extensions)
  - in PeerConnector.cc
      a) If can not be spliced do not splice.
      b) check the ssl_bump_peeked access list to splice or not.

author	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Tue, 6 May 2014 09:46:07 +0000 (12:46 +0300)
committer	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Tue, 6 May 2014 09:46:07 +0000 (12:46 +0300)
commit	7f4e9b738eb322fdbbd8e3d4fd38d8f8fafd449f
tree	075a73e6ace7d2988bbc8b3fa923f32496fb3d61	tree \| snapshot
parent	34c132bfde584116df107582d620276e175b33f7	commit \| diff

src/SquidConfig.h		diff \| blob \| blame \| history
src/cache_cf.cc		diff \| blob \| blame \| history
src/cf.data.depend		diff \| blob \| blame \| history
src/cf.data.pre		diff \| blob \| blame \| history
src/ssl/PeerConnector.cc		diff \| blob \| blame \| history
src/ssl/PeerConnector.h		diff \| blob \| blame \| history
src/ssl/bio.cc		diff \| blob \| blame \| history
src/ssl/bio.h		diff \| blob \| blame \| history
src/ssl/support.cc		diff \| blob \| blame \| history
src/ssl/support.h		diff \| blob \| blame \| history