debugs(0, DBG_CRITICAL, "WARNING: cache_peer option '" << token << "' requires --with-openssl");
#else
p->secure.ssl = true;
-
- if (strncmp(token, "sslcert=", 8) == 0) {
- p->secure.certFile = SBuf(token + 8);
- } else if (strncmp(token, "sslkey=", 7) == 0) {
- p->secure.privateKeyFile = SBuf(token + 7);
- if (p->secure.certFile.isEmpty()) {
- debugs(0, DBG_PARSE_NOTE(1), "WARNING: cache_peer 'sslcert=' option needs to be set before 'sslkey=' is used.");
- p->secure.certFile = p->secure.privateKeyFile;
- }
- } else if (strncmp(token, "sslversion=", 11) == 0) {
- p->secure.sslVersion = xatoi(token + 11);
- } else if (strncmp(token, "ssloptions=", 11) == 0) {
- p->secure.sslOptions = SBuf(token + 11);
- } else if (strncmp(token, "sslcipher=", 10) == 0) {
- p->secure.sslCipher = SBuf(token + 10);
- } else if (strncmp(token, "sslcafile=", 10) == 0) {
- p->secure.caFile = SBuf(token + 10);
- } else if (strncmp(token, "sslcapath=", 10) == 0) {
- p->secure.caDir = SBuf(token + 10);
- } else if (strncmp(token, "sslcrlfile=", 11) == 0) {
- p->secure.crlFile = SBuf(token + 11);
- } else if (strncmp(token, "sslflags=", 9) == 0) {
- p->secure.sslFlags = SBuf(token + 9);
- } else if (strncmp(token, "ssldomain=", 10) == 0) {
- p->secure.sslDomain = SBuf(token + 10);
- }
+ p->secure.parse(token+3);
#endif
} else if (strcmp(token, "front-end-https") == 0) {
*/
#include "squid.h"
+#include "Debug.h"
+#include "globals.h"
+#include "Parsing.h"
#include "security/PeerOptions.h"
#if USE_OPENSSL
#include "ssl/support.h"
#endif
+void
+Security::PeerOptions::parse(const char *token)
+{
+ if (strncmp(token, "cert=", 5) == 0) {
+ certFile = SBuf(token + 5);
+ } else if (strncmp(token, "key=", 4) == 0) {
+ privateKeyFile = SBuf(token + 4);
+ if (certFile.isEmpty()) {
+ debugs(0, DBG_PARSE_NOTE(1), "WARNING: cert= option needs to be set before key= is used.");
+ certFile = privateKeyFile;
+ }
+ } else if (strncmp(token, "version=", 8) == 0) {
+ sslVersion = xatoi(token + 8);
+ } else if (strncmp(token, "options=", 8) == 0) {
+ sslOptions = SBuf(token + 8);
+ } else if (strncmp(token, "cipher=", 7) == 0) {
+ sslCipher = SBuf(token + 7);
+ } else if (strncmp(token, "cafile=", 7) == 0) {
+ caFile = SBuf(token + 7);
+ } else if (strncmp(token, "capath=", 7) == 0) {
+ caDir = SBuf(token + 7);
+ } else if (strncmp(token, "crlfile=", 8) == 0) {
+ crlFile = SBuf(token + 8);
+ } else if (strncmp(token, "flags=", 6) == 0) {
+ sslFlags = SBuf(token + 6);
+ } else if (strncmp(token, "domain=", 7) == 0) {
+ sslDomain = SBuf(token + 7);
+ }
+}
+
// XXX: make a GnuTLS variant
Security::ContextPointer
Security::PeerOptions::createContext()
public:
PeerOptions() : ssl(false), sslVersion(0) {}
+ /// parse a TLS squid.conf option
+ void parse(const char *);
+
/// generate a security context from the configured options
Security::ContextPointer createContext();
#include "tests/STUB.h"
#include "security/PeerOptions.h"
+void Security::PeerOptions::parse(char const*) STUB
Security::ContextPointer Security::PeerOptions::createContext() STUB_RETVAL(NULL)
projects / thirdparty / squid.git / commitdiff
