--- /dev/null
+/*
+ * $Id$
+ *
+ */
+
+#include "squid.h"
+
+#if USE_SSL
+
+#include "acl/ServerCertificate.h"
+#include "acl/Checklist.h"
+#include "acl/CertificateData.h"
+#include "fde.h"
+#include "client_side.h"
+#include "ssl/ServerBump.h"
+
+
+int
+ACLServerCertificateStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
+{
+ X509 *cert = NULL;
+ if (checklist->serverCert.get())
+ cert = checklist->serverCert.get();
+ else if (checklist->conn() != NULL && checklist->conn()->serverBump())
+ cert = checklist->conn()->serverBump()->serverCert.get();
+
+ if (!cert)
+ return 0;
+
+ return data->match(cert);
+}
+
+ACLServerCertificateStrategy *
+ACLServerCertificateStrategy::Instance()
+{
+ return &Instance_;
+}
+
+ACLServerCertificateStrategy ACLServerCertificateStrategy::Instance_;
+
+#endif /* USE_SSL */
--- /dev/null
+/*
+ * $Id$
+ */
+
+#ifndef SQUID_ACLSERVERCERTIFICATE_H
+#define SQUID_ACLSERVERCERTIFICATE_H
+
+#include "acl/Acl.h"
+#include "acl/Data.h"
+#include "acl/Checklist.h"
+#include "ssl/support.h"
+#include "acl/Strategised.h"
+
+/// \ingroup ACLAPI
+class ACLServerCertificateStrategy : public ACLStrategy<X509 *>
+{
+
+public:
+ virtual int match (ACLData<MatchType> * &, ACLFilledChecklist *);
+ static ACLServerCertificateStrategy *Instance();
+ /* Not implemented to prevent copies of the instance. */
+ /* Not private to prevent brain dead g+++ warnings about
+ * private constructors with no friends */
+ ACLServerCertificateStrategy(ACLServerCertificateStrategy const &);
+
+private:
+ static ACLServerCertificateStrategy Instance_;
+ ACLServerCertificateStrategy() {}
+
+ ACLServerCertificateStrategy&operator=(ACLServerCertificateStrategy const &);
+};
+
+/// \ingroup ACLAPI
+class ACLServerCertificate
+{
+private:
+ static ACL::Prototype X509FingerprintRegistryProtoype;
+ static ACLStrategised<X509*> X509FingerprintRegistryEntry_;
+};
+
+#endif /* SQUID_ACLSERVERCERTIFICATE_H */
projects / thirdparty / squid.git / commitdiff
