ServerCertificate.cc
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9#include "squid.h"
10
11#if USE_OPENSSL
12
13#include "acl/CertificateData.h"
14#include "acl/Checklist.h"
16#include "client_side.h"
17#include "fde.h"
18#include "http/Stream.h"
19#include "ssl/ServerBump.h"
20
21int
23{
25 if (checklist->serverCert)
26 cert = checklist->serverCert;
27 else if (checklist->al && Comm::IsConnOpen(checklist->al->hier.tcpServer)) {
28 const auto ssl = fd_table[checklist->al->hier.tcpServer->fd].ssl.get();
29 cert.resetWithoutLocking(SSL_get_peer_certificate(ssl));
30 } else if (checklist->conn() && checklist->conn()->serverBump())
31 cert = checklist->conn()->serverBump()->serverCert;
32
33 if (!cert)
34 return 0;
35
36 return data->match(cert.get());
37}
38
39#endif /* USE_OPENSSL */
40
virtual bool match(M)=0
ConnStateData * conn() const
The client connection manager.
Security::CertPointer serverCert
AccessLogEntry::Pointer al
info for the future access.log, and external ACL
virtual int match(ACLData< MatchType > *&, ACLFilledChecklist *) override
HierarchyLogEntry hier
Ssl::ServerBump * serverBump()
Definition: client_side.h:286
Comm::ConnectionPointer tcpServer
TCP/IP level details of the last peer/server connection.
void resetWithoutLocking(T *t)
Reset raw pointer - unlock any previous one and save new one without locking.
T * get() const
Returns raw and possibly nullptr pointer.
Security::CertPointer serverCert
Definition: ServerBump.h:57
#define fd_table
Definition: fde.h:189
bool IsConnOpen(const Comm::ConnectionPointer &conn)
Definition: Connection.cc:27

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors