ServerCertificate.cc
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9#include "squid.h"
10
11#if USE_OPENSSL
12
13#include "acl/FilledChecklist.h"
15#include "client_side.h"
16#include "fde.h"
17#include "http/Stream.h"
18#include "ssl/ServerBump.h"
19
20int
22{
23 const auto checklist = Filled(ch);
24
26 if (checklist->serverCert)
27 cert = checklist->serverCert;
28 else if (checklist->al && Comm::IsConnOpen(checklist->al->hier.tcpServer)) {
29 const auto ssl = fd_table[checklist->al->hier.tcpServer->fd].ssl.get();
30 cert.resetWithoutLocking(SSL_get_peer_certificate(ssl));
31 } else if (checklist->conn() && checklist->conn()->serverBump())
32 cert = checklist->conn()->serverBump()->serverCert;
33
34 if (!cert)
35 return 0;
36
37 return data->match(cert.get());
38}
39
40#endif /* USE_OPENSSL */
41
ACLFilledChecklist * Filled(ACLChecklist *checklist)
convenience and safety wrapper for dynamic_cast<ACLFilledChecklist*>
int match(ACLChecklist *) override
Matches the actual data in checklist against this ACL.
void resetWithoutLocking(T *t)
Reset raw pointer - unlock any previous one and save new one without locking.
T * get() const
Returns raw and possibly nullptr pointer.
#define fd_table
Definition: fde.h:189
bool IsConnOpen(const Comm::ConnectionPointer &conn)
Definition: Connection.cc:27

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors