Hi fellow Squid hackers.
In the "ssl" branch support for multiple SSL certificates has just been
added, and I'd like a quick review of this before committing it to HEAD.
All details about the SSL port is now specified in https_port using the
syntax
https_port [ip:]port cert=certificate.pem [key=keyfile.pem]
Only one port is allowed to be specified per https_port line.
The ssl_certificate_file and ssl_key_file directives is completely
replaced by this mechanism.
To implement different certificates per port I had to undo some
ugliness in the "incoming" callbacks (a pointer to a counter was
forcably sent to the callbacks, any comm_set_select registered cbdata
blindly ignored), and this may have effects on:
* Incoming HTTP
* Incoming HTTPS
* Incoming ICP
* Incoming DNS replies
What I did was to convert this magic counter to a global variable
outside the callback structures and use the cbdata callback parameter
the way it is intended.
-- HenrikReceived on Wed Apr 18 2001 - 12:22:49 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:13:47 MST