[squid-dev] [PATCH] support custom OIDs in *_cert ACLs

Amos Jeffries squid3 at treenet.co.nz
Tue May 26 09:10:28 UTC 2015


On 26/05/2015 9:00 p.m., Tsantilas Christos wrote:
> Hi all,
> 
> This patch allow user_cert and ca_cert ACLs to match arbitrary
> stand-alone OIDs (not DN/C/O/CN/L/ST objects or their substrings). For
> example, should be able to match certificates that have
> 1.3.6.1.4.1.1814.3.1.14 OID in the certificate Subject or Issuer field.
> Squid configuration would look like this:
> 
>  acl User_Cert-TrustedCustomerNum user_cert 1.3.6.1.4.1.1814.3.1.14 1001
> 
> This is a Measurement Factory project
> 
> 

+1 anyway.

Dont like the extra leak-ish part though. Does TidyPointer make sense there?

Amos



More information about the squid-dev mailing list