[squid-dev] [PATCH] %ssl::<cert_errors logformat code
Amos Jeffries
squid3 at treenet.co.nz
Thu Sep 24 13:11:31 UTC 2015
On 17/09/2015 8:08 p.m., Tsantilas Christos wrote:
>
> Currently Squid with SSL bumping only logs SSL errors that have caused
> Squid to block traffic. It does not log SSL errors that are mimicked.
> Logging a list with all encountered (and ignored) errors is interesting
> for debugging and statistics reasons.
>
> The new %ssl::<cert_errors logformat code lists server certificate
> validation errors detected by Squid (including OpenSSL and the
> certificate validation helper components)
>
> This is a Measurement Factory project
>
in cf.data.pre:
* Please leave a 1-line whitespace gap between these very long
descriptions. Same as you can see above the cert_issuer option description.
in src/format/Format.cc:
* please shuffle the switch case up above the two "not implemented"
existing ones.
* Also leave whitespace around the new case code. The existing ones are
only squashed together since they both fall through to the same break.
* sslErrorName can be a static function local to this .cc
- that avoids the need to touch Format.h
Amos
More information about the squid-dev
mailing list