[squid-dev] [PATCH] Add chained certificates and signing certificate to bumpAndSpliced connections
Christos Tsantilas
christos at chtsanti.net
Tue Apr 19 09:16:10 UTC 2016
Hi Amos,
I am seeing that there are requests for this patch to be on squid-3.5.
The patch should be safe for squid-3.5 too if you believe that it should
applied.
The patch from trunk should apply to squid-3.5, but I am attach a patch
here which applies cleanly to 3.5.
On 04/05/2016 12:45 PM, Christos Tsantilas wrote:
> Sorry for the delay.
> Applied to trunk as r14626.
>
>
> On 04/05/2016 07:11 AM, Nathan Hoad wrote:
>> Hi Christos,
>>
>> I've reattached this patch, adjusted for context - the previous patch
>> needs quite a bit of fuzzing to apply correctly. I've also included a
>> commit message that describes the use case it fixes, as discussed in
>> this email thread. The actual changes and the functionality are the
>> same. This should make committing it a little easier.
>>
>> Thank you,
>>
>> Nathan.
>>
>> On 5 March 2016 at 00:31, Dave Lewthwaite
>> <Dave.Lewthwaite at realitymine.com> wrote:
>>> Hi Christos
>>>
>>> Were you able to apply this patch to trunk? I’m keen to test it in
>>> our set up.
>>>
>>> Thanks
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 22/02/2016 16:24, "squid-dev on behalf of Christos Tsantilas"
>>> <squid-dev-bounces at lists.squid-cache.org on behalf of
>>> christos at chtsanti.net> wrote:
>>>
>>>> It just forgotten.
>>>>
>>>> There is one similar patch posted under the mail thread "[PATCH]
>>>> Include
>>>> intermediate certs to client when using peek/stare" by Dave Lewthwaite,
>>>> but it does not cover the case the crtd daemon is used.
>>>>
>>>>
>>>> Nathans patch is OK.
>>>> If no objections I will apply Nathans patch to trunk.
>>>>
>>>>
>>>>
>>>> On 02/21/2016 11:57 PM, Nathan Hoad wrote:
>>>>> Hello,
>>>>>
>>>>> I've just started some clean up of local patches in preparation of
>>>>> upgrading to Squid 4, and I've noticed this hasn't been applied. What
>>>>> do I need to do to get this applied?
>>>>>
>>>>> Thank you,
>>>>>
>>>>> Nathan.
>>>>>
>>>>> On 19 June 2015 at 18:26, Tsantilas Christos
>>>>> <chtsanti at users.sourceforge.net> wrote:
>>>>>> The patch should applied to trunk.
>>>>>>
>>>>>>
>>>>>> On 06/19/2015 04:26 AM, Amos Jeffries wrote:
>>>>>>>
>>>>>>> On 7/06/2015 2:41 a.m., Nathan Hoad wrote:
>>>>>>>>
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> Attached is a patch making the changes recommended by Christos.
>>>>>>>> I've
>>>>>>>> done as described, creating a Ssl::configureUnconfiguredSslContext
>>>>>>>> function, rather than making the changes to Ssl::configureSSL.
>>>>>>>
>>>>>>>
>>>>>>> Christos, can you please review and apply if it is acceptible to
>>>>>>> you?
>>>>>>>
>>>>>>> Cheers
>>>>>>> Amos
>>>>>>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: peek-then-bump-chained-certificates-squid-3.5-v3.patch
Type: text/x-patch
Size: 11229 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20160419/f55ec021/attachment.bin>
More information about the squid-dev
mailing list