[squid-dev] [PATCH] Don't force -b 2048 into sslcrtd_program arguments

Amos Jeffries squid3 at treenet.co.nz
Fri Apr 29 04:21:00 UTC 2016

On 29/04/2016 4:03 p.m., Nathan Hoad wrote:
> Hello,
> Attached is a patch that moves the filesystem block size retrieval for the
> default certificate generation helper out of Ssl::Helper::Init() and into
> security_file_certgen.cc, so that non-default helpers can work as expected
> without having to handle this argument.
> My usecase: I'm using nc for sslcrtd_program, to connect to a daemon that
> generates certificates. nc (understandably) rejects the argument that this
> patch moves. I realise I could have written a wrapper script of some sort
> to bypass the issue completely, but this feels like the more correct thing
> to do.
> As mentioned in the patch preamble, I wanted to use fsBlockSize, but due to
> the sheer number of dependencies it introduces, it seemed infeasible to do
> so. I cannot see how to do this without a substantial code shift.

Yes this is the right approach to fix. Squid should not be imposing
command line parameters on any helpers.



More information about the squid-dev mailing list