[squid-dev] [PATCH] Don't force -b 2048 into sslcrtd_program arguments

Amos Jeffries squid3 at treenet.co.nz
Mon May 2 03:18:49 UTC 2016

On 29/04/2016 4:21 p.m., Amos Jeffries wrote:
> On 29/04/2016 4:03 p.m., Nathan Hoad wrote:
>> Hello,
>> Attached is a patch that moves the filesystem block size retrieval for the
>> default certificate generation helper out of Ssl::Helper::Init() and into
>> security_file_certgen.cc, so that non-default helpers can work as expected
>> without having to handle this argument.
>> My usecase: I'm using nc for sslcrtd_program, to connect to a daemon that
>> generates certificates. nc (understandably) rejects the argument that this
>> patch moves. I realise I could have written a wrapper script of some sort
>> to bypass the issue completely, but this feels like the more correct thing
>> to do.
>> As mentioned in the patch preamble, I wanted to use fsBlockSize, but due to
>> the sheer number of dependencies it introduces, it seemed infeasible to do
>> so. I cannot see how to do this without a substantial code shift.
> Yes this is the right approach to fix. Squid should not be imposing
> command line parameters on any helpers.
> +1.
> Amos

Applied as trunk rev.14658.


More information about the squid-dev mailing list