[squid-dev] [PATCH] initial GnuTLS support for encrypted server connections

Alex Rousskov rousskov at measurement-factory.com
Thu Feb 2 01:28:10 UTC 2017

On 01/19/2017 12:11 PM, Alex Rousskov wrote:
> On 01/19/2017 12:16 AM, Amos Jeffries wrote:
>> Well, there is no such thing as a "SSL connection" - it is security
>> added onto some *other* Transport Protocol's layer.

> There is. The "security added onto some other Transport Protocol's
> layer" is called SSL connection. It is not a TCP connection, of course.
> It is an SSL connection. See RFC 5246 for numerous examples of this
> usage. Calling that connection a "session" in Squid sources is abomination.

I probably should have been more explicit here. Please rename the new
Security::CreateClientSession() and friends to
Security::CreateClientConnection() and such. If the patch adds other
sessions that are actually SSL connections, please fix them as well.

There is also misnamed Security::SessionPointer but this patch does not
introduce that bug so I cannot ask you to fix it in this patch. It
should be renamed to Security::Connection in a separate commit.

FWIW, I am not married to the word "Connection" in this context. It is
possible that another (less overloaded in other contexts) word would
work here, but

* "Connection" is technically correct
* I cannot think of a better word (and we use it in other projects)
* "Session" is very wrong because it already names another SSL concept.

Thank you,


More information about the squid-dev mailing list