[squid-dev] [PATCH] %ssl::<cert_errors logformat code

Tsantilas Christos chtsanti at users.sourceforge.net
Wed Oct 7 15:11:04 UTC 2015


If there is not any objection  I will apply this patch to trunk.



On 09/29/2015 06:11 PM, Tsantilas Christos wrote:
> A new version of this patch.
>
> On 09/24/2015 04:11 PM, Amos Jeffries wrote:
>> On 17/09/2015 8:08 p.m., Tsantilas Christos wrote:
>>>
>>> Currently Squid with SSL bumping only logs SSL errors that have caused
>>> Squid to block traffic. It does not log SSL errors that are mimicked.
>>> Logging a list with all encountered (and ignored) errors is interesting
>>> for debugging and statistics reasons.
>>>
>>> The new %ssl::<cert_errors logformat code lists server certificate
>>> validation errors detected by Squid (including OpenSSL and the
>>> certificate validation helper components)
>>>
>>> This is a Measurement Factory project
>>>
>>
>> in cf.data.pre:
>>
>> * Please leave a 1-line whitespace gap between these very long
>> descriptions. Same as you can see above the cert_issuer option
>> description.
>>
>>
>> in src/format/Format.cc:
>>
>> * please shuffle the switch case up above the two "not implemented"
>> existing ones.
>>
>>   * Also leave whitespace around the new case code. The existing ones are
>> only squashed together since they both fall through to the same break.
>>
>> * sslErrorName can be a static function local to this .cc
>>   - that avoids the need to touch Format.h
>
> all of the above fixed in this new patch.
>
>
>>
>>
>> Amos
>>
>> _______________________________________________
>> squid-dev mailing list
>> squid-dev at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-dev
>>
>
>
>
> _______________________________________________
> squid-dev mailing list
> squid-dev at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-dev
>



More information about the squid-dev mailing list