[squid-dev] Patches proposal
Alex Rousskov
rousskov at measurement-factory.com
Fri Jan 15 22:31:40 UTC 2016
On 01/15/2016 11:25 AM, William Lima wrote:
> I have two patches there might be useful,
Thank you for sharing this useful code!
> one of them (Redis) needs
> some polishing if accepted. One adds the source (authenticated user
> or IP) parameter for Cert Validation and
Supplying metadata to Squid helpers should be done using the
configurable "extras" concept instead of hard-coding an ever-growing
list of often-unused-by-others parameters. I believe that principle
should apply to certificate validation [and generation] helpers as well.
Please see url_rewrite_extras and store_id_extras for implementation
examples.
> the other uses Redis for certificate caches.
A polished version of this would be a very welcomed addition for busy
bumping proxies IMO!
AFAICT, this polishing would require generalizing Ssl::CertificateDb
into a base class providing open/get/put/close API to ssl_crtd and
containing any code common to the supported db flavors. Two
Ssl::CertificateDb kids would then cover the two known flavors:
* OpenSslDb: The current clunky on-disk OpenSSL cache (available if
ssl_crtd was built with OpenSSL headers/library);
* RedisDb: A shiny Redis database client (available if ssl_crtd was
built with Redis headers/library).
The selection between the two kids will be determined, in part, by a
command line option.
Would you be willing to implement the above changes to your patches?
Thank you,
Alex.
More information about the squid-dev
mailing list