lp:~measurement-factory/squid/bag4
- Get this branch:
- bzr branch lp:~measurement-factory/squid/bag4
Branch merges
Branch information
Recent revisions
- 11565. By Alex Rousskov
-
Fixed storing SSL session data in the shared cache.
i2d_SSL_SESSION() increments buffer pointer passed to it, so we cannot use
that pointer to retrieve buffer contents that i2d_SSL_SESSION() created.And if the above increment did not happen (perhaps the increment is OpenSSL
version dependent?), our Ipc::MemMapSlot::set() was copying session data
pointed by "block" into Slot::p data member while "block" was already pointing
to p, violating memcpy() "no overlap" prerequisite. - 11564. By Alex Rousskov
-
Make it possible to match empty header field values using req_header and rep_header.
trunk r12488
empty-header-t2.patch - 11563. By Alex Rousskov
-
Retrieve client connection information for ACL checks from the related HttpRequest object
trunk r12308
- 11561. By Christos Tsantilas
-
Add support for caching SSL context of regular connections on https_port
The static SSL contexts which used for regular SSL connections created
before the cache is enabled.
This patch add code to set the session callback functions which are
responsible for retrieving/storing sessions in cache, for static SSL contexts
during sessions cache initialization. - 11560. By Christos Tsantilas
-
SMP SSL session cache implementation
This is the SSL session cache patch for squid-3.2.0.17
This patch includes the trunk patch revno:12317 with the title:
"Bug fix: TLS/SSL Options does not apply to the dynamically generated certificates" - 11559. By Alex Rousskov
-
Initial support for "values with spaces" in ACL directives.
Needs more work to support escape sequences, macros, and include files, but
can be disabled using "configuration_includes_ quoted_ values off" in squid.conf. Needs documentation.
- 11558. By Alex Rousskov
-
Support establishing TCP tunnels with SSL cache_peers.
Needs more polishing:
* Some common error handling paths are not yet tested.
* Forward.cc code is currently duplicated in the new Ssl::PeerConnector. The
duplicated code should be removed from forward.cc in favor of the common
Ssl::PeerConnector. * New Ssl::PeerConnector files must be added to Makefile.am.
* Better callback/
notification API(?) and comments polishing. Against v3.2 (r11661).
connect-
to-ssl- peer-v3p2- take2.patch - 11557. By Alex Rousskov
-
Supply client connection and IDENT information to peer_cache_access ACL check.
Among other things, this enables SSL client certificate ACL checks (user_cert
and ca_cert) when making peering decisions.client-
cert-to- peer_cache_ access- v1.patch - 11556. By Alex Rousskov
-
Log client SSL certificate "issuer" and "subject" fields
using %ssl::>cert_issuer and %ssl::>cert_subject logformat codes.log-client-
ssl-cert- v3-for3p2p0p17p .patch
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:~squid/squid/trunk