On 01/15/2016 11:25 AM, William Lima wrote: > I have two patches there might be useful,
Thank you for sharing this useful code! > one of them (Redis) needs > some polishing if accepted. One adds the source (authenticated user > or IP) parameter for Cert Validation and Supplying metadata to Squid helpers should be done using the configurable "extras" concept instead of hard-coding an ever-growing list of often-unused-by-others parameters. I believe that principle should apply to certificate validation [and generation] helpers as well. Please see url_rewrite_extras and store_id_extras for implementation examples. > the other uses Redis for certificate caches. A polished version of this would be a very welcomed addition for busy bumping proxies IMO! AFAICT, this polishing would require generalizing Ssl::CertificateDb into a base class providing open/get/put/close API to ssl_crtd and containing any code common to the supported db flavors. Two Ssl::CertificateDb kids would then cover the two known flavors: * OpenSslDb: The current clunky on-disk OpenSSL cache (available if ssl_crtd was built with OpenSSL headers/library); * RedisDb: A shiny Redis database client (available if ssl_crtd was built with Redis headers/library). The selection between the two kids will be determined, in part, by a command line option. Would you be willing to implement the above changes to your patches? Thank you, Alex. _______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev
