On 05/24/2013 08:44 AM, Amos Jeffries wrote: > On 25/05/2013 2:32 a.m., Alex Rousskov wrote: >> Hello, >> >> The attached patch does not give SSL a password-asking callback if >> sslpassword_program is not configured. Without a callback, OpenSSL >> itself asks for the password (which works if Squid runs in foreground >> because of -N). >> >> The fix applies to Ssl::readCertChainAndPrivateKeyFromFiles() context >> only. This is not the only place where we read private keys. Some other >> places are working correctly, but others may need more work. Also, >> Ssl::readCertChainAndPrivateKeyFromFiles() may not really work if >> sslpassword_program _is_ configured because it will lack "user data" to >> record the password in. >> >> This change is for the better, and the reporter (on squid-users) says >> the patch solved his problem, but a complete fix needs >> investigation/testing and possibly more development. I am not >> volunteering for that additional work at this time.
> +1. Halfway is better than nowhere at all. Yes, in this case. Committed to trunk as r12849. Cheers, Alex.
