squid : Optimising Web Delivery

Go to the documentation of this file.

 /*
  * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
  *
  * Squid software is distributed under GPLv2+ license and includes
  * contributions from numerous individuals and organizations.
  * Please see the COPYING and CONTRIBUTORS files for details.
  */
  
 #include "squid.h"
  
 #if USE_OPENSSL
  
 #include "acl/FilledChecklist.h"
 #include "acl/ServerCertificate.h"
 #include "client_side.h"
 #include "fde.h"
 #include "http/Stream.h"
 #include "ssl/ServerBump.h"
  
 int
 Acl::ServerCertificateCheck::match(ACLChecklist * const ch)
 {
     const auto checklist = Filled(ch);
  
     Security::CertPointer cert;
     if (checklist->serverCert)
         cert = checklist->serverCert;
     else if (checklist->al && Comm::IsConnOpen(checklist->al->hier.tcpServer)) {
         const auto ssl = fd_table[checklist->al->hier.tcpServer->fd].ssl.get();
         cert.resetWithoutLocking(SSL_get_peer_certificate(ssl));
     } else if (checklist->conn() && checklist->conn()->serverBump())
         cert = checklist->conn()->serverBump()->serverCert;
  
     if (!cert)
         return 0;
  
     return data->match(cert.get());
 }
  
 #endif /* USE_OPENSSL */
  