--------------------- PatchSet 8462 Date: 2006/08/07 04:22:03 Author: hno Branch: ssl-2_6 Tag: (none) Log: More falesafe SSL attribute extraction default userid attribute Members: src/cf.data.pre:1.139.2.4->1.139.2.5 src/ssl_support.c:1.11.2.5->1.11.2.6 Index: squid/src/cf.data.pre =================================================================== RCS file: /cvsroot/squid-sf//squid/src/cf.data.pre,v retrieving revision 1.139.2.4 retrieving revision 1.139.2.5 diff -u -r1.139.2.4 -r1.139.2.5 --- squid/src/cf.data.pre 7 Aug 2006 02:52:01 -0000 1.139.2.4 +++ squid/src/cf.data.pre 7 Aug 2006 04:22:03 -0000 1.139.2.5 @@ -1,6 +1,6 @@ # -# $Id: cf.data.pre,v 1.139.2.4 2006/08/07 02:52:01 hno Exp $ +# $Id: cf.data.pre,v 1.139.2.5 2006/08/07 04:22:03 hno Exp $ # # # SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -237,7 +237,7 @@ IFDEF: USE_SSL TYPE: string LOC: Config.SSL.ssluserid -DEFAULT: none +DEFAULT: emailAddress DOC_START Default client certificate attribute to use for extracting the access.log user id. Used when there is no attribute specified in Index: squid/src/ssl_support.c =================================================================== RCS file: /cvsroot/squid-sf//squid/src/ssl_support.c,v retrieving revision 1.11.2.5 retrieving revision 1.11.2.6 diff -u -r1.11.2.5 -r1.11.2.6 --- squid/src/ssl_support.c 7 Aug 2006 02:52:01 -0000 1.11.2.5 +++ squid/src/ssl_support.c 7 Aug 2006 04:22:04 -0000 1.11.2.6 @@ -864,6 +864,9 @@ buffer[0] = '\0'; + if (!attrubute_name || !*attribute_name) + return NULL; + if (strcmp(attribute_name, "DN") == 0) { X509_NAME_oneline(name, buffer, sizeof(buffer)); goto done;