---------------------
PatchSet 6103 
Date: 2007/11/08 15:30:56
Author: rousskov
Branch: ssl-bump
Tag: (none) 
Log:
Ignore https_port where we failed to create an SSL context. We used to warn
but did not ignore. Polished the warning message.

Disable SslBump for http_port where we failed to create an SSL context. We
used to warn but did not disable. Polished the warning message.

Polished the "You have too many 'https_port' lines" warning.

Members: 
	src/client_side.cc:1.139.6.6->1.139.6.7 

Index: squid3/src/client_side.cc
===================================================================
RCS file: /cvsroot/squid-sf//squid3/src/client_side.cc,v
retrieving revision 1.139.6.6
retrieving revision 1.139.6.7
diff -u -r1.139.6.6 -r1.139.6.7
--- squid3/src/client_side.cc	6 Nov 2007 16:22:34 -0000	1.139.6.6
+++ squid3/src/client_side.cc	8 Nov 2007 15:30:56 -0000	1.139.6.7
@@ -1,6 +1,6 @@
 
 /*
- * $Id: client_side.cc,v 1.139.6.6 2007/11/06 16:22:34 rousskov Exp $
+ * $Id: client_side.cc,v 1.139.6.7 2007/11/08 15:30:56 rousskov Exp $
  *
  * DEBUG: section 33    Client-side Routines
  * AUTHOR: Duane Wessels
@@ -3064,10 +3064,11 @@
 
 #if USE_SSL
         if (s->sslBump && s->sslContext == NULL) {
-            debugs(1, 1, "Can not switch to HTTPS at " <<
-                   inet_ntoa(s->http.s.sin_addr) << ", port " <<
-                   (int) ntohs(s->http.s.sin_port));
-            // XXX: Should we abort then, perhaps when creating context?
+            debugs(1, 1, "Will not bump SSL at http_port " <<
+                   inet_ntoa(s->http.s.sin_addr) << ':' <<
+                   (int) ntohs(s->http.s.sin_port) <<
+                   " due to SSL initialization failure.");
+            s->sslBump = 0;
         }
 #endif
 
@@ -3106,15 +3107,17 @@
 
     for (s = Config.Sockaddr.https; s; s = (https_port_list *)s->http.next) {
         if (MAXHTTPPORTS == NHttpSockets) {
-            debugs(1, 1, "WARNING: You have too many 'https_port' lines.");
-            debugs(1, 1, "         The limit is " << MAXHTTPPORTS);
+            debugs(1, 1, "Ignoring 'https_port' lines exceeding the limit.");
+            debugs(1, 1, "The limit is " << MAXHTTPPORTS << " HTTPS ports.");
             continue;
         }
 
         if (s->sslContext == NULL) {
-            debugs(1, 1, "Can not accept HTTPS connections at " <<
-                   inet_ntoa(s->http.s.sin_addr) << ", port " <<
-                   (int) ntohs(s->http.s.sin_port));
+            debugs(1, 1, "Ignoring https_port " <<
+                   inet_ntoa(s->http.s.sin_addr) << ':' <<
+                   (int) ntohs(s->http.s.sin_port) <<
+                   " due to SSL initialization failure.");
+            continue;
         }
 
         enter_suid();