Please ignore this thread it is duplicated mail.
On 01/28/2016 09:10 PM, Christos Tsantilas wrote:
Hi all,
After the patch r14351 created the following problems:
- external_acl requires AccessLogEntry but ALE is not available
in many cases such as ssl_bump ACLs.
- The %<cert_subject stopped working because it was supported by
external_acl code and not by logformat code.
This patch:
- Passes AccessLogEntry in most cases.
For example, PeerConnector-related classes are now covered.
- Implements the %<cert_subject formating code for logformat.
Still there are cases which are not handled correctly:
- In the case of transparent SSL bumping, the patch uses a local
AccessLogEntry to allow external_acl work with the ssl_bump access list.
- The slow acls inside Ssl::PeerConnector can not support external_acl
in the case of PeerPoolMgr
- Most of the fast acls does not support ALE based acls. I know that
currently the only ALE based acl is the external_acl, which is slow acl,
but my opinion is that it is not bad idea to support cases the
external_acl result is stored in cache.
- Also we need to check and review if the informations passed with
the ALE is the same passed using the FilledChecklist object. This is not
obvious.
This is a Measurement Factory project.
_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev