On 13/04/2014 6:36 a.m., Tsantilas Christos wrote: > Hi all, > > This patch moves the SSL initialization code from FwdState class to a > new Ssl::PeerConnector class, and uses the new class from tunnel.cc and > FwdState.cc code to connect to ssl peer (ssl cache_peer or ssl server). > > The Ssl::PeerConnector class connects Squid client-side to a SSL > cache_peer or SSL server. It is used by TunnelStateData and FwdState to > initiate and establish the SSL connection. The Ssl::PeerConnector class > handles peer certificate validation. > > The caller receives a call back with PeerConnectorAnswer. In the case > the SSL connection is not established because of an error, an error > object suitable for error response generation is attached to > PeerConnectorAnser. > > The Ssl::PeerConnector class includes the old SSL initialization code > from FwdState class. > > This is a Measurement Factory project >
Hi Christos, Alex and I have just reached a design agreement about how to manage these modularizations going forward. We have decided to construct a namespace Security:: in a library at security/libsecurity.la which presents the polished neutral API for accessing SSL features. Leaving the code presenting OpenSSL specific API in ssl/* Since this class is already presenting a neutral API. Would you be able to make this the first code moved to the new namespace Security:: (instead of Ssl::)? +1 for commit regardless of whether you choose to accept this request. Thank you. Amos
