aboutsummaryrefslogtreecommitdiffstats
path: root/config
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2015-05-05 11:25:52 -0300
committerRenato Botelho <garga@FreeBSD.org>2015-05-05 17:19:08 -0300
commit1f1ed2039cf43ad0077640d2247e30875be1e4a8 (patch)
tree3f2129f8615daa435496edc7e3e62f10cda09a81 /config
parent8009bacd9c78a1955077c2f9d20459b0bc60fdcb (diff)
downloadpfsense-packages-1f1ed2039cf43ad0077640d2247e30875be1e4a8.tar.gz
pfsense-packages-1f1ed2039cf43ad0077640d2247e30875be1e4a8.tar.bz2
pfsense-packages-1f1ed2039cf43ad0077640d2247e30875be1e4a8.zip
Use SQUID_SSL_DB
Diffstat (limited to 'config')
-rwxr-xr-xconfig/squid3/34/squid.inc12
1 files changed, 6 insertions, 6 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index 3a0dcf2f..ad7cb91d 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -892,21 +892,21 @@ function squid_resync_general() {
if ($srv_cert != false) {
if (base64_decode($srv_cert['prv'])) {
// check if ssl_db was initilized by squid
- if (!file_exists("/var/squid/lib/ssl_db/serial")) {
- if (is_dir("/var/squid/lib/ssl_db")) {
- mwexec("/bin/rm -rf /var/squid/lib/ssl_db");
+ if (!file_exists(SQUID_SSL_DB . "/serial")) {
+ if (is_dir(SQUID_SSL_DB)) {
+ mwexec("/bin/rm -rf " . SQUID_SSL_DB);
}
- mwexec(SQUID_LOCALBASE."/libexec/squid/ssl_crtd -c -s /var/squid/lib/ssl_db/");
+ mwexec(SQUID_LOCALBASE."/libexec/squid/ssl_crtd -c -s " . SQUID_SSL_DB);
}
// force squid user permission on /var/squid/lib/ssl_db/
- squid_chown_recursive("/var/squid/lib/ssl_db/", 'proxy', 'proxy');
+ squid_chown_recursive(SQUID_SSL_DB, 'proxy', 'proxy');
// cert, key, version, cipher,options, clientca, cafile, capath, crlfile, dhparams,sslflags, and sslcontext
$crt_pk=SQUID_CONFBASE."/serverkey.pem";
$crt_capath=SQUID_LOCALBASE."/share/certs/";
file_put_contents($crt_pk,base64_decode($srv_cert['prv']).base64_decode($srv_cert['crt']));
$sslcrtd_children= ($settings['sslcrtd_children'] ? $settings['sslcrtd_children'] : 5);
$ssl_interception.="ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=".($sslcrtd_children*2)."MB cert={$crt_pk} capath={$crt_capath}\n";
- $interception_checks = "sslcrtd_program ".SQUID_LOCALBASE."/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048\n";
+ $interception_checks = "sslcrtd_program ".SQUID_LOCALBASE."/libexec/squid/ssl_crtd -s " . SQUID_SSL_DB . " -M 4MB -b 2048\n";
$interception_checks .= "sslcrtd_children {$sslcrtd_children}\n";
$interception_checks .= "sslproxy_capath {$crt_capath}\n";
if (preg_match("/sslproxy_cert_error/",$settings["interception_checks"]))