diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2015-05-05 11:25:52 -0300 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2015-05-05 17:19:08 -0300 |
| commit | 1f1ed2039cf43ad0077640d2247e30875be1e4a8 (patch) | |
| tree | 3f2129f8615daa435496edc7e3e62f10cda09a81 /config | |
| parent | 8009bacd9c78a1955077c2f9d20459b0bc60fdcb (diff) | |
| download | pfsense-packages-1f1ed2039cf43ad0077640d2247e30875be1e4a8.tar.gz pfsense-packages-1f1ed2039cf43ad0077640d2247e30875be1e4a8.tar.bz2 pfsense-packages-1f1ed2039cf43ad0077640d2247e30875be1e4a8.zip | |
Use SQUID_SSL_DB
Diffstat (limited to 'config')
| -rwxr-xr-x | config/squid3/34/squid.inc | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc index 3a0dcf2f..ad7cb91d 100755 --- a/config/squid3/34/squid.inc +++ b/config/squid3/34/squid.inc @@ -892,21 +892,21 @@ function squid_resync_general() { if ($srv_cert != false) { if (base64_decode($srv_cert['prv'])) { // check if ssl_db was initilized by squid - if (!file_exists("/var/squid/lib/ssl_db/serial")) { - if (is_dir("/var/squid/lib/ssl_db")) { - mwexec("/bin/rm -rf /var/squid/lib/ssl_db"); + if (!file_exists(SQUID_SSL_DB . "/serial")) { + if (is_dir(SQUID_SSL_DB)) { + mwexec("/bin/rm -rf " . SQUID_SSL_DB); } - mwexec(SQUID_LOCALBASE."/libexec/squid/ssl_crtd -c -s /var/squid/lib/ssl_db/"); + mwexec(SQUID_LOCALBASE."/libexec/squid/ssl_crtd -c -s " . SQUID_SSL_DB); } // force squid user permission on /var/squid/lib/ssl_db/ - squid_chown_recursive("/var/squid/lib/ssl_db/", 'proxy', 'proxy'); + squid_chown_recursive(SQUID_SSL_DB, 'proxy', 'proxy'); // cert, key, version, cipher,options, clientca, cafile, capath, crlfile, dhparams,sslflags, and sslcontext $crt_pk=SQUID_CONFBASE."/serverkey.pem"; $crt_capath=SQUID_LOCALBASE."/share/certs/"; file_put_contents($crt_pk,base64_decode($srv_cert['prv']).base64_decode($srv_cert['crt'])); $sslcrtd_children= ($settings['sslcrtd_children'] ? $settings['sslcrtd_children'] : 5); $ssl_interception.="ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=".($sslcrtd_children*2)."MB cert={$crt_pk} capath={$crt_capath}\n"; - $interception_checks = "sslcrtd_program ".SQUID_LOCALBASE."/libexec/squid/ssl_crtd -s /var/squid/lib/ssl_db -M 4MB -b 2048\n"; + $interception_checks = "sslcrtd_program ".SQUID_LOCALBASE."/libexec/squid/ssl_crtd -s " . SQUID_SSL_DB . " -M 4MB -b 2048\n"; $interception_checks .= "sslcrtd_children {$sslcrtd_children}\n"; $interception_checks .= "sslproxy_capath {$crt_capath}\n"; if (preg_match("/sslproxy_cert_error/",$settings["interception_checks"])) |