I'm currently implementing an extended certificate verification script for usage with "sslcrtvalidator_program", but I've encountered a hiccup during that.
The documentation at https://wiki.squid-cache.org/Features/SslServerCertValidator#helper-communication-protocol is suggesting that the script will receive "lines" which are separated by a 0x01 byte. > Input line received from Squid: > > request size [kv-pairs] > > > :warning: line refers to a logical input. body may contain \n > > characters so each line in this format is delimited by a 0x01 byte > > instead of the standard \n byte. However, as far as I can tell that's not the case, the input "lines" are not separated by 0x01. The example script at https://github.com/squid-cache/squid/blob/master/src/security/cert_validators/fake/security_fake_certverify.pl.in seems to be aware of that, as it reads the input line based on the body length provided. My script is written in AWK, basically it can be summed up as: BEGIN { RS = "\1" } { print("<" $1 ">")>"/dev/stderr" printf("BH message=\"TEST\"\1") } And it never starts processing any input from Squid because 0x01 doesn't seem to be sent at all. I did have a quick look at the helper.cc, and it doesn't seem to use the "eom" during sending the message at all. Am I misunderstanding the documentation here? Is my script/approach broken somehow and do I need to adjust that to read lines based on provided length? _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org https://lists.squid-cache.org/listinfo/squid-users
