This patch try to detect infinite OpenSSL validation loops.
If OpenSSL is stuck in a validation loop, Squid breaks the loop and
triggers a new custom SQUID_X509_V_ERR_INFINITE_VALIDATION SSL
validation error.
That error cannot be bypassed using sslproxy_cert_error because to break
the loop Squid has to tell OpenSSL that the certificate is invalid,
which terminates the SSL connection.
The cause for this patch is the following bug in Openssl (but maybe in
future other similar problems found):
http://rt.openssl.org/Ticket/Display.html?id=3090 (login with guest/guest)
This is a Measurement Factory project
This archive was generated by hypermail 2.2.0 : Fri Jul 26 2013 - 12:01:00 MDT