ErrorDetail.h
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9#ifndef SQUID_SRC_SECURITY_DETAIL_H
10#define SQUID_SRC_SECURITY_DETAIL_H
11
12#include "base/RefCount.h"
13#include "error/Detail.h"
14#include "http/forward.h"
15#include "security/forward.h"
16#include "SquidString.h"
17
18#if USE_OPENSSL
20#endif
21
22namespace Security {
23
36{
38
39public:
41
44 ErrorDetail(ErrorCode err_no, const CertPointer &peer, const CertPointer &broken, const char *aReason = nullptr);
45
46#if USE_OPENSSL
50 ErrorDetail(ErrorCode anErrorCode, int anIoErrorNo, int aSysErrorNo);
51#elif USE_GNUTLS
55 ErrorDetail(ErrorCode anErrorCode, LibErrorCode aLibErrorNo, int aSysErrorNo);
56#endif
57
58 /* ErrorDetail API */
59 SBuf brief() const override;
60 SBuf verbose(const HttpRequestPointer &) const override;
61
63 ErrorCode errorNo() const { return error_no; }
64
66 int sysError() const { return sysErrorNo; }
67
68 /* Certificate manipulation API. TODO: Add GnuTLS implementations, users. */
69
72
75
78 void setPeerCertificate(const CertPointer &);
79
80private:
81 ErrorDetail(ErrorCode err, int aSysErrorNo);
82
83 /* methods for formatting error details using admin-configurable %codes */
84 const char *subject() const;
85 const char *ca_name() const;
86 const char *cn() const;
87 const char *notbefore() const;
88 const char *notafter() const;
89 const char *err_code() const;
90 const char *err_descr() const;
91 const char *err_lib_error() const;
92 size_t convert(const char *code, const char **value) const;
93
96
99
102
104 int sysErrorNo = 0;
105
106#if USE_OPENSSL
111 int ioErrorNo = 0;
112
115#else
116 // other TLS libraries do not use custom ErrorDetail members
117#endif
118
120};
121
123ErrorCode ErrorCodeFromName(const char *name);
124
127const char *ErrorNameFromCode(ErrorCode err, bool prefixRawCode = false);
128
133inline std::ostream &
134operator <<(std::ostream &os, const ErrorDetail::Pointer &p)
135{
136 return operator <<(os, ::ErrorDetail::Pointer(p));
137}
138
139} // namespace Security
140
141#endif
142
interface for supplying additional information about a transaction failure
Definition: Detail.h:21
Definition: SBuf.h:94
MEMPROXY_CLASS(Security::ErrorDetail)
size_t convert(const char *code, const char **value) const
Definition: ErrorDetail.cc:717
int sysErrorNo
errno(3); system call failure code or zero
Definition: ErrorDetail.h:104
Certificate * peerCert()
the peer certificate (or nil)
Definition: ErrorDetail.h:71
ErrorDetailEntry detailEntry
Definition: ErrorDetail.h:114
ErrorCode error_no
Squid-discovered error, validation error, or zero;.
Definition: ErrorDetail.h:98
SBuf verbose(const HttpRequestPointer &) const override
Definition: ErrorDetail.cc:532
const char * err_code() const
textual representation of error_no
Definition: ErrorDetail.cc:661
LibErrorCode lib_error_no
TLS library-reported non-validation error or zero;.
Definition: ErrorDetail.h:101
ErrorDetail(ErrorCode err_no, const CertPointer &peer, const CertPointer &broken, const char *aReason=nullptr)
Definition: ErrorDetail.cc:465
CertPointer broken_cert
A pointer to the broken certificate (peer or intermediate)
Definition: ErrorDetail.h:95
const char * err_descr() const
short description of error_no
Definition: ErrorDetail.cc:674
const char * subject() const
textual representation of the subject of the broken certificate
Definition: ErrorDetail.cc:563
ErrorCode errorNo() const
Definition: ErrorDetail.h:63
const char * err_lib_error() const
textual representation of lib_error_no
Definition: ErrorDetail.cc:687
ErrorDetailPointer Pointer
Definition: ErrorDetail.h:40
String errReason
a custom reason for the error
Definition: ErrorDetail.h:119
void setPeerCertificate(const CertPointer &)
Definition: ErrorDetail.cc:489
SBuf brief() const override
Definition: ErrorDetail.cc:499
Certificate * brokenCert()
peer or intermediate certificate that failed validation (or nil)
Definition: ErrorDetail.h:74
int sysError() const
Definition: ErrorDetail.h:66
const char * notafter() const
textual representation of the "not after" field of the broken certificate
Definition: ErrorDetail.cc:645
const char * cn() const
a list of the broken certificates CN and alternate names
Definition: ErrorDetail.cc:595
const char * ca_name() const
the issuer of the broken certificate
Definition: ErrorDetail.cc:614
CertPointer peer_cert
A pointer to the peer certificate.
Definition: ErrorDetail.h:94
const char * notbefore() const
textual representation of the "not before" field of the broken certificate
Definition: ErrorDetail.cc:629
T * get() const
Returns raw and possibly nullptr pointer.
unsigned char code
Definition: html_quote.c:20
Network/connection security abstraction layer.
Definition: Connection.h:34
int ErrorCode
Squid-defined error code (<0), an error code returned by X.509 API, or zero.
Definition: forward.h:128
const char * ErrorNameFromCode(ErrorCode err, bool prefixRawCode=false)
Definition: ErrorDetail.cc:429
unsigned long LibErrorCode
TLS library-reported non-validation error.
Definition: forward.h:135
X509 Certificate
Definition: forward.h:73
ErrorCode ErrorCodeFromName(const char *name)
Definition: ErrorDetail.cc:409
std::ostream & operator<<(std::ostream &, const EncryptorAnswer &)

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors