squid : Optimising Web Delivery

Go to the documentation of this file.
/*
 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */
 
#ifndef SQUID_SRC_SECURITY_DETAIL_H
#define SQUID_SRC_SECURITY_DETAIL_H
 
#include "base/RefCount.h"
#include "error/Detail.h"
#include "http/forward.h"
#include "security/forward.h"
#include "SquidString.h"
 
#if USE_OPENSSL
#include "ssl/ErrorDetailManager.h"
#endif
 
#if USE_OPENSSL
#include <optional>
#endif
 
namespace Security {
 
class ErrorDetail: public ::ErrorDetail
{
    MEMPROXY_CLASS(Security::ErrorDetail);
 
public:
    typedef ErrorDetailPointer Pointer;
 
    ErrorDetail(ErrorCode err_no, const CertPointer &peer, const CertPointer &broken, const char *aReason = nullptr);
 
#if USE_OPENSSL
    ErrorDetail(ErrorCode anErrorCode, int anIoErrorNo, int aSysErrorNo);
#elif USE_GNUTLS
    ErrorDetail(ErrorCode anErrorCode, LibErrorCode aLibErrorNo, int aSysErrorNo);
#endif
 
    /* ErrorDetail API */
    SBuf brief() const override;
    SBuf verbose(const HttpRequestPointer &) const override;
 
    ErrorCode errorNo() const { return error_no; }
 
    int sysError() const { return sysErrorNo; }
 
    /* Certificate manipulation API. TODO: Add GnuTLS implementations, users. */
 
    Certificate *peerCert() { return peer_cert.get(); }
 
    Certificate *brokenCert() {return broken_cert.get(); }
 
    void setPeerCertificate(const CertPointer &);
 
private:
    ErrorDetail(ErrorCode err, int aSysErrorNo);
 
    /* methods for formatting error details using admin-configurable %codes */
    void printSubject(std::ostream &os) const;
    void printCaName(std::ostream &os) const;
    void printCommonName(std::ostream &os) const;
    void printNotBefore(std::ostream &os) const;
    void printNotAfter(std::ostream &os) const;
    void printErrorCode(std::ostream &os) const;
    void printErrorDescription(std::ostream &os) const;
    void printErrorLibError(std::ostream &os) const;
    size_t convertErrorCodeToDescription(const char *code, std::ostream &os) const;
 
    CertPointer peer_cert; 
    CertPointer broken_cert; 
 
    ErrorCode error_no = 0;
 
    LibErrorCode lib_error_no = 0;
 
    int sysErrorNo = 0;
 
#if USE_OPENSSL
    int ioErrorNo = 0;
 
    using ErrorDetailEntry = Ssl::ErrorDetailEntry;
    mutable std::optional<ErrorDetailEntry> detailEntry;
#else
    // other TLS libraries do not use custom ErrorDetail members
#endif
 
    String errReason; 
};
 
ErrorCode ErrorCodeFromName(const char *name);
 
const char *ErrorNameFromCode(ErrorCode err, bool prefixRawCode = false);
 
inline std::ostream &
operator <<(std::ostream &os, const ErrorDetail::Pointer &p)
{
    return operator <<(os, ::ErrorDetail::Pointer(p));
}
 
} // namespace Security
 
#endif
 
squid-cache.org

Optimising Web Delivery

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors
