ErrorDetail.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #ifndef SQUID_SRC_SECURITY_DETAIL_H
10 #define SQUID_SRC_SECURITY_DETAIL_H
11 
12 #include "base/RefCount.h"
13 #include "error/Detail.h"
14 #include "http/forward.h"
15 #include "security/forward.h"
16 #include "SquidString.h"
17 
18 #if USE_OPENSSL
19 #include "ssl/ErrorDetailManager.h"
20 #endif
21 
22 namespace Security {
23 
36 {
38 
39 public:
41 
44  ErrorDetail(ErrorCode err_no, const CertPointer &peer, const CertPointer &broken, const char *aReason = NULL);
45 
46 #if USE_OPENSSL
47  ErrorDetail(ErrorCode anErrorCode, int anIoErrorNo, int aSysErrorNo);
51 #elif USE_GNUTLS
52  ErrorDetail(ErrorCode anErrorCode, LibErrorCode aLibErrorNo, int aSysErrorNo);
56 #endif
57 
58  /* ErrorDetail API */
59  virtual SBuf brief() const;
60  virtual SBuf verbose(const HttpRequestPointer &) const;
61 
63  ErrorCode errorNo() const { return error_no; }
64 
66  int sysError() const { return sysErrorNo; }
67 
68  /* Certificate manipulation API. TODO: Add GnuTLS implementations, users. */
69 
71  Certificate *peerCert() { return peer_cert.get(); }
72 
75 
78  void setPeerCertificate(const CertPointer &);
79 
80 private:
81  ErrorDetail(ErrorCode err, int aSysErrorNo);
82 
83  /* methods for formatting error details using admin-configurable %codes */
84  const char *subject() const;
85  const char *ca_name() const;
86  const char *cn() const;
87  const char *notbefore() const;
88  const char *notafter() const;
89  const char *err_code() const;
90  const char *err_descr() const;
91  const char *err_lib_error() const;
92  size_t convert(const char *code, const char **value) const;
93 
96 
99 
102 
104  int sysErrorNo = 0;
105 
106 #if USE_OPENSSL
107  int ioErrorNo = 0;
112 
115 #else
116  // other TLS libraries do not use custom ErrorDetail members
117 #endif
118 
120 };
121 
123 ErrorCode ErrorCodeFromName(const char *name);
124 
127 const char *ErrorNameFromCode(ErrorCode err, bool prefixRawCode = false);
128 
129 }
130 
131 #endif
132 
ErrorCode ErrorCodeFromName(const char *name)
Definition: ErrorDetail.cc:407
int ErrorCode
Squid-defined error code (<0), an error code returned by X.509 API, or zero.
Definition: forward.h:102
ErrorDetailEntry detailEntry
Definition: ErrorDetail.h:114
Certificate * peerCert()
the peer certificate (or nil)
Definition: ErrorDetail.h:71
virtual SBuf brief() const
Definition: ErrorDetail.cc:497
Definition: SBuf.h:87
MEMPROXY_CLASS(Security::ErrorDetail)
const char * subject() const
textual representation of the subject of the broken certificate
Definition: ErrorDetail.cc:561
const char * cn() const
a list of the broken certificates CN and alternate names
Definition: ErrorDetail.cc:595
CertPointer broken_cert
A pointer to the broken certificate (peer or intermediate)
Definition: ErrorDetail.h:95
#define NULL
Definition: types.h:166
int sysError() const
Definition: ErrorDetail.h:66
ErrorDetailPointer Pointer
Definition: ErrorDetail.h:40
void setPeerCertificate(const CertPointer &)
Definition: ErrorDetail.cc:487
const char * err_descr() const
short description of error_no
Definition: ErrorDetail.cc:676
unsigned char code
Definition: html_quote.c:20
virtual SBuf verbose(const HttpRequestPointer &) const
Definition: ErrorDetail.cc:530
Certificate * brokenCert()
peer or intermediate certificate that failed validation (or nil)
Definition: ErrorDetail.h:74
const char * ErrorNameFromCode(ErrorCode err, bool prefixRawCode=false)
Definition: ErrorDetail.cc:427
int sysErrorNo
errno(3); system call failure code or zero
Definition: ErrorDetail.h:104
ErrorDetail(ErrorCode err_no, const CertPointer &peer, const CertPointer &broken, const char *aReason=NULL)
Definition: ErrorDetail.cc:463
X509 Certificate
Definition: forward.h:65
ErrorCode errorNo() const
Definition: ErrorDetail.h:63
ErrorCode error_no
Squid-discovered error, validation error, or zero;.
Definition: ErrorDetail.h:98
String errReason
a custom reason for the error
Definition: ErrorDetail.h:119
const char * notafter() const
textual representation of the "not after" field of the broken certificate
Definition: ErrorDetail.cc:647
const char * err_code() const
textual representation of error_no
Definition: ErrorDetail.cc:663
const char * notbefore() const
textual representation of the "not before" field of the broken certificate
Definition: ErrorDetail.cc:631
size_t convert(const char *code, const char **value) const
Definition: ErrorDetail.cc:719
const char * ca_name() const
the issuer of the broken certificate
Definition: ErrorDetail.cc:614
CertPointer peer_cert
A pointer to the peer certificate.
Definition: ErrorDetail.h:94
Network/connection security abstraction layer.
Definition: Connection.h:34
const char * err_lib_error() const
textual representation of lib_error_no
Definition: ErrorDetail.cc:689
LibErrorCode lib_error_no
TLS library-reported non-validation error or zero;.
Definition: ErrorDetail.h:101
T * get() const
Returns raw and possibly nullptr pointer.
unsigned long LibErrorCode
TLS library-reported non-validation error.
Definition: forward.h:112

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors