Fill access log's %error_detail when responding with
ERR_SECURE_CONNECT_FAIL.


This is a Measurement Factory project

=== modified file 'src/format/Format.cc'
--- src/format/Format.cc	2011-10-14 01:49:17 +0000
+++ src/format/Format.cc	2011-10-25 15:46:23 +0000
@@ -1,32 +1,35 @@
 #include "config.h"
 #include "AccessLogEntry.h"
 #include "comm/Connection.h"
 #include "err_detail_type.h"
 #include "errorpage.h"
 #include "format/Format.h"
 #include "format/Quoting.h"
 #include "format/Tokens.h"
 #include "HttpRequest.h"
 #include "MemBuf.h"
 #include "rfc1738.h"
 #include "SquidTime.h"
+#if USE_SSL
+#include "ssl/ErrorDetail.h"
+#endif
 #include "Store.h"
 
 /// Convert a string to NULL pointer if it is ""
 #define strOrNull(s) ((s)==NULL||(s)[0]=='\0'?NULL:(s))
 
 Format::Format::Format(const char *n) :
         format(NULL),
         next(NULL)
 {
     name = xstrdup(n);
 }
 
 Format::Format::~Format()
 {
     // erase the list without consuming stack space
     while (next) {
         // unlink the next entry for deletion
         Format *temp = next;
         next = temp->next;
         temp->next = NULL;
@@ -805,40 +808,48 @@
             // or internal error messages).
             break;
 
         case LFT_SQUID_STATUS:
             if (al->http.timedout || al->http.aborted) {
                 snprintf(tmp, sizeof(tmp), "%s%s", log_tags[al->cache.code],
                          al->http.statusSfx());
                 out = tmp;
             } else {
                 out = log_tags[al->cache.code];
             }
 
             break;
 
         case LFT_SQUID_ERROR:
             if (al->request && al->request->errType != ERR_NONE)
                 out = errorPageName(al->request->errType);
             break;
 
         case LFT_SQUID_ERROR_DETAIL:
+#if USE_SSL
+            if (al->request && al->request->errType == ERR_SECURE_CONNECT_FAIL) {
+                if (! (out = Ssl::GetErrorName(al->request->errDetail))) {
+                    snprintf(tmp, sizeof(tmp), "SSL_ERR=%d", al->request->errDetail);
+                    out = tmp;
+                }
+            } else 
+#endif
             if (al->request && al->request->errDetail != ERR_DETAIL_NONE) {
                 if (al->request->errDetail > ERR_DETAIL_START  &&
                         al->request->errDetail < ERR_DETAIL_MAX)
                     out = errorDetailName(al->request->errDetail);
                 else {
                     if (al->request->errDetail >= ERR_DETAIL_EXCEPTION_START)
                         snprintf(tmp, sizeof(tmp), "%s=0x%X",
                                  errorDetailName(al->request->errDetail), (uint32_t) al->request->errDetail);
                     else
                         snprintf(tmp, sizeof(tmp), "%s=%d",
                                  errorDetailName(al->request->errDetail), al->request->errDetail);
                     out = tmp;
                 }
             }
             break;
 
         case LFT_SQUID_HIERARCHY:
             if (al->hier.ping.timedout)
                 mb.append("TIMEOUT_", 8);
 

=== modified file 'src/forward.cc'
--- src/forward.cc	2011-10-10 11:54:04 +0000
+++ src/forward.cc	2011-10-25 15:34:45 +0000
@@ -315,40 +315,45 @@
             anErr->xerrno = errno;
             fail(anErr);
         } // else use actual error from last connection attempt
         self = NULL;       // refcounted
     }
 }
 
 void
 FwdState::fail(ErrorState * errorState)
 {
     debugs(17, 3, HERE << err_type_str[errorState->type] << " \"" << httpStatusString(errorState->httpStatus) << "\"\n\t" << entry->url()  );
 
     if (err)
         errorStateFree(err);
 
     err = errorState;
 
     if (!errorState->request)
         errorState->request = HTTPMSGLOCK(request);
 
+#if USE_SSL
+    if (errorState->type == ERR_SECURE_CONNECT_FAIL && errorState->detail)
+        request->detailError(errorState->type, errorState->detail->errorNo());
+    else
+#endif
     request->detailError(errorState->type, errorState->xerrno);
 }
 
 /**
  * Frees fwdState without closing FD or generating an abort
  */
 void
 FwdState::unregister(Comm::ConnectionPointer &conn)
 {
     debugs(17, 3, HERE << entry->url() );
     assert(serverConnection() == conn);
     assert(Comm::IsConnOpen(conn));
     comm_remove_close_handler(conn->fd, fwdServerClosedWrapper, this);
     serverConn = NULL;
 }
 
 // Legacy method to be removed in favor of the above as soon as possible
 void
 FwdState::unregister(int fd)
 {

=== modified file 'src/ssl/ErrorDetail.h'
--- src/ssl/ErrorDetail.h	2011-06-17 07:46:48 +0000
+++ src/ssl/ErrorDetail.h	2011-10-25 15:35:09 +0000
@@ -35,40 +35,42 @@
 /**
    \ingroup ServerProtocolSSLAPI
  * A short description of the SSL error "value"
  */
 const char *GetErrorDescr(ssl_error_t value);
 
 /**
    \ingroup ServerProtocolSSLAPI
  * Used to pass SSL error details to the error pages returned to the
  * end user.
  */
 class ErrorDetail
 {
 public:
     ErrorDetail(ssl_error_t err_no, X509 *cert);
     ErrorDetail(ErrorDetail const &);
     const String &toString() const;  ///< An error detail string to embed in squid error pages
     void useRequest(HttpRequest *aRequest) { if (request != NULL) request = aRequest;}
     /// The error name to embed in squid error pages
     const char *errorName() const {return err_code();}
+    /// The error no
+    ssl_error_t errorNo() const {return error_no;}
 
 private:
     typedef const char * (ErrorDetail::*fmt_action_t)() const;
     /**
      * Holds a formating code and its conversion method
      */
     class err_frm_code
     {
     public:
         const char *code;             ///< The formating code
         fmt_action_t fmt_action; ///< A pointer to the conversion method
     };
     static err_frm_code  ErrorFormatingCodes[]; ///< The supported formating codes
 
     const char *subject() const;
     const char *ca_name() const;
     const char *cn() const;
     const char *notbefore() const;
     const char *notafter() const;
     const char *err_code() const;