#include <support.h>

Collaboration diagram for Ssl::VerifyCallbackParameters:

Static Public Member Functions
static VerifyCallbackParameters *	New (Security::Connection &)

static VerifyCallbackParameters &	At (Security::Connection &)

static VerifyCallbackParameters *	Find (Security::Connection &)

Public Attributes
bool	callerHandlesMissingCertificates = false

bool	hidMissingIssuer = false

Detailed Description

OpenSSL "verify_callback function" input/output parameters. This information cannot be passed through the verification API directly, so it is aggregated in this class and exchanged via ssl_ex_index_verify_callback_parameters. For OpenSSL validation callback details, see OpenSSL_vcb_disambiguation.

Definition at line 339 of file support.h.

Member Function Documentation

◆ At()

Ssl::VerifyCallbackParameters & Ssl::VerifyCallbackParameters::At ( Security::Connection & sconn )

static

Returns: the VerifyCallbackParameters object previously attached via New()

Definition at line 551 of file support.cc.

References Must.

Referenced by Security::PeerConnector::handleMissingCertificates(), and Security::PeerConnector::negotiate().

◆ Find()

Ssl::VerifyCallbackParameters * Ssl::VerifyCallbackParameters::Find ( Security::Connection & sconn )

static

Returns: the VerifyCallbackParameters object previously attached via New() or nil

Definition at line 533 of file support.cc.

References ssl_ex_index_verify_callback_parameters.

Referenced by ssl_verify_cb().

◆ New()

Ssl::VerifyCallbackParameters * Ssl::VerifyCallbackParameters::New ( Security::Connection & sconn )

static

creates a VerifyCallbackParameters object and adds it to the given TLS connection

Returns: the successfully created and added object

Definition at line 539 of file support.cc.

References Here, Must, and ssl_ex_index_verify_callback_parameters.

Referenced by Security::PeerConnector::initialize().

Member Data Documentation

◆ callerHandlesMissingCertificates

bool Ssl::VerifyCallbackParameters::callerHandlesMissingCertificates = false

whether X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY should be cleared (after setting hidMissingIssuer) because the validation initiator wants to get the missing certificates and redo the validation with them

Definition at line 356 of file support.h.

Referenced by Security::PeerConnector::handleMissingCertificates().

◆ hidMissingIssuer

bool Ssl::VerifyCallbackParameters::hidMissingIssuer = false

whether certificate validation has failed due to missing certificate(s) (i.e. X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY), but the failure was cleared/hidden due to true callerHandlesMissingCertificates setting; the certificate chain has to be deemed untrusted until revalidation (if any)

Definition at line 364 of file support.h.

The documentation for this class was generated from the following files:

src/ssl/support.h
src/ssl/support.cc

squid-cache.org

Optimising Web Delivery

Static Public Member Functions

Public Attributes

Detailed Description

Member Function Documentation

◆ At()

◆ Find()

◆ New()

Member Data Documentation

◆ callerHandlesMissingCertificates

◆ hidMissingIssuer

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors