]>
Commit | Line | Data |
---|---|---|
bbc27441 | 1 | /* |
5b74111a | 2 | * Copyright (C) 1996-2018 The Squid Software Foundation and contributors |
bbc27441 AJ |
3 | * |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
fd4624d7 CT |
9 | #ifndef _SQUID_SSL_PEEKER_H |
10 | #define _SQUID_SSL_PEEKER_H | |
11 | ||
12 | #include "base/AsyncJob.h" | |
13 | #include "base/CbcPointer.h" | |
14 | #include "comm/forward.h" | |
15 | #include "HttpRequest.h" | |
16 | #include "ip/Address.h" | |
f97700a0 | 17 | #include "security/forward.h" |
5107d2c4 | 18 | #include "Store.h" |
fd4624d7 CT |
19 | |
20 | class ConnStateData; | |
582c2af2 | 21 | class store_client; |
fd4624d7 CT |
22 | |
23 | namespace Ssl | |
24 | { | |
25 | ||
26 | /** | |
7a957a93 | 27 | * Maintains bump-server-first related information. |
fd4624d7 CT |
28 | */ |
29 | class ServerBump | |
30 | { | |
5c2f68b7 AJ |
31 | CBDATA_CLASS(ServerBump); |
32 | ||
fd4624d7 | 33 | public: |
d620ae0e | 34 | explicit ServerBump(HttpRequest *fakeRequest, StoreEntry *e = NULL, Ssl::BumpMode mode = Ssl::bumpServerFirst); |
fd4624d7 | 35 | ~ServerBump(); |
8f917129 | 36 | void attachServerSession(const Security::SessionPointer &); ///< Sets the server TLS session object |
92e3827b | 37 | const Security::CertErrors *sslErrors() const; ///< SSL [certificate validation] errors |
7a957a93 | 38 | |
5107d2c4 CT |
39 | /// whether there was a successful connection to (and peeking at) the origin server |
40 | bool connectedOk() const {return entry && entry->isEmpty();} | |
41 | ||
d5430dc8 | 42 | /// faked, minimal request; required by Client API |
fd4624d7 CT |
43 | HttpRequest::Pointer request; |
44 | StoreEntry *entry; ///< for receiving Squid-generated error messages | |
088f0761 | 45 | /// HTTPS server certificate. Maybe it is different than the one |
8f917129 | 46 | /// it is stored in serverSession object (error SQUID_X509_V_ERR_CERT_CHANGE) |
088f0761 | 47 | Security::CertPointer serverCert; |
a9c2dd2f CT |
48 | struct { |
49 | Ssl::BumpMode step1; ///< The SSL bump mode at step1 | |
50 | Ssl::BumpMode step2; ///< The SSL bump mode at step2 | |
51 | Ssl::BumpMode step3; ///< The SSL bump mode at step3 | |
52 | } act; ///< bumping actions at various bumping steps | |
53 | Ssl::BumpStep step; ///< The SSL bumping step | |
fd4624d7 CT |
54 | |
55 | private: | |
8f917129 | 56 | Security::SessionPointer serverSession; ///< The TLS session object on server side. |
fd4624d7 | 57 | store_client *sc; ///< dummy client to prevent entry trimming |
fd4624d7 CT |
58 | }; |
59 | ||
60 | } // namespace Ssl | |
61 | ||
62 | #endif | |
f53969cc | 63 |