]>
Commit | Line | Data |
---|---|---|
a1f04d64 | 1 | /* |
a1f04d64 AR |
2 | */ |
3 | ||
4 | #ifndef SQUID_SSL_CERT_VALIDATE_MESSAGE_H | |
5 | #define SQUID_SSL_CERT_VALIDATE_MESSAGE_H | |
6 | ||
a9d17bbd | 7 | #include "HelperReply.h" |
a1f04d64 | 8 | #include "ssl/crtd_message.h" |
602d9612 | 9 | #include "ssl/support.h" |
a1f04d64 AR |
10 | #include <vector> |
11 | ||
22636a68 | 12 | namespace Ssl |
a1f04d64 AR |
13 | { |
14 | ||
b56756cb CT |
15 | /** |
16 | * This class is used to hold the required informations to build | |
17 | * a request message for the certificate validator helper | |
18 | */ | |
22636a68 CT |
19 | class CertValidationRequest |
20 | { | |
a1f04d64 | 21 | public: |
14798e73 | 22 | SSL *ssl; |
62a7607e | 23 | CertErrors *errors; ///< The list of errors detected |
b56756cb | 24 | std::string domainName; ///< The server name |
14798e73 | 25 | CertValidationRequest() : ssl(NULL), errors(NULL) {} |
a1f04d64 AR |
26 | }; |
27 | ||
b56756cb CT |
28 | /** |
29 | * This class is used to store informations found in certificate validation | |
30 | * response messages read from certificate validator helper | |
31 | */ | |
22636a68 CT |
32 | class CertValidationResponse |
33 | { | |
a1f04d64 | 34 | public: |
b56756cb CT |
35 | /** |
36 | * This class used to hold error informations returned from | |
37 | * cert validator helper. | |
38 | */ | |
22636a68 CT |
39 | class RecvdError |
40 | { | |
a1f04d64 | 41 | public: |
b56756cb CT |
42 | RecvdError(): id(0), error_no(SSL_ERROR_NONE), cert(NULL) {} |
43 | RecvdError(const RecvdError &); | |
b56756cb CT |
44 | RecvdError & operator = (const RecvdError &); |
45 | void setCert(X509 *); ///< Sets cert to the given certificate | |
3a7d782f | 46 | int id; ///< The id of the error |
b56756cb | 47 | ssl_error_t error_no; ///< The OpenSSL error code |
3a7d782f | 48 | std::string error_reason; ///< A string describing the error |
4a77bb4e | 49 | X509_Pointer cert; ///< The broken certificate |
a1f04d64 AR |
50 | }; |
51 | ||
b56756cb | 52 | typedef std::vector<RecvdError> RecvdErrors; |
3a7d782f | 53 | |
b56756cb CT |
54 | /// Search in errors list for the error item with id=errorId. |
55 | /// If none found a new RecvdError item added with the given id; | |
56 | RecvdError &getError(int errorId); | |
57 | RecvdErrors errors; ///< The list of parsed errors | |
14798e73 | 58 | HelperReply::Result_ resultCode; ///< The helper result code |
3a7d782f CT |
59 | }; |
60 | ||
b56756cb CT |
61 | /** |
62 | * This class is responsible for composing or parsing messages destined to | |
63 | * or comming from a cert validator helper. | |
64 | * The messages format is: | |
65 | * <response/request code> <whitespace> <body length> <whitespace> <key=value> ...\1 | |
66 | */ | |
22636a68 CT |
67 | class CertValidationMsg: public CrtdMessage |
68 | { | |
3a7d782f | 69 | private: |
b56756cb CT |
70 | /** |
71 | * This class used to hold the certId/cert pairs found | |
72 | * in cert validation messages. | |
73 | */ | |
22636a68 CT |
74 | class CertItem |
75 | { | |
a1f04d64 | 76 | public: |
b56756cb | 77 | std::string name; ///< The certificate Id to use |
4a77bb4e | 78 | X509_Pointer cert; ///< A pointer to certificate |
a1f04d64 AR |
79 | CertItem(): cert(NULL) {} |
80 | CertItem(const CertItem &); | |
81 | CertItem & operator = (const CertItem &); | |
b56756cb | 82 | void setCert(X509 *); ///< Sets cert to the given certificate |
a1f04d64 | 83 | }; |
b56756cb | 84 | |
a1f04d64 | 85 | public: |
53251bc3 | 86 | CertValidationMsg(MessageKind kind): CrtdMessage(kind) {} |
b56756cb CT |
87 | |
88 | /// Build a request message for the cert validation helper | |
89 | /// using informations provided by vcert object | |
90 | void composeRequest(CertValidationRequest const &vcert); | |
91 | ||
92 | /// Parse a response message and fill the resp object with parsed informations | |
93 | bool parseResponse(CertValidationResponse &resp, STACK_OF(X509) *peerCerts, std::string &error); | |
94 | ||
95 | /// Search a CertItems list for the certificate with ID "name" | |
96 | X509 *getCertByName(std::vector<CertItem> const &, std::string const & name); | |
a1f04d64 AR |
97 | |
98 | /// String code for "cert_validate" messages | |
99 | static const std::string code_cert_validate; | |
100 | /// Parameter name for passing intended domain name | |
101 | static const std::string param_domain; | |
a1f04d64 | 102 | /// Parameter name for passing SSL certificates |
22636a68 | 103 | static const std::string param_cert; |
a1f04d64 | 104 | /// Parameter name for passing the major SSL error |
22636a68 | 105 | static const std::string param_error_name; |
a1f04d64 | 106 | /// Parameter name for passing the error reason |
22636a68 | 107 | static const std::string param_error_reason; |
a1f04d64 AR |
108 | /// Parameter name for passing the error cert ID |
109 | static const std::string param_error_cert; | |
110 | }; | |
111 | ||
112 | }//namespace Ssl | |
113 | #endif // SQUID_SSL_CERT_VALIDATE_MESSAGE_H |