projects / thirdparty / squid.git / blame
| Commit | Line | Data |
|---|---|---|
| a1f04d64 | 1 | /* |
| a1f04d64 AR |
2 | */ |
| 3 | ||
| 4 | #ifndef SQUID_SSL_CERT_VALIDATE_MESSAGE_H | |
| 5 | #define SQUID_SSL_CERT_VALIDATE_MESSAGE_H | |
| 6 | ||
| a9d17bbd | 7 | #include "HelperReply.h" |
| a1f04d64 | 8 | #include "ssl/crtd_message.h" |
| 602d9612 | 9 | #include "ssl/support.h" |
| a1f04d64 AR |
10 | #include <vector> |
| 11 | ||
| 22636a68 | 12 | namespace Ssl |
| a1f04d64 AR |
13 | { |
| 14 | ||
| b56756cb CT |
15 | /** |
| 16 | * This class is used to hold the required informations to build | |
| 17 | * a request message for the certificate validator helper | |
| 18 | */ | |
| 22636a68 CT |
19 | class CertValidationRequest |
| 20 | { | |
| a1f04d64 | 21 | public: |
| 14798e73 | 22 | SSL *ssl; |
| 62a7607e | 23 | CertErrors *errors; ///< The list of errors detected |
| b56756cb | 24 | std::string domainName; ///< The server name |
| 14798e73 | 25 | CertValidationRequest() : ssl(NULL), errors(NULL) {} |
| a1f04d64 AR |
26 | }; |
| 27 | ||
| b56756cb CT |
28 | /** |
| 29 | * This class is used to store informations found in certificate validation | |
| 30 | * response messages read from certificate validator helper | |
| 31 | */ | |
| 22636a68 CT |
32 | class CertValidationResponse |
| 33 | { | |
| a1f04d64 | 34 | public: |
| b56756cb CT |
35 | /** |
| 36 | * This class used to hold error informations returned from | |
| 37 | * cert validator helper. | |
| 38 | */ | |
| 22636a68 CT |
39 | class RecvdError |
| 40 | { | |
| a1f04d64 | 41 | public: |
| b56756cb CT |
42 | RecvdError(): id(0), error_no(SSL_ERROR_NONE), cert(NULL) {} |
| 43 | RecvdError(const RecvdError &); | |
| b56756cb CT |
44 | RecvdError & operator = (const RecvdError &); |
| 45 | void setCert(X509 *); ///< Sets cert to the given certificate | |
| 3a7d782f | 46 | int id; ///< The id of the error |
| b56756cb | 47 | ssl_error_t error_no; ///< The OpenSSL error code |
| 3a7d782f | 48 | std::string error_reason; ///< A string describing the error |
| 4a77bb4e | 49 | X509_Pointer cert; ///< The broken certificate |
| a1f04d64 AR |
50 | }; |
| 51 | ||
| b56756cb | 52 | typedef std::vector<RecvdError> RecvdErrors; |
| 3a7d782f | 53 | |
| b56756cb CT |
54 | /// Search in errors list for the error item with id=errorId. |
| 55 | /// If none found a new RecvdError item added with the given id; | |
| 56 | RecvdError &getError(int errorId); | |
| 57 | RecvdErrors errors; ///< The list of parsed errors | |
| 14798e73 | 58 | HelperReply::Result_ resultCode; ///< The helper result code |
| 3a7d782f CT |
59 | }; |
| 60 | ||
| b56756cb CT |
61 | /** |
| 62 | * This class is responsible for composing or parsing messages destined to | |
| 63 | * or comming from a cert validator helper. | |
| 64 | * The messages format is: | |
| 65 | * <response/request code> <whitespace> <body length> <whitespace> <key=value> ...\1 | |
| 66 | */ | |
| 22636a68 CT |
67 | class CertValidationMsg: public CrtdMessage |
| 68 | { | |
| 3a7d782f | 69 | private: |
| b56756cb CT |
70 | /** |
| 71 | * This class used to hold the certId/cert pairs found | |
| 72 | * in cert validation messages. | |
| 73 | */ | |
| 22636a68 CT |
74 | class CertItem |
| 75 | { | |
| a1f04d64 | 76 | public: |
| b56756cb | 77 | std::string name; ///< The certificate Id to use |
| 4a77bb4e | 78 | X509_Pointer cert; ///< A pointer to certificate |
| a1f04d64 AR |
79 | CertItem(): cert(NULL) {} |
| 80 | CertItem(const CertItem &); | |
| 81 | CertItem & operator = (const CertItem &); | |
| b56756cb | 82 | void setCert(X509 *); ///< Sets cert to the given certificate |
| a1f04d64 | 83 | }; |
| b56756cb | 84 | |
| a1f04d64 | 85 | public: |
| 53251bc3 | 86 | CertValidationMsg(MessageKind kind): CrtdMessage(kind) {} |
| b56756cb CT |
87 | |
| 88 | /// Build a request message for the cert validation helper | |
| 89 | /// using informations provided by vcert object | |
| 90 | void composeRequest(CertValidationRequest const &vcert); | |
| 91 | ||
| 92 | /// Parse a response message and fill the resp object with parsed informations | |
| 93 | bool parseResponse(CertValidationResponse &resp, STACK_OF(X509) *peerCerts, std::string &error); | |
| 94 | ||
| 95 | /// Search a CertItems list for the certificate with ID "name" | |
| 96 | X509 *getCertByName(std::vector<CertItem> const &, std::string const & name); | |
| a1f04d64 AR |
97 | |
| 98 | /// String code for "cert_validate" messages | |
| 99 | static const std::string code_cert_validate; | |
| 100 | /// Parameter name for passing intended domain name | |
| 101 | static const std::string param_domain; | |
| a1f04d64 | 102 | /// Parameter name for passing SSL certificates |
| 22636a68 | 103 | static const std::string param_cert; |
| a1f04d64 | 104 | /// Parameter name for passing the major SSL error |
| 22636a68 | 105 | static const std::string param_error_name; |
| a1f04d64 | 106 | /// Parameter name for passing the error reason |
| 22636a68 | 107 | static const std::string param_error_reason; |
| a1f04d64 AR |
108 | /// Parameter name for passing the error cert ID |
| 109 | static const std::string param_error_cert; | |
| 110 | }; | |
| 111 | ||
| 112 | }//namespace Ssl | |
| 113 | #endif // SQUID_SSL_CERT_VALIDATE_MESSAGE_H |