projects / thirdparty / squid.git / blame
| Commit | Line | Data |
|---|---|---|
| bbc27441 | 1 | /* |
| bde978a6 | 2 | * Copyright (C) 1996-2015 The Squid Software Foundation and contributors |
| bbc27441 AJ |
3 | * |
| 4 | * Squid software is distributed under GPLv2+ license and includes | |
| 5 | * contributions from numerous individuals and organizations. | |
| 6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
| 7 | */ | |
| 8 | ||
| a1f04d64 AR |
9 | #ifndef SQUID_SSL_CERT_VALIDATE_MESSAGE_H |
| 10 | #define SQUID_SSL_CERT_VALIDATE_MESSAGE_H | |
| 11 | ||
| 24438ec5 | 12 | #include "helper/ResultCode.h" |
| a1f04d64 | 13 | #include "ssl/crtd_message.h" |
| 602d9612 | 14 | #include "ssl/support.h" |
| d6d0eb11 | 15 | |
| a1f04d64 AR |
16 | #include <vector> |
| 17 | ||
| 22636a68 | 18 | namespace Ssl |
| a1f04d64 AR |
19 | { |
| 20 | ||
| b56756cb CT |
21 | /** |
| 22 | * This class is used to hold the required informations to build | |
| 23 | * a request message for the certificate validator helper | |
| 24 | */ | |
| 22636a68 CT |
25 | class CertValidationRequest |
| 26 | { | |
| a1f04d64 | 27 | public: |
| 14798e73 | 28 | SSL *ssl; |
| 62a7607e | 29 | CertErrors *errors; ///< The list of errors detected |
| b56756cb | 30 | std::string domainName; ///< The server name |
| 14798e73 | 31 | CertValidationRequest() : ssl(NULL), errors(NULL) {} |
| a1f04d64 AR |
32 | }; |
| 33 | ||
| b56756cb CT |
34 | /** |
| 35 | * This class is used to store informations found in certificate validation | |
| 36 | * response messages read from certificate validator helper | |
| 37 | */ | |
| 22636a68 CT |
38 | class CertValidationResponse |
| 39 | { | |
| a1f04d64 | 40 | public: |
| b56756cb CT |
41 | /** |
| 42 | * This class used to hold error informations returned from | |
| 43 | * cert validator helper. | |
| 44 | */ | |
| 22636a68 CT |
45 | class RecvdError |
| 46 | { | |
| a1f04d64 | 47 | public: |
| b56756cb CT |
48 | RecvdError(): id(0), error_no(SSL_ERROR_NONE), cert(NULL) {} |
| 49 | RecvdError(const RecvdError &); | |
| d6d0eb11 | 50 | RecvdError & operator =(const RecvdError &); |
| b56756cb | 51 | void setCert(X509 *); ///< Sets cert to the given certificate |
| 3a7d782f | 52 | int id; ///< The id of the error |
| b56756cb | 53 | ssl_error_t error_no; ///< The OpenSSL error code |
| 3a7d782f | 54 | std::string error_reason; ///< A string describing the error |
| 4a77bb4e | 55 | X509_Pointer cert; ///< The broken certificate |
| a1f04d64 AR |
56 | }; |
| 57 | ||
| b56756cb | 58 | typedef std::vector<RecvdError> RecvdErrors; |
| 3a7d782f | 59 | |
| b56756cb CT |
60 | /// Search in errors list for the error item with id=errorId. |
| 61 | /// If none found a new RecvdError item added with the given id; | |
| 62 | RecvdError &getError(int errorId); | |
| 63 | RecvdErrors errors; ///< The list of parsed errors | |
| 24438ec5 | 64 | Helper::ResultCode resultCode; ///< The helper result code |
| 3a7d782f CT |
65 | }; |
| 66 | ||
| b56756cb CT |
67 | /** |
| 68 | * This class is responsible for composing or parsing messages destined to | |
| 69 | * or comming from a cert validator helper. | |
| 70 | * The messages format is: | |
| d6d0eb11 | 71 | * response/request-code SP body-length SP [key=value ...] \x01 |
| b56756cb | 72 | */ |
| d6d0eb11 | 73 | class CertValidationMsg : public CrtdMessage |
| 22636a68 | 74 | { |
| 3a7d782f | 75 | private: |
| b56756cb CT |
76 | /** |
| 77 | * This class used to hold the certId/cert pairs found | |
| 78 | * in cert validation messages. | |
| 79 | */ | |
| 22636a68 CT |
80 | class CertItem |
| 81 | { | |
| a1f04d64 | 82 | public: |
| b56756cb | 83 | std::string name; ///< The certificate Id to use |
| 4a77bb4e | 84 | X509_Pointer cert; ///< A pointer to certificate |
| a1f04d64 AR |
85 | CertItem(): cert(NULL) {} |
| 86 | CertItem(const CertItem &); | |
| d6d0eb11 | 87 | CertItem & operator =(const CertItem &); |
| b56756cb | 88 | void setCert(X509 *); ///< Sets cert to the given certificate |
| a1f04d64 | 89 | }; |
| b56756cb | 90 | |
| a1f04d64 | 91 | public: |
| 53251bc3 | 92 | CertValidationMsg(MessageKind kind): CrtdMessage(kind) {} |
| b56756cb CT |
93 | |
| 94 | /// Build a request message for the cert validation helper | |
| 95 | /// using informations provided by vcert object | |
| 96 | void composeRequest(CertValidationRequest const &vcert); | |
| 97 | ||
| 98 | /// Parse a response message and fill the resp object with parsed informations | |
| 99 | bool parseResponse(CertValidationResponse &resp, STACK_OF(X509) *peerCerts, std::string &error); | |
| 100 | ||
| 101 | /// Search a CertItems list for the certificate with ID "name" | |
| 102 | X509 *getCertByName(std::vector<CertItem> const &, std::string const & name); | |
| a1f04d64 AR |
103 | |
| 104 | /// String code for "cert_validate" messages | |
| 105 | static const std::string code_cert_validate; | |
| 106 | /// Parameter name for passing intended domain name | |
| 107 | static const std::string param_domain; | |
| a1f04d64 | 108 | /// Parameter name for passing SSL certificates |
| 22636a68 | 109 | static const std::string param_cert; |
| a1f04d64 | 110 | /// Parameter name for passing the major SSL error |
| 22636a68 | 111 | static const std::string param_error_name; |
| a1f04d64 | 112 | /// Parameter name for passing the error reason |
| 22636a68 | 113 | static const std::string param_error_reason; |
| a1f04d64 AR |
114 | /// Parameter name for passing the error cert ID |
| 115 | static const std::string param_error_cert; | |
| 6e325882 CT |
116 | /// Parameter name for SSL version |
| 117 | static const std::string param_proto_version; | |
| 118 | /// Parameter name for SSL cipher | |
| 119 | static const std::string param_cipher; | |
| a1f04d64 AR |
120 | }; |
| 121 | ||
| 122 | }//namespace Ssl | |
| d6d0eb11 | 123 | |
| a1f04d64 | 124 | #endif // SQUID_SSL_CERT_VALIDATE_MESSAGE_H |
| f53969cc | 125 |