src/ssl/ErrorDetail.h

   1 /*
   2  * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef _SQUID_SSL_ERROR_DETAIL_H
  10 #define _SQUID_SSL_ERROR_DETAIL_H
  11
  12 #include "err_detail_type.h"
  13 #include "ErrorDetailManager.h"
  14 #include "HttpRequest.h"
  15 #include "security/forward.h"
  16
  17 namespace Ssl
  18 {
  19 /**
  20  * Converts user-friendly error "name" into an Security::ErrorCode
  21  * and adds it to the provided container (using emplace).
  22  * This function can handle numeric error numbers as well as names.
  23  */
  24 bool ParseErrorString(const char *name, Security::Errors &);
  25
  26 /// The Security::ErrorCode code of the error described by  "name".
  27 Security::ErrorCode GetErrorCode(const char *name);
  28
  29 /// The string representation of the TLS error "value"
  30 const char *GetErrorName(Security::ErrorCode value);
  31
  32 /// A short description of the TLS error "value"
  33 const char *GetErrorDescr(Security::ErrorCode value);
  34
  35 /// \return true if the TLS error is optional and may not be supported by current squid version
  36 bool ErrorIsOptional(const char *name);
  37
  38 /**
  39  * Used to pass SSL error details to the error pages returned to the
  40  * end user.
  41  */
  42 class ErrorDetail
  43 {
  44 public:
  45     // if broken certificate is nil, the peer certificate is broken
  46     ErrorDetail(Security::ErrorCode err_no, X509 *peer, X509 *broken, const char *aReason = NULL);
  47     ErrorDetail(ErrorDetail const &);
  48     const String &toString() const;  ///< An error detail string to embed in squid error pages
  49     void useRequest(HttpRequest *aRequest) { if (aRequest != NULL) request = aRequest;}
  50     /// The error name to embed in squid error pages
  51     const char *errorName() const {return err_code();}
  52     /// The error no
  53     Security::ErrorCode errorNo() const {return error_no;}
  54     ///Sets the low-level error returned by OpenSSL ERR_get_error()
  55     void setLibError(unsigned long lib_err_no) {lib_error_no = lib_err_no;}
  56     /// the peer certificate
  57     X509 *peerCert() { return peer_cert.get(); }
  58     /// peer or intermediate certificate that failed validation
  59     X509 *brokenCert() {return broken_cert.get(); }
  60 private:
  61     typedef const char * (ErrorDetail::*fmt_action_t)() const;
  62     /**
  63      * Holds a formating code and its conversion method
  64      */
  65     class err_frm_code
  66     {
  67     public:
  68         const char *code;             ///< The formating code
  69         fmt_action_t fmt_action; ///< A pointer to the conversion method
  70     };
  71     static err_frm_code  ErrorFormatingCodes[]; ///< The supported formating codes
  72
  73     const char *subject() const;
  74     const char *ca_name() const;
  75     const char *cn() const;
  76     const char *notbefore() const;
  77     const char *notafter() const;
  78     const char *err_code() const;
  79     const char *err_descr() const;
  80     const char *err_lib_error() const;
  81
  82     int convert(const char *code, const char **value) const;
  83     void buildDetail() const;
  84
  85     mutable String errDetailStr; ///< Caches the error detail message
  86     Security::ErrorCode error_no;   ///< The error code
  87     unsigned long lib_error_no; ///< low-level error returned by OpenSSL ERR_get_error(3SSL)
  88     Security::CertPointer peer_cert; ///< A pointer to the peer certificate
  89     Security::CertPointer broken_cert; ///< A pointer to the broken certificate (peer or intermediate)
  90     String errReason; ///< A custom reason for error, else retrieved from OpenSSL.
  91     mutable ErrorDetailEntry detailEntry;
  92     HttpRequest::Pointer request;
  93 };
  94
  95 }//namespace Ssl
  96 #endif
  97