]>
Commit | Line | Data |
---|---|---|
a1f04d64 | 1 | /* |
a1f04d64 AR |
2 | */ |
3 | ||
4 | #ifndef SQUID_SSL_CERT_VALIDATE_MESSAGE_H | |
5 | #define SQUID_SSL_CERT_VALIDATE_MESSAGE_H | |
6 | ||
7 | #include "ssl/support.h" | |
8 | #include "ssl/crtd_message.h" | |
9 | #include <vector> | |
10 | ||
22636a68 | 11 | namespace Ssl |
a1f04d64 AR |
12 | { |
13 | ||
b56756cb CT |
14 | /** |
15 | * This class is used to hold the required informations to build | |
16 | * a request message for the certificate validator helper | |
17 | */ | |
22636a68 CT |
18 | class CertValidationRequest |
19 | { | |
a1f04d64 | 20 | public: |
14798e73 | 21 | SSL *ssl; |
b56756cb CT |
22 | Errors *errors; ///< The list of errors detected |
23 | std::string domainName; ///< The server name | |
14798e73 | 24 | CertValidationRequest() : ssl(NULL), errors(NULL) {} |
a1f04d64 AR |
25 | }; |
26 | ||
b56756cb CT |
27 | /** |
28 | * This class is used to store informations found in certificate validation | |
29 | * response messages read from certificate validator helper | |
30 | */ | |
22636a68 CT |
31 | class CertValidationResponse |
32 | { | |
a1f04d64 | 33 | public: |
b56756cb CT |
34 | /** |
35 | * This class used to hold error informations returned from | |
36 | * cert validator helper. | |
37 | */ | |
22636a68 CT |
38 | class RecvdError |
39 | { | |
a1f04d64 | 40 | public: |
b56756cb CT |
41 | RecvdError(): id(0), error_no(SSL_ERROR_NONE), cert(NULL) {} |
42 | RecvdError(const RecvdError &); | |
b56756cb CT |
43 | RecvdError & operator = (const RecvdError &); |
44 | void setCert(X509 *); ///< Sets cert to the given certificate | |
3a7d782f | 45 | int id; ///< The id of the error |
b56756cb | 46 | ssl_error_t error_no; ///< The OpenSSL error code |
3a7d782f | 47 | std::string error_reason; ///< A string describing the error |
4a77bb4e | 48 | X509_Pointer cert; ///< The broken certificate |
a1f04d64 AR |
49 | }; |
50 | ||
b56756cb | 51 | typedef std::vector<RecvdError> RecvdErrors; |
3a7d782f | 52 | |
b56756cb CT |
53 | /// Search in errors list for the error item with id=errorId. |
54 | /// If none found a new RecvdError item added with the given id; | |
55 | RecvdError &getError(int errorId); | |
56 | RecvdErrors errors; ///< The list of parsed errors | |
14798e73 | 57 | HelperReply::Result_ resultCode; ///< The helper result code |
3a7d782f CT |
58 | }; |
59 | ||
b56756cb CT |
60 | /** |
61 | * This class is responsible for composing or parsing messages destined to | |
62 | * or comming from a cert validator helper. | |
63 | * The messages format is: | |
64 | * <response/request code> <whitespace> <body length> <whitespace> <key=value> ...\1 | |
65 | */ | |
22636a68 CT |
66 | class CertValidationMsg: public CrtdMessage |
67 | { | |
3a7d782f | 68 | private: |
b56756cb CT |
69 | /** |
70 | * This class used to hold the certId/cert pairs found | |
71 | * in cert validation messages. | |
72 | */ | |
22636a68 CT |
73 | class CertItem |
74 | { | |
a1f04d64 | 75 | public: |
b56756cb | 76 | std::string name; ///< The certificate Id to use |
4a77bb4e | 77 | X509_Pointer cert; ///< A pointer to certificate |
a1f04d64 AR |
78 | CertItem(): cert(NULL) {} |
79 | CertItem(const CertItem &); | |
80 | CertItem & operator = (const CertItem &); | |
b56756cb | 81 | void setCert(X509 *); ///< Sets cert to the given certificate |
a1f04d64 | 82 | }; |
b56756cb | 83 | |
a1f04d64 | 84 | public: |
53251bc3 | 85 | CertValidationMsg(MessageKind kind): CrtdMessage(kind) {} |
b56756cb CT |
86 | |
87 | /// Build a request message for the cert validation helper | |
88 | /// using informations provided by vcert object | |
89 | void composeRequest(CertValidationRequest const &vcert); | |
90 | ||
91 | /// Parse a response message and fill the resp object with parsed informations | |
92 | bool parseResponse(CertValidationResponse &resp, STACK_OF(X509) *peerCerts, std::string &error); | |
93 | ||
94 | /// Search a CertItems list for the certificate with ID "name" | |
95 | X509 *getCertByName(std::vector<CertItem> const &, std::string const & name); | |
a1f04d64 AR |
96 | |
97 | /// String code for "cert_validate" messages | |
98 | static const std::string code_cert_validate; | |
99 | /// Parameter name for passing intended domain name | |
100 | static const std::string param_domain; | |
101 | /// Parameter name for passing SSL errors | |
102 | static const std::string param_error; | |
103 | /// Parameter name for passing SSL certificates | |
22636a68 | 104 | static const std::string param_cert; |
a1f04d64 | 105 | /// Parameter name for passing the major SSL error |
22636a68 | 106 | static const std::string param_error_name; |
a1f04d64 | 107 | /// Parameter name for passing the error reason |
22636a68 | 108 | static const std::string param_error_reason; |
a1f04d64 AR |
109 | /// Parameter name for passing the error cert ID |
110 | static const std::string param_error_cert; | |
111 | }; | |
112 | ||
113 | }//namespace Ssl | |
114 | #endif // SQUID_SSL_CERT_VALIDATE_MESSAGE_H |