git.ipfire.org Git - thirdparty/squid.git/commit

Polish SSL certificate error handling

This patch
- Adds SQUID_X509_V_ERR_DOMAIN_MISMATCH to TheSslErrorArray and in
  errors/templates/error-details.txt template file to enable bypass and
  details reporting for that error.

- Fixes the ssl error details handling code, to report the first honored error
  in a certificate, not the first certification validation error (which could
  have been bypassed).

- Adjust ssl_verify_cb() to copy ctx->error to error_no in the beginning and
  never use ctx->error after that.

author	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Wed, 22 Jun 2011 08:54:17 +0000 (11:54 +0300)
committer	Christos Tsantilas <chtsanti@users.sourceforge.net>
	Wed, 22 Jun 2011 08:54:17 +0000 (11:54 +0300)
commit	7698a79c6482fa733e76d5bd18769c233a973b37
tree	64046b73c87198ff35d4178db131f97e2cc12ba8	tree \| snapshot
parent	053b32287a15092e049fe38b8cfecd47efe37034	commit \| diff

errors/templates/error-details.txt		diff \| blob \| blame \| history
src/ssl/ErrorDetail.cc		diff \| blob \| blame \| history
src/ssl/support.cc		diff \| blob \| blame \| history