Bug Fix: Squid may crash, when accessing an SSL certificate with errors
This is a security bug.
The bug report is:
When accessing a revoked certificate (i.e., X509_V_ERR_CERT_REVOKED) Squid
crashes. In ssl/ErrorDetail.cc:223 the detailed message is left blank if the
error is not specifically handled by Squid and the errorpage.cc:1193 assertion
fails while trying to convert the message.
This patch:
- Handle inside ErrorState::Convert the cases where the ErrorDetail return
blank error detail string
- Use a default detail error message in ssl::ErrorDetail, for the cases
where the detail error is not defined in TheSslDetailMap.
- If a name for the ssl::ErrorDetail error code is not defined return the
numeric error code when the "%err_name" formating code used
projects / thirdparty / squid.git / commit
