- Move the CertItem class from ValidateCertificateResponse class to
CertValidateMessage class
- Add the Ssl::CertValidateMessage::getCertByName method to search
an for a certificate in a std::vector<CertItem> list
- Implement the Ssl::ValidateCertificateResponse::getError to search in
Ssl::ValidateCertificateResponse::errors list for a error
- Improve the Ssl::CertValidateMessage::parseResponse method
- Remove the ValidateCertificateResponse::ErrorItem::certId member. The
user should always link with a certificate, not with an index to certificate.
- The CertValidateMessage::parseResponse takes as argument the list of peer
Certificates. It uses this list to fill the ValidateCertificateResponse
object.
- Return ERR_GATEWAY_FAILURE/HTTP_INTERNAL_SERVER_ERROR error if:
* Failed to compose the Ssl::CertValidateMessage message to sent to
cert validator
* The response from cert validator is wrong
* The cert validator returns an error.
- Implement the FwdState::sslCrtvdCheckForErrors method. This method
checks if the errors returned from cert validator class can be
ignored or an error to the user must returned.
- Now if the Config.ssl_client.cert_error is not used, then the first
error in the list returned from cert validator, is the error which
considered as the error which causes the failure
projects / thirdparty / squid.git / commitdiff
