~ACLFilledChecklist();
public:
+ /// The client connection manager
ConnStateData * conn() const;
- /// uses conn() if available
+ /// The client side fd. It uses conn() if available
int fd() const;
/// set either conn
void conn(ConnStateData *);
- /// set FD
+ /// set the client side FD
void fd(int aDescriptor);
//int authenticated();
ACLFilledChecklist check(Config.ssl_client.cert_error, request, dash_str);
check.sslErrors = new Ssl::Errors(SQUID_X509_V_ERR_DOMAIN_MISMATCH);
- if (Comm::IsConnOpen(pinning.serverConnection))
- check.fd(pinning.serverConnection->fd);
const bool allowDomainMismatch =
check.fastCheck() == ACCESS_ALLOWED;
delete check.sslErrors;
assert(err);
errorAppendEntry(entry, err);
err = NULL;
+#if USE_SSL
+ if (request->flags.sslPeek && request->clientConnectionManager.valid()) {
+ CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData,
+ ConnStateData::httpsPeeked, Comm::ConnectionPointer(NULL));
+ }
+#endif
} else {
EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT);
entry->complete();
ErrorState *anErr = new ErrorState(ERR_CANNOT_FORWARD, HTTP_INTERNAL_SERVER_ERROR, request);
fail(anErr);
} // else use actual error from last connection attempt
-#if USE_SSL
- if (request->flags.sslPeek && request->clientConnectionManager.valid()) {
- errorAppendEntry(entry, err); // will free err
- err = NULL;
- CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData,
- ConnStateData::httpsPeeked, Comm::ConnectionPointer(NULL));
- }
-#endif
self = NULL; // refcounted
}
}
// The list is used in ssl_verify_cb() and is freed in ssl_free().
if (acl_access *acl = Config.ssl_client.cert_error) {
ACLFilledChecklist *check = new ACLFilledChecklist(acl, request, dash_str);
- check->fd(fd);
SSL_set_ex_data(ssl, ssl_ex_index_cert_error_check, check);
}