}
my $response;
+ my $haserror = 0;
my $code = $line_args[0];
my $bodylen = $line_args[1];
my $body = $line_args[2] . "\n";
# Echo back the errors: fill the responseErrors array with the errors we read.
foreach $err (@errors) {
+ $haserror = 1;
appendError (\@responseErrors,
$err, #The error name
"Checked by Cert Validator", # An error reason
$response = createResponse(\@responseErrors);
my $len = length($response);
- $response = "OK ".$len." ".$response."\1";
+ if ($haserror) {
+ $response = "ERR ".$len." ".$response."\1";
+ } else {
+ $response = "OK ".$len." ".$response."\1";
+ }
} else {
- $response = "ERROR 0 \1";
+ $response = "BH 0 \1";
}
print $response;
debugs(83, 5, HERE << "Reply from ssl_crtvd for " << request->GetHost() << " is incorrect");
validatorFailed = true;
} else {
- if (replyMsg.getCode() != "OK") {
- debugs(83, 5, HERE << "Certificate for " << request->GetHost() << " cannot be validated. ssl_crtvd response: " << replyMsg.getBody());
- validatorFailed = true;
- } else {
+ if (replyMsg.getCode() == "OK") {
debugs(83, 5, HERE << "Certificate for " << request->GetHost() << " was successfully validated from ssl_crtvd");
+ } else if (replyMsg.getCode() == "ERR") {
+ debugs(83, 5, HERE << "Certificate for " << request->GetHost() << " found buggy by ssl_crtvd");
errs = sslCrtvdCheckForErrors(validationResponse, errDetails);
- if (!errDetails) {
- dispatch();
- return;
- }
+ } else {
+ debugs(83, 5, HERE << "Certificate for " << request->GetHost() << " cannot be validated. ssl_crtvd response: " << replyMsg.getBody());
+ validatorFailed = true;
+ }
+
+ if (!errDetails && !validatorFailed) {
+ dispatch();
+ return;
}
}
}