From: Christos Tsantilas Date: Tue, 18 Sep 2012 17:13:06 +0000 (+0300) Subject: Latest changes: X-Git-Tag: SQUID_3_4_0_1~460^2~13 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c0d11533f01380991baf7123e90a1542e9920ef4;p=thirdparty%2Fsquid.git Latest changes: - Move the CertItem class from ValidateCertificateResponse class to CertValidateMessage class - Add the Ssl::CertValidateMessage::getCertByName method to search an for a certificate in a std::vector list - Implement the Ssl::ValidateCertificateResponse::getError to search in Ssl::ValidateCertificateResponse::errors list for a error - Improve the Ssl::CertValidateMessage::parseResponse method - Remove the ValidateCertificateResponse::ErrorItem::certId member. The user should always link with a certificate, not with an index to certificate. - The CertValidateMessage::parseResponse takes as argument the list of peer Certificates. It uses this list to fill the ValidateCertificateResponse object. - Return ERR_GATEWAY_FAILURE/HTTP_INTERNAL_SERVER_ERROR error if: * Failed to compose the Ssl::CertValidateMessage message to sent to cert validator * The response from cert validator is wrong * The cert validator returns an error. - Implement the FwdState::sslCrtvdCheckForErrors method. This method checks if the errors returned from cert validator class can be ignored or an error to the user must returned. - Now if the Config.ssl_client.cert_error is not used, then the first error in the list returned from cert validator, is the error which considered as the error which causes the failure --- c0d11533f01380991baf7123e90a1542e9920ef4