From: Christos Tsantilas Date: Wed, 7 Nov 2012 19:26:45 +0000 (+0200) Subject: Fix broken ssl_crtd helper interface X-Git-Tag: SQUID_3_4_0_1~528 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ff2d7d9298b8f646d1243586344b62e6e2344945;p=thirdparty%2Fsquid.git Fix broken ssl_crtd helper interface With the patch r12422 which added support for OK/ERR/BH helper response codes, the ssl_crtd interface become broken. The ConnStateData::sslCrtdHandleReply ssl_crtd reply handler, expects a response code included at the beggining of the returned message. This is not true after the changes. This patch add a parameter in Ssl::CrtdMessage constructor to define a message as "ssl_crtd reply" or "ssl_crtd request" message. For ssl_crtd reply messages the message parser does not expect helper response code. This is a Measurement Factory project --- diff --git a/src/client_side.cc b/src/client_side.cc index 0ec0ece14a..c7a4a953c9 100644 --- a/src/client_side.cc +++ b/src/client_side.cc @@ -3701,7 +3701,7 @@ ConnStateData::sslCrtdHandleReply(const HelperReply &reply) if (!reply.other().hasContent()) { debugs(1, DBG_IMPORTANT, HERE << "\"ssl_crtd\" helper return reply"); } else { - Ssl::CrtdMessage reply_message; + Ssl::CrtdMessage reply_message(Ssl::CrtdMessage::REPLY); if (reply_message.parse(reply.other().content(), reply.other().contentSize()) != Ssl::CrtdMessage::OK) { debugs(33, 5, HERE << "Reply from ssl_crtd for " << sslConnectHostOrIp << " is incorrect"); } else { @@ -3837,7 +3837,7 @@ ConnStateData::getSslContextStart() #if USE_SSL_CRTD try { debugs(33, 5, HERE << "Generating SSL certificate for " << certProperties.commonName << " using ssl_crtd."); - Ssl::CrtdMessage request_message; + Ssl::CrtdMessage request_message(Ssl::CrtdMessage::REQUEST); request_message.setCode(Ssl::CrtdMessage::code_new_certificate); request_message.composeRequest(certProperties); debugs(33, 5, HERE << "SSL crtd request: " << request_message.compose().c_str()); diff --git a/src/ssl/crtd_message.cc b/src/ssl/crtd_message.cc index 29fb59a111..5759530373 100644 --- a/src/ssl/crtd_message.cc +++ b/src/ssl/crtd_message.cc @@ -11,8 +11,8 @@ #include #endif -Ssl::CrtdMessage::CrtdMessage() - : body_size(0), state(BEFORE_CODE) +Ssl::CrtdMessage::CrtdMessage(MessageKind kind) + : body_size(0), state(kind == REPLY ? BEFORE_LENGTH: BEFORE_CODE) {} Ssl::CrtdMessage::ParseResult Ssl::CrtdMessage::parse(const char * buffer, size_t len) diff --git a/src/ssl/crtd_message.h b/src/ssl/crtd_message.h index 41bd78fb9e..bffcf847c5 100644 --- a/src/ssl/crtd_message.h +++ b/src/ssl/crtd_message.h @@ -27,7 +27,11 @@ public: INCOMPLETE, ERROR }; - CrtdMessage(); + enum MessageKind { + REPLY, + REQUEST + }; + CrtdMessage(MessageKind kind); /**Parse buffer of length len \retval OK if parsing completes \retval INCOMPLETE if more data required diff --git a/src/ssl/ssl_crtd.cc b/src/ssl/ssl_crtd.cc index 0bd9a7edac..e48f9f8fd2 100644 --- a/src/ssl/ssl_crtd.cc +++ b/src/ssl/ssl_crtd.cc @@ -232,7 +232,7 @@ static bool proccessNewRequest(Ssl::CrtdMessage & request_message, std::string c if (!Ssl::writeCertAndPrivateKeyToMemory(cert, pkey, bufferToWrite)) throw std::runtime_error("Cannot write ssl certificate or/and private key to memory."); - Ssl::CrtdMessage response_message; + Ssl::CrtdMessage response_message(Ssl::CrtdMessage::REPLY); response_message.setCode("OK"); response_message.setBody(bufferToWrite); @@ -301,7 +301,7 @@ int main(int argc, char *argv[]) // proccess request. for (;;) { char request[HELPER_INPUT_BUFFER]; - Ssl::CrtdMessage request_message; + Ssl::CrtdMessage request_message(Ssl::CrtdMessage::REQUEST); Ssl::CrtdMessage::ParseResult parse_result = Ssl::CrtdMessage::INCOMPLETE; while (parse_result == Ssl::CrtdMessage::INCOMPLETE) {