cert_validate_message.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #ifndef SQUID_SRC_SSL_CERT_VALIDATE_MESSAGE_H
10 #define SQUID_SRC_SSL_CERT_VALIDATE_MESSAGE_H
11 
12 #include "base/RefCount.h"
13 #include "helper/ResultCode.h"
14 #include "ssl/crtd_message.h"
15 #include "ssl/support.h"
16 
17 #include <vector>
18 
19 namespace Ssl
20 {
21 
26 class CertValidationRequest
27 {
28 public:
29  Security::SessionPointer ssl;
30  Security::CertErrors *errors = nullptr;
31  std::string domainName;
32 };
33 
38 class CertValidationResponse: public RefCountable
39 {
40 public:
41  typedef RefCount<CertValidationResponse> Pointer;
42 
47  class RecvdError
48  {
49  public:
50  void setCert(X509 *);
51  int id = 0;
52  Security::ErrorCode error_no = 0;
53  std::string error_reason;
54  Security::CertPointer cert;
55  int error_depth = -1;
56  };
57 
58  typedef std::vector<RecvdError> RecvdErrors;
59  explicit CertValidationResponse(const Security::SessionPointer &aSession) : ssl(aSession) {}
60 
61  static uint64_t MemoryUsedByResponse(const CertValidationResponse::Pointer &);
62 
65  RecvdError &getError(int errorId);
66  RecvdErrors errors;
67  Helper::ResultCode resultCode = Helper::Unknown;
68  Security::SessionPointer ssl;
69 };
70 
80 class CertValidationMsg : public CrtdMessage
81 {
82 private:
87  class CertItem
88  {
89  public:
90  std::string name;
91  Security::CertPointer cert;
92  void setCert(X509 *);
93  };
94 
95 public:
96  CertValidationMsg(MessageKind kind): CrtdMessage(kind) {}
97 
100  void composeRequest(CertValidationRequest const &vcert);
101 
103  bool parseResponse(CertValidationResponse &resp);
104 
106  X509 *getCertByName(std::vector<CertItem> const &, std::string const & name);
107 
109  static const std::string code_cert_validate;
111  static const std::string param_domain;
113  static const std::string param_cert;
115  static const std::string param_error_name;
117  static const std::string param_error_reason;
119  static const std::string param_error_cert;
121  static const std::string param_error_depth;
123  static const std::string param_proto_version;
125  static const std::string param_cipher;
126 
127 private:
128  void tryParsingResponse(CertValidationResponse &);
129 };
130 
131 }//namespace Ssl
132 
133 #endif /* SQUID_SRC_SSL_CERT_VALIDATE_MESSAGE_H */
134 
Ssl::CertValidationResponse::RecvdError::error_no
Security::ErrorCode error_no
The OpenSSL error code.
Definition: cert_validate_message.h:52
Security::ErrorCode
int ErrorCode
Squid-defined error code (<0), an error code returned by X.509 API, or zero.
Definition: forward.h:131
Ssl::CertValidationRequest::ssl
Security::SessionPointer ssl
Definition: cert_validate_message.h:29
Ssl::CertValidationResponse::RecvdError::setCert
void setCert(X509 *)
Sets cert to the given certificate.
Definition: cert_validate_message.cc:231
Ssl::CertValidationMsg::param_error_reason
static const std::string param_error_reason
Parameter name for passing the error reason.
Definition: cert_validate_message.h:117
Helper::Unknown
@ Unknown
Definition: ResultCode.h:17
Ssl::CertValidationMsg::code_cert_validate
static const std::string code_cert_validate
String code for "cert_validate" messages.
Definition: cert_validate_message.h:109
Ssl::CertValidationMsg::composeRequest
void composeRequest(CertValidationRequest const &vcert)
Definition: cert_validate_message.cc:38
Ssl::CertValidationResponse::getError
RecvdError & getError(int errorId)
Definition: cert_validate_message.cc:217
Ssl::CertValidationResponse::errors
RecvdErrors errors
The list of parsed errors.
Definition: cert_validate_message.h:66
Ssl::CertValidationMsg::param_error_depth
static const std::string param_error_depth
Parameter name for passing the error depth.
Definition: cert_validate_message.h:121
Ssl::CertValidationMsg::param_cipher
static const std::string param_cipher
Parameter name for SSL cipher.
Definition: cert_validate_message.h:125
Ssl::CertValidationResponse::resultCode
Helper::ResultCode resultCode
The helper result code.
Definition: cert_validate_message.h:67
Ssl::CertValidationMsg::param_proto_version
static const std::string param_proto_version
Parameter name for SSL version.
Definition: cert_validate_message.h:123
Ssl::CertValidationRequest::domainName
std::string domainName
The server name.
Definition: cert_validate_message.h:31
Ssl::CertValidationMsg::param_error_name
static const std::string param_error_name
Parameter name for passing the major SSL error.
Definition: cert_validate_message.h:115
Ssl::CertValidationMsg::CertItem::cert
Security::CertPointer cert
A pointer to certificate.
Definition: cert_validate_message.h:91
Ssl::CertValidationResponse::CertValidationResponse
CertValidationResponse(const Security::SessionPointer &aSession)
Definition: cert_validate_message.h:59
Ssl::CertValidationResponse::Pointer
RefCount< CertValidationResponse > Pointer
Definition: cert_validate_message.h:41
Ssl::CertValidationMsg::getCertByName
X509 * getCertByName(std::vector< CertItem > const &, std::string const &name)
Search a CertItems list for the certificate with ID "name".
Definition: cert_validate_message.cc:199
Ssl
Definition: Xaction.cc:39
Helper::ResultCode
ResultCode
enumeration value for the helper response 'result' field.
Definition: ResultCode.h:16
crtd_message.h
Ssl::CertValidationMsg::parseResponse
bool parseResponse(CertValidationResponse &resp)
Parse a response message and fill the resp object with parsed information.
Definition: cert_validate_message.cc:93
Ssl::CertValidationResponse::RecvdError::error_reason
std::string error_reason
A string describing the error.
Definition: cert_validate_message.h:53
Security::SessionPointer
std::shared_ptr< SSL > SessionPointer
Definition: Session.h:53
Ssl::CertValidationMsg::param_cert
static const std::string param_cert
Parameter name for passing SSL certificates.
Definition: cert_validate_message.h:113
Ssl::CertValidationResponse::ssl
Security::SessionPointer ssl
Definition: cert_validate_message.h:68
Ssl::CertValidationMsg::param_domain
static const std::string param_domain
Parameter name for passing intended domain name.
Definition: cert_validate_message.h:111
Ssl::CertValidationMsg::CertValidationMsg
CertValidationMsg(MessageKind kind)
Definition: cert_validate_message.h:96
Ssl::CertValidationResponse::RecvdErrors
std::vector< RecvdError > RecvdErrors
Definition: cert_validate_message.h:58
Ssl::CertValidationMsg::CertItem::name
std::string name
The certificate Id to use.
Definition: cert_validate_message.h:90
Ssl::CertValidationMsg::CertItem::setCert
void setCert(X509 *)
Sets cert to the given certificate.
Definition: cert_validate_message.cc:237
Ssl::CertValidationResponse::RecvdError::cert
Security::CertPointer cert
The broken certificate.
Definition: cert_validate_message.h:54
Ssl::CertValidationMsg::param_error_cert
static const std::string param_error_cert
Parameter name for passing the error cert ID.
Definition: cert_validate_message.h:119
Ssl::CertValidationRequest::errors
Security::CertErrors * errors
The list of errors detected.
Definition: cert_validate_message.h:30
Ssl::CertValidationMsg::tryParsingResponse
void tryParsingResponse(CertValidationResponse &)
Definition: cert_validate_message.cc:109
Ssl::CertValidationResponse::MemoryUsedByResponse
static uint64_t MemoryUsedByResponse(const CertValidationResponse::Pointer &)
Definition: cert_validate_message.cc:210

 

Introduction

Documentation

Support

Miscellaneous