security_2ErrorDetail_8h_source.html

/*

 * Copyright (C) 1996-2026 The Squid Software Foundation and contributors

 *

 * Squid software is distributed under GPLv2+ license and includes

 * contributions from numerous individuals and organizations.

 * Please see the COPYING and CONTRIBUTORS files for details.

 */


#ifndef SQUID_SRC_SECURITY_ERRORDETAIL_H

#define SQUID_SRC_SECURITY_ERRORDETAIL_H


#include "base/RefCount.h"

#include "error/Detail.h"

#include "http/forward.h"

#include "security/forward.h"

#include "SquidString.h"


#if USE_OPENSSL

#include "ssl/ErrorDetailManager.h"

#endif


#if USE_OPENSSL

#include <optional>

#endif


namespace Security {


class ErrorDetail: public ::ErrorDetail

{

    MEMPROXY_CLASS(Security::ErrorDetail);


public:

    typedef ErrorDetailPointer Pointer;


    ErrorDetail(ErrorCode err_no, const CertPointer &peer, const CertPointer &broken, const char *aReason = nullptr);


#if USE_OPENSSL

    ErrorDetail(ErrorCode anErrorCode, int anIoErrorNo, int aSysErrorNo);

#elif HAVE_LIBGNUTLS

    ErrorDetail(ErrorCode anErrorCode, LibErrorCode aLibErrorNo, int aSysErrorNo);

#endif


    /* ErrorDetail API */

    SBuf brief() const override;

    SBuf verbose(const HttpRequestPointer &) const override;


    ErrorCode errorNo() const { return error_no; }


    int sysError() const { return sysErrorNo; }


    /* Certificate manipulation API. TODO: Add GnuTLS implementations, users. */


    Certificate *peerCert() { return peer_cert.get(); }


    Certificate *brokenCert() {return broken_cert.get(); }


    void setPeerCertificate(const CertPointer &);


private:

    ErrorDetail(ErrorCode err, int aSysErrorNo);


    /* methods for formatting error details using admin-configurable %codes */

    void printSubject(std::ostream &os) const;

    void printCaName(std::ostream &os) const;

    void printCommonName(std::ostream &os) const;

    void printNotBefore(std::ostream &os) const;

    void printNotAfter(std::ostream &os) const;

    void printErrorCode(std::ostream &os) const;

    void printErrorDescription(std::ostream &os) const;

    void printErrorLibError(std::ostream &os) const;

    size_t convertErrorCodeToDescription(const char *code, std::ostream &os) const;


    Certificate *certificateToReport() const { return broken_cert ? broken_cert.get() : peer_cert.get(); }


    CertPointer peer_cert;

    CertPointer broken_cert;


    ErrorCode error_no = 0;


    LibErrorCode lib_error_no = 0;


    int sysErrorNo = 0;


#if USE_OPENSSL

    int ioErrorNo = 0;


    using ErrorDetailEntry = Ssl::ErrorDetailEntry;

    mutable std::optional<ErrorDetailEntry> detailEntry;

#else

    // other TLS libraries do not use custom ErrorDetail members

#endif


    String errReason;

};


ErrorCode ErrorCodeFromName(const char *name);


const char *ErrorNameFromCode(ErrorCode err, bool prefixRawCode = false);


inline std::ostream &

operator <<(std::ostream &os, const ErrorDetail::Pointer &p)

{

    return operator <<(os, ::ErrorDetail::Pointer(p));

}


} // namespace Security


#endif /* SQUID_SRC_SECURITY_ERRORDETAIL_H */


Detail.h

ErrorDetailManager.h

RefCount.h

SquidString.h

ErrorDetail
interface for supplying additional information about a transaction failure
Definition Detail.h:21

RefCount< ErrorDetail >

SBuf
Definition SBuf.h:94

Security::ErrorDetail
Definition ErrorDetail.h:40

Security::ErrorDetail::MEMPROXY_CLASS
MEMPROXY_CLASS(Security::ErrorDetail)

Security::ErrorDetail::sysErrorNo
int sysErrorNo
errno(3); system call failure code or zero
Definition ErrorDetail.h:115

Security::ErrorDetail::peerCert
Certificate * peerCert()
the peer certificate (or nil)
Definition ErrorDetail.h:78

Security::ErrorDetail::error_no
ErrorCode error_no
Squid-discovered error, validation error, or zero;.
Definition ErrorDetail.h:109

Security::ErrorDetail::printErrorCode
void printErrorCode(std::ostream &os) const
textual representation of error_no
Definition ErrorDetail.cc:699

Security::ErrorDetail::verbose
SBuf verbose(const HttpRequestPointer &) const override
Definition ErrorDetail.cc:534

Security::ErrorDetail::printCommonName
void printCommonName(std::ostream &os) const
a list of the broken certificates CN and alternate names
Definition ErrorDetail.cc:632

Security::ErrorDetail::lib_error_no
LibErrorCode lib_error_no
TLS library-reported non-validation error or zero;.
Definition ErrorDetail.h:112

Security::ErrorDetail::ioErrorNo
int ioErrorNo
Definition ErrorDetail.h:122

Security::ErrorDetail::broken_cert
CertPointer broken_cert
A pointer to the broken certificate (peer or intermediate)
Definition ErrorDetail.h:106

Security::ErrorDetail::printSubject
void printSubject(std::ostream &os) const
textual representation of the subject of the broken certificate
Definition ErrorDetail.cc:565

Security::ErrorDetail::convertErrorCodeToDescription
size_t convertErrorCodeToDescription(const char *code, std::ostream &os) const
Definition ErrorDetail.cc:761

Security::ErrorDetail::errorNo
ErrorCode errorNo() const
Definition ErrorDetail.h:70

Security::ErrorDetail::printErrorLibError
void printErrorLibError(std::ostream &os) const
textual representation of lib_error_no
Definition ErrorDetail.cc:732

Security::ErrorDetail::Pointer
ErrorDetailPointer Pointer
Definition ErrorDetail.h:44

Security::ErrorDetail::printErrorDescription
void printErrorDescription(std::ostream &os) const
short description of error_no
Definition ErrorDetail.cc:713

Security::ErrorDetail::errReason
String errReason
a custom reason for the error
Definition ErrorDetail.h:130

Security::ErrorDetail::setPeerCertificate
void setPeerCertificate(const CertPointer &)
Definition ErrorDetail.cc:490

Security::ErrorDetail::detailEntry
std::optional< ErrorDetailEntry > detailEntry
Definition ErrorDetail.h:125

Security::ErrorDetail::brief
SBuf brief() const override
Definition ErrorDetail.cc:500

Security::ErrorDetail::printNotBefore
void printNotBefore(std::ostream &os) const
textual representation of the "not before" field of the broken certificate
Definition ErrorDetail.cc:663

Security::ErrorDetail::brokenCert
Certificate * brokenCert()
peer or intermediate certificate that failed validation (or nil)
Definition ErrorDetail.h:81

Security::ErrorDetail::certificateToReport
Certificate * certificateToReport() const
Definition ErrorDetail.h:103

Security::ErrorDetail::sysError
int sysError() const
Definition ErrorDetail.h:73

Security::ErrorDetail::printCaName
void printCaName(std::ostream &os) const
the issuer of the broken certificate
Definition ErrorDetail.cc:647

Security::ErrorDetail::printNotAfter
void printNotAfter(std::ostream &os) const
textual representation of the "not after" field of the broken certificate
Definition ErrorDetail.cc:681

Security::ErrorDetail::peer_cert
CertPointer peer_cert
A pointer to the peer certificate.
Definition ErrorDetail.h:105

Security::LockingPointer< X509, X509_free_cpp, HardFun< int, X509 *, X509_up_ref > >

Security::LockingPointer::get
T * get() const
Returns raw and possibly nullptr pointer.
Definition LockingPointer.h:103

Ssl::ErrorDetailEntry
Definition ErrorDetailManager.h:25

String
Definition SquidString.h:27

forward.h

Security
Network/connection security abstraction layer.
Definition Connection.h:34

Security::ErrorCode
int ErrorCode
Squid-defined error code (<0), an error code returned by X.509 API, or zero.
Definition forward.h:134

Security::ErrorNameFromCode
const char * ErrorNameFromCode(ErrorCode err, bool prefixRawCode=false)
Definition ErrorDetail.cc:430

Security::LibErrorCode
unsigned long LibErrorCode
TLS library-reported non-validation error.
Definition forward.h:141

Security::Certificate
X509 Certificate
Definition forward.h:79

Security::ErrorCodeFromName
ErrorCode ErrorCodeFromName(const char *name)
Definition ErrorDetail.cc:410

Security::operator<<
std::ostream & operator<<(std::ostream &, const EncryptorAnswer &)
Definition EncryptorAnswer.cc:20

forward.h