projects
/
privoxy.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Rebuild user manual
[privoxy.git]
/
ssl_common.c
diff --git
a/ssl_common.c
b/ssl_common.c
index
879111e
..
a8dd371
100644
(file)
--- a/
ssl_common.c
+++ b/
ssl_common.c
@@
-328,7
+328,7
@@
extern void ssl_send_certificate_error(struct client_state *csp)
/* Header of message with certificate information */
const char message_begin[] =
/* Header of message with certificate information */
const char message_begin[] =
- "HTTP/1.1
200 OK
\r\n"
+ "HTTP/1.1
403 Certificate validation failed
\r\n"
"Content-Type: text/html\r\n"
"Connection: close\r\n\r\n"
"<!DOCTYPE html>\n"
"Content-Type: text/html\r\n"
"Connection: close\r\n\r\n"
"<!DOCTYPE html>\n"
@@
-337,7
+337,7
@@
extern void ssl_send_certificate_error(struct client_state *csp)
"<p><a href=\"https://" CGI_SITE_2_HOST "/\">Privoxy</a> was unable "
"to securely connect to the destination server.</p>"
"<p>Reason: ";
"<p><a href=\"https://" CGI_SITE_2_HOST "/\">Privoxy</a> was unable "
"to securely connect to the destination server.</p>"
"<p>Reason: ";
- const char message_end[] = "</body></html>\
r\n\r\
n";
+ const char message_end[] = "</body></html>\n";
char reason[INVALID_CERT_INFO_BUF_SIZE];
memset(reason, 0, sizeof(reason));
char reason[INVALID_CERT_INFO_BUF_SIZE];
memset(reason, 0, sizeof(reason));
@@
-405,6
+405,16
@@
extern void ssl_send_certificate_error(struct client_state *csp)
}
strlcat(message, message_end, message_len);
}
strlcat(message, message_end, message_len);
+ if (0 == strcmpic(csp->http->gpc, "HEAD"))
+ {
+ /* Cut off body */
+ char *header_end = strstr(message, "\r\n\r\n");
+ if (header_end != NULL)
+ {
+ header_end[3] = '\0';
+ }
+ }
+
/*
* Sending final message to client
*/
/*
* Sending final message to client
*/
@@
-414,7
+424,7
@@
extern void ssl_send_certificate_error(struct client_state *csp)
log_error(LOG_LEVEL_CRUNCH, "Certificate error: %s: https://%s%s",
reason, csp->http->hostport, csp->http->path);
log_error(LOG_LEVEL_CRUNCH, "Certificate error: %s: https://%s%s",
reason, csp->http->hostport, csp->http->path);
- log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s https://%s%s %s\"
200
%lu",
+ log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s https://%s%s %s\"
403
%lu",
csp->ip_addr_str, csp->http->gpc, csp->http->hostport, csp->http->path,
csp->http->version, message_len-head_length);
csp->ip_addr_str, csp->http->gpc, csp->http->hostport, csp->http->path,
csp->http->version, message_len-head_length);