/*********************************************************************
*
- * File : $Source: /cvsroot/ijbswa/current/ssl.c,v $
+ * File : $Source: /cvsroot/ijbswa/current/ssl_common.c,v $
*
* Purpose : File with TLS/SSL extension. Contains methods for
* creating, using and closing TLS/SSL connections that do
* connection, optionally delaying the operation.
*
* Parameters :
- * 1 : ssl = SSL context to send data to
+ * 1 : ssl_attr = SSL context to send data to
* 2 : buf = Pointer to data to be sent
* 3 : len = Length of data to be sent to the SSL context
* 4 : delay = Delay in milliseconds.
* SSL connection. Alternative to function flush_socket.
*
* Parameters :
- * 1 : ssl = SSL context to send buffer to
+ * 1 : ssl_attr = SSL context to send buffer to
* 2 : iob = The I/O buffer to flush, usually csp->iob.
*
* Returns : On success, the number of bytes send are returned (zero
size_t message_len = 0;
int ret = 0;
struct certs_chain *cert = NULL;
+ const size_t head_length = 63;
/* Header of message with certificate information */
const char message_begin[] =
"<html><head><title>Server certificate verification failed</title></head>\n"
"<body><h1>Server certificate verification failed</h1>\n"
"<p><a href=\"https://" CGI_SITE_2_HOST "/\">Privoxy</a> was unable "
- "to securely connnect to the destination server.</p>"
+ "to securely connect to the destination server.</p>"
"<p>Reason: ";
const char message_end[] = "</body></html>\r\n\r\n";
char reason[INVALID_CERT_INFO_BUF_SIZE];
/*
* Sending final message to client
*/
- ssl_send_data(ssl_attr, (const unsigned char *)message, strlen(message));
+ (void)ssl_send_data(ssl_attr, (const unsigned char *)message, strlen(message));
free_certificate_chain(csp);
+
+ log_error(LOG_LEVEL_CRUNCH, "Certificate error: %s: https://%s%s",
+ reason, csp->http->hostport, csp->http->path);
+ log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s https://%s%s %s\" 200 %lu",
+ csp->ip_addr_str, csp->http->gpc, csp->http->hostport, csp->http->path,
+ csp->http->version, message_len-head_length);
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+ csp->flags &= ~CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE;
+ csp->flags |= CSP_FLAG_SERVER_SOCKET_TAINTED;
+#endif
}
+ strlen(file_name) + strlen(suffix) + 2;
/* Setting delimiter and editing path length */
-#if defined(_WIN32) || defined(__OS2__)
+#if defined(_WIN32)
char delim[] = "\\";
path_size += 1;
-#else /* ifndef _WIN32 || __OS2__ */
+#else /* ifndef _WIN32 */
char delim[] = "/";
-#endif /* ifndef _WIN32 || __OS2__ */
+#endif /* ifndef _WIN32 */
/*
* Building up path from many parts