On 30/11/10 23:16, Tsantilas Christos wrote:
Hi all,
This patch adds an interface to allow Squid error responses to contain
detailed information about SSL certificate verification failure. For
example, the error message may contain the following text:
"Server Certificate Verification Failed: Certificate Common Name
(www.lufthansa.com) does not match the host name you are connecting to
(www.lufthansa.de)."
Supplying SSL error details is useful to end-users if the user can
bypass errors or communicate with proxy operators to update Squid's
whitelists.
For more informations please look inside patch documentation.
This is a Measurement Factory project.
Regards,
Christos
(I'm still not here for a day or so, will check the patch then).
Right now I just want to raw your attention to %Z which is for use as an
internal error messages like this.
Doing the Ssl recursion logic in the case where err_msg is empty for %Z
seems to be possible without adding a new code to existing page.
Alternatively, ESI appears to be the only code using err_msg. You could
followup with a patch which alters ESI to use the same *::ErrorDetails
recursion API and drop err_msg entirely. :)
Amos
--
Please be using
Current Stable Squid 2.7.STABLE9 or 3.1.9
Beta testers wanted for 3.2.0.3
