self-signed ssl warning, copy cookies

2025-10-03 10:22:45 -04:00 · 2007-10-02 23:40:40 +00:00 · 2007-10-02 23:40:40 +00:00 · 09b33eb150
commit 09b33eb150
parent 0372bff048
3 changed files with 32 additions and 0 deletions
--- a/panda/src/downloader/httpChannel.cxx
+++ b/panda/src/downloader/httpChannel.cxx
@ -164,6 +164,11 @@ will_close_connection() const {
    return true;
  }

+  if (connection.empty() && !get_persistent_connection()) {
+    // The server didn't say, but we asked it to close.
+    return true;
+  }
+
  // Assume the server will keep it open.
  return false;
 }
@ -1517,6 +1522,15 @@ run_ssl_handshake() {
      return false;
    }

+  } else if (verify_result == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) {
+    downloader_cat.info()
+      << "Self-signed certificate in chain from " << _request.get_url().get_server_and_port() << "\n";
+    // This doesn't appear to be an actual validation error.  I guess.
+    // It's only an error if we don't recognize the root authority.
+    // There appear to be some legitimate certs (e.g. from starfield
+    // tech) that trigger this error, even though they appear to have
+    // a fully-authorized chain up to the root.
+
  } else if (verify_result != X509_V_OK) {
    downloader_cat.info()
      << "Unable to verify identity of " << _request.get_url().get_server_and_port()
--- a/panda/src/downloader/httpClient.cxx
+++ b/panda/src/downloader/httpClient.cxx
@ -159,6 +159,7 @@ operator = (const HTTPClient &copy) {
  _http_version = copy._http_version;
  _verify_ssl = copy._verify_ssl;
  _usernames = copy._usernames;
+  _cookies = copy._cookies;
  clear_expected_servers();

  ExpectedServers::const_iterator ei;
@ -710,6 +711,22 @@ get_cookie(const HTTPCookie &cookie) const {
  return HTTPCookie();
 }

+////////////////////////////////////////////////////////////////////
+//     Function: HTTPClient::copy_cookies_from
+//       Access: Published
+//  Description: Copies all the cookies from the indicated HTTPClient
+//               into this one.  Existing cookies in this client are
+//               not affected, unless they are shadowed by the new
+//               cookies.
+////////////////////////////////////////////////////////////////////
+void HTTPClient::
+copy_cookies_from(const HTTPClient &other) {
+  Cookies::const_iterator ci;
+  for (ci = other._cookies.begin(); ci != other._cookies.end(); ++ci) {
+    set_cookie(*ci);
+  }
+}
+
 ////////////////////////////////////////////////////////////////////
 //     Function: HTTPClient::write_cookies
 //       Access: Published
--- a/panda/src/downloader/httpClient.h
+++ b/panda/src/downloader/httpClient.h
@ -92,6 +92,7 @@ PUBLISHED:
  void clear_all_cookies();
  bool has_cookie(const HTTPCookie &cookie) const;
  HTTPCookie get_cookie(const HTTPCookie &cookie) const;
+  void copy_cookies_from(const HTTPClient &other);

  void write_cookies(ostream &out) const;
  void send_cookies(ostream &out, const URLSpec &url);