From 09b33eb150a3bd9f287ea05d74722f535e2c0142 Mon Sep 17 00:00:00 2001 From: David Rose Date: Tue, 2 Oct 2007 23:40:40 +0000 Subject: [PATCH] self-signed ssl warning, copy cookies --- panda/src/downloader/httpChannel.cxx | 14 ++++++++++++++ panda/src/downloader/httpClient.cxx | 17 +++++++++++++++++ panda/src/downloader/httpClient.h | 1 + 3 files changed, 32 insertions(+) diff --git a/panda/src/downloader/httpChannel.cxx b/panda/src/downloader/httpChannel.cxx index 9e66ee4ff6..202d0933f4 100644 --- a/panda/src/downloader/httpChannel.cxx +++ b/panda/src/downloader/httpChannel.cxx @@ -164,6 +164,11 @@ will_close_connection() const { return true; } + if (connection.empty() && !get_persistent_connection()) { + // The server didn't say, but we asked it to close. + return true; + } + // Assume the server will keep it open. return false; } @@ -1517,6 +1522,15 @@ run_ssl_handshake() { return false; } + } else if (verify_result == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) { + downloader_cat.info() + << "Self-signed certificate in chain from " << _request.get_url().get_server_and_port() << "\n"; + // This doesn't appear to be an actual validation error. I guess. + // It's only an error if we don't recognize the root authority. + // There appear to be some legitimate certs (e.g. from starfield + // tech) that trigger this error, even though they appear to have + // a fully-authorized chain up to the root. + } else if (verify_result != X509_V_OK) { downloader_cat.info() << "Unable to verify identity of " << _request.get_url().get_server_and_port() diff --git a/panda/src/downloader/httpClient.cxx b/panda/src/downloader/httpClient.cxx index 65bd93c7c4..ff3006dab0 100644 --- a/panda/src/downloader/httpClient.cxx +++ b/panda/src/downloader/httpClient.cxx @@ -159,6 +159,7 @@ operator = (const HTTPClient ©) { _http_version = copy._http_version; _verify_ssl = copy._verify_ssl; _usernames = copy._usernames; + _cookies = copy._cookies; clear_expected_servers(); ExpectedServers::const_iterator ei; @@ -710,6 +711,22 @@ get_cookie(const HTTPCookie &cookie) const { return HTTPCookie(); } +//////////////////////////////////////////////////////////////////// +// Function: HTTPClient::copy_cookies_from +// Access: Published +// Description: Copies all the cookies from the indicated HTTPClient +// into this one. Existing cookies in this client are +// not affected, unless they are shadowed by the new +// cookies. +//////////////////////////////////////////////////////////////////// +void HTTPClient:: +copy_cookies_from(const HTTPClient &other) { + Cookies::const_iterator ci; + for (ci = other._cookies.begin(); ci != other._cookies.end(); ++ci) { + set_cookie(*ci); + } +} + //////////////////////////////////////////////////////////////////// // Function: HTTPClient::write_cookies // Access: Published diff --git a/panda/src/downloader/httpClient.h b/panda/src/downloader/httpClient.h index 57eca44e48..cf0104c30e 100644 --- a/panda/src/downloader/httpClient.h +++ b/panda/src/downloader/httpClient.h @@ -92,6 +92,7 @@ PUBLISHED: void clear_all_cookies(); bool has_cookie(const HTTPCookie &cookie) const; HTTPCookie get_cookie(const HTTPCookie &cookie) const; + void copy_cookies_from(const HTTPClient &other); void write_cookies(ostream &out) const; void send_cookies(ostream &out, const URLSpec &url);