5b281c69d7c3d44aeada5a1b0ed152d345adf2e8
galt
  Tue Nov 9 11:09:59 2021 -0800
Squashed commit of the following:

Adding new features to https like cert verification, error messages that work right with warn and errAbort and our GUI in hgCustom and hgHubConnect and also logging especially for CGIs of problem certs. Also added callback so that we can support multiple levels like warn instead of abort. Cert verify options controlled by env vars and also hg.conf variables for CGIs that use the cart. Added basic info about the new httpsCertCheck setting to various documents. Added -httpsCertCheck=[abort|warn|none] command-line option to the hubCheck utility. refs #28332, #28457, #28458

diff --git src/hg/lib/cart.c src/hg/lib/cart.c
index a72b7be..22d86d0 100644
--- src/hg/lib/cart.c
+++ src/hg/lib/cart.c
@@ -2252,30 +2252,43 @@
 if (loginSystemEnabled())
     {
     struct slName *newCookies = loginValidateCookies(cart), *sl;
     for (sl = newCookies;  sl != NULL;  sl = sl->next)
         printf("Set-Cookie: %s\r\n", sl->name);
     }
 }
 
 struct cart *cartForSession(char *cookieName, char **exclude,
                             struct hash *oldVars)
 /* This gets the cart without writing any HTTP lines at all to stdout. */
 {
 /* Most cgis call this routine */
 if (sameOk(cfgOption("signalsHandler"), "on"))  /* most cgis call this routine */
     initSigHandlers(hDumpStackEnabled());
+
+/* HTTPS SSL Cert Checking Settings */
+char *httpsCertCheck = cfgOption("httpsCertCheck");  
+if (httpsCertCheck)
+    setenv("https_cert_check", httpsCertCheck, TRUE);
+char *httpsCertCheckVerbose = cfgOption("httpsCertCheckVerbose");  
+if (httpsCertCheckVerbose)
+    setenv("https_cert_check_verbose", httpsCertCheckVerbose, TRUE);
+char *httpsCertCheckDepth = cfgOption("httpsCertCheckDepth");  
+if (httpsCertCheckDepth)
+    setenv("https_cert_check_depth", httpsCertCheckDepth, TRUE);
+
+
 /* Proxy Settings 
  * net.c cannot see the cart, pass the value through env var */
 char *httpProxy = cfgOption("httpProxy");  
 if (httpProxy)
     setenv("http_proxy", httpProxy, TRUE);
 char *httpsProxy = cfgOption("httpsProxy");
 if (httpsProxy)
     setenv("https_proxy", httpsProxy, TRUE);
 char *ftpProxy = cfgOption("ftpProxy");
 if (ftpProxy)
     setenv("ftp_proxy", ftpProxy, TRUE);
 char *noProxy = cfgOption("noProxy");
 if (noProxy)
     setenv("no_proxy", noProxy, TRUE);
 char *logProxy = cfgOption("logProxy");