src/inc/net.h 5b281c69d7c3d44aeada5a1b0ed152d345adf2e8

5b281c69d7c3d44aeada5a1b0ed152d345adf2e8
galt
  Tue Nov 9 11:09:59 2021 -0800
Squashed commit of the following:

Adding new features to https like cert verification, error messages that work right with warn and errAbort and our GUI in hgCustom and hgHubConnect and also logging especially for CGIs of problem certs. Also added callback so that we can support multiple levels like warn instead of abort. Cert verify options controlled by env vars and also hg.conf variables for CGIs that use the cart. Added basic info about the new httpsCertCheck setting to various documents. Added -httpsCertCheck=[abort|warn|none] command-line option to the hubCheck utility. refs #28332, #28457, #28458

diff --git src/inc/net.h src/inc/net.h
index 162b546..3e4f999 100644
--- src/inc/net.h
+++ src/inc/net.h
@@ -212,30 +212,31 @@
 
 void setAuthorization(struct netParsedUrl npu, char *authHeader, struct dyString *dy);
 /* Set the specified authorization header with BASIC auth base64-encoded user and password */
 
 boolean checkNoProxy(char *host);
 /* See if host endsWith element on no_proxy list. */
 
 int netHttpConnect(char *url, char *method, char *protocol, char *agent, char *optionalHeader);
 /* Parse URL, connect to associated server on port, and send most of
  * the request to the server.  If specified in the url send user name
  * and password too.  Typically the "method" will be "GET" or "POST"
  * and the agent will be the name of your program or
  * library. optionalHeader may be NULL or contain additional header
  * lines such as cookie info. 
  * Proxy support via hg.conf httpProxy or env var http_proxy
+ * Cert verification control via hg.conf httpsCertCheck or env var https_cert_check
  * Return data socket, or -1 if error.*/
 
 int netHttpGetMultiple(char *url, struct slName *queries, void *userData,
 		       void (*responseCB)(void *userData, char *req,
 					  char *hdr, struct dyString *body));
 /* Given an URL which is the base of all requests to be made, and a 
  * linked list of queries to be appended to that base and sent in as 
  * requests, send the requests as a batch and read the HTTP response 
  * headers and bodies.  If not all the requests get responses (i.e. if 
  * the server is ignoring Keep-Alive or is imposing a limit), try again 
  * until we can't connect or until all requests have been served. 
  * For each HTTP response, do a callback. */
 
 char *transferParamsToRedirectedUrl(char *url, char *newUrl);
 /* Transfer password, byteRange, and any other parameters from url to newUrl and return result.