github
/
aria2
mirror of https://github.com/aria2/aria2
1
0
Fork 0
Code Issues Releases Wiki Activity

AppleTLS: Set error state when handshake fails... 

+ some minor formatting issues.
pull/314/head
Nils Maier 2014-09-10 23:16:55 +02:00
parent 24a472850e
commit 0e5ed611d1
1 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/AppleTLSSession.cc
View File

@ -276,6 +276,7 @@ static inline std::string suiteToString(const SSLCipherSuite suite)
return s.name;
}
}
std::stringstream ss;
ss << "Unknown suite (0x" << std::hex << suite
<< ") like TLS_NULL_WITH_NULL_NULL";
@ -298,6 +299,7 @@ static inline bool isBlockedSuite(SSLCipherSuite suite)
return true;
}
}
return false;
}
@ -357,10 +359,12 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
#else
lastError_ = SSLNewContext(ctx->getSide() == TLS_SERVER, &sslCtx_);
#endif
if (lastError_ != noErr) {
state_ = st_error;
return;
}
#if defined(__MAC_10_8)
switch (ctx->getMinTLSVersion()) {
case TLS_PROTO_SSL3:
@ -442,12 +446,14 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
state_ = st_error;
return;
}
CFArrayRef certs = CFArrayCreate(nullptr, (const void**)&creds, 1, nullptr);
if (!certs) {
A2_LOG_ERROR("AppleTLS: Failed to setup credentials");
state_ = st_error;
return;
}
std::unique_ptr<void, decltype(&CFRelease)> del_certs((void*)certs,
CFRelease);
lastError_ = SSLSetCertificate(sslCtx_, certs);
@ -489,17 +495,20 @@ int AppleTLSSession::init(sock_t sockfd)
lastError_ = noErr;
return TLS_ERR_ERROR;
}
sockfd_ = sockfd;
lastError_ = SSLSetIOFuncs(sslCtx_, SocketRead, SocketWrite);
if (lastError_ != noErr) {
state_ = st_error;
return TLS_ERR_ERROR;
}
lastError_ = SSLSetConnection(sslCtx_, this);
if (lastError_ != noErr) {
state_ = st_error;
return TLS_ERR_ERROR;
}
sockfd_ = sockfd;
state_ = st_initialized;
return TLS_ERR_OK;
}
@ -510,6 +519,7 @@ int AppleTLSSession::setSNIHostname(const std::string& hostname)
lastError_ = noErr;
return TLS_ERR_ERROR;
}
lastError_ =
SSLSetPeerDomainName(sslCtx_, hostname.c_str(), hostname.length());
return (lastError_ != noErr) ? TLS_ERR_ERROR : TLS_ERR_OK;
@ -521,6 +531,7 @@ int AppleTLSSession::closeConnection()
lastError_ = noErr;
return TLS_ERR_ERROR;
}
lastError_ = SSLClose(sslCtx_);
state_ = st_closed;
return lastError_ == noErr ? TLS_ERR_OK : TLS_ERR_ERROR;
@ -552,6 +563,7 @@ ssize_t AppleTLSSession::writeData(const void* data, size_t len)
lastError_ = noErr;
return TLS_ERR_ERROR;
}
size_t processed = 0;
if (writeBuffered_) {
lastError_ = SSLWrite(sslCtx_, nullptr, 0, &processed);
@ -596,6 +608,7 @@ ssize_t AppleTLSSession::writeData(const void* data, size_t len)
return TLS_ERR_ERROR;
}
}
OSStatus AppleTLSSession::sockWrite(const void* data, size_t* len)
{
size_t remain = *len;
@ -618,12 +631,14 @@ OSStatus AppleTLSSession::sockWrite(const void* data, size_t* len)
}
return noErr;
}
ssize_t AppleTLSSession::readData(void* data, size_t len)
{
if (state_ != st_connected) {
lastError_ = noErr;
return TLS_ERR_ERROR;
}
size_t processed = 0;
lastError_ = SSLRead(sslCtx_, data, len, &processed);
switch (lastError_) {
@ -686,6 +701,7 @@ int AppleTLSSession::tlsConnect(const std::string& hostname,
if (state_ != st_initialized) {
return TLS_ERR_ERROR;
}
if (!hostname.empty()) {
setSNIHostname(hostname);
}
@ -702,8 +718,10 @@ int AppleTLSSession::tlsConnect(const std::string& hostname,
default:
handshakeErr = getLastErrorString();
state_ = st_error;
return TLS_ERR_ERROR;
}
state_ = st_connected;
SSLProtocol proto = kSSLProtocolUnknown;
@ -798,4 +816,5 @@ std::string AppleTLSSession::getLastErrorString()
return fmt("Unspecified error %ld", (long)lastError_);
}
}
} // namespace aria2