github
/
aria2
mirror of https://github.com/aria2/aria2
1
0
Fork 0
Code Issues Releases Wiki Activity

AppleTLS: Set error state when handshake fails... 

+ some minor formatting issues.
pull/314/head
Nils Maier 2014-09-10 23:16:55 +02:00
parent 24a472850e
commit 0e5ed611d1
1 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/AppleTLSSession.cc
View File

@ -276,6 +276,7 @@ static inline std::string suiteToString(const SSLCipherSuite suite)
return s.name; return s.name;
} }
} }
std::stringstream ss; std::stringstream ss;
ss << "Unknown suite (0x" << std::hex << suite ss << "Unknown suite (0x" << std::hex << suite
<< ") like TLS_NULL_WITH_NULL_NULL"; << ") like TLS_NULL_WITH_NULL_NULL";
@ -298,6 +299,7 @@ static inline bool isBlockedSuite(SSLCipherSuite suite)
return true; return true;
} }
} }
return false; return false;
} }
@ -357,10 +359,12 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
#else #else
lastError_ = SSLNewContext(ctx->getSide() == TLS_SERVER, &sslCtx_); lastError_ = SSLNewContext(ctx->getSide() == TLS_SERVER, &sslCtx_);
#endif #endif
if (lastError_ != noErr) { if (lastError_ != noErr) {
state_ = st_error; state_ = st_error;
return; return;
} }
#if defined(__MAC_10_8) #if defined(__MAC_10_8)
switch (ctx->getMinTLSVersion()) { switch (ctx->getMinTLSVersion()) {
case TLS_PROTO_SSL3: case TLS_PROTO_SSL3:
@ -442,12 +446,14 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
state_ = st_error; state_ = st_error;
return; return;
} }
CFArrayRef certs = CFArrayCreate(nullptr, (const void**)&creds, 1, nullptr); CFArrayRef certs = CFArrayCreate(nullptr, (const void**)&creds, 1, nullptr);
if (!certs) { if (!certs) {
A2_LOG_ERROR("AppleTLS: Failed to setup credentials"); A2_LOG_ERROR("AppleTLS: Failed to setup credentials");
state_ = st_error; state_ = st_error;
return; return;
} }
std::unique_ptr<void, decltype(&CFRelease)> del_certs((void*)certs, std::unique_ptr<void, decltype(&CFRelease)> del_certs((void*)certs,
CFRelease); CFRelease);
lastError_ = SSLSetCertificate(sslCtx_, certs); lastError_ = SSLSetCertificate(sslCtx_, certs);
@ -489,17 +495,20 @@ int AppleTLSSession::init(sock_t sockfd)
lastError_ = noErr; lastError_ = noErr;
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
sockfd_ = sockfd;
lastError_ = SSLSetIOFuncs(sslCtx_, SocketRead, SocketWrite); lastError_ = SSLSetIOFuncs(sslCtx_, SocketRead, SocketWrite);
if (lastError_ != noErr) { if (lastError_ != noErr) {
state_ = st_error; state_ = st_error;
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
lastError_ = SSLSetConnection(sslCtx_, this); lastError_ = SSLSetConnection(sslCtx_, this);
if (lastError_ != noErr) { if (lastError_ != noErr) {
state_ = st_error; state_ = st_error;
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
sockfd_ = sockfd;
state_ = st_initialized; state_ = st_initialized;
return TLS_ERR_OK; return TLS_ERR_OK;
} }
@ -510,6 +519,7 @@ int AppleTLSSession::setSNIHostname(const std::string& hostname)
lastError_ = noErr; lastError_ = noErr;
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
lastError_ = lastError_ =
SSLSetPeerDomainName(sslCtx_, hostname.c_str(), hostname.length()); SSLSetPeerDomainName(sslCtx_, hostname.c_str(), hostname.length());
return (lastError_ != noErr) ? TLS_ERR_ERROR : TLS_ERR_OK; return (lastError_ != noErr) ? TLS_ERR_ERROR : TLS_ERR_OK;
@ -521,6 +531,7 @@ int AppleTLSSession::closeConnection()
lastError_ = noErr; lastError_ = noErr;
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
lastError_ = SSLClose(sslCtx_); lastError_ = SSLClose(sslCtx_);
state_ = st_closed; state_ = st_closed;
return lastError_ == noErr ? TLS_ERR_OK : TLS_ERR_ERROR; return lastError_ == noErr ? TLS_ERR_OK : TLS_ERR_ERROR;
@ -552,6 +563,7 @@ ssize_t AppleTLSSession::writeData(const void* data, size_t len)
lastError_ = noErr; lastError_ = noErr;
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
size_t processed = 0; size_t processed = 0;
if (writeBuffered_) { if (writeBuffered_) {
lastError_ = SSLWrite(sslCtx_, nullptr, 0, &processed); lastError_ = SSLWrite(sslCtx_, nullptr, 0, &processed);
@ -596,6 +608,7 @@ ssize_t AppleTLSSession::writeData(const void* data, size_t len)
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
} }
OSStatus AppleTLSSession::sockWrite(const void* data, size_t* len) OSStatus AppleTLSSession::sockWrite(const void* data, size_t* len)
{ {
size_t remain = *len; size_t remain = *len;
@ -618,12 +631,14 @@ OSStatus AppleTLSSession::sockWrite(const void* data, size_t* len)
} }
return noErr; return noErr;
} }
ssize_t AppleTLSSession::readData(void* data, size_t len) ssize_t AppleTLSSession::readData(void* data, size_t len)
{ {
if (state_ != st_connected) { if (state_ != st_connected) {
lastError_ = noErr; lastError_ = noErr;
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
size_t processed = 0; size_t processed = 0;
lastError_ = SSLRead(sslCtx_, data, len, &processed); lastError_ = SSLRead(sslCtx_, data, len, &processed);
switch (lastError_) { switch (lastError_) {
@ -686,6 +701,7 @@ int AppleTLSSession::tlsConnect(const std::string& hostname,
if (state_ != st_initialized) { if (state_ != st_initialized) {
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
if (!hostname.empty()) { if (!hostname.empty()) {
setSNIHostname(hostname); setSNIHostname(hostname);
} }
@ -702,8 +718,10 @@ int AppleTLSSession::tlsConnect(const std::string& hostname,
default: default:
handshakeErr = getLastErrorString(); handshakeErr = getLastErrorString();
state_ = st_error;
return TLS_ERR_ERROR; return TLS_ERR_ERROR;
} }
state_ = st_connected; state_ = st_connected;
SSLProtocol proto = kSSLProtocolUnknown; SSLProtocol proto = kSSLProtocolUnknown;
@ -798,4 +816,5 @@ std::string AppleTLSSession::getLastErrorString()
return fmt("Unspecified error %ld", (long)lastError_); return fmt("Unspecified error %ld", (long)lastError_);
} }
} }
} // namespace aria2 } // namespace aria2