75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
|
return e.bytesWritten;
return -1;
}
return length;
}
static OFTLSStreamErrorCode
certificateStatusToErrorCode(gnutls_certificate_status_t status)
{
if (status & GNUTLS_CERT_UNEXPECTED_OWNER)
return OFTLSStreamErrorCodeCertificateNameMismatch;
if (status & GNUTLS_CERT_REVOKED)
return OFTLSStreamErrorCodeCertificateRevoked;
if (status & (GNUTLS_CERT_EXPIRED | GNUTLS_CERT_NOT_ACTIVATED))
return OFTLSStreamErrorCodeCertificatedExpired;
if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
return OFTLSStreamErrorCodeCertificateIssuerUntrusted;
return OFTLSStreamErrorCodeCertificateVerificationFailed;
}
+ (void)load
{
if (OFTLSStreamImplementation == Nil)
OFTLSStreamImplementation = self;
}
|
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
|
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
|
-
+
+
+
+
+
+
+
-
+
+
|
[_delegate retain];
objc_autoreleasePoolPop(pool);
return;
}
if (status == GNUTLS_E_SUCCESS)
_handshakeDone = true;
else
else {
OFTLSStreamErrorCode errorCode = OFTLSStreamErrorCodeUnknown;
if (status == GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR)
errorCode = certificateStatusToErrorCode(
gnutls_session_get_verify_cert_status(_session));
/* FIXME: Map to better errors */
exception = [OFTLSHandshakeFailedException
exceptionWithStream: self
host: host
errorCode: OFTLSStreamErrorCodeUnknown];
errorCode: errorCode];
}
if ([_delegate respondsToSelector:
@selector(stream:didPerformClientHandshakeWithHost:exception:)])
[_delegate stream: self
didPerformClientHandshakeWithHost: host
exception: exception];
|