Overview
| Comment: | OFSecureTransportTLSStream: Use more error codes |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
33dbefb0356f07a7703283961fa4c1c1 |
| User & Date: | js on 2024-11-16 14:17:26 |
| Other Links: | manifest | tags |
Context
|
2024-11-16
| ||
| 14:17 | OFSecureTransportTLSStream: Use more error codes Leaf check-in: 33dbefb035 user: js tags: trunk | |
| 13:31 | Don't build test plugin as bundle and plugin check-in: 50dce32144 user: js tags: trunk | |
Changes
Modified src/tls/OFGnuTLSTLSStream.m from [49ed6aa948] to [84d62d35d3].
| ︙ | ︙ | |||
34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
int _ObjFWTLS_reference;
static gnutls_certificate_credentials_t systemTrustCreds;
#ifndef GNUTLS_SAFE_PADDING_CHECK
/* Some older versions don't have it. */
# define GNUTLS_SAFE_PADDING_CHECK 0
#endif
@implementation OFGnuTLSTLSStream
static ssize_t
readFunc(gnutls_transport_ptr_t transport, void *buffer, size_t length)
{
OFGnuTLSTLSStream *stream = (OFGnuTLSTLSStream *)transport;
| > > > > > > > > > > > > > > > | 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 |
int _ObjFWTLS_reference;
static gnutls_certificate_credentials_t systemTrustCreds;
#ifndef GNUTLS_SAFE_PADDING_CHECK
/* Some older versions don't have it. */
# define GNUTLS_SAFE_PADDING_CHECK 0
#endif
static OFTLSStreamErrorCode
certificateStatusToErrorCode(gnutls_certificate_status_t status)
{
if (status & GNUTLS_CERT_UNEXPECTED_OWNER)
return OFTLSStreamErrorCodeCertificateNameMismatch;
if (status & GNUTLS_CERT_REVOKED)
return OFTLSStreamErrorCodeCertificateRevoked;
if (status & (GNUTLS_CERT_EXPIRED | GNUTLS_CERT_NOT_ACTIVATED))
return OFTLSStreamErrorCodeCertificatedExpired;
if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
return OFTLSStreamErrorCodeCertificateIssuerUntrusted;
return OFTLSStreamErrorCodeCertificateVerificationFailed;
}
@implementation OFGnuTLSTLSStream
static ssize_t
readFunc(gnutls_transport_ptr_t transport, void *buffer, size_t length)
{
OFGnuTLSTLSStream *stream = (OFGnuTLSTLSStream *)transport;
|
| ︙ | ︙ | |||
76 77 78 79 80 81 82 | return -1; } return length; } | < < < < < < < < < < < < < < < | 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
return -1;
}
return length;
}
+ (void)load
{
if (OFTLSStreamImplementation == Nil)
OFTLSStreamImplementation = self;
}
+ (void)initialize
|
| ︙ | ︙ |
Modified src/tls/OFSecureTransportTLSStream.m from [cc272524b9] to [9e3e0c47ad].
| ︙ | ︙ | |||
26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
#import "OFAlreadyOpenException.h"
#import "OFNotOpenException.h"
#import "OFReadFailedException.h"
#import "OFTLSHandshakeFailedException.h"
#import "OFWriteFailedException.h"
int _ObjFWTLS_reference;
static OSStatus
readFunc(SSLConnectionRef connection, void *data, size_t *dataLength)
{
bool incomplete;
size_t length;
| > > > > > > > > > > > | 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
#import "OFAlreadyOpenException.h"
#import "OFNotOpenException.h"
#import "OFReadFailedException.h"
#import "OFTLSHandshakeFailedException.h"
#import "OFWriteFailedException.h"
int _ObjFWTLS_reference;
static OFTLSStreamErrorCode
statusToErrorCode(OSStatus status)
{
switch (status) {
case errSSLXCertChainInvalid:
return OFTLSStreamErrorCodeCertificateVerificationFailed;
}
return OFTLSStreamErrorCodeUnknown;
}
static OSStatus
readFunc(SSLConnectionRef connection, void *data, size_t *dataLength)
{
bool incomplete;
size_t length;
|
| ︙ | ︙ | |||
241 242 243 244 245 246 247 | } if (status != noErr) /* FIXME: Map to better errors */ exception = [OFTLSHandshakeFailedException exceptionWithStream: self host: _host | | | 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 | } if (status != noErr) /* FIXME: Map to better errors */ exception = [OFTLSHandshakeFailedException exceptionWithStream: self host: _host errorCode: statusToErrorCode(status)]; if ([_delegate respondsToSelector: @selector(stream:didPerformClientHandshakeWithHost:exception:)]) [_delegate stream: self didPerformClientHandshakeWithHost: _host exception: exception]; |
| ︙ | ︙ | |||
267 268 269 270 271 272 273 | if (status == errSSLWouldBlock) return true; if (status != noErr) exception = [OFTLSHandshakeFailedException exceptionWithStream: self host: _host | | | 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 | if (status == errSSLWouldBlock) return true; if (status != noErr) exception = [OFTLSHandshakeFailedException exceptionWithStream: self host: _host errorCode: statusToErrorCode(status)]; } if ([_delegate respondsToSelector: @selector(stream:didPerformClientHandshakeWithHost:exception:)]) [_delegate stream: self didPerformClientHandshakeWithHost: _host exception: exception]; [_delegate release]; return false; } @end |