Overview
Comment: | OFSecureTransportTLSStream: Use more error codes |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
33dbefb0356f07a7703283961fa4c1c1 |
User & Date: | js on 2024-11-16 14:17:26 |
Other Links: | manifest | tags |
Context
2024-11-18
| ||
00:51 | OFGnuTLSTLSStream: Improve error codes Leaf check-in: f2e96ebd9a user: js tags: trunk | |
2024-11-16
| ||
22:36 | OFTLSStream: Add API for server mode check-in: 43864736e7 user: js tags: tls-server | |
14:17 | OFSecureTransportTLSStream: Use more error codes check-in: 33dbefb035 user: js tags: trunk | |
13:31 | Don't build test plugin as bundle and plugin check-in: 50dce32144 user: js tags: trunk | |
Changes
Modified src/tls/OFGnuTLSTLSStream.m from [49ed6aa948] to [84d62d35d3].
︙ | |||
34 35 36 37 38 39 40 41 42 43 44 45 46 47 | 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 | + + + + + + + + + + + + + + + | int _ObjFWTLS_reference; static gnutls_certificate_credentials_t systemTrustCreds; #ifndef GNUTLS_SAFE_PADDING_CHECK /* Some older versions don't have it. */ # define GNUTLS_SAFE_PADDING_CHECK 0 #endif static OFTLSStreamErrorCode certificateStatusToErrorCode(gnutls_certificate_status_t status) { if (status & GNUTLS_CERT_UNEXPECTED_OWNER) return OFTLSStreamErrorCodeCertificateNameMismatch; if (status & GNUTLS_CERT_REVOKED) return OFTLSStreamErrorCodeCertificateRevoked; if (status & (GNUTLS_CERT_EXPIRED | GNUTLS_CERT_NOT_ACTIVATED)) return OFTLSStreamErrorCodeCertificatedExpired; if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) return OFTLSStreamErrorCodeCertificateIssuerUntrusted; return OFTLSStreamErrorCodeCertificateVerificationFailed; } @implementation OFGnuTLSTLSStream static ssize_t readFunc(gnutls_transport_ptr_t transport, void *buffer, size_t length) { OFGnuTLSTLSStream *stream = (OFGnuTLSTLSStream *)transport; |
︙ | |||
76 77 78 79 80 81 82 | 91 92 93 94 95 96 97 98 99 100 101 102 103 104 | - - - - - - - - - - - - - - - | return -1; } return length; } |
︙ |
Modified src/tls/OFSecureTransportTLSStream.m from [cc272524b9] to [9e3e0c47ad].
︙ | |||
26 27 28 29 30 31 32 33 34 35 36 37 38 39 | 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 | + + + + + + + + + + + | #import "OFAlreadyOpenException.h" #import "OFNotOpenException.h" #import "OFReadFailedException.h" #import "OFTLSHandshakeFailedException.h" #import "OFWriteFailedException.h" int _ObjFWTLS_reference; static OFTLSStreamErrorCode statusToErrorCode(OSStatus status) { switch (status) { case errSSLXCertChainInvalid: return OFTLSStreamErrorCodeCertificateVerificationFailed; } return OFTLSStreamErrorCodeUnknown; } static OSStatus readFunc(SSLConnectionRef connection, void *data, size_t *dataLength) { bool incomplete; size_t length; |
︙ | |||
241 242 243 244 245 246 247 | 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 | - + | } if (status != noErr) /* FIXME: Map to better errors */ exception = [OFTLSHandshakeFailedException exceptionWithStream: self host: _host |
︙ | |||
267 268 269 270 271 272 273 | 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 | - + | if (status == errSSLWouldBlock) return true; if (status != noErr) exception = [OFTLSHandshakeFailedException exceptionWithStream: self host: _host |