Overview
| Comment: | Conform to OFTLSSocket.
Still a few FIXMEs / TODOs. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
4192ab66c81c4730a9b5721d2bf1f8b1 |
| User & Date: | js on 2013-03-31 10:04:53 |
| Other Links: | manifest | tags |
Context
|
2013-04-03
| ||
| 21:26 | Disable -Werror until we fully conform to OFTLSSocket again check-in: 51a0e4d05b user: florob@babelmonkeys.de tags: trunk | |
|
2013-03-31
| ||
| 10:04 | Conform to OFTLSSocket. check-in: 4192ab66c8 user: js tags: trunk | |
|
2013-03-04
| ||
| 17:37 | Replace BOOL with bool. check-in: 09e348c39a user: js tags: trunk | |
Changes
Modified src/SSLInvalidCertificateException.m from [25bd35d91a] to [55bf9206f9].
| ︙ | ︙ | |||
16 17 18 19 20 21 22 23 24 25 26 27 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #import "SSLInvalidCertificateException.h" #import <ObjFW/macros.h> | > > < < > | > | | > | > | 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <stdlib.h>
#import "SSLInvalidCertificateException.h"
#import <ObjFW/macros.h>
@implementation SSLInvalidCertificateException
+ exceptionWithClass: (Class)class
reason: (OFString*)reason
{
return [[[self alloc] initWithClass: class
reason: reason] autorelease];
}
- initWithClass: (Class)class
{
@try {
[self doesNotRecognizeSelector: _cmd];
} @catch (id e) {
[self release];
@throw e;
}
abort();
}
- initWithClass: (Class)class
reason: (OFString*)reason
{
self = [super initWithClass: class];
|
| ︙ | ︙ |
Modified src/SSLSocket.h from [40186b2917] to [127e317cb2].
| ︙ | ︙ | |||
20 21 22 23 24 25 26 27 28 29 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #include <openssl/ssl.h> #import <ObjFW/OFTCPSocket.h> @class X509Certificate; | > | | > < < < < < < < < < | 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <openssl/ssl.h>
#import <ObjFW/OFTCPSocket.h>
#import <ObjFW/OFTLSSocket.h>
@class X509Certificate;
@interface SSLSocket: OFTCPSocket <OFTLSSocket>
{
SSL *_SSL;
OFString *_certificateFile, *_privateKeyFile;
const char *_privateKeyPassphrase;
bool _requestsClientCertificates;
}
#ifdef OF_HAVE_PROPERTIES
@property bool requestsClientCertificates;
#endif
- initWithSocket: (OFTCPSocket*)socket;
- (void)SSL_super_close;
- (void)setRequestsClientCertificates: (bool)enabled;
- (bool)requestsClientCertificates;
- (OFDataArray*)channelBindingDataWithType: (OFString*)type;
- (X509Certificate*)peerCertificate;
- (void)verifyPeerCertificate;
@end
|
Modified src/SSLSocket.m from [72b1fab442] to [20965632b7].
| ︙ | ︙ | |||
111 112 113 114 115 116 117 |
if (SSL_CTX_set_default_verify_paths(ctx) == 0)
@throw [OFInitializationFailedException
exceptionWithClass: self];
}
- initWithSocket: (OFTCPSocket*)socket
{
| < < < < < < < < < < < < < < < | < < < < < < < < < < < < < < < < < < < < < < < < < < < | < < < < | | > > > > > > > > > > > > > > > > > | | 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 |
if (SSL_CTX_set_default_verify_paths(ctx) == 0)
@throw [OFInitializationFailedException
exceptionWithClass: self];
}
- initWithSocket: (OFTCPSocket*)socket
{
self = [self init];
_socket = dup(socket->_socket);
return self;
}
- (void)dealloc
{
SSL *SSL_ = _SSL;
[_privateKeyFile release];
[_certificateFile release];
[super dealloc];
if (SSL_ != NULL)
SSL_free(SSL_);
}
- (void)startTLS
{
if ((_SSL = SSL_new(ctx)) == NULL || !SSL_set_fd(_SSL, _socket)) {
[super close];
@throw [OFConnectionFailedException
exceptionWithClass: [self class]
socket: self
host: nil
port: 0];
}
SSL_set_connect_state(_SSL);
if ((_privateKeyFile != nil && !SSL_use_PrivateKey_file(_SSL,
[_privateKeyFile cStringWithEncoding: OF_STRING_ENCODING_NATIVE],
SSL_FILETYPE_PEM)) || (_certificateFile != nil &&
!SSL_use_certificate_file(_SSL, [_certificateFile
cStringWithEncoding: OF_STRING_ENCODING_NATIVE],
SSL_FILETYPE_PEM)) || SSL_connect(_SSL) != 1) {
[super close];
@throw [OFConnectionFailedException
exceptionWithClass: [self class]
socket: self
host: nil
port: 0];
}
}
- (void)connectToHost: (OFString*)host
port: (uint16_t)port
{
[super connectToHost: host
port: port];
@try {
[self startTLS];
} @catch (OFConnectionFailedException *e) {
@throw [OFConnectionFailedException
exceptionWithClass: [self class]
socket: self
host: host
port: port];
}
}
- (instancetype)accept
{
SSLSocket *client = (SSLSocket*)[super accept];
if ((client->_SSL = SSL_new(ctx)) == NULL ||
!SSL_set_fd(client->_SSL, client->_socket)) {
[client SSL_super_close];
@throw [OFAcceptFailedException exceptionWithClass: [self class]
|
| ︙ | ︙ | |||
329 330 331 332 333 334 335 |
{
if (_SSL == NULL)
return [super numberOfBytesInReadBuffer];
return [super numberOfBytesInReadBuffer] + SSL_pending(_SSL);
}
| | | > > | > | > > > > > > > > > > > > > > > > > > > > > | 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 |
{
if (_SSL == NULL)
return [super numberOfBytesInReadBuffer];
return [super numberOfBytesInReadBuffer] + SSL_pending(_SSL);
}
- (void)setDelegate: (id <OFTLSSocketDelegate>)delegate
{
/* FIXME */
[self doesNotRecognizeSelector: _cmd];
abort();
}
- (id <OFTLSSocketDelegate>)delegate
{
/* FIXME */
return nil;
}
- (void)setCertificateFile: (OFString*)certificateFile
{
OF_SETTER(_certificateFile, certificateFile, true, 1)
}
- (OFString*)certificateFile
{
OF_GETTER(_certificateFile, true)
}
- (void)setPrivateKeyFile: (OFString*)privateKeyFile
{
OF_SETTER(_privateKeyFile, privateKeyFile, true, 1)
}
- (OFString*)privateKeyFile
{
OF_GETTER(_privateKeyFile, true)
}
- (void)setPrivateKeyPassphrase: (const char*)privateKeyPassphrase
{
/* FIXME */
}
- (const char*)privateKeyPassphrase
{
/* FIXME */
return NULL;
}
- (void)setRequestsClientCertificates: (bool)enabled
{
_requestsClientCertificates = enabled;
}
- (bool)requestsClientCertificates
|
| ︙ | ︙ |