Swiftdiff options
| author | Tobias Markmann <tm@ayena.de> | 2016-09-29 11:11:09 (GMT) |
|---|---|---|
| committer | Kevin Smith <kevin.smith@isode.com> | 2016-09-29 12:27:43 (GMT) |
| commit | 2bf44a1d641c3bc35546cb49d3766f2962f9a984 (patch) | |
| tree | 999b3b082ebeaeca8c4db817f87b3570346ae6c1 | |
| parent | c966e43b2852e69da1ed3cac9e11c1b026d4f4a9 (diff) | |
| download | swift-2bf44a1d641c3bc35546cb49d3766f2962f9a984.zip swift-2bf44a1d641c3bc35546cb49d3766f2962f9a984.tar.bz2 | |
Explicitly handle all possible SecTrustResultType enum values
Test-Information:
Unit tests pass on macOS 10.12.
Change-Id: I32f884e2525b6200e5fb3f04d58f77304d16daa0
| -rw-r--r-- | Swiften/TLS/SecureTransport/SecureTransportContext.mm | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/Swiften/TLS/SecureTransport/SecureTransportContext.mm b/Swiften/TLS/SecureTransport/SecureTransportContext.mm index 970d270..1ed636b 100644 --- a/Swiften/TLS/SecureTransport/SecureTransportContext.mm +++ b/Swiften/TLS/SecureTransport/SecureTransportContext.mm @@ -262,11 +262,23 @@ void SecureTransportContext::verifyServerCertificate() { verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); } break; - case kSecTrustResultOtherError: + case kSecTrustResultInvalid: verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); break; - default: - SWIFT_LOG(warning) << "Unhandled trust result " << trustResult << "." << std::endl; + case kSecTrustResultConfirm: + // TODO: Confirmation from the user is required before proceeding. + verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); + break; + case kSecTrustResultDeny: + // The user specified that the certificate should not be trusted. + verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::Untrusted); + break; + case kSecTrustResultFatalTrustFailure: + // Trust denied; no simple fix is available. + verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); + break; + case kSecTrustResultOtherError: + verificationError_ = std::make_shared<CertificateVerificationError>(CertificateVerificationError::UnknownError); break; } |