Swift
summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Swiften/Client/CoreClient.cpp2
-rw-r--r--Swiften/Network/BOSHConnection.cpp6
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLContext.cpp23
-rw-r--r--Swiften/TLS/TLSContext.h1
-rw-r--r--Swiften/TLS/TLSError.h18
5 files changed, 30 insertions, 20 deletions
diff --git a/Swiften/Client/CoreClient.cpp b/Swiften/Client/CoreClient.cpp
index d3711cb..ccde0c2 100644
--- a/Swiften/Client/CoreClient.cpp
+++ b/Swiften/Client/CoreClient.cpp
@@ -316,6 +316,8 @@ void CoreClient::handleSessionFinished(std::shared_ptr<Error> error) {
316 clientError = ClientError(ClientError::CertificateCardRemoved); 316 clientError = ClientError(ClientError::CertificateCardRemoved);
317 break; 317 break;
318 case TLSError::UnknownError: 318 case TLSError::UnknownError:
319 case TLSError::AcceptFailed:
320 case TLSError::ConnectFailed:
319 clientError = ClientError(ClientError::TLSError); 321 clientError = ClientError(ClientError::TLSError);
320 break; 322 break;
321 } 323 }
diff --git a/Swiften/Network/BOSHConnection.cpp b/Swiften/Network/BOSHConnection.cpp
index 4bbb121..aaec9f2 100644
--- a/Swiften/Network/BOSHConnection.cpp
+++ b/Swiften/Network/BOSHConnection.cpp
@@ -5,7 +5,7 @@
5 */ 5 */
6 6
7/* 7/*
8 * Copyright (c) 2011-2018 Isode Limited. 8 * Copyright (c) 2011-2019 Isode Limited.
9 * All rights reserved. 9 * All rights reserved.
10 * See the COPYING file for more information. 10 * See the COPYING file for more information.
11 */ 11 */
@@ -93,8 +93,8 @@ void BOSHConnection::handleRawDataRead(std::shared_ptr<SafeByteArray> data) {
93 tlsLayer_->handleDataRead(*data.get()); 93 tlsLayer_->handleDataRead(*data.get());
94} 94}
95 95
96void BOSHConnection::handleTLSError(std::shared_ptr<TLSError> /* error */) { 96void BOSHConnection::handleTLSError(std::shared_ptr<TLSError> error) {
97 97 SWIFT_LOG(debug) << (error ? error->getMessage() : "Unknown TLS error") << std::endl;
98} 98}
99 99
100void BOSHConnection::writeData(const SafeByteArray& data) { 100void BOSHConnection::writeData(const SafeByteArray& data) {
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index 89917ee..968ef8f 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -1,5 +1,5 @@
1/* 1/*
2 * Copyright (c) 2010-2018 Isode Limited. 2 * Copyright (c) 2010-2019 Isode Limited.
3 * All rights reserved. 3 * All rights reserved.
4 * See the COPYING file for more information. 4 * See the COPYING file for more information.
5 */ 5 */
@@ -180,7 +180,7 @@ void OpenSSLContext::accept() {
180 handle_ = std::unique_ptr<SSL>(SSL_new(context_.get())); 180 handle_ = std::unique_ptr<SSL>(SSL_new(context_.get()));
181 if (!handle_) { 181 if (!handle_) {
182 state_ = State::Error; 182 state_ = State::Error;
183 onError(std::make_shared<TLSError>()); 183 onError(std::make_shared<TLSError>(TLSError::AcceptFailed, openSSLInternalErrorToString()));
184 return; 184 return;
185 } 185 }
186 186
@@ -199,13 +199,14 @@ void OpenSSLContext::connect(const std::string& requestedServerName) {
199 handle_ = std::unique_ptr<SSL>(SSL_new(context_.get())); 199 handle_ = std::unique_ptr<SSL>(SSL_new(context_.get()));
200 if (!handle_) { 200 if (!handle_) {
201 state_ = State::Error; 201 state_ = State::Error;
202 onError(std::make_shared<TLSError>()); 202 onError(std::make_shared<TLSError>(TLSError::ConnectFailed, openSSLInternalErrorToString()));
203 return; 203 return;
204 } 204 }
205 205
206 if (!requestedServerName.empty()) { 206 if (!requestedServerName.empty()) {
207 if (SSL_set_tlsext_host_name(handle_.get(), const_cast<char*>(requestedServerName.c_str())) != 1) { 207 if (SSL_set_tlsext_host_name(handle_.get(), const_cast<char*>(requestedServerName.c_str())) != 1) {
208 SWIFT_LOG(error) << "Failed on SSL_set_tlsext_host_name()." << std::endl; 208 onError(std::make_shared<TLSError>(TLSError::ConnectFailed, "Failed to set Server Name Indication: " + openSSLInternalErrorToString()));\
209 return;
209 } 210 }
210 } 211 }
211 212
@@ -237,9 +238,8 @@ void OpenSSLContext::doAccept() {
237 sendPendingDataToNetwork(); 238 sendPendingDataToNetwork();
238 break; 239 break;
239 default: 240 default:
240 SWIFT_LOG(warning) << openSSLInternalErrorToString() << std::endl;
241 state_ = State::Error; 241 state_ = State::Error;
242 onError(std::make_shared<TLSError>()); 242 onError(std::make_shared<TLSError>(TLSError::AcceptFailed, openSSLInternalErrorToString()));
243 sendPendingDataToNetwork(); 243 sendPendingDataToNetwork();
244 } 244 }
245} 245}
@@ -260,9 +260,9 @@ void OpenSSLContext::doConnect() {
260 sendPendingDataToNetwork(); 260 sendPendingDataToNetwork();
261 break; 261 break;
262 default: 262 default:
263 SWIFT_LOG(warning) << openSSLInternalErrorToString() << std::endl;
264 state_ = State::Error; 263 state_ = State::Error;
265 onError(std::make_shared<TLSError>()); 264 onError(std::make_shared<TLSError>());
265 onError(std::make_shared<TLSError>(TLSError::ConnectFailed, openSSLInternalErrorToString()));
266 } 266 }
267} 267}
268 268
@@ -312,12 +312,13 @@ void OpenSSLContext::handleDataFromNetwork(const SafeByteArray& data) {
312} 312}
313 313
314void OpenSSLContext::handleDataFromApplication(const SafeByteArray& data) { 314void OpenSSLContext::handleDataFromApplication(const SafeByteArray& data) {
315 if (SSL_write(handle_.get(), vecptr(data), data.size()) >= 0) { 315 auto ret = SSL_write(handle_.get(), vecptr(data), data.size());
316 sendPendingDataToNetwork(); 316 if (ret > 0 || SSL_get_error(handle_.get(), ret) == SSL_ERROR_WANT_READ) {
317 sendPendingDataToNetwork();
317 } 318 }
318 else { 319 else {
319 state_ = State::Error; 320 state_ = State::Error;
320 onError(std::make_shared<TLSError>()); 321 onError(std::make_shared<TLSError>(TLSError::UnknownError, openSSLInternalErrorToString()));
321 } 322 }
322} 323}
323 324
@@ -333,7 +334,7 @@ void OpenSSLContext::sendPendingDataToApplication() {
333 } 334 }
334 if (ret < 0 && SSL_get_error(handle_.get(), ret) != SSL_ERROR_WANT_READ) { 335 if (ret < 0 && SSL_get_error(handle_.get(), ret) != SSL_ERROR_WANT_READ) {
335 state_ = State::Error; 336 state_ = State::Error;
336 onError(std::make_shared<TLSError>()); 337 onError(std::make_shared<TLSError>(TLSError::UnknownError, openSSLInternalErrorToString()));
337 } 338 }
338} 339}
339 340
diff --git a/Swiften/TLS/TLSContext.h b/Swiften/TLS/TLSContext.h
index 55a86cd..9b0a2eb 100644
--- a/Swiften/TLS/TLSContext.h
+++ b/Swiften/TLS/TLSContext.h
@@ -50,7 +50,6 @@ namespace Swift {
50 virtual ByteArray getFinishMessage() const = 0; 50 virtual ByteArray getFinishMessage() const = 0;
51 virtual ByteArray getPeerFinishMessage() const; 51 virtual ByteArray getPeerFinishMessage() const;
52 52
53
54 public: 53 public:
55 enum class Mode { 54 enum class Mode {
56 Client, 55 Client,
diff --git a/Swiften/TLS/TLSError.h b/Swiften/TLS/TLSError.h
index ae775e6..9e4af2f 100644
--- a/Swiften/TLS/TLSError.h
+++ b/Swiften/TLS/TLSError.h
@@ -1,5 +1,5 @@
1/* 1/*
2 * Copyright (c) 2012-2016 Isode Limited. 2 * Copyright (c) 2012-2019 Isode Limited.
3 * All rights reserved. 3 * All rights reserved.
4 * See the COPYING file for more information. 4 * See the COPYING file for more information.
5 */ 5 */
@@ -7,6 +7,7 @@
7#pragma once 7#pragma once
8 8
9#include <memory> 9#include <memory>
10#include <string>
10 11
11#include <Swiften/Base/API.h> 12#include <Swiften/Base/API.h>
12#include <Swiften/Base/Error.h> 13#include <Swiften/Base/Error.h>
@@ -18,16 +19,23 @@ namespace Swift {
18 19
19 enum Type { 20 enum Type {
20 UnknownError, 21 UnknownError,
21 CertificateCardRemoved 22 CertificateCardRemoved,
23 AcceptFailed,
24 ConnectFailed
22 }; 25 };
23 26
24 TLSError(Type type = UnknownError) : type(type) {} 27 TLSError(Type type = UnknownError, std::string message = "") : type_(type), message_(std::move(message)) {}
25 28
26 Type getType() const { 29 Type getType() const {
27 return type; 30 return type_;
31 }
32
33 const std::string& getMessage() const {
34 return message_;
28 } 35 }
29 36
30 private: 37 private:
31 Type type; 38 Type type_;
39 std::string message_;
32 }; 40 };
33} 41}