Swiftdiff options
Diffstat (limited to 'Swiften/TLS/OpenSSL/OpenSSLContext.cpp')
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLContext.cpp | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index 89917ee..968ef8f 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp @@ -1,7 +1,7 @@ /* - * Copyright (c) 2010-2018 Isode Limited. + * Copyright (c) 2010-2019 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #include <Swiften/Base/Platform.h> @@ -178,11 +178,11 @@ void OpenSSLContext::initAndSetBIOs() { void OpenSSLContext::accept() { assert(mode_ == Mode::Server); handle_ = std::unique_ptr<SSL>(SSL_new(context_.get())); if (!handle_) { state_ = State::Error; - onError(std::make_shared<TLSError>()); + onError(std::make_shared<TLSError>(TLSError::AcceptFailed, openSSLInternalErrorToString())); return; } initAndSetBIOs(); @@ -197,17 +197,18 @@ void OpenSSLContext::connect() { void OpenSSLContext::connect(const std::string& requestedServerName) { assert(mode_ == Mode::Client); handle_ = std::unique_ptr<SSL>(SSL_new(context_.get())); if (!handle_) { state_ = State::Error; - onError(std::make_shared<TLSError>()); + onError(std::make_shared<TLSError>(TLSError::ConnectFailed, openSSLInternalErrorToString())); return; } if (!requestedServerName.empty()) { if (SSL_set_tlsext_host_name(handle_.get(), const_cast<char*>(requestedServerName.c_str())) != 1) { - SWIFT_LOG(error) << "Failed on SSL_set_tlsext_host_name()." << std::endl; + onError(std::make_shared<TLSError>(TLSError::ConnectFailed, "Failed to set Server Name Indication: " + openSSLInternalErrorToString()));\ + return; } } // Ownership of BIOs is transferred to the SSL_CTX instance in handle_. initAndSetBIOs(); @@ -235,13 +236,12 @@ void OpenSSLContext::doAccept() { break; case SSL_ERROR_WANT_WRITE: sendPendingDataToNetwork(); break; default: - SWIFT_LOG(warning) << openSSLInternalErrorToString() << std::endl; state_ = State::Error; - onError(std::make_shared<TLSError>()); + onError(std::make_shared<TLSError>(TLSError::AcceptFailed, openSSLInternalErrorToString())); sendPendingDataToNetwork(); } } void OpenSSLContext::doConnect() { @@ -258,13 +258,13 @@ void OpenSSLContext::doConnect() { } case SSL_ERROR_WANT_READ: sendPendingDataToNetwork(); break; default: - SWIFT_LOG(warning) << openSSLInternalErrorToString() << std::endl; state_ = State::Error; onError(std::make_shared<TLSError>()); + onError(std::make_shared<TLSError>(TLSError::ConnectFailed, openSSLInternalErrorToString())); } } int OpenSSLContext::handleServerNameCallback(SSL* ssl, int*, void* arg) { if (ssl == nullptr) @@ -310,16 +310,17 @@ void OpenSSLContext::handleDataFromNetwork(const SafeByteArray& data) { case State::Error: /*assert(false);*/ break; } } void OpenSSLContext::handleDataFromApplication(const SafeByteArray& data) { - if (SSL_write(handle_.get(), vecptr(data), data.size()) >= 0) { - sendPendingDataToNetwork(); + auto ret = SSL_write(handle_.get(), vecptr(data), data.size()); + if (ret > 0 || SSL_get_error(handle_.get(), ret) == SSL_ERROR_WANT_READ) { + sendPendingDataToNetwork(); } else { state_ = State::Error; - onError(std::make_shared<TLSError>()); + onError(std::make_shared<TLSError>(TLSError::UnknownError, openSSLInternalErrorToString())); } } void OpenSSLContext::sendPendingDataToApplication() { SafeByteArray data; @@ -331,11 +332,11 @@ void OpenSSLContext::sendPendingDataToApplication() { data.resize(SSL_READ_BUFFERSIZE); ret = SSL_read(handle_.get(), vecptr(data), data.size()); } if (ret < 0 && SSL_get_error(handle_.get(), ret) != SSL_ERROR_WANT_READ) { state_ = State::Error; - onError(std::make_shared<TLSError>()); + onError(std::make_shared<TLSError>(TLSError::UnknownError, openSSLInternalErrorToString())); } } bool OpenSSLContext::setCertificateChain(const std::vector<Certificate::ref>& certificateChain) { if (certificateChain.size() == 0) { |