Overview
| Comment: | Replace BOOL with bool. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
09e348c39a2a635d896d29084cc17537 |
| User & Date: | js on 2013-03-04 17:37:09 |
| Other Links: | manifest | tags |
Context
|
2013-03-31
| ||
| 10:04 | Conform to OFTLSSocket. check-in: 4192ab66c8 user: js tags: trunk | |
|
2013-03-04
| ||
| 17:37 | Replace BOOL with bool. check-in: 09e348c39a user: js tags: trunk | |
|
2013-02-21
| ||
| 23:41 | Update to recent ObjFW changes. check-in: 64d3ec13b0 user: js tags: trunk | |
Changes
Modified src/SSLInvalidCertificateException.m from [e0db9e849d] to [25bd35d91a].
| ︙ | ︙ | |||
70 71 72 73 74 75 76 |
return [OFString stringWithFormat:
@"Invalid certificate in class %@! Reason: %@", [self inClass],
_reason];
}
- (OFString*)reason
{
| | | 70 71 72 73 74 75 76 77 78 79 |
return [OFString stringWithFormat:
@"Invalid certificate in class %@! Reason: %@", [self inClass],
_reason];
}
- (OFString*)reason
{
OF_GETTER(_reason, false)
}
@end
|
Modified src/SSLSocket.h from [d1df87a4ff] to [40186b2917].
| ︙ | ︙ | |||
27 28 29 30 31 32 33 |
@class X509Certificate;
@interface SSLSocket: OFTCPSocket
{
SSL *_SSL;
OFString *_privateKeyFile, *_certificateFile;
| | | | | | 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 |
@class X509Certificate;
@interface SSLSocket: OFTCPSocket
{
SSL *_SSL;
OFString *_privateKeyFile, *_certificateFile;
bool _requestsClientCertificates;
}
#ifdef OF_HAVE_PROPERTIES
@property (copy) OFString *privateKeyFile, *certificateFile;
@property bool requestsClientCertificates;
#endif
- initWithSocket: (OFTCPSocket*)socket;
- initWithSocket: (OFTCPSocket*)socket
privateKeyFile: (OFString*)privateKeyFile
certificateFile: (OFString*)certificateFile;
- (void)SSL_super_close;
- (SSLSocket*)accept; /* Changes the return type */
- (void)setPrivateKeyFile: (OFString*)file;
- (OFString*)privateKeyFile;
- (void)setCertificateFile: (OFString*)file;
- (OFString*)certificateFile;
- (void)setRequestsClientCertificates: (bool)enabled;
- (bool)requestsClientCertificates;
- (OFDataArray*)channelBindingDataWithType: (OFString*)type;
- (X509Certificate*)peerCertificate;
- (void)verifyPeerCertificate;
@end
|
Modified src/SSLSocket.m from [b2157a98b6] to [72b1fab442].
| ︙ | ︙ | |||
284 285 286 287 288 289 290 | @throw [OFReadFailedException exceptionWithClass: [self class] stream: self requestedLength: length]; } if (ret == 0) | | | 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 |
@throw [OFReadFailedException exceptionWithClass: [self class]
stream: self
requestedLength: length];
}
if (ret == 0)
_atEndOfStream = true;
return ret;
}
- (void)lowlevelWriteBuffer: (const void*)buffer
length: (size_t)length
{
|
| ︙ | ︙ | |||
331 332 333 334 335 336 337 |
return [super numberOfBytesInReadBuffer];
return [super numberOfBytesInReadBuffer] + SSL_pending(_SSL);
}
- (void)setPrivateKeyFile: (OFString*)privateKeyFile
{
| | | | | | | | 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 |
return [super numberOfBytesInReadBuffer];
return [super numberOfBytesInReadBuffer] + SSL_pending(_SSL);
}
- (void)setPrivateKeyFile: (OFString*)privateKeyFile
{
OF_SETTER(_privateKeyFile, privateKeyFile, true, 1)
}
- (OFString*)privateKeyFile
{
OF_GETTER(_privateKeyFile, true)
}
- (void)setCertificateFile: (OFString*)certificateFile
{
OF_SETTER(_certificateFile, certificateFile, true, 1)
}
- (OFString*)certificateFile
{
OF_GETTER(_certificateFile, true)
}
- (void)setRequestsClientCertificates: (bool)enabled
{
_requestsClientCertificates = enabled;
}
- (bool)requestsClientCertificates
{
return _requestsClientCertificates;
}
- (OFDataArray*)channelBindingDataWithType: (OFString*)type
{
size_t length;
|
| ︙ | ︙ |
Modified src/X509Certificate.h from [cc9b5aa091] to [0092402ee7].
| ︙ | ︙ | |||
62 63 64 65 66 67 68 | #endif - initWithFile: (OFString*)file; - initWithX509Struct: (X509*)cert; - (OFDictionary*)issuer; - (OFDictionary*)subject; - (OFDictionary*)subjectAlternativeName; | | | | | | 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 | #endif - initWithFile: (OFString*)file; - initWithX509Struct: (X509*)cert; - (OFDictionary*)issuer; - (OFDictionary*)subject; - (OFDictionary*)subjectAlternativeName; - (bool)hasCommonNameMatchingDomain: (OFString*)domain; - (bool)hasDNSNameMatchingDomain: (OFString*)domain; - (bool)hasSRVNameMatchingDomain: (OFString*)domain service: (OFString*)service; - (bool)X509_isAssertedDomain: (OFString*)asserted equalDomain: (OFString*)domain; - (OFDictionary*)X509_dictionaryFromX509Name: (X509_NAME*)name; - (X509OID*)X509_stringFromASN1Object: (ASN1_OBJECT*)obj; - (OFString*)X509_stringFromASN1String: (ASN1_STRING*)str; @end |
Modified src/X509Certificate.m from [f5a1847ad4] to [ea8e8f249e].
| ︙ | ︙ | |||
250 251 252 253 254 255 256 | [ret makeImmutable]; _subjectAlternativeName = [ret retain]; return ret; } | | | | | | | | | 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 |
[ret makeImmutable];
_subjectAlternativeName = [ret retain];
return ret;
}
- (bool)hasCommonNameMatchingDomain: (OFString*)domain
{
OFString *name;
OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
OFList *CNs = [[self subject] objectForKey: OID_commonName];
OFEnumerator *enumerator = [CNs objectEnumerator];
while ((name = [enumerator nextObject]) != nil) {
if ([self X509_isAssertedDomain: name
equalDomain: domain]) {
[pool release];
return true;
}
}
[pool release];
return false;
}
- (bool)hasDNSNameMatchingDomain: (OFString*)domain
{
OFString *name;
OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
OFDictionary *SANs = [self subjectAlternativeName];
OFList *assertedNames = [SANs objectForKey: @"dNSName"];
OFEnumerator *enumerator = [assertedNames objectEnumerator];
while ((name = [enumerator nextObject]) != nil) {
if ([self X509_isAssertedDomain: name
equalDomain: domain]) {
[pool release];
return true;
}
}
[pool release];
return false;
}
- (bool)hasSRVNameMatchingDomain: (OFString*)domain
service: (OFString*)service
{
size_t serviceLength;
OFString *name;
OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
OFDictionary *SANs = [self subjectAlternativeName];
OFList *assertedNames = [[SANs objectForKey: @"otherName"]
|
| ︙ | ︙ | |||
314 315 316 317 318 319 320 |
if ([name hasPrefix: service]) {
OFString *asserted;
asserted = [name substringWithRange: of_range(
serviceLength, [name length] - serviceLength)];
if ([self X509_isAssertedDomain: asserted
equalDomain: domain]) {
[pool release];
| | | | | | | | | | 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 |
if ([name hasPrefix: service]) {
OFString *asserted;
asserted = [name substringWithRange: of_range(
serviceLength, [name length] - serviceLength)];
if ([self X509_isAssertedDomain: asserted
equalDomain: domain]) {
[pool release];
return true;
}
}
}
[pool release];
return false;
}
- (bool)X509_isAssertedDomain: (OFString*)asserted
equalDomain: (OFString*)domain
{
/*
* In accordance with RFC 6125 this only allows a wildcard as the
* left-most label and matches only the left-most label with it.
* E.g. *.example.com matches foo.example.com,
* but not foo.bar.example.com
*/
size_t firstDot;
if ([asserted caseInsensitiveCompare: domain] == OF_ORDERED_SAME)
return true;
if (![asserted hasPrefix: @"*."])
return false;
asserted = [asserted substringWithRange:
of_range(2, [asserted length] - 2)];
firstDot = [domain rangeOfString: @"."].location;
if (firstDot == OF_NOT_FOUND)
return false;
domain = [domain substringWithRange:
of_range(firstDot + 1, [domain length] - firstDot - 1)];
if (![asserted caseInsensitiveCompare: domain])
return true;
return false;
}
- (OFDictionary*)X509_dictionaryFromX509Name: (X509_NAME*)name
{
OFMutableDictionary *dict = [OFMutableDictionary dictionary];
OFAutoreleasePool *pool = [[OFAutoreleasePool alloc] init];
int i, count = X509_NAME_entry_count(name);
|
| ︙ | ︙ | |||
458 459 460 461 462 463 464 |
- (OFString*)description
{
char tmp[1024];
OBJ_obj2txt(tmp, sizeof(tmp), OBJ_txt2obj([_string UTF8String], 1), 0);
return [OFString stringWithUTF8String: tmp];
}
| | | | 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 |
- (OFString*)description
{
char tmp[1024];
OBJ_obj2txt(tmp, sizeof(tmp), OBJ_txt2obj([_string UTF8String], 1), 0);
return [OFString stringWithUTF8String: tmp];
}
- (bool)isEqual: (id)object
{
if ([object isKindOfClass: [X509OID class]]) {
X509OID *OID = object;
return [OID->_string isEqual: _string];
}
if ([object isKindOfClass: [OFString class]])
return [_string isEqual: object];
return false;
}
- (uint32_t)hash
{
return [_string hash];
}
- copy
{
return [self retain];
}
@end
|