ObjOpenSSL  Check-in [a25be8be43]

Overview
Comment:Adjust to recent ObjFW changes.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: a25be8be433d13806a509ec3ed76202673fddd9b94c0c8a052e337ed22057474
User & Date: js on 2011-04-23 19:54:28
Other Links: manifest | tags
Context
2011-04-28
18:02
Don't free the context. check-in: 3a852cab76 user: js tags: trunk
2011-04-23
19:54
Adjust to recent ObjFW changes. check-in: a25be8be43 user: js tags: trunk
2011-04-03
19:53
Add the number of bytes returned by SSL_pending to -[pendingBytes]. check-in: ba8d67c63c user: js tags: trunk
Changes

Modified src/SSLSocket.m from [cc0f0dbfcb] to [31066db878].

9
10
11
12
13
14
15

16
17
18
19
20
21
22
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23







+







#import <ObjFW/OFAcceptFailedException.h>
#import <ObjFW/OFConnectionFailedException.h>
#import <ObjFW/OFInitializationFailedException.h>
#import <ObjFW/OFNotConnectedException.h>
#import <ObjFW/OFOutOfRangeException.h>
#import <ObjFW/OFReadFailedException.h>
#import <ObjFW/OFWriteFailedException.h>
#import <ObjFW/macros.h>

#ifndef INVALID_SOCKET
# define INVALID_SOCKET -1
#endif

static SSL_CTX *ctx;

109
110
111
112
113
114
115
116

117
118
119


120
121
122
123



124
125
126
127
128
129

130
131
132


133
134

135
136
137
138



139
140
141
142
143
144

145
146
147
148
149
150
151
152
153
154
155


156
157
158
159

160
161
162
163
164
165
166

167
168
169
170
171

172
173
174
175
176
177
178
179
180
181

182
183
184

185
186
187

188
189
190
191
192
193


194
195
196
197

198
199
200
201
202
203
204

205
206
207
208
209

210
211
212
213
214
215
216
217
218
219
220

221
222
223

224
225
226
227
228
229
230
231
232
233
234
235
236

237
238
239
240
241
242

243
244
245
246
247
248

249
250
251
252
253
254

255
256
110
111
112
113
114
115
116

117
118


119
120
121



122
123
124
125
126
127
128
129

130
131


132
133
134

135
136



137
138
139
140
141
142
143
144

145
146
147
148
149
150
151
152
153
154


155
156
157
158
159

160
161
162
163
164
165
166

167
168
169
170
171

172
173
174
175
176
177
178
179
180
181

182
183
184

185
186
187

188
189
190
191
192


193
194
195
196
197

198
199
200
201
202
203
204

205
206
207
208
209

210
211
212
213
214
215
216
217
218
219
220

221
222
223

224
225
226
227
228
229
230
231
232
233
234
235


236

237
238
239
240

241
242
243
244
245


246

247
248
249
250

251
252
253







-
+

-
-
+
+

-
-
-
+
+
+





-
+

-
-
+
+

-
+

-
-
-
+
+
+





-
+









-
-
+
+



-
+






-
+




-
+









-
+


-
+


-
+




-
-
+
+



-
+






-
+




-
+










-
+


-
+











-
-
+
-




-
+




-
-
+
-




-
+


							    host: host
							    port: port];
	}
}

- (SSLSocket*)accept
{
	SSLSocket *newsock = (SSLSocket*)[super accept];
	SSLSocket *newSocket = (SSLSocket*)[super accept];

	if ((newsock->ssl = SSL_new(ctx)) == NULL ||
	    !SSL_set_fd(newsock->ssl, newsock->sock)) {
	if ((newSocket->ssl = SSL_new(ctx)) == NULL ||
	    !SSL_set_fd(newSocket->ssl, newSocket->sock)) {
		/* We only want to close the OFTCPSocket */
		newsock->isa = [OFTCPSocket class];
		[newsock close];
		newsock->isa = isa;
		newSocket->isa = [OFTCPSocket class];
		[newSocket close];
		newSocket->isa = isa;

		@throw [OFAcceptFailedException newWithClass: isa
						      socket: self];
	}

	SSL_set_accept_state(newsock->ssl);
	SSL_set_accept_state(newSocket->ssl);

	if (!SSL_use_PrivateKey_file(newsock->ssl, [privateKeyFile cString],
	    SSL_FILETYPE_PEM) || !SSL_use_certificate_file(newsock->ssl,
	if (!SSL_use_PrivateKey_file(newSocket->ssl, [privateKeyFile cString],
	    SSL_FILETYPE_PEM) || !SSL_use_certificate_file(newSocket->ssl,
	    [certificateFile cString], SSL_FILETYPE_PEM) ||
	    SSL_accept(newsock->ssl) != 1) {
	    SSL_accept(newSocket->ssl) != 1) {
		/* We only want to close the OFTCPSocket */
		newsock->isa = [OFTCPSocket class];
		[newsock close];
		newsock->isa = isa;
		newSocket->isa = [OFTCPSocket class];
		[newSocket close];
		newSocket->isa = isa;

		@throw [OFAcceptFailedException newWithClass: isa
						      socket: self];
	}

	return newsock;
	return newSocket;
}

- (void)close
{
	SSL_shutdown(ssl);

	[super close];
}

- (size_t)_readNBytes: (size_t)size
	   intoBuffer: (char*)buf
- (size_t)_readNBytes: (size_t)length
	   intoBuffer: (char*)buffer
{
	ssize_t ret;

	if (size > INT_MAX)
	if (length > INT_MAX)
		@throw [OFOutOfRangeException newWithClass: isa];

	if (sock == INVALID_SOCKET)
		@throw [OFNotConnectedException newWithClass: isa
						      socket: self];

	if (eos) {
	if (isAtEndOfStream) {
		OFReadFailedException *e;

		e = [OFReadFailedException newWithClass: isa
						 stream: self
					  requestedSize: size];
					requestedLength: length];
#ifndef _WIN32
		e->errNo = ENOTCONN;
#else
		e->errNo = WSAENOTCONN;
#endif

		@throw e;
	}

	if ((ret = SSL_read(ssl, buf, (int)size)) < 0)
	if ((ret = SSL_read(ssl, buffer, (int)length)) < 0)
		@throw [OFReadFailedException newWithClass: isa
						    stream: self
					     requestedSize: size];
					   requestedLength: length];

	if (ret == 0)
		eos = YES;
		isAtEndOfStream = YES;

	return ret;
}

- (size_t)_writeNBytes: (size_t)size
	    fromBuffer: (const char*)buf
- (size_t)_writeNBytes: (size_t)length
	    fromBuffer: (const char*)buffer
{
	ssize_t ret;

	if (size > INT_MAX)
	if (length > INT_MAX)
		@throw [OFOutOfRangeException newWithClass: isa];

	if (sock == INVALID_SOCKET)
		@throw [OFNotConnectedException newWithClass: isa
						      socket: self];

	if (eos) {
	if (isAtEndOfStream) {
		OFWriteFailedException *e;

		e = [OFWriteFailedException newWithClass: isa
						  stream: self
					   requestedSize: size];
					 requestedLength: length];

#ifndef _WIN32
		e->errNo = ENOTCONN;
#else
		e->errNo = WSAENOTCONN;
#endif

		@throw e;
	}

	if ((ret = SSL_write(ssl, buf, (int)size)) < 1)
	if ((ret = SSL_write(ssl, buffer, (int)length)) < 1)
		@throw [OFWriteFailedException newWithClass: isa
						     stream: self
					      requestedSize: size];
					    requestedLength: length];

	return ret;
}

- (size_t)pendingBytes
{
	return [super pendingBytes] + SSL_pending(ssl);
}

- (void)setPrivateKeyFile: (OFString*)file
{
	OFString *old = privateKeyFile;
	privateKeyFile = [file copy];
	OF_SETTER(privateKeyFile, file, YES, YES)
	[old release];
}

- (OFString*)privateKeyFile
{
	return [[privateKeyFile copy] autorelease];
	OF_GETTER(privateKeyFile, YES)
}

- (void)setCertificateFile: (OFString*)file
{
	OFString *old = certificateFile;
	certificateFile = [file copy];
	OF_SETTER(certificateFile, file, YES, YES)
	[old release];
}

- (OFString*)certificateFile
{
	return [[certificateFile copy] autorelease];
	OF_GETTER(certificateFile, YES)
}
@end