[apple/security.git] / SecureTransport / sslalert.c

/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*  *********************************************************************
    File: sslalert.c

    SSLRef 3.0 Final -- 11/19/96

    Copyright (c)1996 by Netscape Communications Corp.

    By retrieving this software you are bound by the licensing terms
    disclosed in the file "LICENSE.txt". Please read it, and if you don't
    accept the terms, delete this software.

    SSLRef 3.0 was developed by Netscape Communications Corp. of Mountain
    View, California <http://home.netscape.com/> and Consensus Development
    Corporation of Berkeley, California <http://www.consensus.com/>.

    *********************************************************************

    File: sslalert.c   Support for alert protocol in SSL 3

    Encoding, decoding and processing for the SSL alert protocol. Also,
    support for sending fatal alerts, which also closes down our
    connection, including invalidating our cached session.

    ****************************************************************** */

#include "ssl.h"

#ifndef _SSLALERT_H_
#include "sslalert.h"
#endif

#ifndef _SSLALLOC_H_
#include "sslalloc.h"
#endif

#ifndef _SSLCTX_H_
#include "sslctx.h"
#endif

#ifndef _SSLSESS_H_
#include "sslsess.h"
#endif

#ifndef	_SSL_DEBUG_H_
#include "sslDebug.h"
#endif

#include <assert.h>

SSLErr
SSLProcessAlert(SSLRecord rec, SSLContext *ctx)
{   SSLErr              err = SSLNoErr;
    AlertLevel          level;
    AlertDescription    desc;
    uint8               *progress;
    uint32              remaining;
    
    if (rec.contents.length % 2 != 0)
    {   ERR(err = SSLFatalSessionAlert(alert_illegal_parameter, ctx));
        if (!err)
            ERR(err = SSLProtocolErr);
        return err;
    }
    
    progress = rec.contents.data;
    remaining = rec.contents.length;
    while (remaining > 0)
    {   level = (AlertLevel)*progress++;
        desc = (AlertDescription)*progress++;
        remaining -= 2;
        
        /* 
         * APPLE_CDSA changes: ignore sessionID-related failures here;
         * the important thing is the alert. 
         */
        if (level == alert_fatal)
        {   
        	SSLDeleteSessionData(ctx);
            dprintf1("***Fatal alert %d received", desc);
            return SSLFatalAlert;
        }
        
        switch (desc)
        {   case alert_unexpected_message:
            case alert_bad_record_mac:
            case alert_decompression_failure:
            case alert_handshake_failure:
            case alert_illegal_parameter:
                /* These must always be fatal; if we got here, the level is warning;
                 *  die anyway
                 */
                SSLDeleteSessionData(ctx);
                err = SSLFatalAlert;
                break;
            case alert_close_notify:
                ERR(SSLClose(ctx));
                err = SSLNoErr;
                break;
            case alert_no_certificate:
                if (ctx->state == HandshakeClientCertificate)
                    if (ERR(err = SSLAdvanceHandshake(SSL_certificate, ctx)) != 0)
                        return err;
                break;
            case alert_bad_certificate:
            case alert_unsupported_certificate:
            case alert_certificate_revoked:
            case alert_certificate_expired:
            case alert_certificate_unknown:
                err = SSLNoErr;
                break;
            default:
                /* Unknown alert, but not fatal; ignore it */
                break;
        }
    }
    
    return err;
}

SSLErr
SSLSendAlert(AlertLevel level, AlertDescription desc, SSLContext *ctx)
{   SSLRecord       rec;
    SSLErr          err;
    
    CASSERT((ctx->negProtocolVersion != SSL_Version_2_0));
    
    if ((err = SSLEncodeAlert(&rec, level, desc, ctx)) != 0)
        return err;
	assert(ctx->sslTslCalls != NULL);
    if ((err = ctx->sslTslCalls->writeRecord(rec, ctx)) != 0)
        return err;
    if ((err = SSLFreeBuffer(&rec.contents, &ctx->sysCtx)) != 0)
        return err;
    
    return SSLNoErr;
}

SSLErr
SSLEncodeAlert(SSLRecord *rec, AlertLevel level, AlertDescription desc, SSLContext *ctx)
{   SSLErr          err;
    
    rec->contentType = SSL_alert;
    CASSERT((ctx->negProtocolVersion != SSL_Version_2_0));
	if(ctx->negProtocolVersion == SSL_Version_Undetermined) {
		/* error while negotiating */
		rec->protocolVersion = ctx->maxProtocolVersion;
	}
	else {
		rec->protocolVersion = ctx->negProtocolVersion;
	}
    rec->contents.length = 2;
    if ((err = SSLAllocBuffer(&rec->contents, 2, &ctx->sysCtx)) != 0)
        return err;
    rec->contents.data[0] = level;
    rec->contents.data[1] = desc;
    
    return SSLNoErr;
}

SSLErr
SSLFatalSessionAlert(AlertDescription desc, SSLContext *ctx)
{   SSLErr          err1, err2;
    
    if(desc != alert_close_notify) {
    	errorLog1("SSLFatalSessionAlert: desc %d\n", desc);
    }
	//dprintf0("SSLFatalSessionAlert: going to state ErrorClose\n");
    SSLChangeHdskState(ctx, SSLErrorClose);
    
    /* Make session unresumable; I'm not stopping if I get an error,
        because I'd like to attempt to send the alert anyway */
    err1 = SSLDeleteSessionData(ctx);
    
    /* Second, send the alert */
    err2 = SSLSendAlert(alert_fatal, desc, ctx);
    
    /* If they both returned errors, arbitrarily return the first */
    return err1 != 0 ? err1 : err2;
}
Commit	Line	Data
bac41a7b A	1	/*
	2	* Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/* *********************************************************************
	20	File: sslalert.c
	21
	22	SSLRef 3.0 Final -- 11/19/96
	23
	24	Copyright (c)1996 by Netscape Communications Corp.
	25
	26	By retrieving this software you are bound by the licensing terms
	27	disclosed in the file "LICENSE.txt". Please read it, and if you don't
	28	accept the terms, delete this software.
	29
	30	SSLRef 3.0 was developed by Netscape Communications Corp. of Mountain
	31	View, California <http://home.netscape.com/> and Consensus Development
	32	Corporation of Berkeley, California <http://www.consensus.com/>.
	33
	34	*********************************************************************
	35
	36	File: sslalert.c Support for alert protocol in SSL 3
	37
	38	Encoding, decoding and processing for the SSL alert protocol. Also,
	39	support for sending fatal alerts, which also closes down our
	40	connection, including invalidating our cached session.
	41
	42	****************************************************************** */
	43
	44	#include "ssl.h"
	45
	46	#ifndef _SSLALERT_H_
	47	#include "sslalert.h"
	48	#endif
	49
	50	#ifndef _SSLALLOC_H_
	51	#include "sslalloc.h"
	52	#endif
	53
	54	#ifndef _SSLCTX_H_
	55	#include "sslctx.h"
	56	#endif
	57
	58	#ifndef _SSLSESS_H_
	59	#include "sslsess.h"
	60	#endif
	61
	62	#ifndef _SSL_DEBUG_H_
	63	#include "sslDebug.h"
	64	#endif
65
29654253 A	66	#include <assert.h>
29654253 A	67
bac41a7b A	68	SSLErr
	69	SSLProcessAlert(SSLRecord rec, SSLContext *ctx)
	70	{ SSLErr err = SSLNoErr;
	71	AlertLevel level;
	72	AlertDescription desc;
	73	uint8 *progress;
	74	uint32 remaining;
	75
	76	if (rec.contents.length % 2 != 0)
	77	{ ERR(err = SSLFatalSessionAlert(alert_illegal_parameter, ctx));
	78	if (!err)
	79	ERR(err = SSLProtocolErr);
	80	return err;
	81	}
	82
	83	progress = rec.contents.data;
	84	remaining = rec.contents.length;
	85	while (remaining > 0)
	86	{ level = (AlertLevel)*progress++;
	87	desc = (AlertDescription)*progress++;
	88	remaining -= 2;
	89
	90	/*
	91	* APPLE_CDSA changes: ignore sessionID-related failures here;
	92	* the important thing is the alert.
	93	*/
	94	if (level == alert_fatal)
	95	{
29654253	96	SSLDeleteSessionData(ctx);
bac41a7b A	97	dprintf1("***Fatal alert %d received", desc);
	98	return SSLFatalAlert;
	99	}
	100
	101	switch (desc)
	102	{ case alert_unexpected_message:
	103	case alert_bad_record_mac:
	104	case alert_decompression_failure:
	105	case alert_handshake_failure:
	106	case alert_illegal_parameter:
	107	/* These must always be fatal; if we got here, the level is warning;
	108	* die anyway
	109	*/
29654253	110	SSLDeleteSessionData(ctx);
bac41a7b A	111	err = SSLFatalAlert;
	112	break;
	113	case alert_close_notify:
	114	ERR(SSLClose(ctx));
	115	err = SSLNoErr;
	116	break;
	117	case alert_no_certificate:
	118	if (ctx->state == HandshakeClientCertificate)
	119	if (ERR(err = SSLAdvanceHandshake(SSL_certificate, ctx)) != 0)
	120	return err;
	121	break;
	122	case alert_bad_certificate:
	123	case alert_unsupported_certificate:
	124	case alert_certificate_revoked:
	125	case alert_certificate_expired:
	126	case alert_certificate_unknown:
	127	err = SSLNoErr;
	128	break;
	129	default:
	130	/* Unknown alert, but not fatal; ignore it */
	131	break;
	132	}
	133	}
	134
	135	return err;
	136	}
	137
	138	SSLErr
	139	SSLSendAlert(AlertLevel level, AlertDescription desc, SSLContext *ctx)
	140	{ SSLRecord rec;
	141	SSLErr err;
	142
29654253	143	CASSERT((ctx->negProtocolVersion != SSL_Version_2_0));
bac41a7b A	144
	145	if ((err = SSLEncodeAlert(&rec, level, desc, ctx)) != 0)
	146	return err;
29654253 A	147	assert(ctx->sslTslCalls != NULL);
29654253 A	148	if ((err = ctx->sslTslCalls->writeRecord(rec, ctx)) != 0)
bac41a7b A	149	return err;
	150	if ((err = SSLFreeBuffer(&rec.contents, &ctx->sysCtx)) != 0)
	151	return err;
	152
	153	return SSLNoErr;
	154	}
	155
	156	SSLErr
	157	SSLEncodeAlert(SSLRecord rec, AlertLevel level, AlertDescription desc, SSLContext ctx)
	158	{ SSLErr err;
	159
	160	rec->contentType = SSL_alert;
29654253 A	161	CASSERT((ctx->negProtocolVersion != SSL_Version_2_0));
	162	if(ctx->negProtocolVersion == SSL_Version_Undetermined) {
	163	/* error while negotiating */
	164	rec->protocolVersion = ctx->maxProtocolVersion;
	165	}
	166	else {
	167	rec->protocolVersion = ctx->negProtocolVersion;
	168	}
bac41a7b A	169	rec->contents.length = 2;
	170	if ((err = SSLAllocBuffer(&rec->contents, 2, &ctx->sysCtx)) != 0)
	171	return err;
	172	rec->contents.data[0] = level;
	173	rec->contents.data[1] = desc;
	174
	175	return SSLNoErr;
	176	}
	177
	178	SSLErr
	179	SSLFatalSessionAlert(AlertDescription desc, SSLContext *ctx)
	180	{ SSLErr err1, err2;
	181
	182	if(desc != alert_close_notify) {
	183	errorLog1("SSLFatalSessionAlert: desc %d\n", desc);
	184	}
	185	//dprintf0("SSLFatalSessionAlert: going to state ErrorClose\n");
	186	SSLChangeHdskState(ctx, SSLErrorClose);
	187
	188	/* Make session unresumable; I'm not stopping if I get an error,
	189	because I'd like to attempt to send the alert anyway */
29654253	190	err1 = SSLDeleteSessionData(ctx);
bac41a7b A	191
	192	/* Second, send the alert */
	193	err2 = SSLSendAlert(alert_fatal, desc, ctx);
	194
	195	/* If they both returned errors, arbitrarily return the first */
	196	return err1 != 0 ? err1 : err2;
	197	}