]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_ssl/security_ssl/sslRecord.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57336.1.9.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / security_ssl / sslRecord.c
1 /*
2 * Copyright (c) 1999-2001,2005-2007,2010-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * sslRecord.c - Encryption, decryption and MACing of data
26 */
27
28 #include <SecureTransport.h>
29 #include "ssl.h"
30 #include "sslRecord.h"
31 #include "sslMemory.h"
32 #include "sslContext.h"
33 #include "sslDebug.h"
34 #include "sslUtils.h"
35 #include "SSLRecordInternal.h"
36
37 #include <string.h>
38 #include <assert.h>
39
40 #include <utilities/SecIOFormat.h>
41
42 /*
43 * Lots of servers fail to provide closure alerts when they disconnect.
44 * For now we'll just accept it as long as it occurs on a clean record boundary
45 * (and the handshake is complete).
46 */
47 #define SSL_ALLOW_UNNOTICED_DISCONNECT 1
48
49
50 static OSStatus errorTranslate(int recordErr)
51 {
52 switch(recordErr) {
53 case errSecSuccess:
54 return errSecSuccess;
55 case errSSLRecordInternal:
56 return errSSLInternal;
57 case errSSLRecordWouldBlock:
58 return errSSLWouldBlock;
59 case errSSLRecordProtocol:
60 return errSSLProtocol;
61 case errSSLRecordNegotiation:
62 return errSSLNegotiation;
63 case errSSLRecordClosedAbort:
64 return errSSLClosedAbort;
65 case errSSLRecordConnectionRefused:
66 return errSSLConnectionRefused;
67 case errSSLRecordDecryptionFail:
68 return errSSLDecryptionFail;
69 case errSSLRecordBadRecordMac:
70 return errSSLBadRecordMac;
71 case errSSLRecordRecordOverflow:
72 return errSSLRecordOverflow;
73 case errSSLRecordUnexpectedRecord:
74 return errSSLUnexpectedRecord;
75 default:
76 sslErrorLog("unknown error code returned in sslErrorTranslate: %d\n", recordErr);
77 return recordErr;
78 }
79 }
80
81 /* SSLWriteRecord
82 * Attempt to encrypt and queue an SSL record.
83 */
84 OSStatus
85 SSLWriteRecord(SSLRecord rec, SSLContext *ctx)
86 {
87 OSStatus err;
88
89 err=errorTranslate(ctx->recFuncs->write(ctx->recCtx, rec));
90
91 switch(err) {
92 case errSecSuccess:
93 break;
94 default:
95 sslErrorLog("unexpected error code returned in SSLWriteRecord: %d\n", (int)err);
96 break;
97 }
98
99 return err;
100 }
101
102 /* SSLFreeRecord
103 * Free a record returned by SSLReadRecord.
104 */
105 OSStatus
106 SSLFreeRecord(SSLRecord rec, SSLContext *ctx)
107 {
108 return ctx->recFuncs->free(ctx->recCtx, rec);
109 }
110
111 /* SSLReadRecord
112 * Attempt to read & decrypt an SSL record.
113 * Record content should be freed using SSLFreeRecord
114 */
115 OSStatus
116 SSLReadRecord(SSLRecord *rec, SSLContext *ctx)
117 {
118 return errorTranslate(ctx->recFuncs->read(ctx->recCtx, rec));
119 }
120
121 OSStatus SSLServiceWriteQueue(SSLContext *ctx)
122 {
123 return errorTranslate(ctx->recFuncs->serviceWriteQueue(ctx->recCtx));
124 }
mirror of Security