]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_ssl/lib/sslRecord.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-59754.41.1.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / lib / sslRecord.c
1 /*
2 * Copyright (c) 1999-2001,2005-2007,2010-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * sslRecord.c - Encryption, decryption and MACing of data
26 */
27
28 #include <SecureTransport.h>
29 #include "ssl.h"
30 #include "sslRecord.h"
31 #include "sslMemory.h"
32 #include "sslContext.h"
33 #include "sslDebug.h"
34 #include "SSLRecordInternal.h"
35
36 #include <string.h>
37
38 #include <utilities/SecIOFormat.h>
39
40 /*
41 * Lots of servers fail to provide closure alerts when they disconnect.
42 * For now we'll just accept it as long as it occurs on a clean record boundary
43 * (and the handshake is complete).
44 */
45 #define SSL_ALLOW_UNNOTICED_DISCONNECT 1
46
47
48 static OSStatus errorTranslate(int recordErr)
49 {
50 switch(recordErr) {
51 case errSecSuccess:
52 return errSecSuccess;
53 case errSSLRecordInternal:
54 return errSSLInternal;
55 case errSSLRecordWouldBlock:
56 return errSSLWouldBlock;
57 case errSSLRecordProtocol:
58 return errSSLProtocol;
59 case errSSLRecordNegotiation:
60 return errSSLNegotiation;
61 case errSSLRecordClosedAbort:
62 return errSSLClosedAbort;
63 case errSSLRecordConnectionRefused:
64 return errSSLConnectionRefused;
65 case errSSLRecordDecryptionFail:
66 return errSSLDecryptionFail;
67 case errSSLRecordBadRecordMac:
68 return errSSLBadRecordMac;
69 case errSSLRecordRecordOverflow:
70 return errSSLRecordOverflow;
71 case errSSLRecordUnexpectedRecord:
72 return errSSLUnexpectedRecord;
73 default:
74 sslErrorLog("unknown error code returned in sslErrorTranslate: %d\n", recordErr);
75 return recordErr;
76 }
77 }
78
79 /* SSLWriteRecord
80 * Attempt to encrypt and queue an SSL record.
81 */
82 OSStatus
83 SSLWriteRecord(SSLRecord rec, SSLContext *ctx)
84 {
85 OSStatus err;
86
87 err=errorTranslate(ctx->recFuncs->write(ctx->recCtx, rec));
88
89 switch(err) {
90 case errSecSuccess:
91 break;
92 default:
93 sslErrorLog("unexpected error code returned in SSLWriteRecord: %d\n", (int)err);
94 break;
95 }
96
97 return err;
98 }
99
100 /* SSLFreeRecord
101 * Free a record returned by SSLReadRecord.
102 */
103 OSStatus
104 SSLFreeRecord(SSLRecord rec, SSLContext *ctx)
105 {
106 return ctx->recFuncs->free(ctx->recCtx, rec);
107 }
108
109 /* SSLReadRecord
110 * Attempt to read & decrypt an SSL record.
111 * Record content should be freed using SSLFreeRecord
112 */
113 OSStatus
114 SSLReadRecord(SSLRecord *rec, SSLContext *ctx)
115 {
116 return errorTranslate(ctx->recFuncs->read(ctx->recCtx, rec));
117 }
118
119 OSStatus SSLServiceWriteQueue(SSLContext *ctx)
120 {
121 return errorTranslate(ctx->recFuncs->serviceWriteQueue(ctx->recCtx));
122 }
mirror of Security