]> git.saurik.com Git - apple/security.git/blob - OSX/libsecurity_ssl/lib/sslRecord.c
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-58286.51.6.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / lib / sslRecord.c
1 /*
2 * Copyright (c) 1999-2001,2005-2007,2010-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 /*
25 * sslRecord.c - Encryption, decryption and MACing of data
26 */
27
28 #include <SecureTransport.h>
29 #include "ssl.h"
30 #include "sslRecord.h"
31 #include "sslMemory.h"
32 #include "sslContext.h"
33 #include "sslDebug.h"
34 #include "SSLRecordInternal.h"
35
36 #include <string.h>
37 #include <assert.h>
38
39 #include <utilities/SecIOFormat.h>
40
41 /*
42 * Lots of servers fail to provide closure alerts when they disconnect.
43 * For now we'll just accept it as long as it occurs on a clean record boundary
44 * (and the handshake is complete).
45 */
46 #define SSL_ALLOW_UNNOTICED_DISCONNECT 1
47
48
49 static OSStatus errorTranslate(int recordErr)
50 {
51 switch(recordErr) {
52 case errSecSuccess:
53 return errSecSuccess;
54 case errSSLRecordInternal:
55 return errSSLInternal;
56 case errSSLRecordWouldBlock:
57 return errSSLWouldBlock;
58 case errSSLRecordProtocol:
59 return errSSLProtocol;
60 case errSSLRecordNegotiation:
61 return errSSLNegotiation;
62 case errSSLRecordClosedAbort:
63 return errSSLClosedAbort;
64 case errSSLRecordConnectionRefused:
65 return errSSLConnectionRefused;
66 case errSSLRecordDecryptionFail:
67 return errSSLDecryptionFail;
68 case errSSLRecordBadRecordMac:
69 return errSSLBadRecordMac;
70 case errSSLRecordRecordOverflow:
71 return errSSLRecordOverflow;
72 case errSSLRecordUnexpectedRecord:
73 return errSSLUnexpectedRecord;
74 default:
75 sslErrorLog("unknown error code returned in sslErrorTranslate: %d\n", recordErr);
76 return recordErr;
77 }
78 }
79
80 /* SSLWriteRecord
81 * Attempt to encrypt and queue an SSL record.
82 */
83 OSStatus
84 SSLWriteRecord(SSLRecord rec, SSLContext *ctx)
85 {
86 OSStatus err;
87
88 err=errorTranslate(ctx->recFuncs->write(ctx->recCtx, rec));
89
90 switch(err) {
91 case errSecSuccess:
92 break;
93 default:
94 sslErrorLog("unexpected error code returned in SSLWriteRecord: %d\n", (int)err);
95 break;
96 }
97
98 return err;
99 }
100
101 /* SSLFreeRecord
102 * Free a record returned by SSLReadRecord.
103 */
104 OSStatus
105 SSLFreeRecord(SSLRecord rec, SSLContext *ctx)
106 {
107 return ctx->recFuncs->free(ctx->recCtx, rec);
108 }
109
110 /* SSLReadRecord
111 * Attempt to read & decrypt an SSL record.
112 * Record content should be freed using SSLFreeRecord
113 */
114 OSStatus
115 SSLReadRecord(SSLRecord *rec, SSLContext *ctx)
116 {
117 return errorTranslate(ctx->recFuncs->read(ctx->recCtx, rec));
118 }
119
120 OSStatus SSLServiceWriteQueue(SSLContext *ctx)
121 {
122 return errorTranslate(ctx->recFuncs->serviceWriteQueue(ctx->recCtx));
123 }
mirror of Security