aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl/tls_client.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-04-17 18:56:53 +0000
committerlloyd <[email protected]>2010-04-17 18:56:53 +0000
commitaaa9e92697e16278fb91552f075c020f2b4c26cb (patch)
tree1393248e823a35f7134894e60174f0e65a62d876 /src/ssl/tls_client.cpp
parent0abc80f498c6bc2e8f630e34b90d5c6d24c29f58 (diff)
Clean up ciphersuite handling
Diffstat (limited to 'src/ssl/tls_client.cpp')
-rw-r--r--src/ssl/tls_client.cpp19
1 files changed, 11 insertions, 8 deletions
diff --git a/src/ssl/tls_client.cpp b/src/ssl/tls_client.cpp
index fbad1f838..f12dccd69 100644
--- a/src/ssl/tls_client.cpp
+++ b/src/ssl/tls_client.cpp
@@ -123,6 +123,7 @@ TLS_Client::~TLS_Client()
*/
void TLS_Client::initialize()
{
+ std::string error_str;
Alert_Type error_type = NO_ALERT_TYPE;
try {
@@ -133,10 +134,12 @@ void TLS_Client::initialize()
}
catch(TLS_Exception& e)
{
+ error_str = e.what();
error_type = e.type();
}
catch(std::exception& e)
{
+ error_str = e.what();
error_type = HANDSHAKE_FAILURE;
}
@@ -157,7 +160,7 @@ void TLS_Client::initialize()
state = 0;
}
- throw Stream_IO_Error("TLS_Client: Handshake failed");
+ throw Stream_IO_Error("TLS_Client: Handshake failed: " + error_str);
}
}
@@ -419,7 +422,7 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
{
client_check_state(type, state);
- if(state->suite.sig_type() == CipherSuite::NO_SIG)
+ if(state->suite.sig_type() == TLS_ALGO_SIGNER_ANON)
throw Unexpected_Message("Recived certificate from anonymous server");
state->server_certs = new Certificate(contents);
@@ -445,8 +448,8 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
throw TLS_Exception(UNSUPPORTED_CERTIFICATE,
"Unknown key type recieved in server kex");
- if((is_dsa && state->suite.sig_type() != CipherSuite::DSA_SIG) ||
- (is_rsa && state->suite.sig_type() != CipherSuite::RSA_SIG))
+ if((is_dsa && state->suite.sig_type() != TLS_ALGO_SIGNER_DSA) ||
+ (is_rsa && state->suite.sig_type() != TLS_ALGO_SIGNER_RSA))
throw TLS_Exception(ILLEGAL_PARAMETER,
"Certificate key type did not match ciphersuite");
}
@@ -454,7 +457,7 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
{
client_check_state(type, state);
- if(state->suite.kex_type() == CipherSuite::NO_KEX)
+ if(state->suite.kex_type() == TLS_ALGO_KEYEXCH_NOKEX)
throw Unexpected_Message("Unexpected key exchange from server");
state->server_kex = new Server_Key_Exchange(contents);
@@ -474,12 +477,12 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
throw TLS_Exception(HANDSHAKE_FAILURE,
"Unknown key type recieved in server kex");
- if((is_dh && state->suite.kex_type() != CipherSuite::DH_KEX) ||
- (is_rsa && state->suite.kex_type() != CipherSuite::RSA_KEX))
+ if((is_dh && state->suite.kex_type() != TLS_ALGO_KEYEXCH_DH) ||
+ (is_rsa && state->suite.kex_type() != TLS_ALGO_KEYEXCH_RSA))
throw TLS_Exception(ILLEGAL_PARAMETER,
"Certificate key type did not match ciphersuite");
- if(state->suite.sig_type() != CipherSuite::NO_SIG)
+ if(state->suite.sig_type() != TLS_ALGO_SIGNER_ANON)
{
if(!state->server_kex->verify(peer_certs[0],
state->client_hello->random(),