aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--doc/examples/asio_tls_server.cpp16
-rw-r--r--doc/examples/tls_client.cpp6
-rw-r--r--doc/examples/tls_server.cpp6
-rw-r--r--src/tls/tls_alert.cpp71
-rw-r--r--src/tls/tls_alert.h2
-rw-r--r--src/tls/tls_channel.cpp6
-rw-r--r--src/tls/tls_channel.h4
-rw-r--r--src/tls/tls_client.cpp6
-rw-r--r--src/tls/tls_client.h4
-rw-r--r--src/tls/tls_server.cpp6
-rw-r--r--src/tls/tls_server.h4
11 files changed, 100 insertions, 31 deletions
diff --git a/doc/examples/asio_tls_server.cpp b/doc/examples/asio_tls_server.cpp
index 6d6c0e80e..58f59d968 100644
--- a/doc/examples/asio_tls_server.cpp
+++ b/doc/examples/asio_tls_server.cpp
@@ -84,7 +84,7 @@ class tls_server_session : public boost::enable_shared_from_this<tls_server_sess
}
catch(std::exception& e)
{
- printf("Failed - %s\n", e.what());
+ std::cout << "Read failed " << e.what() << "\n";
stop();
return;
}
@@ -98,7 +98,6 @@ class tls_server_session : public boost::enable_shared_from_this<tls_server_sess
else
{
stop();
- //printf("Error in read: %s\n", error.message().c_str());
}
}
@@ -114,7 +113,6 @@ class tls_server_session : public boost::enable_shared_from_this<tls_server_sess
}
else
{
- //printf("Error in write: %s\n", error.message().c_str());
stop();
}
}
@@ -139,12 +137,11 @@ class tls_server_session : public boost::enable_shared_from_this<tls_server_sess
}
}
- void tls_data_recv(const byte buf[], size_t buf_len, Botan::u16bit alert_info)
+ void tls_data_recv(const byte buf[], size_t buf_len, Botan::TLS::Alert alert)
{
- if(buf_len == 0 && alert_info != Botan::TLS::NULL_ALERT)
+ if(alert.is_valid())
{
- //printf("Alert: %d\n", alert_info);
- if(alert_info == 0)
+ if(alert.type() == Botan::TLS::Alert::CLOSE_NOTIFY)
{
m_tls.close();
return;
@@ -157,7 +154,8 @@ class tls_server_session : public boost::enable_shared_from_this<tls_server_sess
out += "\r\n";
out += "HTTP/1.0 200 OK\r\n";
out += "Server: Botan ASIO test server\r\n";
- out += "Host: 192.168.10.5\r\n";
+ if(m_hostname != "")
+ out += "Host: " + m_hostname + "\r\n";
out += "Content-Type: text/html\r\n";
out += "\r\n";
out += "<html><body>Greets. You said: ";
@@ -172,6 +170,7 @@ class tls_server_session : public boost::enable_shared_from_this<tls_server_sess
bool tls_handshake_complete(const Botan::TLS::Session& session)
{
+ m_hostname = session.sni_hostname();
return true;
}
@@ -179,6 +178,7 @@ class tls_server_session : public boost::enable_shared_from_this<tls_server_sess
tcp::socket m_socket;
Botan::TLS::Server m_tls;
+ std::string m_hostname;
unsigned char m_read_buf[Botan::TLS::MAX_TLS_RECORD_SIZE];
diff --git a/doc/examples/tls_client.cpp b/doc/examples/tls_client.cpp
index 80947af62..1cca002af 100644
--- a/doc/examples/tls_client.cpp
+++ b/doc/examples/tls_client.cpp
@@ -90,11 +90,11 @@ void socket_write(int sockfd, const byte buf[], size_t length)
bool got_alert = false;
-void process_data(const byte buf[], size_t buf_size, u16bit alert_info)
+void process_data(const byte buf[], size_t buf_size, TLS::Alert alert)
{
- if(alert_info != TLS::NULL_ALERT)
+ if(alert.is_valid())
{
- std::cout << "Alert: " << alert_info << "\n";
+ std::cout << "Alert: " << alert.type_string() << "\n";
got_alert = true;
}
diff --git a/doc/examples/tls_server.cpp b/doc/examples/tls_server.cpp
index e896b5bcc..a5f2c5d78 100644
--- a/doc/examples/tls_server.cpp
+++ b/doc/examples/tls_server.cpp
@@ -100,11 +100,11 @@ class Blocking_TLS_Server
}
}
- void reader_fn(const byte buf[], size_t buf_len, u16bit alert_code)
+ void reader_fn(const byte buf[], size_t buf_len, TLS::Alert alert)
{
- if(buf_len == 0 && alert_code != TLS::NULL_ALERT)
+ if(alert.is_valid())
{
- printf("Alert: %d\n", alert_code);
+ printf("Alert %s\n", alert.type_string().c_str());
//exit = true;
}
diff --git a/src/tls/tls_alert.cpp b/src/tls/tls_alert.cpp
index 63cac9d79..9d2b74aca 100644
--- a/src/tls/tls_alert.cpp
+++ b/src/tls/tls_alert.cpp
@@ -37,7 +37,76 @@ Alert::Alert(const MemoryRegion<byte>& buf)
std::string Alert::type_string() const
{
- return "";
+ switch(type())
+ {
+ case CLOSE_NOTIFY:
+ return "close_notify";
+ case UNEXPECTED_MESSAGE:
+ return "unexpected_message";
+ case BAD_RECORD_MAC:
+ return "bad_record_mac";
+ case DECRYPTION_FAILED:
+ return "decryption_failed";
+ case RECORD_OVERFLOW:
+ return "record_overflow";
+ case DECOMPRESSION_FAILURE:
+ return "decompression_failure";
+ case HANDSHAKE_FAILURE:
+ return "handshake_failure";
+ case NO_CERTIFICATE:
+ return "no_certificate";
+ case BAD_CERTIFICATE:
+ return "bad_certificate";
+ case UNSUPPORTED_CERTIFICATE:
+ return "unsupported_certificate";
+ case CERTIFICATE_REVOKED:
+ return "certificate_revoked";
+ case CERTIFICATE_EXPIRED:
+ return "certificate_expired";
+ case CERTIFICATE_UNKNOWN:
+ return "certificate_unknown";
+ case ILLEGAL_PARAMETER:
+ return "illegal_parameter";
+ case UNKNOWN_CA:
+ return "unknown_ca";
+ case ACCESS_DENIED:
+ return "access_denied";
+ case DECODE_ERROR:
+ return "decode_error";
+ case DECRYPT_ERROR:
+ return "decrypt_error";
+ case EXPORT_RESTRICTION:
+ return "export_restriction";
+ case PROTOCOL_VERSION:
+ return "protocol_version";
+ case INSUFFICIENT_SECURITY:
+ return "insufficient_security";
+ case INTERNAL_ERROR:
+ return "internal_error";
+ case USER_CANCELED:
+ return "user_canceled";
+ case NO_RENEGOTIATION:
+ return "no_renegotiation";
+
+ case UNSUPPORTED_EXTENSION:
+ return "unsupported_extension";
+ case UNRECOGNIZED_NAME:
+ return "unrecognized_name";
+
+ case UNKNOWN_PSK_IDENTITY:
+ return "unknown_psk_identity";
+
+ case NULL_ALERT:
+ return "";
+ }
+
+ /*
+ * This is effectively the default case for the switch above, but we
+ * leave it out so that when an alert type is added to the enum the
+ * compiler can warn us that it is not included in the switch
+ * statement.
+ */
+ return "unrecognized_alert_" + to_string(type());
}
diff --git a/src/tls/tls_alert.h b/src/tls/tls_alert.h
index 5a888805e..d09b79168 100644
--- a/src/tls/tls_alert.h
+++ b/src/tls/tls_alert.h
@@ -18,7 +18,7 @@ namespace TLS {
/**
* SSL/TLS Alert Message
*/
-class Alert
+class BOTAN_DLL Alert
{
public:
enum Level {
diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp
index 4c8cc4fbf..372d4125f 100644
--- a/src/tls/tls_channel.cpp
+++ b/src/tls/tls_channel.cpp
@@ -16,7 +16,7 @@ namespace Botan {
namespace TLS {
Channel::Channel(std::tr1::function<void (const byte[], size_t)> socket_output_fn,
- std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
+ std::tr1::function<void (const byte[], size_t, Alert)> proc_fn,
std::tr1::function<bool (const Session&)> handshake_complete) :
proc_fn(proc_fn),
handshake_fn(handshake_complete),
@@ -66,7 +66,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
* following record. Avoid spurious callbacks.
*/
if(record.size() > 0)
- proc_fn(&record[0], record.size(), Alert::NULL_ALERT);
+ proc_fn(&record[0], record.size(), Alert());
}
else
{
@@ -83,7 +83,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
alert_notify(alert_msg);
- proc_fn(0, 0, alert_msg.type());
+ proc_fn(0, 0, alert_msg);
if(alert_msg.type() == Alert::CLOSE_NOTIFY)
{
diff --git a/src/tls/tls_channel.h b/src/tls/tls_channel.h
index 75d2b5918..bba6c23ec 100644
--- a/src/tls/tls_channel.h
+++ b/src/tls/tls_channel.h
@@ -63,7 +63,7 @@ class BOTAN_DLL Channel
std::vector<X509_Certificate> peer_cert_chain() const { return peer_certs; }
Channel(std::tr1::function<void (const byte[], size_t)> socket_output_fn,
- std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
+ std::tr1::function<void (const byte[], size_t, Alert)> proc_fn,
std::tr1::function<bool (const Session&)> handshake_complete);
virtual ~Channel();
@@ -85,7 +85,7 @@ class BOTAN_DLL Channel
virtual void alert_notify(const Alert& alert) = 0;
- std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn;
+ std::tr1::function<void (const byte[], size_t, Alert)> proc_fn;
std::tr1::function<bool (const Session&)> handshake_fn;
Record_Writer writer;
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index 0fb80e034..9fbf8c772 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -19,7 +19,7 @@ namespace TLS {
* TLS Client Constructor
*/
Client::Client(std::tr1::function<void (const byte[], size_t)> output_fn,
- std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
+ std::tr1::function<void (const byte[], size_t, Alert)> proc_fn,
std::tr1::function<bool (const Session&)> handshake_fn,
Session_Manager& session_manager,
Credentials_Manager& creds,
@@ -96,9 +96,9 @@ void Client::renegotiate()
secure_renegotiation.update(state->client_hello);
}
-void Client::alert_notify(bool, Alert::Type type)
+void Client::alert_notify(const Alert& alert)
{
- if(type == Alert::NO_RENEGOTIATION)
+ if(alert.type() == Alert::NO_RENEGOTIATION)
{
if(handshake_completed && state)
{
diff --git a/src/tls/tls_client.h b/src/tls/tls_client.h
index 9f8e33f30..f5528f4c1 100644
--- a/src/tls/tls_client.h
+++ b/src/tls/tls_client.h
@@ -43,7 +43,7 @@ class BOTAN_DLL Client : public Channel
* the client should return the protocol it would like to use.
*/
Client(std::tr1::function<void (const byte[], size_t)> socket_output_fn,
- std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
+ std::tr1::function<void (const byte[], size_t, Alert)> proc_fn,
std::tr1::function<bool (const Session&)> handshake_complete,
Session_Manager& session_manager,
Credentials_Manager& creds,
@@ -58,7 +58,7 @@ class BOTAN_DLL Client : public Channel
void process_handshake_msg(Handshake_Type type,
const MemoryRegion<byte>& contents);
- void alert_notify(bool is_fatal, Alert::Type type);
+ void alert_notify(const Alert& alert);
const Policy& policy;
RandomNumberGenerator& rng;
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index d5357f86e..069c8f7e1 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -68,7 +68,7 @@ bool check_for_resume(Session& session_info,
* TLS Server Constructor
*/
Server::Server(std::tr1::function<void (const byte[], size_t)> output_fn,
- std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
+ std::tr1::function<void (const byte[], size_t, Alert)> proc_fn,
std::tr1::function<bool (const Session&)> handshake_fn,
Session_Manager& session_manager,
Credentials_Manager& creds,
@@ -97,9 +97,9 @@ void Server::renegotiate()
Hello_Request hello_req(writer);
}
-void Server::alert_notify(bool, Alert::Type type)
+void Server::alert_notify(const Alert& alert)
{
- if(type == Alert::NO_RENEGOTIATION)
+ if(alert.type() == Alert::NO_RENEGOTIATION)
{
if(handshake_completed && state)
{
diff --git a/src/tls/tls_server.h b/src/tls/tls_server.h
index 5be2b1bb0..bb385e420 100644
--- a/src/tls/tls_server.h
+++ b/src/tls/tls_server.h
@@ -27,7 +27,7 @@ class BOTAN_DLL Server : public Channel
* Server initialization
*/
Server(std::tr1::function<void (const byte[], size_t)> socket_output_fn,
- std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn,
+ std::tr1::function<void (const byte[], size_t, Alert)> proc_fn,
std::tr1::function<bool (const Session&)> handshake_complete,
Session_Manager& session_manager,
Credentials_Manager& creds,
@@ -55,7 +55,7 @@ class BOTAN_DLL Server : public Channel
void process_handshake_msg(Handshake_Type, const MemoryRegion<byte>&);
- void alert_notify(bool is_fatal, Alert::Type type);
+ void alert_notify(const Alert& alert);
const Policy& policy;
RandomNumberGenerator& rng;