diff options
Diffstat (limited to 'src/tls')
-rw-r--r-- | src/tls/tls_alert.cpp | 71 | ||||
-rw-r--r-- | src/tls/tls_alert.h | 2 | ||||
-rw-r--r-- | src/tls/tls_channel.cpp | 6 | ||||
-rw-r--r-- | src/tls/tls_channel.h | 4 | ||||
-rw-r--r-- | src/tls/tls_client.cpp | 6 | ||||
-rw-r--r-- | src/tls/tls_client.h | 4 | ||||
-rw-r--r-- | src/tls/tls_server.cpp | 6 | ||||
-rw-r--r-- | src/tls/tls_server.h | 4 |
8 files changed, 86 insertions, 17 deletions
diff --git a/src/tls/tls_alert.cpp b/src/tls/tls_alert.cpp index 63cac9d79..9d2b74aca 100644 --- a/src/tls/tls_alert.cpp +++ b/src/tls/tls_alert.cpp @@ -37,7 +37,76 @@ Alert::Alert(const MemoryRegion<byte>& buf) std::string Alert::type_string() const { - return ""; + switch(type()) + { + case CLOSE_NOTIFY: + return "close_notify"; + case UNEXPECTED_MESSAGE: + return "unexpected_message"; + case BAD_RECORD_MAC: + return "bad_record_mac"; + case DECRYPTION_FAILED: + return "decryption_failed"; + case RECORD_OVERFLOW: + return "record_overflow"; + case DECOMPRESSION_FAILURE: + return "decompression_failure"; + case HANDSHAKE_FAILURE: + return "handshake_failure"; + case NO_CERTIFICATE: + return "no_certificate"; + case BAD_CERTIFICATE: + return "bad_certificate"; + case UNSUPPORTED_CERTIFICATE: + return "unsupported_certificate"; + case CERTIFICATE_REVOKED: + return "certificate_revoked"; + case CERTIFICATE_EXPIRED: + return "certificate_expired"; + case CERTIFICATE_UNKNOWN: + return "certificate_unknown"; + case ILLEGAL_PARAMETER: + return "illegal_parameter"; + case UNKNOWN_CA: + return "unknown_ca"; + case ACCESS_DENIED: + return "access_denied"; + case DECODE_ERROR: + return "decode_error"; + case DECRYPT_ERROR: + return "decrypt_error"; + case EXPORT_RESTRICTION: + return "export_restriction"; + case PROTOCOL_VERSION: + return "protocol_version"; + case INSUFFICIENT_SECURITY: + return "insufficient_security"; + case INTERNAL_ERROR: + return "internal_error"; + case USER_CANCELED: + return "user_canceled"; + case NO_RENEGOTIATION: + return "no_renegotiation"; + + case UNSUPPORTED_EXTENSION: + return "unsupported_extension"; + case UNRECOGNIZED_NAME: + return "unrecognized_name"; + + case UNKNOWN_PSK_IDENTITY: + return "unknown_psk_identity"; + + case NULL_ALERT: + return ""; + } + + /* + * This is effectively the default case for the switch above, but we + * leave it out so that when an alert type is added to the enum the + * compiler can warn us that it is not included in the switch + * statement. + */ + return "unrecognized_alert_" + to_string(type()); } diff --git a/src/tls/tls_alert.h b/src/tls/tls_alert.h index 5a888805e..d09b79168 100644 --- a/src/tls/tls_alert.h +++ b/src/tls/tls_alert.h @@ -18,7 +18,7 @@ namespace TLS { /** * SSL/TLS Alert Message */ -class Alert +class BOTAN_DLL Alert { public: enum Level { diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp index 4c8cc4fbf..372d4125f 100644 --- a/src/tls/tls_channel.cpp +++ b/src/tls/tls_channel.cpp @@ -16,7 +16,7 @@ namespace Botan { namespace TLS { Channel::Channel(std::tr1::function<void (const byte[], size_t)> socket_output_fn, - std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn, + std::tr1::function<void (const byte[], size_t, Alert)> proc_fn, std::tr1::function<bool (const Session&)> handshake_complete) : proc_fn(proc_fn), handshake_fn(handshake_complete), @@ -66,7 +66,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size) * following record. Avoid spurious callbacks. */ if(record.size() > 0) - proc_fn(&record[0], record.size(), Alert::NULL_ALERT); + proc_fn(&record[0], record.size(), Alert()); } else { @@ -83,7 +83,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size) alert_notify(alert_msg); - proc_fn(0, 0, alert_msg.type()); + proc_fn(0, 0, alert_msg); if(alert_msg.type() == Alert::CLOSE_NOTIFY) { diff --git a/src/tls/tls_channel.h b/src/tls/tls_channel.h index 75d2b5918..bba6c23ec 100644 --- a/src/tls/tls_channel.h +++ b/src/tls/tls_channel.h @@ -63,7 +63,7 @@ class BOTAN_DLL Channel std::vector<X509_Certificate> peer_cert_chain() const { return peer_certs; } Channel(std::tr1::function<void (const byte[], size_t)> socket_output_fn, - std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn, + std::tr1::function<void (const byte[], size_t, Alert)> proc_fn, std::tr1::function<bool (const Session&)> handshake_complete); virtual ~Channel(); @@ -85,7 +85,7 @@ class BOTAN_DLL Channel virtual void alert_notify(const Alert& alert) = 0; - std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn; + std::tr1::function<void (const byte[], size_t, Alert)> proc_fn; std::tr1::function<bool (const Session&)> handshake_fn; Record_Writer writer; diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index 0fb80e034..9fbf8c772 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -19,7 +19,7 @@ namespace TLS { * TLS Client Constructor */ Client::Client(std::tr1::function<void (const byte[], size_t)> output_fn, - std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn, + std::tr1::function<void (const byte[], size_t, Alert)> proc_fn, std::tr1::function<bool (const Session&)> handshake_fn, Session_Manager& session_manager, Credentials_Manager& creds, @@ -96,9 +96,9 @@ void Client::renegotiate() secure_renegotiation.update(state->client_hello); } -void Client::alert_notify(bool, Alert::Type type) +void Client::alert_notify(const Alert& alert) { - if(type == Alert::NO_RENEGOTIATION) + if(alert.type() == Alert::NO_RENEGOTIATION) { if(handshake_completed && state) { diff --git a/src/tls/tls_client.h b/src/tls/tls_client.h index 9f8e33f30..f5528f4c1 100644 --- a/src/tls/tls_client.h +++ b/src/tls/tls_client.h @@ -43,7 +43,7 @@ class BOTAN_DLL Client : public Channel * the client should return the protocol it would like to use. */ Client(std::tr1::function<void (const byte[], size_t)> socket_output_fn, - std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn, + std::tr1::function<void (const byte[], size_t, Alert)> proc_fn, std::tr1::function<bool (const Session&)> handshake_complete, Session_Manager& session_manager, Credentials_Manager& creds, @@ -58,7 +58,7 @@ class BOTAN_DLL Client : public Channel void process_handshake_msg(Handshake_Type type, const MemoryRegion<byte>& contents); - void alert_notify(bool is_fatal, Alert::Type type); + void alert_notify(const Alert& alert); const Policy& policy; RandomNumberGenerator& rng; diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index d5357f86e..069c8f7e1 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -68,7 +68,7 @@ bool check_for_resume(Session& session_info, * TLS Server Constructor */ Server::Server(std::tr1::function<void (const byte[], size_t)> output_fn, - std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn, + std::tr1::function<void (const byte[], size_t, Alert)> proc_fn, std::tr1::function<bool (const Session&)> handshake_fn, Session_Manager& session_manager, Credentials_Manager& creds, @@ -97,9 +97,9 @@ void Server::renegotiate() Hello_Request hello_req(writer); } -void Server::alert_notify(bool, Alert::Type type) +void Server::alert_notify(const Alert& alert) { - if(type == Alert::NO_RENEGOTIATION) + if(alert.type() == Alert::NO_RENEGOTIATION) { if(handshake_completed && state) { diff --git a/src/tls/tls_server.h b/src/tls/tls_server.h index 5be2b1bb0..bb385e420 100644 --- a/src/tls/tls_server.h +++ b/src/tls/tls_server.h @@ -27,7 +27,7 @@ class BOTAN_DLL Server : public Channel * Server initialization */ Server(std::tr1::function<void (const byte[], size_t)> socket_output_fn, - std::tr1::function<void (const byte[], size_t, u16bit)> proc_fn, + std::tr1::function<void (const byte[], size_t, Alert)> proc_fn, std::tr1::function<bool (const Session&)> handshake_complete, Session_Manager& session_manager, Credentials_Manager& creds, @@ -55,7 +55,7 @@ class BOTAN_DLL Server : public Channel void process_handshake_msg(Handshake_Type, const MemoryRegion<byte>&); - void alert_notify(bool is_fatal, Alert::Type type); + void alert_notify(const Alert& alert); const Policy& policy; RandomNumberGenerator& rng; |