Adjust to ObjFW changes
FossilOrigin-Name: a64206ee2e56904b91ea70519a7019bb13cd749a419e90f4463c5dee4d018d16
This commit is contained in:
parent
cd2f208ad1
commit
d7da935e17
2 changed files with 28 additions and 44 deletions
|
|
@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020
|
* Copyright (c) 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020,
|
||||||
* Jonathan Schleifer <js@nil.im>
|
* 2021, Jonathan Schleifer <js@nil.im>
|
||||||
* Copyright (c) 2011, Florian Zeitz <florob@babelmonkeys.de>
|
* Copyright (c) 2011, Florian Zeitz <florob@babelmonkeys.de>
|
||||||
* Copyright (c) 2011, Jos Kuijpers <jos@kuijpersvof.nl>
|
* Copyright (c) 2011, Jos Kuijpers <jos@kuijpersvof.nl>
|
||||||
*
|
*
|
||||||
|
|
@ -41,21 +41,7 @@
|
||||||
# pragma clang diagnostic pop
|
# pragma clang diagnostic pop
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#import <ObjFW/OFThread.h>
|
#import <ObjFW/ObjFW.h>
|
||||||
#import <ObjFW/OFHTTPRequest.h>
|
|
||||||
#import <ObjFW/OFData.h>
|
|
||||||
#import <ObjFW/OFLocale.h>
|
|
||||||
|
|
||||||
#import <ObjFW/OFAcceptFailedException.h>
|
|
||||||
#import <ObjFW/OFInitializationFailedException.h>
|
|
||||||
#import <ObjFW/OFInvalidArgumentException.h>
|
|
||||||
#import <ObjFW/OFNotOpenException.h>
|
|
||||||
#import <ObjFW/OFOutOfRangeException.h>
|
|
||||||
#import <ObjFW/OFReadFailedException.h>
|
|
||||||
#import <ObjFW/OFWriteFailedException.h>
|
|
||||||
|
|
||||||
#import <ObjFW/macros.h>
|
|
||||||
#import <ObjFW/mutex.h>
|
|
||||||
|
|
||||||
#import "SSLSocket.h"
|
#import "SSLSocket.h"
|
||||||
#import "X509Certificate.h"
|
#import "X509Certificate.h"
|
||||||
|
|
@ -68,7 +54,7 @@
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
static SSL_CTX *ctx;
|
static SSL_CTX *ctx;
|
||||||
static of_mutex_t *ssl_mutexes;
|
static OFPlainMutex *SSLMutexes;
|
||||||
|
|
||||||
static unsigned long
|
static unsigned long
|
||||||
threadID(void)
|
threadID(void)
|
||||||
|
|
@ -85,9 +71,9 @@ lockingCallback(int mode, int n, const char *file, int line)
|
||||||
* release it otherwise.
|
* release it otherwise.
|
||||||
*/
|
*/
|
||||||
if (mode & CRYPTO_LOCK)
|
if (mode & CRYPTO_LOCK)
|
||||||
of_mutex_lock(&ssl_mutexes[n]);
|
OFEnsure(OFPlainMutexLock(&SSLMutexes[n]) == 0);
|
||||||
else
|
else
|
||||||
of_mutex_unlock(&ssl_mutexes[n]);
|
OFEnsure(OFPlainMutexUnlock(&SSLMutexes[n]) == 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
@interface SSLSocket ()
|
@interface SSLSocket ()
|
||||||
|
|
@ -175,7 +161,7 @@ lockingCallback(int mode, int n, const char *file, int line)
|
||||||
|
|
||||||
+ (void)load
|
+ (void)load
|
||||||
{
|
{
|
||||||
of_tls_socket_class = self;
|
OFTLSSocketClass = self;
|
||||||
}
|
}
|
||||||
|
|
||||||
+ (void)initialize
|
+ (void)initialize
|
||||||
|
|
@ -191,9 +177,9 @@ lockingCallback(int mode, int n, const char *file, int line)
|
||||||
|
|
||||||
/* Generate number of mutexes needed */
|
/* Generate number of mutexes needed */
|
||||||
m = CRYPTO_num_locks();
|
m = CRYPTO_num_locks();
|
||||||
ssl_mutexes = malloc(m * sizeof(of_mutex_t));
|
SSLMutexes = OFAllocMemory(m, sizeof(OFPlainMutex));
|
||||||
for (m--; m >= 0; m--)
|
for (m--; m >= 0; m--)
|
||||||
of_mutex_new(&ssl_mutexes[m]);
|
OFEnsure(OFPlainMutexNew(&SSLMutexes[m]) == 0);
|
||||||
|
|
||||||
CRYPTO_set_locking_callback(&lockingCallback);
|
CRYPTO_set_locking_callback(&lockingCallback);
|
||||||
/* OpenSSL >= 1.1 defines the line above to a nop */
|
/* OpenSSL >= 1.1 defines the line above to a nop */
|
||||||
|
|
@ -255,15 +241,14 @@ lockingCallback(int mode, int n, const char *file, int line)
|
||||||
|
|
||||||
- (void)SSL_startTLSWithExpectedHost: (OFString *)host port: (uint16_t)port
|
- (void)SSL_startTLSWithExpectedHost: (OFString *)host port: (uint16_t)port
|
||||||
{
|
{
|
||||||
of_string_encoding_t encoding;
|
OFStringEncoding encoding;
|
||||||
|
|
||||||
if ((_SSL = SSL_new(ctx)) == NULL || SSL_set_fd(_SSL, _socket) != 1) {
|
if ((_SSL = SSL_new(ctx)) == NULL || SSL_set_fd(_SSL, _socket) != 1) {
|
||||||
unsigned long error = ERR_get_error();
|
unsigned long error = ERR_get_error();
|
||||||
|
|
||||||
[super close];
|
[super close];
|
||||||
|
|
||||||
@throw [SSLConnectionFailedException
|
@throw [SSLConnectionFailedException exceptionWithHost: host
|
||||||
exceptionWithHost: host
|
|
||||||
port: port
|
port: port
|
||||||
socket: self
|
socket: self
|
||||||
SSLError: error];
|
SSLError: error];
|
||||||
|
|
@ -351,7 +336,7 @@ lockingCallback(int mode, int n, const char *file, int line)
|
||||||
|
|
||||||
- (void)asyncConnectToHost: (OFString *)host
|
- (void)asyncConnectToHost: (OFString *)host
|
||||||
port: (uint16_t)port
|
port: (uint16_t)port
|
||||||
runLoopMode: (of_run_loop_mode_t)runLoopMode
|
runLoopMode: (OFRunLoopMode)runLoopMode
|
||||||
{
|
{
|
||||||
void *pool = objc_autoreleasePoolPush();
|
void *pool = objc_autoreleasePoolPush();
|
||||||
|
|
||||||
|
|
@ -368,8 +353,8 @@ lockingCallback(int mode, int n, const char *file, int line)
|
||||||
#ifdef OF_HAVE_BLOCKS
|
#ifdef OF_HAVE_BLOCKS
|
||||||
- (void)asyncConnectToHost: (OFString *)host
|
- (void)asyncConnectToHost: (OFString *)host
|
||||||
port: (uint16_t)port
|
port: (uint16_t)port
|
||||||
runLoopMode: (of_run_loop_mode_t)runLoopMode
|
runLoopMode: (OFRunLoopMode)runLoopMode
|
||||||
block: (of_tcp_socket_async_connect_block_t)block
|
block: (OFTCPSocketAsyncConnectBlock)block
|
||||||
{
|
{
|
||||||
[super asyncConnectToHost: host
|
[super asyncConnectToHost: host
|
||||||
port: port
|
port: port
|
||||||
|
|
@ -393,7 +378,7 @@ lockingCallback(int mode, int n, const char *file, int line)
|
||||||
- (instancetype)accept
|
- (instancetype)accept
|
||||||
{
|
{
|
||||||
SSLSocket *client = (SSLSocket *)[super accept];
|
SSLSocket *client = (SSLSocket *)[super accept];
|
||||||
of_string_encoding_t encoding;
|
OFStringEncoding encoding;
|
||||||
|
|
||||||
if ((client->_SSL = SSL_new(ctx)) == NULL ||
|
if ((client->_SSL = SSL_new(ctx)) == NULL ||
|
||||||
!SSL_set_fd(client->_SSL, client->_socket)) {
|
!SSL_set_fd(client->_SSL, client->_socket)) {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2011, Florian Zeitz <florob@babelmonkeys.de>
|
* Copyright (c) 2011, Florian Zeitz <florob@babelmonkeys.de>
|
||||||
* Copyright (c) 2011, 2012, 2013, 2015, Jonathan Schleifer <js@nil.im>
|
* Copyright (c) 2011, 2012, 2013, 2015, 2021, Jonathan Schleifer <js@nil.im>
|
||||||
*
|
*
|
||||||
* https://fossil.nil.im/objopenssl
|
* https://fossil.nil.im/objopenssl
|
||||||
*
|
*
|
||||||
|
|
@ -98,8 +98,7 @@ OF_ASSUME_NONNULL_END
|
||||||
self = [super init];
|
self = [super init];
|
||||||
|
|
||||||
@try {
|
@try {
|
||||||
_certificate = X509_dup(certificate);
|
if ((_certificate = X509_dup(certificate)) == NULL)
|
||||||
if (_certificate == NULL)
|
|
||||||
@throw [OFInitializationFailedException
|
@throw [OFInitializationFailedException
|
||||||
exceptionWithClass: self.class];
|
exceptionWithClass: self.class];
|
||||||
} @catch (id e) {
|
} @catch (id e) {
|
||||||
|
|
@ -332,7 +331,7 @@ OF_ASSUME_NONNULL_END
|
||||||
for (OFString *name in assertedNames) {
|
for (OFString *name in assertedNames) {
|
||||||
if ([name hasPrefix: service]) {
|
if ([name hasPrefix: service]) {
|
||||||
OFString *asserted;
|
OFString *asserted;
|
||||||
asserted = [name substringWithRange: of_range(
|
asserted = [name substringWithRange: OFRangeMake(
|
||||||
serviceLength, name.length - serviceLength)];
|
serviceLength, name.length - serviceLength)];
|
||||||
if ([self X509_isAssertedDomain: asserted
|
if ([self X509_isAssertedDomain: asserted
|
||||||
equalDomain: domain]) {
|
equalDomain: domain]) {
|
||||||
|
|
@ -358,21 +357,21 @@ OF_ASSUME_NONNULL_END
|
||||||
|
|
||||||
size_t firstDot;
|
size_t firstDot;
|
||||||
|
|
||||||
if ([asserted caseInsensitiveCompare: domain] == OF_ORDERED_SAME)
|
if ([asserted caseInsensitiveCompare: domain] == OFOrderedSame)
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
if (![asserted hasPrefix: @"*."])
|
if (![asserted hasPrefix: @"*."])
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
asserted = [asserted substringWithRange:
|
asserted = [asserted substringWithRange:
|
||||||
of_range(2, asserted.length - 2)];
|
OFRangeMake(2, asserted.length - 2)];
|
||||||
|
|
||||||
firstDot = [domain rangeOfString: @"."].location;
|
firstDot = [domain rangeOfString: @"."].location;
|
||||||
if (firstDot == OF_NOT_FOUND)
|
if (firstDot == OFNotFound)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
domain = [domain substringWithRange:
|
domain = [domain substringWithRange:
|
||||||
of_range(firstDot + 1, domain.length - firstDot - 1)];
|
OFRangeMake(firstDot + 1, domain.length - firstDot - 1)];
|
||||||
|
|
||||||
if ([asserted caseInsensitiveCompare: domain] == 0)
|
if ([asserted caseInsensitiveCompare: domain] == 0)
|
||||||
return true;
|
return true;
|
||||||
|
|
@ -412,19 +411,19 @@ OF_ASSUME_NONNULL_END
|
||||||
{
|
{
|
||||||
X509OID *ret;
|
X509OID *ret;
|
||||||
int length, bufferLength = 256;
|
int length, bufferLength = 256;
|
||||||
char *buffer = of_alloc(1, bufferLength);
|
char *buffer = OFAllocMemory(1, bufferLength);
|
||||||
|
|
||||||
@try {
|
@try {
|
||||||
while ((length = OBJ_obj2txt(buffer, bufferLength, object,
|
while ((length = OBJ_obj2txt(buffer, bufferLength, object,
|
||||||
1)) > bufferLength) {
|
1)) > bufferLength) {
|
||||||
bufferLength = length;
|
bufferLength = length;
|
||||||
buffer = of_realloc(buffer, 1, bufferLength);
|
buffer = OFResizeMemory(buffer, 1, bufferLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = [[[X509OID alloc]
|
ret = [[[X509OID alloc]
|
||||||
initWithUTF8String: buffer] autorelease];
|
initWithUTF8String: buffer] autorelease];
|
||||||
} @finally {
|
} @finally {
|
||||||
free(buffer);
|
OFFreeMemory(buffer);
|
||||||
}
|
}
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
|
|
|
||||||
Reference in a new issue