1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 19:17:44 +00:00

Userland: Convert TLS::TLSv12 to a Core::Stream::Socket

This commit converts TLS::TLSv12 to a Core::Stream object, and in the
process allows TLS to now wrap other Core::Stream::Socket objects.
As a large part of LibHTTP and LibGemini depend on LibTLS's interface,
this also converts those to support Core::Stream, which leads to a
simplification of LibHTTP (as there's no need to care about the
underlying socket type anymore).
Note that RequestServer now controls the TLS socket options, which is a
better place anyway, as RS is the first receiver of the user-requested
options (though this is currently not particularly useful).
This commit is contained in:
Ali Mohammad Pur 2022-02-02 19:21:55 +03:30 committed by Andreas Kling
parent 7a95c451a3
commit aafc451016
47 changed files with 841 additions and 1157 deletions

View file

@ -1,143 +1,17 @@
/*
* Copyright (c) 2020, the SerenityOS developers.
* Copyright (c) 2020-2022, the SerenityOS developers.
*
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <AK/Debug.h>
#include <LibCore/EventLoop.h>
#include <LibHTTP/HttpResponse.h>
#include <LibHTTP/HttpsJob.h>
#include <LibTLS/TLSv12.h>
#include <stdio.h>
#include <unistd.h>
namespace HTTP {
void HttpsJob::start(NonnullRefPtr<Core::Socket> socket)
void HttpsJob::set_certificate(String certificate, String key)
{
VERIFY(!m_socket);
VERIFY(is<TLS::TLSv12>(*socket));
m_socket = static_ptr_cast<TLS::TLSv12>(socket);
m_socket->on_tls_error = [&](TLS::AlertDescription error) {
if (error == TLS::AlertDescription::HandshakeFailure) {
deferred_invoke([this] {
return did_fail(Core::NetworkJob::Error::ProtocolFailed);
});
} else if (error == TLS::AlertDescription::DecryptError) {
deferred_invoke([this] {
return did_fail(Core::NetworkJob::Error::ConnectionFailed);
});
} else {
deferred_invoke([this] {
return did_fail(Core::NetworkJob::Error::TransmissionFailed);
});
}
};
m_socket->on_tls_finished = [this] {
if (!m_has_scheduled_finish)
finish_up();
};
m_socket->on_tls_certificate_request = [this](auto&) {
if (on_certificate_requested)
on_certificate_requested(*this);
};
m_socket->set_idle(false);
if (m_socket->is_established()) {
dbgln_if(HTTPSJOB_DEBUG, "Reusing previous connection for {}", url());
deferred_invoke([this] { on_socket_connected(); });
} else {
dbgln_if(HTTPSJOB_DEBUG, "Creating a new connection for {}", url());
m_socket->set_root_certificates(m_override_ca_certificates ? *m_override_ca_certificates : DefaultRootCACertificates::the().certificates());
m_socket->on_tls_connected = [this] {
dbgln_if(HTTPSJOB_DEBUG, "HttpsJob: on_connected callback");
on_socket_connected();
};
bool success = ((TLS::TLSv12&)*m_socket).connect(m_request.url().host(), m_request.url().port_or_default());
if (!success) {
deferred_invoke([this] {
return did_fail(Core::NetworkJob::Error::ConnectionFailed);
});
}
}
}
void HttpsJob::shutdown(ShutdownMode mode)
{
if (!m_socket)
return;
if (mode == ShutdownMode::CloseSocket) {
m_socket->close();
} else {
m_socket->on_tls_ready_to_read = nullptr;
m_socket->on_tls_connected = nullptr;
m_socket->set_on_tls_ready_to_write(nullptr);
m_socket->set_idle(true);
m_socket = nullptr;
}
}
void HttpsJob::set_certificate(String certificate, String private_key)
{
if (!m_socket->add_client_key(certificate.bytes(), private_key.bytes())) {
dbgln("LibHTTP: Failed to set a client certificate");
// FIXME: Do something about this failure
VERIFY_NOT_REACHED();
}
}
void HttpsJob::read_while_data_available(Function<IterationDecision()> read)
{
while (m_socket->can_read()) {
if (read() == IterationDecision::Break)
break;
}
}
void HttpsJob::register_on_ready_to_read(Function<void()> callback)
{
m_socket->on_tls_ready_to_read = [callback = move(callback)](auto&) {
callback();
};
}
void HttpsJob::register_on_ready_to_write(Function<void()> callback)
{
m_socket->set_on_tls_ready_to_write([callback = move(callback)](auto& tls) {
Core::deferred_invoke([&tls] { tls.set_on_tls_ready_to_write(nullptr); });
callback();
});
}
bool HttpsJob::can_read_line() const
{
return m_socket->can_read_line();
}
String HttpsJob::read_line(size_t size)
{
return m_socket->read_line(size);
}
ByteBuffer HttpsJob::receive(size_t size)
{
return m_socket->read(size);
}
bool HttpsJob::can_read() const
{
return m_socket->can_read();
}
bool HttpsJob::eof() const
{
return m_socket->eof();
}
bool HttpsJob::write(ReadonlyBytes data)
{
return m_socket->write(data);
m_received_client_certificates = TLS::TLSv12::parse_pem_certificate(certificate.bytes(), key.bytes());
}
}