mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 04:47:35 +00:00
Userland: Convert TLS::TLSv12 to a Core::Stream::Socket
This commit converts TLS::TLSv12 to a Core::Stream object, and in the process allows TLS to now wrap other Core::Stream::Socket objects. As a large part of LibHTTP and LibGemini depend on LibTLS's interface, this also converts those to support Core::Stream, which leads to a simplification of LibHTTP (as there's no need to care about the underlying socket type anymore). Note that RequestServer now controls the TLS socket options, which is a better place anyway, as RS is the first receiver of the user-requested options (though this is currently not particularly useful).
This commit is contained in:
parent
7a95c451a3
commit
aafc451016
47 changed files with 841 additions and 1157 deletions
|
@ -7,6 +7,7 @@
|
|||
#include <AK/Debug.h>
|
||||
#include <AK/Endian.h>
|
||||
#include <AK/MemoryStream.h>
|
||||
#include <LibCore/EventLoop.h>
|
||||
#include <LibCore/Timer.h>
|
||||
#include <LibCrypto/PK/Code/EMSA_PSS.h>
|
||||
#include <LibTLS/TLSv12.h>
|
||||
|
@ -32,7 +33,7 @@ void TLSv12::alert(AlertLevel level, AlertDescription code)
|
|||
{
|
||||
auto the_alert = build_alert(level == AlertLevel::Critical, (u8)code);
|
||||
write_packet(the_alert);
|
||||
flush();
|
||||
MUST(flush());
|
||||
}
|
||||
|
||||
void TLSv12::write_packet(ByteBuffer& packet)
|
||||
|
@ -41,7 +42,7 @@ void TLSv12::write_packet(ByteBuffer& packet)
|
|||
if (m_context.connection_status > ConnectionStatus::Disconnected) {
|
||||
if (!m_has_scheduled_write_flush && !immediate) {
|
||||
dbgln_if(TLS_DEBUG, "Scheduling write of {}", m_context.tls_buffer.size());
|
||||
deferred_invoke([this] { write_into_socket(); });
|
||||
Core::deferred_invoke([this] { write_into_socket(); });
|
||||
m_has_scheduled_write_flush = true;
|
||||
} else {
|
||||
// multiple packet are available, let's flush some out
|
||||
|
@ -540,15 +541,17 @@ ssize_t TLSv12::handle_message(ReadonlyBytes buffer)
|
|||
if (code == (u8)AlertDescription::CloseNotify) {
|
||||
res += 2;
|
||||
alert(AlertLevel::Critical, AlertDescription::CloseNotify);
|
||||
m_context.connection_finished = true;
|
||||
if (!m_context.cipher_spec_set) {
|
||||
// AWS CloudFront hits this.
|
||||
dbgln("Server sent a close notify and we haven't agreed on a cipher suite. Treating it as a handshake failure.");
|
||||
m_context.critical_error = (u8)AlertDescription::HandshakeFailure;
|
||||
try_disambiguate_error();
|
||||
}
|
||||
m_context.close_notify = true;
|
||||
}
|
||||
m_context.error_code = (Error)code;
|
||||
check_connection_state(false);
|
||||
notify_client_for_app_data(); // Give the user one more chance to observe the EOF
|
||||
}
|
||||
break;
|
||||
default:
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue