sslRecord.c
1 /* 2 * Copyright (c) 1999-2001,2005-2007,2010-2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 /* 25 * sslRecord.c - Encryption, decryption and MACing of data 26 */ 27 28 #include <SecureTransport.h> 29 #include "ssl.h" 30 #include "sslRecord.h" 31 #include "sslMemory.h" 32 #include "sslContext.h" 33 #include "sslDebug.h" 34 #include "SSLRecordInternal.h" 35 36 #include <string.h> 37 38 #include <utilities/SecIOFormat.h> 39 40 /* 41 * Lots of servers fail to provide closure alerts when they disconnect. 42 * For now we'll just accept it as long as it occurs on a clean record boundary 43 * (and the handshake is complete). 44 */ 45 #define SSL_ALLOW_UNNOTICED_DISCONNECT 1 46 47 48 static OSStatus errorTranslate(int recordErr) 49 { 50 switch(recordErr) { 51 case errSecSuccess: 52 return errSecSuccess; 53 case errSSLRecordInternal: 54 return errSSLInternal; 55 case errSSLRecordWouldBlock: 56 return errSSLWouldBlock; 57 case errSSLRecordProtocol: 58 return errSSLProtocol; 59 case errSSLRecordNegotiation: 60 return errSSLNegotiation; 61 case errSSLRecordClosedAbort: 62 return errSSLClosedAbort; 63 case errSSLRecordConnectionRefused: 64 return errSSLConnectionRefused; 65 case errSSLRecordDecryptionFail: 66 return errSSLDecryptionFail; 67 case errSSLRecordBadRecordMac: 68 return errSSLBadRecordMac; 69 case errSSLRecordRecordOverflow: 70 return errSSLRecordOverflow; 71 case errSSLRecordUnexpectedRecord: 72 return errSSLUnexpectedRecord; 73 default: 74 sslErrorLog("unknown error code returned in sslErrorTranslate: %d\n", recordErr); 75 return recordErr; 76 } 77 } 78 79 /* SSLWriteRecord 80 * Attempt to encrypt and queue an SSL record. 81 */ 82 OSStatus 83 SSLWriteRecord(SSLRecord rec, SSLContext *ctx) 84 { 85 OSStatus err; 86 87 err=errorTranslate(ctx->recFuncs->write(ctx->recCtx, rec)); 88 89 switch(err) { 90 case errSecSuccess: 91 break; 92 default: 93 sslErrorLog("unexpected error code returned in SSLWriteRecord: %d\n", (int)err); 94 break; 95 } 96 97 return err; 98 } 99 100 /* SSLFreeRecord 101 * Free a record returned by SSLReadRecord. 102 */ 103 OSStatus 104 SSLFreeRecord(SSLRecord rec, SSLContext *ctx) 105 { 106 return ctx->recFuncs->free(ctx->recCtx, rec); 107 } 108 109 /* SSLReadRecord 110 * Attempt to read & decrypt an SSL record. 111 * Record content should be freed using SSLFreeRecord 112 */ 113 OSStatus 114 SSLReadRecord(SSLRecord *rec, SSLContext *ctx) 115 { 116 return errorTranslate(ctx->recFuncs->read(ctx->recCtx, rec)); 117 } 118 119 OSStatus SSLServiceWriteQueue(SSLContext *ctx) 120 { 121 return errorTranslate(ctx->recFuncs->serviceWriteQueue(ctx->recCtx)); 122 }