#include <SecureTransport.h>
#include "ssl.h"
#include "sslRecord.h"
#include "sslMemory.h"
#include "sslContext.h"
#include "sslAlertMessage.h"
#include "sslDebug.h"
#include "sslUtils.h"
#include "sslDigests.h"
#include "SSLRecordInternal.h"
#include <string.h>
#include <assert.h>
#include <utilities/SecIOFormat.h>
#define SSL_ALLOW_UNNOTICED_DISCONNECT 1
static OSStatus errorTranslate(int recordErr)
{
switch(recordErr) {
case errSecSuccess:
return errSecSuccess;
case errSSLRecordInternal:
return errSSLInternal;
case errSSLRecordWouldBlock:
return errSSLWouldBlock;
case errSSLRecordProtocol:
return errSSLProtocol;
case errSSLRecordNegotiation:
return errSSLNegotiation;
case errSSLRecordClosedAbort:
return errSSLClosedAbort;
case errSSLRecordConnectionRefused:
return errSSLConnectionRefused;
case errSSLRecordDecryptionFail:
return errSSLDecryptionFail;
case errSSLRecordBadRecordMac:
return errSSLBadRecordMac;
case errSSLRecordRecordOverflow:
return errSSLRecordOverflow;
case errSSLRecordUnexpectedRecord:
return errSSLUnexpectedRecord;
default:
sslErrorLog("unknown error code returned in sslErrorTranslate: %d\n", recordErr);
return recordErr;
}
}
OSStatus
SSLWriteRecord(SSLRecord rec, SSLContext *ctx)
{
OSStatus err;
err=errorTranslate(ctx->recFuncs->write(ctx->recCtx, rec));
switch(err) {
case errSecSuccess:
break;
default:
sslErrorLog("unexpected error code returned in SSLWriteRecord: %d\n", (int)err);
break;
}
return err;
}
OSStatus
SSLFreeRecord(SSLRecord rec, SSLContext *ctx)
{
return ctx->recFuncs->free(ctx->recCtx, rec);
}
OSStatus
SSLReadRecord(SSLRecord *rec, SSLContext *ctx)
{ OSStatus err;
err=errorTranslate(ctx->recFuncs->read(ctx->recCtx, rec));
switch(err) {
case errSecSuccess:
case errSSLWouldBlock:
break;
case errSSLUnexpectedRecord:
DTLSRetransmit(ctx);
break;
case errSSLDecryptionFail:
case errSSLBadRecordMac:
if(ctx->isDTLS) {
err=errSSLUnexpectedRecord;
} else {
SSLFatalSessionAlert(SSL_AlertBadRecordMac, ctx);
}
break;
case errSSLInternal:
SSLFatalSessionAlert(SSL_AlertInternalError, ctx);
break;
case errSSLRecordOverflow:
SSLFatalSessionAlert(SSL_AlertRecordOverflow, ctx);
break;
case errSSLClosedAbort:
case errSSLConnectionRefused:
SSLFatalSessionAlert(SSL_AlertCloseNotify, ctx);
break;
default:
sslErrorLog("unknown error code returned in SSLReadRecord: %d\n", (int)err);
SSLFatalSessionAlert(SSL_AlertCloseNotify, ctx);
break;
}
return err;
}
OSStatus SSLServiceWriteQueue(SSLContext *ctx)
{
return errorTranslate(ctx->recFuncs->serviceWriteQueue(ctx->recCtx));
}