diff options
Diffstat (limited to 'forstio/io-tls/tls.cpp')
-rw-r--r-- | forstio/io-tls/tls.cpp | 70 |
1 files changed, 36 insertions, 34 deletions
diff --git a/forstio/io-tls/tls.cpp b/forstio/io-tls/tls.cpp index c1497bc..9fa143c 100644 --- a/forstio/io-tls/tls.cpp +++ b/forstio/io-tls/tls.cpp @@ -11,18 +11,18 @@ namespace saw { -class Tls::Impl { +class tls::impl { public: gnutls_certificate_credentials_t xcred; public: - Impl() { + impl() { gnutls_global_init(); gnutls_certificate_allocate_credentials(&xcred); gnutls_certificate_set_x509_system_trust(xcred); } - ~Impl() { + ~impl() { gnutls_certificate_free_credentials(xcred); gnutls_global_deinit(); } @@ -32,32 +32,34 @@ static ssize_t forst_tls_push_func(gnutls_transport_ptr_t p, const void *data, size_t size); static ssize_t forst_tls_pull_func(gnutls_transport_ptr_t p, void *data, size_t size); -Tls::Tls() : impl{heap<Tls::Impl>()} {} +tls::tls() : impl_{heap<tls::impl>()} {} -Tls::~Tls() {} +tls::~tls() {} -Tls::Impl &Tls::getImpl() { return *impl; } +tls::impl &tls::get_impl() { return *impl_; } -class TlsIoStream final : public io_stream { +class tls_io_stream final : public io_stream { private: own<io_stream> internal; gnutls_session_t session_handle; public: - TlsIoStream(own<io_stream> internal_) : internal{std::move(internal_)} {} + tls_io_stream(own<io_stream> internal_) : internal{std::move(internal_)} {} - ~TlsIoStream() { gnutls_bye(session_handle, GNUTLS_SHUT_RDWR); } + ~tls_io_stream() { gnutls_bye(session_handle, GNUTLS_SHUT_RDWR); } error_or<size_t> read(void *buffer, size_t length) override { ssize_t size = gnutls_record_recv(session_handle, buffer, length); if (size < 0) { if(gnutls_error_is_fatal(size) == 0){ - return recoverable_error([size](){return std::string{"Read recoverable Error "}+std::string{gnutls_strerror(size)};}, "Error read r"); + return make_error<err::recoverable>("Recoverable error on read in gnutls. TODO better error msg handling"); + // Leaving proper message handling done in previous error framework + //return recoverable_error([size](){return std::string{"Read recoverable Error "}+std::string{gnutls_strerror(size)};}, "Error read r"); }else{ - return critical_error([size](){return std::string{"Read critical Error "}+std::string{gnutls_strerror(size)};}, "Error read c"); + return make_error<err::critical>("Fatal error on read in gnutls. TODO better error msg handling"); } }else if(size == 0){ - return critical_error("Disconnected"); + return make_error<err::disconnected>(); } return static_cast<size_t>(length); @@ -73,9 +75,9 @@ public: ssize_t size = gnutls_record_send(session_handle, buffer, length); if(size < 0){ if(gnutls_error_is_fatal(size) == 0){ - return recoverable_error([size](){return std::string{"Write recoverable Error "}+std::string{gnutls_strerror(size)} + " " + std::to_string(size);}, "Error write r"); + return make_error<err::recoverable>("Recoverable error on write in gnutls. TODO better error msg handling"); }else{ - return critical_error([size](){return std::string{"Write critical Error "}+std::string{gnutls_strerror(size)} + " " + std::to_string(size);}, "Error write c"); + return make_error<err::critical>("Fatal error on write in gnutls. TODO better error msg handling"); } } @@ -87,15 +89,15 @@ public: gnutls_session_t &session() { return session_handle; } }; -TlsServer::TlsServer(own<server> srv) : internal{std::move(srv)} {} +tls_server::tls_server(own<server> srv) : internal{std::move(srv)} {} -conveyor<own<io_stream>> TlsServer::accept() { +conveyor<own<io_stream>> tls_server::accept() { SAW_ASSERT(internal) { return conveyor<own<io_stream>>{fix_void<own<io_stream>>{nullptr}}; } return internal->accept().then([](own<io_stream> stream) -> own<io_stream> { /// @todo handshake - return heap<TlsIoStream>(std::move(stream)); + return heap<tls_io_stream>(std::move(stream)); }); } @@ -103,16 +105,16 @@ namespace { /* * Small helper for setting up the nonblocking connection handshake */ -struct TlsClientStreamHelper { +struct tls_client_stream_helper { public: own<conveyor_feeder<own<io_stream>>> feeder; conveyor_sink connection_sink; conveyor_sink stream_reader; conveyor_sink stream_writer; - own<TlsIoStream> stream = nullptr; + own<tls_io_stream> stream = nullptr; public: - TlsClientStreamHelper(own<conveyor_feeder<own<io_stream>>> f): + tls_client_stream_helper(own<conveyor_feeder<own<io_stream>>> f): feeder{std::move(f)} {} @@ -145,7 +147,7 @@ public: } while ( (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) && gnutls_error_is_fatal(ret) == 0); if(gnutls_error_is_fatal(ret)){ - feeder->fail(critical_error("Couldn't create Tls connection")); + feeder->fail(make_error<err::critical>("Couldn't create Tls connection")); stream = nullptr; }else if(ret == GNUTLS_E_SUCCESS){ feeder->feed(std::move(stream)); @@ -155,21 +157,21 @@ public: }; } -own<server> TlsNetwork::listen(network_address& address) { - return heap<TlsServer>(internal.listen(address)); +own<server> tls_network::listen(network_address& address) { + return heap<tls_server>(internal.listen(address)); } -conveyor<own<io_stream>> TlsNetwork::connect(network_address& address) { +conveyor<own<io_stream>> tls_network::connect(network_address& address) { // Helper setups auto caf = new_conveyor_and_feeder<own<io_stream>>(); - own<TlsClientStreamHelper> helper = heap<TlsClientStreamHelper>(std::move(caf.feeder)); - TlsClientStreamHelper* hlp_ptr = helper.get(); + own<tls_client_stream_helper> helper = heap<tls_client_stream_helper>(std::move(caf.feeder)); + tls_client_stream_helper* hlp_ptr = helper.get(); // Conveyor entangled structure auto prim_conv = internal.connect(address).then([this, hlp_ptr, addr = address.address()]( own<io_stream> stream) -> error_or<void> { io_stream* inner_stream = stream.get(); - auto tls_stream = heap<TlsIoStream>(std::move(stream)); + auto tls_stream = heap<tls_io_stream>(std::move(stream)); auto &session = tls_stream->session(); @@ -180,7 +182,7 @@ conveyor<own<io_stream>> TlsNetwork::connect(network_address& address) { gnutls_set_default_priority(session); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, - tls.getImpl().xcred); + tls_.get_impl().xcred); gnutls_session_set_verify_cert(session, addr.c_str(), 0); gnutls_transport_set_ptr(session, reinterpret_cast<gnutls_transport_ptr_t>(inner_stream)); @@ -201,7 +203,7 @@ conveyor<own<io_stream>> TlsNetwork::connect(network_address& address) { return caf.conveyor.attach(std::move(helper)); } -own<datagram> TlsNetwork::datagram(network_address& address){ +own<datagram> tls_network::datagram(network_address& address){ ///@unimplemented return nullptr; } @@ -218,7 +220,7 @@ static ssize_t forst_tls_push_func(gnutls_transport_ptr_t p, const void *data, return -1; } - return static_cast<ssize_t>(length.value()); + return static_cast<ssize_t>(length.get_value()); } static ssize_t forst_tls_pull_func(gnutls_transport_ptr_t p, void *data, size_t size) { @@ -232,19 +234,19 @@ static ssize_t forst_tls_pull_func(gnutls_transport_ptr_t p, void *data, size_t return -1; } - return static_cast<ssize_t>(length.value()); + return static_cast<ssize_t>(length.get_value()); } -TlsNetwork::TlsNetwork(Tls& tls_, network &network) : tls{tls_},internal{network} {} +tls_network::tls_network(tls& tls_, network &network) : tls_{tls_},internal{network} {} -conveyor<own<network_address>> TlsNetwork::resolve_address(const std::string &addr, +conveyor<own<network_address>> tls_network::resolve_address(const std::string &addr, uint16_t port) { /// @todo tls server name needed. Check validity. Won't matter later on, because gnutls should fail anyway. But /// it's better to find the error source sooner rather than later return internal.resolve_address(addr, port); } -std::optional<own<TlsNetwork>> setupTlsNetwork(network &network) { +std::optional<own<tls_network>> setup_tls_network(network &network) { return std::nullopt; } } // namespace saw |