From 3a4b28d473e7c02fe8d2e30c25861eea2d8d0d22 Mon Sep 17 00:00:00 2001
From: Nick Zitzmann <nick@chronosnet.com>
Date: Tue, 26 Jun 2012 21:39:48 +0200
Subject: [PATCH] DarwinSSL: several adjustments
- Renamed st_ function prefix to darwinssl_
- Renamed Curl_st_ function prefix to Curl_darwinssl_
- Moved the duplicated ssl_connect_done out of the #ifdef in lib/urldata.h
- Fixed a teensy little bug that made non-blocking connection attempts block
- Made it so that it builds cleanly against the iOS 5.1 SDK
---
lib/curl_darwinssl.c | 88 +++++++++++++++++++++++---------------------
lib/curl_darwinssl.h | 35 +++++++++---------
lib/sslgen.c | 2 +-
lib/urldata.h | 11 +++---
4 files changed, 71 insertions(+), 65 deletions(-)
diff --git a/lib/curl_darwinssl.c b/lib/curl_darwinssl.c
index b21cc468b8..627117d1d4 100644
--- a/lib/curl_darwinssl.c
+++ b/lib/curl_darwinssl.c
@@ -36,6 +36,8 @@
#ifdef USE_DARWINSSL
#include <Security/Security.h>
+#include <Security/SecureTransport.h>
+#include <CoreFoundation/CoreFoundation.h>
#include "urldata.h"
#include "sendf.h"
#include "inet_pton.h"
@@ -147,8 +149,8 @@ static OSStatus SocketWrite(SSLConnectionRef connection,
return ortn;
}
-static CURLcode st_connect_step1(struct connectdata *conn,
- int sockindex)
+static CURLcode darwinssl_connect_step1(struct connectdata *conn,
+ int sockindex)
{
struct SessionHandle *data = conn->data;
curl_socket_t sockfd = conn->sock[sockindex];
@@ -252,7 +254,7 @@ static CURLcode st_connect_step1(struct connectdata *conn,
}
static CURLcode
-st_connect_step2(struct connectdata *conn, int sockindex)
+darwinssl_connect_step2(struct connectdata *conn, int sockindex)
{
struct SessionHandle *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
@@ -276,7 +278,7 @@ st_connect_step2(struct connectdata *conn, int sockindex)
case errSSLServerAuthCompleted:
/* the documentation says we need to call SSLHandshake() again */
- return st_connect_step2(conn, sockindex);
+ return darwinssl_connect_step2(conn, sockindex);
case errSSLXCertChainInvalid:
case errSSLUnknownRootCert:
@@ -306,8 +308,8 @@ st_connect_step2(struct connectdata *conn, int sockindex)
}
static CURLcode
-st_connect_step3(struct connectdata *conn,
- int sockindex)
+darwinssl_connect_step3(struct connectdata *conn,
+ int sockindex)
{
struct SessionHandle *data = conn->data;
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
@@ -344,14 +346,14 @@ st_connect_step3(struct connectdata *conn,
return CURLE_OK;
}
-static Curl_recv st_recv;
-static Curl_send st_send;
+static Curl_recv darwinssl_recv;
+static Curl_send darwinssl_send;
static CURLcode
-st_connect_common(struct connectdata *conn,
- int sockindex,
- bool nonblocking,
- bool *done)
+darwinssl_connect_common(struct connectdata *conn,
+ int sockindex,
+ bool nonblocking,
+ bool *done)
{
CURLcode retcode;
struct SessionHandle *data = conn->data;
@@ -375,7 +377,7 @@ st_connect_common(struct connectdata *conn,
failf(data, "SSL connection timeout");
return CURLE_OPERATION_TIMEDOUT;
}
- retcode = st_connect_step1(conn, sockindex);
+ retcode = darwinssl_connect_step1(conn, sockindex);
if(retcode)
return retcode;
}
@@ -432,26 +434,27 @@ st_connect_common(struct connectdata *conn,
* before step2 has completed while ensuring that a client using select()
* or epoll() will always have a valid fdset to wait on.
*/
- retcode = st_connect_step2(conn, sockindex);
+ retcode = darwinssl_connect_step2(conn, sockindex);
if(retcode || (nonblocking &&
(ssl_connect_2 == connssl->connecting_state ||
ssl_connect_2_reading == connssl->connecting_state ||
- ssl_connect_2_writing == connssl->connecting_state)))
+ ssl_connect_2_writing == connssl->connecting_state ||
+ ssl_connect_2_wouldblock == connssl->connecting_state)))
return retcode;
} /* repeat step2 until all transactions are done. */
if(ssl_connect_3==connssl->connecting_state) {
- retcode = st_connect_step3(conn, sockindex);
+ retcode = darwinssl_connect_step3(conn, sockindex);
if(retcode)
return retcode;
}
if(ssl_connect_done==connssl->connecting_state) {
connssl->state = ssl_connection_complete;
- conn->recv[sockindex] = st_recv;
- conn->send[sockindex] = st_send;
+ conn->recv[sockindex] = darwinssl_recv;
+ conn->send[sockindex] = darwinssl_send;
*done = TRUE;
}
else
@@ -464,21 +467,21 @@ st_connect_common(struct connectdata *conn,
}
CURLcode
-Curl_st_connect_nonblocking(struct connectdata *conn,
- int sockindex,
- bool *done)
+Curl_darwinssl_connect_nonblocking(struct connectdata *conn,
+ int sockindex,
+ bool *done)
{
- return st_connect_common(conn, sockindex, TRUE, done);
+ return darwinssl_connect_common(conn, sockindex, TRUE, done);
}
CURLcode
-Curl_st_connect(struct connectdata *conn,
- int sockindex)
+Curl_darwinssl_connect(struct connectdata *conn,
+ int sockindex)
{
CURLcode retcode;
bool done = FALSE;
- retcode = st_connect_common(conn, sockindex, FALSE, &done);
+ retcode = darwinssl_connect_common(conn, sockindex, FALSE, &done);
if(retcode)
return retcode;
@@ -488,7 +491,7 @@ Curl_st_connect(struct connectdata *conn,
return CURLE_OK;
}
-void Curl_st_close(struct connectdata *conn, int sockindex)
+void Curl_darwinssl_close(struct connectdata *conn, int sockindex)
{
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
@@ -498,13 +501,13 @@ void Curl_st_close(struct connectdata *conn, int sockindex)
connssl->ssl_sockfd = 0;
}
-void Curl_st_close_all(struct SessionHandle *data)
+void Curl_darwinssl_close_all(struct SessionHandle *data)
{
/* SecureTransport doesn't separate sessions from contexts, so... */
(void)data;
}
-int Curl_st_shutdown(struct connectdata *conn, int sockindex)
+int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex)
{
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
struct SessionHandle *data = conn->data;
@@ -519,7 +522,7 @@ int Curl_st_shutdown(struct connectdata *conn, int sockindex)
if(data->set.ftp_ccc != CURLFTPSSL_CCC_ACTIVE)
return 0;
- Curl_st_close(conn, sockindex);
+ Curl_darwinssl_close(conn, sockindex);
rc = 0;
@@ -558,7 +561,7 @@ int Curl_st_shutdown(struct connectdata *conn, int sockindex)
return rc;
}
-size_t Curl_st_version(char *buffer, size_t size)
+size_t Curl_darwinssl_version(char *buffer, size_t size)
{
return snprintf(buffer, size, "SecureTransport");
}
@@ -571,7 +574,7 @@ size_t Curl_st_version(char *buffer, size_t size)
* 0 means the connection has been closed
* -1 means the connection status is unknown
*/
-int Curl_st_check_cxn(struct connectdata *conn)
+int Curl_darwinssl_check_cxn(struct connectdata *conn)
{
struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET];
OSStatus err;
@@ -586,7 +589,8 @@ int Curl_st_check_cxn(struct connectdata *conn)
return 0;
}
-bool Curl_st_data_pending(const struct connectdata *conn, int connindex)
+bool Curl_darwinssl_data_pending(const struct connectdata *conn,
+ int connindex)
{
const struct ssl_connect_data *connssl = &conn->ssl[connindex];
OSStatus err;
@@ -602,11 +606,11 @@ bool Curl_st_data_pending(const struct connectdata *conn, int connindex)
return false;
}
-static ssize_t st_send(struct connectdata *conn,
- int sockindex,
- const void *mem,
- size_t len,
- CURLcode *curlcode)
+static ssize_t darwinssl_send(struct connectdata *conn,
+ int sockindex,
+ const void *mem,
+ size_t len,
+ CURLcode *curlcode)
{
/*struct SessionHandle *data = conn->data;*/
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
@@ -630,11 +634,11 @@ static ssize_t st_send(struct connectdata *conn,
return (ssize_t)processed;
}
-static ssize_t st_recv(struct connectdata *conn, /* connection data */
- int num, /* socketindex */
- char *buf, /* store read data here */
- size_t buffersize, /* max amount to read */
- CURLcode *curlcode)
+static ssize_t darwinssl_recv(struct connectdata *conn,
+ int num,
+ char *buf,
+ size_t buffersize,
+ CURLcode *curlcode)
{
/*struct SessionHandle *data = conn->data;*/
struct ssl_connect_data *connssl = &conn->ssl[num];
diff --git a/lib/curl_darwinssl.h b/lib/curl_darwinssl.h
index 6eb20cc0f6..a8d65d15e4 100644
--- a/lib/curl_darwinssl.h
+++ b/lib/curl_darwinssl.h
@@ -25,38 +25,39 @@
#ifdef USE_DARWINSSL
-CURLcode Curl_st_connect(struct connectdata *conn, int sockindex);
+CURLcode Curl_darwinssl_connect(struct connectdata *conn, int sockindex);
-CURLcode Curl_st_connect_nonblocking(struct connectdata *conn,
- int sockindex,
- bool *done);
+CURLcode Curl_darwinssl_connect_nonblocking(struct connectdata *conn,
+ int sockindex,
+ bool *done);
/* this function doesn't actually do anything */
-void Curl_st_close_all(struct SessionHandle *data);
+void Curl_darwinssl_close_all(struct SessionHandle *data);
/* close a SSL connection */
-void Curl_st_close(struct connectdata *conn, int sockindex);
+void Curl_darwinssl_close(struct connectdata *conn, int sockindex);
-size_t Curl_st_version(char *buffer, size_t size);
-int Curl_st_shutdown(struct connectdata *conn, int sockindex);
-int Curl_st_check_cxn(struct connectdata *conn);
-bool Curl_st_data_pending(const struct connectdata *conn, int connindex);
+size_t Curl_darwinssl_version(char *buffer, size_t size);
+int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex);
+int Curl_darwinssl_check_cxn(struct connectdata *conn);
+bool Curl_darwinssl_data_pending(const struct connectdata *conn,
+ int connindex);
/* API setup for SecureTransport */
#define curlssl_init() (1)
#define curlssl_cleanup() Curl_nop_stmt
-#define curlssl_connect Curl_st_connect
-#define curlssl_connect_nonblocking Curl_st_connect_nonblocking
+#define curlssl_connect Curl_darwinssl_connect
+#define curlssl_connect_nonblocking Curl_darwinssl_connect_nonblocking
#define curlssl_session_free(x) Curl_nop_stmt
-#define curlssl_close_all Curl_st_close_all
-#define curlssl_close Curl_st_close
+#define curlssl_close_all Curl_darwinssl_close_all
+#define curlssl_close Curl_darwinssl_close
#define curlssl_shutdown(x,y) 0
#define curlssl_set_engine(x,y) (x=x, y=y, CURLE_NOT_BUILT_IN)
#define curlssl_set_engine_default(x) (x=x, CURLE_NOT_BUILT_IN)
#define curlssl_engines_list(x) (x=x, (struct curl_slist *)NULL)
-#define curlssl_version Curl_st_version
-#define curlssl_check_cxn Curl_st_check_cxn
-#define curlssl_data_pending(x,y) Curl_st_data_pending(x, y)
+#define curlssl_version Curl_darwinssl_version
+#define curlssl_check_cxn Curl_darwinssl_check_cxn
+#define curlssl_data_pending(x,y) Curl_darwinssl_data_pending(x, y)
#endif /* USE_DARWINSSL */
#endif /* HEADER_CURL_DARWINSSL_H */
\ No newline at end of file
diff --git a/lib/sslgen.c b/lib/sslgen.c
index 286c5ab235..abb628d902 100644
--- a/lib/sslgen.c
+++ b/lib/sslgen.c
@@ -34,7 +34,7 @@
Curl_polarssl_ - prefix for PolarSSL ones
Curl_cyassl_ - prefix for CyaSSL ones
Curl_schannel_ - prefix for Schannel SSPI ones
- Curl_st_ - prefix for SecureTransport (Darwin) ones
+ Curl_darwinssl_ - prefix for SecureTransport (Darwin) ones
Note that this source code uses curlssl_* functions, and they are all
defines/macros #defined by the lib-specific header files.
diff --git a/lib/urldata.h b/lib/urldata.h
index dfb4fab9f1..5ad07c5f16 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -141,6 +141,9 @@
#ifdef USE_DARWINSSL
#include <Security/Security.h>
+/* For some reason, when building for iOS, the omnibus header above does
+ * not include SecureTransport.h as of iOS SDK 5.1. */
+#include <Security/SecureTransport.h>
#endif
#ifdef HAVE_NETINET_IN_H
@@ -245,13 +248,11 @@ typedef enum {
ssl_connect_2,
ssl_connect_2_reading,
ssl_connect_2_writing,
- ssl_connect_3,
#ifdef USE_DARWINSSL
- ssl_connect_done,
- ssl_connect_2_wouldblock
-#else
- ssl_connect_done
+ ssl_connect_2_wouldblock,
#endif /* USE_DARWINSSL */
+ ssl_connect_3,
+ ssl_connect_done
} ssl_connect_state;
typedef enum {
--
GitLab