mirrors/Nim
1
0
Fork 0
mirror of https://github.com/nim-lang/Nim.git synced 2025-12-29 09:24:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixes SSL case sensitive issues.

Browse Source
This commit is contained in:
Dominik Picheta
2014-08-30 18:00:05 +01:00
parent f6dc76cfe3
commit 29ec795580
2 changed files with 38 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
lib/pure/net.nim
View File

@@ -125,16 +125,16 @@ when defined(ssl):
ErrLoadBioStrings()
OpenSSL_add_all_algorithms()
proc SSLError(s = "") =
proc raiseSSLError(s = "") =
if s != "":
raise newException(ESSL, s)
raise newException(SSLError, s)
let err = ErrPeekLastError()
if err == 0:
raise newException(ESSL, "No error reported.")
raise newException(SSLError, "No error reported.")
if err == -1:
OSError(OSLastError())
raiseOSError(osLastError())
var errStr = ErrErrorString(err, nil)
raise newException(ESSL, $errStr)
raise newException(SSLError, $errStr)
# http://simplestcodings.blogspot.co.uk/2010/08/secure-server-client-using-openssl-in-c.html
proc loadCertificates(ctx: PSSL_CTX, certFile, keyFile: string) =
@@ -146,23 +146,23 @@ when defined(ssl):
if certFile != "":
var ret = SSLCTXUseCertificateChainFile(ctx, certFile)
if ret != 1:
SSLError()
raiseSSLError()
# TODO: Password? www.rtfm.com/openssl-examples/part1.pdf
if keyFile != "":
if SSL_CTX_use_PrivateKey_file(ctx, keyFile,
SSL_FILETYPE_PEM) != 1:
SSLError()
raiseSSLError()
if SSL_CTX_check_private_key(ctx) != 1:
SSLError("Verification of private key file failed.")
raiseSSLError("Verification of private key file failed.")
proc newContext*(protVersion = ProtSSLv23, verifyMode = CVerifyPeer,
proc newContext*(protVersion = protSSLv23, verifyMode = CVerifyPeer,
certFile = "", keyFile = ""): PSSLContext =
## Creates an SSL context.
##
## Protocol version specifies the protocol to use. SSLv2, SSLv3, TLSv1 are
## are available with the addition of ``ProtSSLv23`` which allows for
## are available with the addition of ``protSSLv23`` which allows for
## compatibility with all of them.
##
## There are currently only two options for verify mode;
@@ -189,14 +189,14 @@ when defined(ssl):
newCTX = SSL_CTX_new(TLSv1_method())
if newCTX.SSLCTXSetCipherList("ALL") != 1:
SSLError()
raiseSSLError()
case verifyMode
of CVerifyPeer:
newCTX.SSLCTXSetVerify(SSLVerifyPeer, nil)
of CVerifyNone:
newCTX.SSLCTXSetVerify(SSLVerifyNone, nil)
if newCTX == nil:
SSLError()
raiseSSLError()
discard newCTX.SSLCTXSetMode(SSL_MODE_AUTO_RETRY)
newCTX.loadCertificates(certFile, keyFile)
@@ -215,10 +215,10 @@ when defined(ssl):
socket.sslNoHandshake = false
socket.sslHasPeekChar = false
if socket.sslHandle == nil:
SSLError()
raiseSSLError()
if SSLSetFd(socket.sslHandle, socket.fd) != 1:
SSLError()
raiseSSLError()
proc socketError*(socket: Socket, err: int = -1, async = false,
lastError = (-1).OSErrorCode) =
@@ -235,20 +235,20 @@ proc socketError*(socket: Socket, err: int = -1, async = false,
var ret = SSLGetError(socket.sslHandle, err.cint)
case ret
of SSL_ERROR_ZERO_RETURN:
SSLError("TLS/SSL connection failed to initiate, socket closed prematurely.")
raiseSSLError("TLS/SSL connection failed to initiate, socket closed prematurely.")
of SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT:
if async:
return
else: SSLError("Not enough data on socket.")
else: raiseSSLError("Not enough data on socket.")
of SSL_ERROR_WANT_WRITE, SSL_ERROR_WANT_READ:
if async:
return
else: SSLError("Not enough data on socket.")
else: raiseSSLError("Not enough data on socket.")
of SSL_ERROR_WANT_X509_LOOKUP:
SSLError("Function for x509 lookup has been called.")
raiseSSLError("Function for x509 lookup has been called.")
of SSL_ERROR_SYSCALL, SSL_ERROR_SSL:
SSLError()
else: SSLError("Unknown Error")
raiseSSLError()
else: raiseSSLError("Unknown Error")
if err == -1 and not (when defined(ssl): socket.isSSL else: false):
let lastE = if lastError.int == -1: osLastError() else: lastError
@@ -371,17 +371,17 @@ when false: #defined(ssl):
if err != SSL_ERROR_WANT_ACCEPT:
case err
of SSL_ERROR_ZERO_RETURN:
SSLError("TLS/SSL connection failed to initiate, socket closed prematurely.")
raiseSSLError("TLS/SSL connection failed to initiate, socket closed prematurely.")
of SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE,
SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT:
client.sslNoHandshake = true
return AcceptNoHandshake
of SSL_ERROR_WANT_X509_LOOKUP:
SSLError("Function for x509 lookup has been called.")
raiseSSLError("Function for x509 lookup has been called.")
of SSL_ERROR_SYSCALL, SSL_ERROR_SSL:
SSLError()
raiseSSLError()
else:
SSLError("Unknown error")
raiseSSLError("Unknown error")
client.sslNoHandshake = false
if client.isSSL and client.sslNoHandshake:
@@ -485,19 +485,19 @@ when defined(ssl):
var errret = SSLGetError(socket.sslHandle, ret)
case errret
of SSL_ERROR_ZERO_RETURN:
SSLError("TLS/SSL connection failed to initiate, socket closed prematurely.")
raiseSSLError("TLS/SSL connection failed to initiate, socket closed prematurely.")
of SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT,
SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE:
return false
of SSL_ERROR_WANT_X509_LOOKUP:
SSLError("Function for x509 lookup has been called.")
raiseSSLError("Function for x509 lookup has been called.")
of SSL_ERROR_SYSCALL, SSL_ERROR_SSL:
SSLError()
raiseSSLError()
else:
SSLError("Unknown Error")
raiseSSLError("Unknown Error")
socket.sslNoHandshake = false
else:
SSLError("Socket is not an SSL socket.")
raiseSSLError("Socket is not an SSL socket.")
proc gotHandshake*(socket: PSocket): bool =
## Determines whether a handshake has occurred between a client (``socket``)
@@ -507,7 +507,7 @@ when defined(ssl):
if socket.isSSL:
return not socket.sslNoHandshake
else:
SSLError("Socket is not an SSL socket.")
raiseSSLError("Socket is not an SSL socket.")
proc hasDataBuffered*(s: Socket): bool =
## Determines whether a socket has data buffered.

16
lib/wrappers/openssl.nim
View File

@@ -246,7 +246,7 @@ proc BIO_get_ssl*(bio: PBIO, ssl: ptr PSSL): int =
proc BIO_set_conn_hostname*(bio: PBIO, name: cstring): int =
return BIO_ctrl(bio, BIO_C_SET_CONNECT, 0, name)
proc BIO_do_handshake*(bio: PBIO): int =
return BIO_ctrl(bio, BIO_C_DO_STATE_MACHINE, 0, NIL)
return BIO_ctrl(bio, BIO_C_DO_STATE_MACHINE, 0, nil)
proc BIO_do_connect*(bio: PBIO): int =
return BIO_do_handshake(bio)
@@ -448,11 +448,11 @@ type
{.pragma: ic, importc: "$1".}
{.push callconv:cdecl, dynlib:DLLUtilName.}
proc MD5_Init*(c: var MD5_CTX): cint{.ic.}
proc MD5_Update*(c: var MD5_CTX; data: pointer; len: csize): cint{.ic.}
proc MD5_Final*(md: cstring; c: var MD5_CTX): cint{.ic.}
proc MD5*(d: ptr cuchar; n: csize; md: ptr cuchar): ptr cuchar{.ic.}
proc MD5_Transform*(c: var MD5_CTX; b: ptr cuchar){.ic.}
proc md5_Init*(c: var MD5_CTX): cint{.ic.}
proc md5_Update*(c: var MD5_CTX; data: pointer; len: csize): cint{.ic.}
proc md5_Final*(md: cstring; c: var MD5_CTX): cint{.ic.}
proc md5*(d: ptr cuchar; n: csize; md: ptr cuchar): ptr cuchar{.ic.}
proc md5_Transform*(c: var MD5_CTX; b: ptr cuchar){.ic.}
{.pop.}
from strutils import toHex,toLower
@@ -463,7 +463,7 @@ proc hexStr (buf:cstring): string =
for i in 0 .. <16:
result.add toHex(buf[i].ord, 2).toLower
proc MD5_File* (file: string): string {.raises:[EIO,Ebase].} =
proc md5_File* (file: string): string {.raises:[EIO,Ebase].} =
## Generate MD5 hash for a file. Result is a 32 character
# hex string with lowercase characters (like the output
# of `md5sum`
@@ -483,7 +483,7 @@ proc MD5_File* (file: string): string {.raises:[EIO,Ebase].} =
result = hexStr(buf)
proc MD5_Str* (str:string): string {.raises:[EIO].} =
proc md5_Str* (str:string): string {.raises:[EIO].} =
##Generate MD5 hash for a string. Result is a 32 character
#hex string with lowercase characters
var