summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFlorent Le Coz <louiz@louiz.org>2015-09-22 03:59:14 +0200
committerFlorent Le Coz <louiz@louiz.org>2015-09-22 03:59:14 +0200
commit2928598e773ca6708efdda1b6c35786cd3fa5587 (patch)
tree232a74c74045a588bb07f2f7f1012777766f86db
parent7247228e9785fd7c8d796d4aa0eb3b9c6fc8f221 (diff)
downloadbiboumi-2928598e773ca6708efdda1b6c35786cd3fa5587.tar.gz
biboumi-2928598e773ca6708efdda1b6c35786cd3fa5587.tar.bz2
biboumi-2928598e773ca6708efdda1b6c35786cd3fa5587.tar.xz
biboumi-2928598e773ca6708efdda1b6c35786cd3fa5587.zip
Catch TLS exceptions, close the connection and inform the user of the error
-rw-r--r--louloulibs/network/tcp_socket_handler.cpp24
1 files changed, 20 insertions, 4 deletions
diff --git a/louloulibs/network/tcp_socket_handler.cpp b/louloulibs/network/tcp_socket_handler.cpp
index cca6cd2..9424a1a 100644
--- a/louloulibs/network/tcp_socket_handler.cpp
+++ b/louloulibs/network/tcp_socket_handler.cpp
@@ -20,6 +20,7 @@
#ifdef BOTAN_FOUND
# include <botan/hex.h>
+# include <botan/tls_exceptn.h>
Botan::AutoSeeded_RNG TCPSocketHandler::rng;
Permissive_Credentials_Manager TCPSocketHandler::credential_manager;
@@ -364,7 +365,13 @@ void TCPSocketHandler::send_data(std::string&& data)
{
#ifdef BOTAN_FOUND
if (this->use_tls)
- this->tls_send(std::move(data));
+ try {
+ this->tls_send(std::move(data));
+ } catch (const Botan::TLS::TLS_Exception& e) {
+ this->on_connection_close("TLS error: "s + e.what());
+ this->close();
+ return ;
+ }
else
#endif
this->raw_send(std::move(data));
@@ -426,8 +433,17 @@ void TCPSocketHandler::tls_recv()
if (size > 0)
{
const bool was_active = this->tls->is_active();
- this->tls->received_data(reinterpret_cast<const Botan::byte*>(recv_buf),
- static_cast<size_t>(size));
+ try {
+ this->tls->received_data(reinterpret_cast<const Botan::byte*>(recv_buf),
+ static_cast<size_t>(size));
+ } catch (const Botan::TLS::TLS_Exception& e) {
+ // May happen if the server sends malformed TLS data (buggy server,
+ // or more probably we are just connected to a server that sends
+ // plain-text)
+ this->on_connection_close("TLS error: "s + e.what());
+ this->close();
+ return ;
+ }
if (!was_active && this->tls->is_active())
this->on_tls_activated();
}
@@ -441,7 +457,7 @@ void TCPSocketHandler::tls_send(std::string&& data)
if (!this->pre_buf.empty())
{
this->tls->send(reinterpret_cast<const Botan::byte*>(this->pre_buf.data()),
- this->pre_buf.size());
+ this->pre_buf.size());
this->pre_buf = "";
}
if (!data.empty())