rexy712/frnetlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Bug fixes

Browse Source 
Added missing move/copy constructor deletors to SSLSocket, to prevent the object from becoming invalid.

Removed noexcept specifier from some constructors where valid exceptions can be thrown.

Exceptions are now thrown from the SSLSocket constructor if it fails to initialise properly, rather than printing something out to stderr and continuing.
This commit is contained in:
Fred Nicolson 2018-08-08 11:04:23 +01:00
parent 3f1deb427e
commit db738e9503
8 changed files with 29 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
include/frnetlib/SSLContext.h
View File

@ -51,14 +51,7 @@ namespace fr
*/ */
bool load_ca_certs_from_memory(const std::string &ca_certs) bool load_ca_certs_from_memory(const std::string &ca_certs)
{ {
std::cerr << "Note: load_ca_certs_from_memory() seems to be broken. Please use load_ca_certs_from_file() until this is resolved." << std::endl; return mbedtls_x509_crt_parse(&cacert, (const unsigned char *)ca_certs.c_str(), ca_certs.size()) == 0;
int error = mbedtls_x509_crt_parse(&cacert, (const unsigned char *)ca_certs.c_str(), ca_certs.size());
if(error < 0)
{
std::cout << "Failed to parse root CA certificates. Parse returned: " << error << std::endl;
return false;
}
return true;
} }
/*! /*!
@ -69,13 +62,7 @@ namespace fr
*/ */
bool load_ca_certs_from_file(const std::string &ca_certs_filepath) bool load_ca_certs_from_file(const std::string &ca_certs_filepath)
{ {
int error = mbedtls_x509_crt_parse_file(&cacert, ca_certs_filepath.c_str()); return mbedtls_x509_crt_parse_file(&cacert, ca_certs_filepath.c_str()) == 0;
if(error < 0)
{
std::cout << "Failed to parse root CA certificates. Parse returned: " << error << std::endl;
return false;
}
return true;
} }
mbedtls_entropy_context entropy; mbedtls_entropy_context entropy;

7
include/frnetlib/SSLListener.h
View File

@ -22,9 +22,12 @@ namespace fr
class SSLListener : public Listener class SSLListener : public Listener
{ {
public: public:
explicit SSLListener(std::shared_ptr<SSLContext> ssl_context, const std::string &pem_path, const std::string &private_key_path) noexcept; explicit SSLListener(std::shared_ptr<SSLContext> ssl_context, const std::string &pem_path, const std::string &private_key_path);
virtual ~SSLListener() noexcept; virtual ~SSLListener() noexcept;
SSLListener(SSLListener &&o) noexcept = default; SSLListener(SSLListener &&) = delete;
SSLListener(SSLListener &o) = delete;
void operator=(const SSLListener &) = delete;
void operator=(SSLListener &&) = delete;
/*! /*!
* Listens to the given port for connections * Listens to the given port for connections

4
include/frnetlib/Socket.h
View File

@ -43,8 +43,8 @@ namespace fr
any = 3 any = 3
}; };
Socket() noexcept; Socket();
virtual ~Socket() noexcept = default; virtual ~Socket() = default;
Socket(Socket &&) =delete; Socket(Socket &&) =delete;
Socket(const Socket &) =delete; Socket(const Socket &) =delete;
void operator=(const Socket &) =delete; void operator=(const Socket &) =delete;

4
include/frnetlib/TcpSocket.h
View File

@ -15,7 +15,7 @@ class TcpSocket : public Socket
{ {
public: public:
TcpSocket() noexcept; TcpSocket() noexcept;
virtual ~TcpSocket() noexcept; ~TcpSocket() override;
TcpSocket(TcpSocket &&) = delete; TcpSocket(TcpSocket &&) = delete;
TcpSocket(const TcpSocket &) = delete; TcpSocket(const TcpSocket &) = delete;
void operator=(TcpSocket &&)=delete; void operator=(TcpSocket &&)=delete;
@ -98,7 +98,7 @@ protected:
/*! /*!
* Close the connection. * Close the connection.
*/ */
virtual void close_socket(); void close_socket() override;
int32_t socket_descriptor; int32_t socket_descriptor;
}; };

8
include/frnetlib/version.h
View File

@ -9,10 +9,10 @@
#define FRNETLIB_VERSION_MAJOR 1 #define FRNETLIB_VERSION_MAJOR 1
#define FRNETLIB_VERSION_MINOR 0 #define FRNETLIB_VERSION_MINOR 0
#define FRNETLIB_VERSION_PATCH 0 #define FRNETLIB_VERSION_PATCH 1
#define FRNETLIB_VERSION_NUMBER 0x01000000 #define FRNETLIB_VERSION_NUMBER (FRNETLIB_VERSION_MAJOR * 100*100 + FRNETLIB_VERSION_MINOR * 100 + FRNETLIB_VERSION_PATCH)
#define FRNETLIB_VERSION_STRING "1.0.0" #define FRNETLIB_VERSION_STRING "1.0.1"
#define FRNETLIB_VERSION__STRING_FULL "frnetlib 1.0.0" #define FRNETLIB_VERSION_STRING_FULL "frnetlib 1.0.1"
#endif //FRNETLIB_VERSION_H #endif //FRNETLIB_VERSION_H

25
src/SSLListener.cpp
View File

@ -13,7 +13,7 @@
namespace fr namespace fr
{ {
SSLListener::SSLListener(std::shared_ptr<SSLContext> ssl_context_, const std::string &pem_path, const std::string &private_key_path) noexcept SSLListener::SSLListener(std::shared_ptr<SSLContext> ssl_context_, const std::string &pem_path, const std::string &private_key_path)
: ssl_context(std::move(ssl_context_)) : ssl_context(std::move(ssl_context_))
{ {
//Initialise SSL objects required //Initialise SSL objects required
@ -24,33 +24,32 @@ namespace fr
int error = 0; int error = 0;
//Load certificates and private key //Load public key
error = mbedtls_x509_crt_parse_file(&srvcert, pem_path.c_str()); error = mbedtls_x509_crt_parse_file(&srvcert, pem_path.c_str());
if(error != 0) if(error != 0)
{ {
std::cout << "Failed to initialise SSL listener. PEM Parse returned: " << error << std::endl; throw std::runtime_error("mbedtls_x509_crt_parse_file() returned: " + std::to_string(error));
return;
} }
//Load private key
error = mbedtls_pk_parse_keyfile(&pkey, private_key_path.c_str(), 0); error = mbedtls_pk_parse_keyfile(&pkey, private_key_path.c_str(), 0);
if(error != 0) if(error != 0)
{ {
std::cout << "Failed to initialise SSL listener. Private Key Parse returned: " << error << std::endl; throw std::runtime_error("mbedtls_pk_parse_keyfile() returned: " + std::to_string(error));
return;
} }
//Setup data structures //Setup data structures and apply settings
if((error = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT)) != 0) error = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT);
if(error != 0)
{ {
std::cout << "Failed to configure SSL presets: " << error << std::endl; throw std::runtime_error("mbedtls_ssl_config_defaults() returned: " + std::to_string(error));
return;
} }
//Apply them
mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ssl_context->ctr_drbg); mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ssl_context->ctr_drbg);
mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, nullptr); mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, nullptr);
if((error = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey)) != 0) //Apply loaded certs
error = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey);
if(error != 0)
{ {
std::cout << "Failed to set certificate: " << error << std::endl; std::cout << "Failed to set certificate: " << error << std::endl;
return; return;

2
src/Socket.cpp
View File

@ -12,7 +12,7 @@
namespace fr namespace fr
{ {
Socket::Socket() noexcept Socket::Socket()
: is_blocking(true), : is_blocking(true),
ai_family(AF_UNSPEC), ai_family(AF_UNSPEC),
max_receive_size(0) max_receive_size(0)

2
src/TcpSocket.cpp
View File

@ -11,7 +11,7 @@ namespace fr
{ {
TcpSocket::TcpSocket() noexcept TcpSocket::TcpSocket() noexcept
: socket_descriptor(-1) : socket_descriptor(-1)
{ {
} }