Commit 2928598e authored by louiz’'s avatar louiz’

Catch TLS exceptions, close the connection and inform the user of the error

parent 7247228e
......@@ -20,6 +20,7 @@
#ifdef BOTAN_FOUND
# include <botan/hex.h>
# include <botan/tls_exceptn.h>
Botan::AutoSeeded_RNG TCPSocketHandler::rng;
Permissive_Credentials_Manager TCPSocketHandler::credential_manager;
......@@ -364,7 +365,13 @@ void TCPSocketHandler::send_data(std::string&& data)
{
#ifdef BOTAN_FOUND
if (this->use_tls)
this->tls_send(std::move(data));
try {
this->tls_send(std::move(data));
} catch (const Botan::TLS::TLS_Exception& e) {
this->on_connection_close("TLS error: "s + e.what());
this->close();
return ;
}
else
#endif
this->raw_send(std::move(data));
......@@ -426,8 +433,17 @@ void TCPSocketHandler::tls_recv()
if (size > 0)
{
const bool was_active = this->tls->is_active();
this->tls->received_data(reinterpret_cast<const Botan::byte*>(recv_buf),
static_cast<size_t>(size));
try {
this->tls->received_data(reinterpret_cast<const Botan::byte*>(recv_buf),
static_cast<size_t>(size));
} catch (const Botan::TLS::TLS_Exception& e) {
// May happen if the server sends malformed TLS data (buggy server,
// or more probably we are just connected to a server that sends
// plain-text)
this->on_connection_close("TLS error: "s + e.what());
this->close();
return ;
}
if (!was_active && this->tls->is_active())
this->on_tls_activated();
}
......@@ -441,7 +457,7 @@ void TCPSocketHandler::tls_send(std::string&& data)
if (!this->pre_buf.empty())
{
this->tls->send(reinterpret_cast<const Botan::byte*>(this->pre_buf.data()),
this->pre_buf.size());
this->pre_buf.size());
this->pre_buf = "";
}
if (!data.empty())
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment