~nytpu/tlsada

0a63fe01c9ee34495ef9689b0b71a774dd71fc56 — cngimenez 1 year, 8 months ago 778f2ee
TLS.Contexts.{Server,Client}: Force TLS handshake after connecting to peer

If the handshake is not forced, then the routines for retrieving connection
metadata such as certificate info will not function prior to a Context.Read or
a Context.Write (where libtls will automatically initiate the handshake if
necessary).

Originally authored by: cngimenez <cnngimenez@disroot.org>
Cleaned up and slightly rewritten by: nytpu <alex@nytpu.com>
2 files changed, 24 insertions(+), 8 deletions(-)

M src/tls-contexts-client.adb
M src/tls-contexts-server.adb
M src/tls-contexts-client.adb => src/tls-contexts-client.adb +14 -4
@@ 24,6 24,13 @@ package body TLS.Contexts.Client is
	procedure Connect
		(Ctx : in out Client_Context; Host : String; Port : Port_Number)
	is
		function Generate_Error_Msg (Message : String) return String
		is (
			Message &
			" '" & Host & ":" & Port_Number'Image(Port) & "':" &
			Retrieve_Error_Message(Ctx.Context)
		);

		R : int;
		Host_C : chars_ptr := New_String(Host);
		Port_C : chars_ptr := New_String(Port'Image);


@@ 38,11 45,14 @@ package body TLS.Contexts.Client is
		Free(Host_C);
		Free(Port_C);
		if R /= 0 then
			raise Connect_Error
				with "unable to connect to '" &
					Host & ":" & Port'Image & "': " &
					Retrieve_Error_Message(Ctx.Context);
			raise Connect_Error with Generate_Error_Msg("unable to connect to");
		end if;

		R := Bs.tls_handshake(Ctx.Context.Context);
		if R /= 0 then
			raise Connect_Error with Generate_Error_Msg("unable to do TLS handshake with");
		end if;

		Ctx.Context.Connected := True;
	end Connect;


M src/tls-contexts-server.adb => src/tls-contexts-server.adb +10 -4
@@ 25,17 25,23 @@ package body TLS.Contexts.Server is
		(Server_Ctx : Server_Context; Socket : Socket_Type;
		Connected_Context : out Server_Context)
	is
		function Generate_Error_Msg (Message : String) return String
		is (Message & " '" & Image(Socket) & "': " & Retrieve_Error_Message(Server_Ctx.Context));

		R : int;
	begin
		R := Bs.tls_accept_socket(
			Server_Ctx.Context.Context, Connected_Context.Context.Context'Address, int(To_C(Socket))
		);
		if R = -1 then
			raise Connect_Error
				with "unable to enable tls on socket '" &
					Image(Socket) & "': " &
					Retrieve_Error_Message(Server_Ctx.Context);
			raise Connect_Error with Generate_Error_Msg("unable to enable tls on socket");
		end if;

		R := Bs.tls_handshake(Connected_Context.Context.Context);
		if R /= 0 then
			raise Connect_Error with Generate_Error_Msg("unable to do TLS handshake on socket");
		end if;

		Connected_Context.Context.Configured := True;
		Connected_Context.Context.Connected := True;
	end Accept_TLS;