1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 2012 - 2014, Nick Zitzmann, <nickzman@gmail.com>.
9 * Copyright (C) 2012 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
11 * This software is licensed as described in the file COPYING, which
12 * you should have received as part of this distribution. The terms
13 * are also available at https://curl.haxx.se/docs/copyright.html.
15 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
16 * copies of the Software, and permit persons to whom the Software is
17 * furnished to do so, under the terms of the COPYING file.
19 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
20 * KIND, either express or implied.
22 ***************************************************************************/
25 * Source file for all iOS and Mac OS X SecureTransport-specific code for the
26 * TLS/SSL layer. No code but vtls.c should ever call or use these functions.
29 #include "curl_setup.h"
31 #include "urldata.h" /* for the Curl_easy definition */
32 #include "curl_base64.h"
41 #include <Security/Security.h>
42 #include <Security/SecureTransport.h>
43 #include <CoreFoundation/CoreFoundation.h>
44 #include <CommonCrypto/CommonDigest.h>
46 /* The Security framework has changed greatly between iOS and different OS X
47 versions, and we will try to support as many of them as we can (back to
48 Leopard and iOS 5) by using macros and weak-linking.
50 IMPORTANT: If TLS 1.1 and 1.2 support are important for you on OS X, then
51 you must build this project against the 10.8 SDK or later. */
52 #if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE))
54 #if MAC_OS_X_VERSION_MAX_ALLOWED < 1050
55 #error "The darwinssl back-end requires Leopard or later."
56 #endif /* MAC_OS_X_VERSION_MAX_ALLOWED < 1050 */
58 #define CURL_BUILD_IOS 0
59 #define CURL_BUILD_IOS_7 0
60 #define CURL_BUILD_MAC 1
61 /* This is the maximum API level we are allowed to use when building: */
62 #define CURL_BUILD_MAC_10_5 MAC_OS_X_VERSION_MAX_ALLOWED >= 1050
63 #define CURL_BUILD_MAC_10_6 MAC_OS_X_VERSION_MAX_ALLOWED >= 1060
64 #define CURL_BUILD_MAC_10_7 MAC_OS_X_VERSION_MAX_ALLOWED >= 1070
65 #define CURL_BUILD_MAC_10_8 MAC_OS_X_VERSION_MAX_ALLOWED >= 1080
66 #define CURL_BUILD_MAC_10_9 MAC_OS_X_VERSION_MAX_ALLOWED >= 1090
67 /* These macros mean "the following code is present to allow runtime backward
68 compatibility with at least this cat or earlier":
69 (You set this at build-time by setting the MACOSX_DEPLOYMENT_TARGET
70 environmental variable.) */
71 #define CURL_SUPPORT_MAC_10_5 MAC_OS_X_VERSION_MIN_REQUIRED <= 1050
72 #define CURL_SUPPORT_MAC_10_6 MAC_OS_X_VERSION_MIN_REQUIRED <= 1060
73 #define CURL_SUPPORT_MAC_10_7 MAC_OS_X_VERSION_MIN_REQUIRED <= 1070
74 #define CURL_SUPPORT_MAC_10_8 MAC_OS_X_VERSION_MIN_REQUIRED <= 1080
75 #define CURL_SUPPORT_MAC_10_9 MAC_OS_X_VERSION_MIN_REQUIRED <= 1090
77 #elif TARGET_OS_EMBEDDED || TARGET_OS_IPHONE
78 #define CURL_BUILD_IOS 1
79 #define CURL_BUILD_IOS_7 __IPHONE_OS_VERSION_MAX_ALLOWED >= 70000
80 #define CURL_BUILD_MAC 0
81 #define CURL_BUILD_MAC_10_5 0
82 #define CURL_BUILD_MAC_10_6 0
83 #define CURL_BUILD_MAC_10_7 0
84 #define CURL_BUILD_MAC_10_8 0
85 #define CURL_SUPPORT_MAC_10_5 0
86 #define CURL_SUPPORT_MAC_10_6 0
87 #define CURL_SUPPORT_MAC_10_7 0
88 #define CURL_SUPPORT_MAC_10_8 0
89 #define CURL_SUPPORT_MAC_10_9 0
92 #error "The darwinssl back-end requires iOS or OS X."
93 #endif /* (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE)) */
96 #include <sys/sysctl.h>
97 #endif /* CURL_BUILD_MAC */
101 #include "inet_pton.h"
105 #include "darwinssl.h"
106 #include "curl_printf.h"
108 #include "curl_memory.h"
109 /* The last #include file should be: */
110 #include "memdebug.h"
112 /* From MacTypes.h (which we can't include because it isn't present in iOS: */
116 /* The following two functions were ripped from Apple sample code,
117 * with some modifications: */
118 static OSStatus SocketRead(SSLConnectionRef connection,
119 void *data, /* owned by
122 size_t *dataLength) /* IN/OUT */
124 size_t bytesToGo = *dataLength;
125 size_t initLen = bytesToGo;
126 UInt8 *currData = (UInt8 *)data;
127 /*int sock = *(int *)connection;*/
128 struct ssl_connect_data *connssl = (struct ssl_connect_data *)connection;
129 int sock = connssl->ssl_sockfd;
130 OSStatus rtn = noErr;
139 rrtn = read(sock, currData, bytesToGo);
141 /* this is guesswork... */
143 if(rrtn == 0) { /* EOF = server hung up */
144 /* the framework will turn this into errSSLClosedNoNotify */
145 rtn = errSSLClosedGraceful;
147 else /* do the switch */
150 /* connection closed */
151 rtn = errSSLClosedGraceful;
154 rtn = errSSLClosedAbort;
157 rtn = errSSLWouldBlock;
158 connssl->ssl_direction = false;
169 bytesToGo -= bytesRead;
170 currData += bytesRead;
173 /* filled buffer with incoming data, done */
177 *dataLength = initLen - bytesToGo;
182 static OSStatus SocketWrite(SSLConnectionRef connection,
184 size_t *dataLength) /* IN/OUT */
186 size_t bytesSent = 0;
187 /*int sock = *(int *)connection;*/
188 struct ssl_connect_data *connssl = (struct ssl_connect_data *)connection;
189 int sock = connssl->ssl_sockfd;
191 size_t dataLen = *dataLength;
192 const UInt8 *dataPtr = (UInt8 *)data;
200 (char *)dataPtr + bytesSent,
201 dataLen - bytesSent);
202 } while((length > 0) &&
203 ( (bytesSent += length) < dataLen) );
207 if(theErr == EAGAIN) {
208 ortn = errSSLWouldBlock;
209 connssl->ssl_direction = true;
218 *dataLength = bytesSent;
222 #ifndef CURL_DISABLE_VERBOSE_STRINGS
223 CF_INLINE const char *SSLCipherNameForNumber(SSLCipherSuite cipher)
226 /* SSL version 3.0 */
227 case SSL_RSA_WITH_NULL_MD5:
228 return "SSL_RSA_WITH_NULL_MD5";
230 case SSL_RSA_WITH_NULL_SHA:
231 return "SSL_RSA_WITH_NULL_SHA";
233 case SSL_RSA_EXPORT_WITH_RC4_40_MD5:
234 return "SSL_RSA_EXPORT_WITH_RC4_40_MD5";
236 case SSL_RSA_WITH_RC4_128_MD5:
237 return "SSL_RSA_WITH_RC4_128_MD5";
239 case SSL_RSA_WITH_RC4_128_SHA:
240 return "SSL_RSA_WITH_RC4_128_SHA";
242 case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5:
243 return "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5";
245 case SSL_RSA_WITH_IDEA_CBC_SHA:
246 return "SSL_RSA_WITH_IDEA_CBC_SHA";
248 case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA:
249 return "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA";
251 case SSL_RSA_WITH_DES_CBC_SHA:
252 return "SSL_RSA_WITH_DES_CBC_SHA";
254 case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
255 return "SSL_RSA_WITH_3DES_EDE_CBC_SHA";
257 case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
258 return "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA";
260 case SSL_DH_DSS_WITH_DES_CBC_SHA:
261 return "SSL_DH_DSS_WITH_DES_CBC_SHA";
263 case SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA:
264 return "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA";
266 case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA:
267 return "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA";
269 case SSL_DH_RSA_WITH_DES_CBC_SHA:
270 return "SSL_DH_RSA_WITH_DES_CBC_SHA";
272 case SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA:
273 return "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA";
275 case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
276 return "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA";
278 case SSL_DHE_DSS_WITH_DES_CBC_SHA:
279 return "SSL_DHE_DSS_WITH_DES_CBC_SHA";
281 case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
282 return "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA";
284 case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
285 return "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA";
287 case SSL_DHE_RSA_WITH_DES_CBC_SHA:
288 return "SSL_DHE_RSA_WITH_DES_CBC_SHA";
290 case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
291 return "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA";
293 case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5:
294 return "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5";
296 case SSL_DH_anon_WITH_RC4_128_MD5:
297 return "SSL_DH_anon_WITH_RC4_128_MD5";
299 case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA:
300 return "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA";
302 case SSL_DH_anon_WITH_DES_CBC_SHA:
303 return "SSL_DH_anon_WITH_DES_CBC_SHA";
305 case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA:
306 return "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA";
308 case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
309 return "SSL_FORTEZZA_DMS_WITH_NULL_SHA";
311 case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA:
312 return "SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA";
314 /* TLS 1.0 with AES (RFC 3268)
315 (Apparently these are used in SSLv3 implementations as well.) */
316 case TLS_RSA_WITH_AES_128_CBC_SHA:
317 return "TLS_RSA_WITH_AES_128_CBC_SHA";
319 case TLS_DH_DSS_WITH_AES_128_CBC_SHA:
320 return "TLS_DH_DSS_WITH_AES_128_CBC_SHA";
322 case TLS_DH_RSA_WITH_AES_128_CBC_SHA:
323 return "TLS_DH_RSA_WITH_AES_128_CBC_SHA";
325 case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
326 return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA";
328 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
329 return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA";
331 case TLS_DH_anon_WITH_AES_128_CBC_SHA:
332 return "TLS_DH_anon_WITH_AES_128_CBC_SHA";
334 case TLS_RSA_WITH_AES_256_CBC_SHA:
335 return "TLS_RSA_WITH_AES_256_CBC_SHA";
337 case TLS_DH_DSS_WITH_AES_256_CBC_SHA:
338 return "TLS_DH_DSS_WITH_AES_256_CBC_SHA";
340 case TLS_DH_RSA_WITH_AES_256_CBC_SHA:
341 return "TLS_DH_RSA_WITH_AES_256_CBC_SHA";
343 case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
344 return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA";
346 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
347 return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA";
349 case TLS_DH_anon_WITH_AES_256_CBC_SHA:
350 return "TLS_DH_anon_WITH_AES_256_CBC_SHA";
352 /* SSL version 2.0 */
353 case SSL_RSA_WITH_RC2_CBC_MD5:
354 return "SSL_RSA_WITH_RC2_CBC_MD5";
356 case SSL_RSA_WITH_IDEA_CBC_MD5:
357 return "SSL_RSA_WITH_IDEA_CBC_MD5";
359 case SSL_RSA_WITH_DES_CBC_MD5:
360 return "SSL_RSA_WITH_DES_CBC_MD5";
362 case SSL_RSA_WITH_3DES_EDE_CBC_MD5:
363 return "SSL_RSA_WITH_3DES_EDE_CBC_MD5";
366 return "SSL_NULL_WITH_NULL_NULL";
369 CF_INLINE const char *TLSCipherNameForNumber(SSLCipherSuite cipher)
372 /* TLS 1.0 with AES (RFC 3268) */
373 case TLS_RSA_WITH_AES_128_CBC_SHA:
374 return "TLS_RSA_WITH_AES_128_CBC_SHA";
376 case TLS_DH_DSS_WITH_AES_128_CBC_SHA:
377 return "TLS_DH_DSS_WITH_AES_128_CBC_SHA";
379 case TLS_DH_RSA_WITH_AES_128_CBC_SHA:
380 return "TLS_DH_RSA_WITH_AES_128_CBC_SHA";
382 case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
383 return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA";
385 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
386 return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA";
388 case TLS_DH_anon_WITH_AES_128_CBC_SHA:
389 return "TLS_DH_anon_WITH_AES_128_CBC_SHA";
391 case TLS_RSA_WITH_AES_256_CBC_SHA:
392 return "TLS_RSA_WITH_AES_256_CBC_SHA";
394 case TLS_DH_DSS_WITH_AES_256_CBC_SHA:
395 return "TLS_DH_DSS_WITH_AES_256_CBC_SHA";
397 case TLS_DH_RSA_WITH_AES_256_CBC_SHA:
398 return "TLS_DH_RSA_WITH_AES_256_CBC_SHA";
400 case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
401 return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA";
403 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
404 return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA";
406 case TLS_DH_anon_WITH_AES_256_CBC_SHA:
407 return "TLS_DH_anon_WITH_AES_256_CBC_SHA";
409 #if CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS
410 /* TLS 1.0 with ECDSA (RFC 4492) */
411 case TLS_ECDH_ECDSA_WITH_NULL_SHA:
412 return "TLS_ECDH_ECDSA_WITH_NULL_SHA";
414 case TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
415 return "TLS_ECDH_ECDSA_WITH_RC4_128_SHA";
417 case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
418 return "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA";
420 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
421 return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA";
423 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
424 return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA";
426 case TLS_ECDHE_ECDSA_WITH_NULL_SHA:
427 return "TLS_ECDHE_ECDSA_WITH_NULL_SHA";
429 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
430 return "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA";
432 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
433 return "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA";
435 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
436 return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA";
438 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
439 return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
441 case TLS_ECDH_RSA_WITH_NULL_SHA:
442 return "TLS_ECDH_RSA_WITH_NULL_SHA";
444 case TLS_ECDH_RSA_WITH_RC4_128_SHA:
445 return "TLS_ECDH_RSA_WITH_RC4_128_SHA";
447 case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
448 return "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA";
450 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
451 return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA";
453 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
454 return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA";
456 case TLS_ECDHE_RSA_WITH_NULL_SHA:
457 return "TLS_ECDHE_RSA_WITH_NULL_SHA";
459 case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
460 return "TLS_ECDHE_RSA_WITH_RC4_128_SHA";
462 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
463 return "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA";
465 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
466 return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA";
468 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
469 return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA";
471 case TLS_ECDH_anon_WITH_NULL_SHA:
472 return "TLS_ECDH_anon_WITH_NULL_SHA";
474 case TLS_ECDH_anon_WITH_RC4_128_SHA:
475 return "TLS_ECDH_anon_WITH_RC4_128_SHA";
477 case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
478 return "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA";
480 case TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
481 return "TLS_ECDH_anon_WITH_AES_128_CBC_SHA";
483 case TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
484 return "TLS_ECDH_anon_WITH_AES_256_CBC_SHA";
486 #endif /* CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS */
487 #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
488 /* TLS 1.2 (RFC 5246) */
489 case TLS_RSA_WITH_NULL_MD5:
490 return "TLS_RSA_WITH_NULL_MD5";
492 case TLS_RSA_WITH_NULL_SHA:
493 return "TLS_RSA_WITH_NULL_SHA";
495 case TLS_RSA_WITH_RC4_128_MD5:
496 return "TLS_RSA_WITH_RC4_128_MD5";
498 case TLS_RSA_WITH_RC4_128_SHA:
499 return "TLS_RSA_WITH_RC4_128_SHA";
501 case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
502 return "TLS_RSA_WITH_3DES_EDE_CBC_SHA";
504 case TLS_RSA_WITH_NULL_SHA256:
505 return "TLS_RSA_WITH_NULL_SHA256";
507 case TLS_RSA_WITH_AES_128_CBC_SHA256:
508 return "TLS_RSA_WITH_AES_128_CBC_SHA256";
510 case TLS_RSA_WITH_AES_256_CBC_SHA256:
511 return "TLS_RSA_WITH_AES_256_CBC_SHA256";
513 case TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
514 return "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA";
516 case TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
517 return "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA";
519 case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
520 return "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA";
522 case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
523 return "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA";
525 case TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
526 return "TLS_DH_DSS_WITH_AES_128_CBC_SHA256";
528 case TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
529 return "TLS_DH_RSA_WITH_AES_128_CBC_SHA256";
531 case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
532 return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256";
534 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
535 return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256";
537 case TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
538 return "TLS_DH_DSS_WITH_AES_256_CBC_SHA256";
540 case TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
541 return "TLS_DH_RSA_WITH_AES_256_CBC_SHA256";
543 case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
544 return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256";
546 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
547 return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256";
549 case TLS_DH_anon_WITH_RC4_128_MD5:
550 return "TLS_DH_anon_WITH_RC4_128_MD5";
552 case TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
553 return "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA";
555 case TLS_DH_anon_WITH_AES_128_CBC_SHA256:
556 return "TLS_DH_anon_WITH_AES_128_CBC_SHA256";
558 case TLS_DH_anon_WITH_AES_256_CBC_SHA256:
559 return "TLS_DH_anon_WITH_AES_256_CBC_SHA256";
561 /* TLS 1.2 with AES GCM (RFC 5288) */
562 case TLS_RSA_WITH_AES_128_GCM_SHA256:
563 return "TLS_RSA_WITH_AES_128_GCM_SHA256";
565 case TLS_RSA_WITH_AES_256_GCM_SHA384:
566 return "TLS_RSA_WITH_AES_256_GCM_SHA384";
568 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
569 return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256";
571 case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
572 return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384";
574 case TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
575 return "TLS_DH_RSA_WITH_AES_128_GCM_SHA256";
577 case TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
578 return "TLS_DH_RSA_WITH_AES_256_GCM_SHA384";
580 case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
581 return "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256";
583 case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
584 return "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384";
586 case TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
587 return "TLS_DH_DSS_WITH_AES_128_GCM_SHA256";
589 case TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
590 return "TLS_DH_DSS_WITH_AES_256_GCM_SHA384";
592 case TLS_DH_anon_WITH_AES_128_GCM_SHA256:
593 return "TLS_DH_anon_WITH_AES_128_GCM_SHA256";
595 case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
596 return "TLS_DH_anon_WITH_AES_256_GCM_SHA384";
598 /* TLS 1.2 with elliptic curve ciphers (RFC 5289) */
599 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
600 return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256";
602 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
603 return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384";
605 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
606 return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256";
608 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
609 return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384";
611 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
612 return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256";
614 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
615 return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384";
617 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
618 return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256";
620 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
621 return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384";
623 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
624 return "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
626 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
627 return "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384";
629 case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
630 return "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256";
632 case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
633 return "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384";
635 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
636 return "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
638 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
639 return "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384";
641 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
642 return "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256";
644 case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
645 return "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384";
647 case TLS_EMPTY_RENEGOTIATION_INFO_SCSV:
648 return "TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
651 case SSL_RSA_WITH_NULL_MD5:
652 return "TLS_RSA_WITH_NULL_MD5";
654 case SSL_RSA_WITH_NULL_SHA:
655 return "TLS_RSA_WITH_NULL_SHA";
657 case SSL_RSA_WITH_RC4_128_MD5:
658 return "TLS_RSA_WITH_RC4_128_MD5";
660 case SSL_RSA_WITH_RC4_128_SHA:
661 return "TLS_RSA_WITH_RC4_128_SHA";
663 case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
664 return "TLS_RSA_WITH_3DES_EDE_CBC_SHA";
666 case SSL_DH_anon_WITH_RC4_128_MD5:
667 return "TLS_DH_anon_WITH_RC4_128_MD5";
669 case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA:
670 return "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA";
672 #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
673 #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
674 /* TLS PSK (RFC 4279): */
675 case TLS_PSK_WITH_RC4_128_SHA:
676 return "TLS_PSK_WITH_RC4_128_SHA";
678 case TLS_PSK_WITH_3DES_EDE_CBC_SHA:
679 return "TLS_PSK_WITH_3DES_EDE_CBC_SHA";
681 case TLS_PSK_WITH_AES_128_CBC_SHA:
682 return "TLS_PSK_WITH_AES_128_CBC_SHA";
684 case TLS_PSK_WITH_AES_256_CBC_SHA:
685 return "TLS_PSK_WITH_AES_256_CBC_SHA";
687 case TLS_DHE_PSK_WITH_RC4_128_SHA:
688 return "TLS_DHE_PSK_WITH_RC4_128_SHA";
690 case TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
691 return "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA";
693 case TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
694 return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA";
696 case TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
697 return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA";
699 case TLS_RSA_PSK_WITH_RC4_128_SHA:
700 return "TLS_RSA_PSK_WITH_RC4_128_SHA";
702 case TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
703 return "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA";
705 case TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
706 return "TLS_RSA_PSK_WITH_AES_128_CBC_SHA";
708 case TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
709 return "TLS_RSA_PSK_WITH_AES_256_CBC_SHA";
711 /* More TLS PSK (RFC 4785): */
712 case TLS_PSK_WITH_NULL_SHA:
713 return "TLS_PSK_WITH_NULL_SHA";
715 case TLS_DHE_PSK_WITH_NULL_SHA:
716 return "TLS_DHE_PSK_WITH_NULL_SHA";
718 case TLS_RSA_PSK_WITH_NULL_SHA:
719 return "TLS_RSA_PSK_WITH_NULL_SHA";
721 /* Even more TLS PSK (RFC 5487): */
722 case TLS_PSK_WITH_AES_128_GCM_SHA256:
723 return "TLS_PSK_WITH_AES_128_GCM_SHA256";
725 case TLS_PSK_WITH_AES_256_GCM_SHA384:
726 return "TLS_PSK_WITH_AES_256_GCM_SHA384";
728 case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
729 return "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256";
731 case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
732 return "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384";
734 case TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
735 return "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256";
737 case TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
738 return "TLS_PSK_WITH_AES_256_GCM_SHA384";
740 case TLS_PSK_WITH_AES_128_CBC_SHA256:
741 return "TLS_PSK_WITH_AES_128_CBC_SHA256";
743 case TLS_PSK_WITH_AES_256_CBC_SHA384:
744 return "TLS_PSK_WITH_AES_256_CBC_SHA384";
746 case TLS_PSK_WITH_NULL_SHA256:
747 return "TLS_PSK_WITH_NULL_SHA256";
749 case TLS_PSK_WITH_NULL_SHA384:
750 return "TLS_PSK_WITH_NULL_SHA384";
752 case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
753 return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256";
755 case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
756 return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384";
758 case TLS_DHE_PSK_WITH_NULL_SHA256:
759 return "TLS_DHE_PSK_WITH_NULL_SHA256";
761 case TLS_DHE_PSK_WITH_NULL_SHA384:
762 return "TLS_RSA_PSK_WITH_NULL_SHA384";
764 case TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
765 return "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256";
767 case TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
768 return "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384";
770 case TLS_RSA_PSK_WITH_NULL_SHA256:
771 return "TLS_RSA_PSK_WITH_NULL_SHA256";
773 case TLS_RSA_PSK_WITH_NULL_SHA384:
774 return "TLS_RSA_PSK_WITH_NULL_SHA384";
776 #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
778 return "TLS_NULL_WITH_NULL_NULL";
780 #endif /* !CURL_DISABLE_VERBOSE_STRINGS */
783 CF_INLINE void GetDarwinVersionNumber(int *major, int *minor)
787 size_t os_version_len;
788 char *os_version_major, *os_version_minor;
791 /* Get the Darwin kernel version from the kernel using sysctl(): */
793 mib[1] = KERN_OSRELEASE;
794 if(sysctl(mib, 2, NULL, &os_version_len, NULL, 0) == -1)
796 os_version = malloc(os_version_len*sizeof(char));
799 if(sysctl(mib, 2, os_version, &os_version_len, NULL, 0) == -1) {
804 /* Parse the version: */
805 os_version_major = strtok_r(os_version, ".", &tok_buf);
806 os_version_minor = strtok_r(NULL, ".", &tok_buf);
807 *major = atoi(os_version_major);
808 *minor = atoi(os_version_minor);
811 #endif /* CURL_BUILD_MAC */
813 /* Apple provides a myriad of ways of getting information about a certificate
814 into a string. Some aren't available under iOS or newer cats. So here's
815 a unified function for getting a string describing the certificate that
816 ought to work in all cats starting with Leopard. */
817 CF_INLINE CFStringRef CopyCertSubject(SecCertificateRef cert)
819 CFStringRef server_cert_summary = CFSTR("(null)");
822 /* iOS: There's only one way to do this. */
823 server_cert_summary = SecCertificateCopySubjectSummary(cert);
825 #if CURL_BUILD_MAC_10_7
826 /* Lion & later: Get the long description if we can. */
827 if(SecCertificateCopyLongDescription != NULL)
828 server_cert_summary =
829 SecCertificateCopyLongDescription(NULL, cert, NULL);
831 #endif /* CURL_BUILD_MAC_10_7 */
832 #if CURL_BUILD_MAC_10_6
833 /* Snow Leopard: Get the certificate summary. */
834 if(SecCertificateCopySubjectSummary != NULL)
835 server_cert_summary = SecCertificateCopySubjectSummary(cert);
837 #endif /* CURL_BUILD_MAC_10_6 */
838 /* Leopard is as far back as we go... */
839 (void)SecCertificateCopyCommonName(cert, &server_cert_summary);
840 #endif /* CURL_BUILD_IOS */
841 return server_cert_summary;
844 #if CURL_SUPPORT_MAC_10_6
845 /* The SecKeychainSearch API was deprecated in Lion, and using it will raise
846 deprecation warnings, so let's not compile this unless it's necessary: */
847 static OSStatus CopyIdentityWithLabelOldSchool(char *label,
848 SecIdentityRef *out_c_a_k)
850 OSStatus status = errSecItemNotFound;
851 SecKeychainAttributeList attr_list;
852 SecKeychainAttribute attr;
853 SecKeychainSearchRef search = NULL;
854 SecCertificateRef cert = NULL;
856 /* Set up the attribute list: */
857 attr_list.count = 1L;
858 attr_list.attr = &attr;
860 /* Set up our lone search criterion: */
861 attr.tag = kSecLabelItemAttr;
863 attr.length = (UInt32)strlen(label);
865 /* Start searching: */
866 status = SecKeychainSearchCreateFromAttributes(NULL,
867 kSecCertificateItemClass,
870 if(status == noErr) {
871 status = SecKeychainSearchCopyNext(search,
872 (SecKeychainItemRef *)&cert);
873 if(status == noErr && cert) {
874 /* If we found a certificate, does it have a private key? */
875 status = SecIdentityCreateWithCertificate(NULL, cert, out_c_a_k);
884 #endif /* CURL_SUPPORT_MAC_10_6 */
886 static OSStatus CopyIdentityWithLabel(char *label,
887 SecIdentityRef *out_cert_and_key)
889 OSStatus status = errSecItemNotFound;
891 #if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
892 CFArrayRef keys_list;
893 CFIndex keys_list_count;
895 CFStringRef common_name;
897 /* SecItemCopyMatching() was introduced in iOS and Snow Leopard.
898 kSecClassIdentity was introduced in Lion. If both exist, let's use them
899 to find the certificate. */
900 if(SecItemCopyMatching != NULL && kSecClassIdentity != NULL) {
903 CFDictionaryRef query_dict;
904 CFStringRef label_cf = CFStringCreateWithCString(NULL, label,
905 kCFStringEncodingUTF8);
907 /* Set up our search criteria and expected results: */
908 values[0] = kSecClassIdentity; /* we want a certificate and a key */
910 values[1] = kCFBooleanTrue; /* we want a reference */
911 keys[1] = kSecReturnRef;
912 values[2] = kSecMatchLimitAll; /* kSecMatchLimitOne would be better if the
913 * label matching below worked correctly */
914 keys[2] = kSecMatchLimit;
915 /* identity searches need a SecPolicyRef in order to work */
916 values[3] = SecPolicyCreateSSL(false, NULL);
917 keys[3] = kSecMatchPolicy;
918 /* match the name of the certificate (doesn't work in macOS 10.12.1) */
919 values[4] = label_cf;
920 keys[4] = kSecAttrLabel;
921 query_dict = CFDictionaryCreate(NULL, (const void **)keys,
922 (const void **)values, 5L,
923 &kCFCopyStringDictionaryKeyCallBacks,
924 &kCFTypeDictionaryValueCallBacks);
925 CFRelease(values[3]);
927 /* Do we have a match? */
928 status = SecItemCopyMatching(query_dict, (CFTypeRef *) &keys_list);
930 /* Because kSecAttrLabel matching doesn't work with kSecClassIdentity,
931 * we need to find the correct identity ourselves */
932 if(status == noErr) {
933 keys_list_count = CFArrayGetCount(keys_list);
934 *out_cert_and_key = NULL;
936 for(i=0; i<keys_list_count; i++) {
937 OSStatus err = noErr;
938 SecCertificateRef cert = NULL;
939 SecIdentityRef identity =
940 (SecIdentityRef) CFArrayGetValueAtIndex(keys_list, i);
941 err = SecIdentityCopyCertificate(identity, &cert);
944 common_name = SecCertificateCopySubjectSummary(cert);
945 #elif CURL_BUILD_MAC_10_7
946 SecCertificateCopyCommonName(cert, &common_name);
948 if(CFStringCompare(common_name, label_cf, 0) == kCFCompareEqualTo) {
950 CFRelease(common_name);
952 *out_cert_and_key = identity;
956 CFRelease(common_name);
963 CFRelease(keys_list);
964 CFRelease(query_dict);
968 #if CURL_SUPPORT_MAC_10_6
969 /* On Leopard and Snow Leopard, fall back to SecKeychainSearch. */
970 status = CopyIdentityWithLabelOldSchool(label, out_cert_and_key);
971 #endif /* CURL_SUPPORT_MAC_10_6 */
973 #elif CURL_SUPPORT_MAC_10_6
974 /* For developers building on older cats, we have no choice but to fall back
975 to SecKeychainSearch. */
976 status = CopyIdentityWithLabelOldSchool(label, out_cert_and_key);
977 #endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */
981 static OSStatus CopyIdentityFromPKCS12File(const char *cPath,
982 const char *cPassword,
983 SecIdentityRef *out_cert_and_key)
985 OSStatus status = errSecItemNotFound;
986 CFURLRef pkcs_url = CFURLCreateFromFileSystemRepresentation(NULL,
987 (const UInt8 *)cPath, strlen(cPath), false);
988 CFStringRef password = cPassword ? CFStringCreateWithCString(NULL,
989 cPassword, kCFStringEncodingUTF8) : NULL;
990 CFDataRef pkcs_data = NULL;
992 /* We can import P12 files on iOS or OS X 10.7 or later: */
993 /* These constants are documented as having first appeared in 10.6 but they
994 raise linker errors when used on that cat for some reason. */
995 #if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
996 if(CFURLCreateDataAndPropertiesFromResource(NULL, pkcs_url, &pkcs_data,
997 NULL, NULL, &status)) {
998 const void *cKeys[] = {kSecImportExportPassphrase};
999 const void *cValues[] = {password};
1000 CFDictionaryRef options = CFDictionaryCreate(NULL, cKeys, cValues,
1001 password ? 1L : 0L, NULL, NULL);
1002 CFArrayRef items = NULL;
1005 status = SecPKCS12Import(pkcs_data, options, &items);
1006 if(status == errSecSuccess && items && CFArrayGetCount(items)) {
1007 CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L);
1008 const void *temp_identity = CFDictionaryGetValue(identity_and_trust,
1009 kSecImportItemIdentity);
1011 /* Retain the identity; we don't care about any other data... */
1012 CFRetain(temp_identity);
1013 *out_cert_and_key = (SecIdentityRef)temp_identity;
1019 CFRelease(pkcs_data);
1021 #endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */
1023 CFRelease(password);
1024 CFRelease(pkcs_url);
1028 /* This code was borrowed from nss.c, with some modifications:
1029 * Determine whether the nickname passed in is a filename that needs to
1030 * be loaded as a PEM or a regular NSS nickname.
1032 * returns 1 for a file
1033 * returns 0 for not a file
1035 CF_INLINE bool is_file(const char *filename)
1039 if(filename == NULL)
1042 if(stat(filename, &st) == 0)
1043 return S_ISREG(st.st_mode);
1047 static CURLcode darwinssl_connect_step1(struct connectdata *conn,
1050 struct Curl_easy *data = conn->data;
1051 curl_socket_t sockfd = conn->sock[sockindex];
1052 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
1053 const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile);
1054 const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
1055 char * const ssl_cert = SSL_SET_OPTION(cert);
1056 const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
1058 const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port;
1060 struct in6_addr addr;
1062 struct in_addr addr;
1063 #endif /* ENABLE_IPV6 */
1064 size_t all_ciphers_count = 0UL, allowed_ciphers_count = 0UL, i;
1065 SSLCipherSuite *all_ciphers = NULL, *allowed_ciphers = NULL;
1066 OSStatus err = noErr;
1068 int darwinver_maj = 0, darwinver_min = 0;
1070 GetDarwinVersionNumber(&darwinver_maj, &darwinver_min);
1071 #endif /* CURL_BUILD_MAC */
1073 #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
1074 if(SSLCreateContext != NULL) { /* use the newer API if avaialble */
1075 if(connssl->ssl_ctx)
1076 CFRelease(connssl->ssl_ctx);
1077 connssl->ssl_ctx = SSLCreateContext(NULL, kSSLClientSide, kSSLStreamType);
1078 if(!connssl->ssl_ctx) {
1079 failf(data, "SSL: couldn't create a context!");
1080 return CURLE_OUT_OF_MEMORY;
1084 /* The old ST API does not exist under iOS, so don't compile it: */
1085 #if CURL_SUPPORT_MAC_10_8
1086 if(connssl->ssl_ctx)
1087 (void)SSLDisposeContext(connssl->ssl_ctx);
1088 err = SSLNewContext(false, &(connssl->ssl_ctx));
1090 failf(data, "SSL: couldn't create a context: OSStatus %d", err);
1091 return CURLE_OUT_OF_MEMORY;
1093 #endif /* CURL_SUPPORT_MAC_10_8 */
1096 if(connssl->ssl_ctx)
1097 (void)SSLDisposeContext(connssl->ssl_ctx);
1098 err = SSLNewContext(false, &(connssl->ssl_ctx));
1100 failf(data, "SSL: couldn't create a context: OSStatus %d", err);
1101 return CURLE_OUT_OF_MEMORY;
1103 #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
1104 connssl->ssl_write_buffered_length = 0UL; /* reset buffered write length */
1106 /* check to see if we've been told to use an explicit SSL/TLS version */
1107 #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
1108 if(SSLSetProtocolVersionMax != NULL) {
1109 switch(conn->ssl_config.version) {
1110 case CURL_SSLVERSION_DEFAULT:
1111 case CURL_SSLVERSION_TLSv1:
1112 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1);
1113 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
1115 case CURL_SSLVERSION_TLSv1_0:
1116 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1);
1117 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol1);
1119 case CURL_SSLVERSION_TLSv1_1:
1120 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol11);
1121 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol11);
1123 case CURL_SSLVERSION_TLSv1_2:
1124 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol12);
1125 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12);
1127 case CURL_SSLVERSION_TLSv1_3:
1128 failf(data, "DarwinSSL: TLS 1.3 is not yet supported");
1129 return CURLE_SSL_CONNECT_ERROR;
1130 case CURL_SSLVERSION_SSLv3:
1131 err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol3);
1133 failf(data, "Your version of the OS does not support SSLv3");
1134 return CURLE_SSL_CONNECT_ERROR;
1136 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol3);
1138 case CURL_SSLVERSION_SSLv2:
1139 err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol2);
1141 failf(data, "Your version of the OS does not support SSLv2");
1142 return CURLE_SSL_CONNECT_ERROR;
1144 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol2);
1147 failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
1148 return CURLE_SSL_CONNECT_ERROR;
1152 #if CURL_SUPPORT_MAC_10_8
1153 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1156 switch(conn->ssl_config.version) {
1157 case CURL_SSLVERSION_DEFAULT:
1158 case CURL_SSLVERSION_TLSv1:
1159 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1162 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1165 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1169 case CURL_SSLVERSION_TLSv1_0:
1170 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1174 case CURL_SSLVERSION_TLSv1_1:
1175 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1179 case CURL_SSLVERSION_TLSv1_2:
1180 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1184 case CURL_SSLVERSION_TLSv1_3:
1185 failf(data, "DarwinSSL: TLS 1.3 is not yet supported");
1186 return CURLE_SSL_CONNECT_ERROR;
1187 case CURL_SSLVERSION_SSLv3:
1188 err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1192 failf(data, "Your version of the OS does not support SSLv3");
1193 return CURLE_SSL_CONNECT_ERROR;
1196 case CURL_SSLVERSION_SSLv2:
1197 err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1201 failf(data, "Your version of the OS does not support SSLv2");
1202 return CURLE_SSL_CONNECT_ERROR;
1206 failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
1207 return CURLE_SSL_CONNECT_ERROR;
1209 #endif /* CURL_SUPPORT_MAC_10_8 */
1212 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, kSSLProtocolAll, false);
1213 switch(conn->ssl_config.version) {
1214 case CURL_SSLVERSION_DEFAULT:
1215 case CURL_SSLVERSION_TLSv1:
1216 case CURL_SSLVERSION_TLSv1_0:
1217 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1221 case CURL_SSLVERSION_TLSv1_1:
1222 failf(data, "Your version of the OS does not support TLSv1.1");
1223 return CURLE_SSL_CONNECT_ERROR;
1224 case CURL_SSLVERSION_TLSv1_2:
1225 failf(data, "Your version of the OS does not support TLSv1.2");
1226 return CURLE_SSL_CONNECT_ERROR;
1227 case CURL_SSLVERSION_TLSv1_3:
1228 failf(data, "Your version of the OS does not support TLSv1.3");
1229 return CURLE_SSL_CONNECT_ERROR;
1230 case CURL_SSLVERSION_SSLv2:
1231 err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1235 failf(data, "Your version of the OS does not support SSLv2");
1236 return CURLE_SSL_CONNECT_ERROR;
1239 case CURL_SSLVERSION_SSLv3:
1240 err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx,
1244 failf(data, "Your version of the OS does not support SSLv3");
1245 return CURLE_SSL_CONNECT_ERROR;
1249 failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
1250 return CURLE_SSL_CONNECT_ERROR;
1252 #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
1254 if(SSL_SET_OPTION(key)) {
1255 infof(data, "WARNING: SSL: CURLOPT_SSLKEY is ignored by Secure "
1256 "Transport. The private key must be in the Keychain.\n");
1260 SecIdentityRef cert_and_key = NULL;
1261 bool is_cert_file = is_file(ssl_cert);
1263 /* User wants to authenticate with a client cert. Look for it:
1264 If we detect that this is a file on disk, then let's load it.
1265 Otherwise, assume that the user wants to use an identity loaded
1266 from the Keychain. */
1268 if(!SSL_SET_OPTION(cert_type))
1269 infof(data, "WARNING: SSL: Certificate type not set, assuming "
1270 "PKCS#12 format.\n");
1271 else if(strncmp(SSL_SET_OPTION(cert_type), "P12",
1272 strlen(SSL_SET_OPTION(cert_type))) != 0)
1273 infof(data, "WARNING: SSL: The Security framework only supports "
1274 "loading identities that are in PKCS#12 format.\n");
1276 err = CopyIdentityFromPKCS12File(ssl_cert,
1277 SSL_SET_OPTION(key_passwd), &cert_and_key);
1280 err = CopyIdentityWithLabel(ssl_cert, &cert_and_key);
1283 SecCertificateRef cert = NULL;
1284 CFTypeRef certs_c[1];
1287 /* If we found one, print it out: */
1288 err = SecIdentityCopyCertificate(cert_and_key, &cert);
1290 CFStringRef cert_summary = CopyCertSubject(cert);
1291 char cert_summary_c[128];
1294 memset(cert_summary_c, 0, 128);
1295 if(CFStringGetCString(cert_summary,
1298 kCFStringEncodingUTF8)) {
1299 infof(data, "Client certificate: %s\n", cert_summary_c);
1301 CFRelease(cert_summary);
1305 certs_c[0] = cert_and_key;
1306 certs = CFArrayCreate(NULL, (const void **)certs_c, 1L,
1307 &kCFTypeArrayCallBacks);
1308 err = SSLSetCertificate(connssl->ssl_ctx, certs);
1312 failf(data, "SSL: SSLSetCertificate() failed: OSStatus %d", err);
1313 return CURLE_SSL_CERTPROBLEM;
1315 CFRelease(cert_and_key);
1319 case errSecAuthFailed: case -25264: /* errSecPkcs12VerifyFailure */
1320 failf(data, "SSL: Incorrect password for the certificate \"%s\" "
1321 "and its private key.", ssl_cert);
1323 case -26275: /* errSecDecode */ case -25257: /* errSecUnknownFormat */
1324 failf(data, "SSL: Couldn't make sense of the data in the "
1325 "certificate \"%s\" and its private key.",
1328 case -25260: /* errSecPassphraseRequired */
1329 failf(data, "SSL The certificate \"%s\" requires a password.",
1332 case errSecItemNotFound:
1333 failf(data, "SSL: Can't find the certificate \"%s\" and its private "
1334 "key in the Keychain.", ssl_cert);
1337 failf(data, "SSL: Can't load the certificate \"%s\" and its private "
1338 "key: OSStatus %d", ssl_cert, err);
1341 return CURLE_SSL_CERTPROBLEM;
1345 /* SSL always tries to verify the peer, this only says whether it should
1346 * fail to connect if the verification fails, or if it should continue
1347 * anyway. In the latter case the result of the verification is checked with
1348 * SSL_get_verify_result() below. */
1349 #if CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS
1350 /* Snow Leopard introduced the SSLSetSessionOption() function, but due to
1351 a library bug with the way the kSSLSessionOptionBreakOnServerAuth flag
1352 works, it doesn't work as expected under Snow Leopard, Lion or
1354 So we need to call SSLSetEnableCertVerify() on those older cats in order
1355 to disable certificate validation if the user turned that off.
1356 (SecureTransport will always validate the certificate chain by
1359 Darwin 11.x.x is Lion (10.7)
1360 Darwin 12.x.x is Mountain Lion (10.8)
1361 Darwin 13.x.x is Mavericks (10.9)
1362 Darwin 14.x.x is Yosemite (10.10)
1363 Darwin 15.x.x is El Capitan (10.11)
1366 if(SSLSetSessionOption != NULL && darwinver_maj >= 13) {
1368 if(SSLSetSessionOption != NULL) {
1369 #endif /* CURL_BUILD_MAC */
1370 bool break_on_auth = !conn->ssl_config.verifypeer || ssl_cafile;
1371 err = SSLSetSessionOption(connssl->ssl_ctx,
1372 kSSLSessionOptionBreakOnServerAuth,
1375 failf(data, "SSL: SSLSetSessionOption() failed: OSStatus %d", err);
1376 return CURLE_SSL_CONNECT_ERROR;
1380 #if CURL_SUPPORT_MAC_10_8
1381 err = SSLSetEnableCertVerify(connssl->ssl_ctx,
1382 conn->ssl_config.verifypeer?true:false);
1384 failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err);
1385 return CURLE_SSL_CONNECT_ERROR;
1387 #endif /* CURL_SUPPORT_MAC_10_8 */
1390 err = SSLSetEnableCertVerify(connssl->ssl_ctx,
1391 conn->ssl_config.verifypeer?true:false);
1393 failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err);
1394 return CURLE_SSL_CONNECT_ERROR;
1396 #endif /* CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS */
1398 if(ssl_cafile && verifypeer) {
1399 bool is_cert_file = is_file(ssl_cafile);
1402 failf(data, "SSL: can't load CA certificate file %s", ssl_cafile);
1403 return CURLE_SSL_CACERT_BADFILE;
1407 /* Configure hostname check. SNI is used if available.
1408 * Both hostname check and SNI require SSLSetPeerDomainName().
1409 * Also: the verifyhost setting influences SNI usage */
1410 if(conn->ssl_config.verifyhost) {
1411 err = SSLSetPeerDomainName(connssl->ssl_ctx, hostname,
1415 infof(data, "WARNING: SSL: SSLSetPeerDomainName() failed: OSStatus %d\n",
1419 if((Curl_inet_pton(AF_INET, hostname, &addr))
1421 || (Curl_inet_pton(AF_INET6, hostname, &addr))
1424 infof(data, "WARNING: using IP address, SNI is being disabled by "
1429 /* Disable cipher suites that ST supports but are not safe. These ciphers
1430 are unlikely to be used in any case since ST gives other ciphers a much
1431 higher priority, but it's probably better that we not connect at all than
1432 to give the user a false sense of security if the server only supports
1433 insecure ciphers. (Note: We don't care about SSLv2-only ciphers.) */
1434 (void)SSLGetNumberSupportedCiphers(connssl->ssl_ctx, &all_ciphers_count);
1435 all_ciphers = malloc(all_ciphers_count*sizeof(SSLCipherSuite));
1436 allowed_ciphers = malloc(all_ciphers_count*sizeof(SSLCipherSuite));
1437 if(all_ciphers && allowed_ciphers &&
1438 SSLGetSupportedCiphers(connssl->ssl_ctx, all_ciphers,
1439 &all_ciphers_count) == noErr) {
1440 for(i = 0UL ; i < all_ciphers_count ; i++) {
1442 /* There's a known bug in early versions of Mountain Lion where ST's ECC
1443 ciphers (cipher suite 0xC001 through 0xC032) simply do not work.
1444 Work around the problem here by disabling those ciphers if we are
1445 running in an affected version of OS X. */
1446 if(darwinver_maj == 12 && darwinver_min <= 3 &&
1447 all_ciphers[i] >= 0xC001 && all_ciphers[i] <= 0xC032) {
1450 #endif /* CURL_BUILD_MAC */
1451 switch(all_ciphers[i]) {
1452 /* Disable NULL ciphersuites: */
1453 case SSL_NULL_WITH_NULL_NULL:
1454 case SSL_RSA_WITH_NULL_MD5:
1455 case SSL_RSA_WITH_NULL_SHA:
1456 case 0x003B: /* TLS_RSA_WITH_NULL_SHA256 */
1457 case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
1458 case 0xC001: /* TLS_ECDH_ECDSA_WITH_NULL_SHA */
1459 case 0xC006: /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */
1460 case 0xC00B: /* TLS_ECDH_RSA_WITH_NULL_SHA */
1461 case 0xC010: /* TLS_ECDHE_RSA_WITH_NULL_SHA */
1462 case 0x002C: /* TLS_PSK_WITH_NULL_SHA */
1463 case 0x002D: /* TLS_DHE_PSK_WITH_NULL_SHA */
1464 case 0x002E: /* TLS_RSA_PSK_WITH_NULL_SHA */
1465 case 0x00B0: /* TLS_PSK_WITH_NULL_SHA256 */
1466 case 0x00B1: /* TLS_PSK_WITH_NULL_SHA384 */
1467 case 0x00B4: /* TLS_DHE_PSK_WITH_NULL_SHA256 */
1468 case 0x00B5: /* TLS_DHE_PSK_WITH_NULL_SHA384 */
1469 case 0x00B8: /* TLS_RSA_PSK_WITH_NULL_SHA256 */
1470 case 0x00B9: /* TLS_RSA_PSK_WITH_NULL_SHA384 */
1471 /* Disable anonymous ciphersuites: */
1472 case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5:
1473 case SSL_DH_anon_WITH_RC4_128_MD5:
1474 case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA:
1475 case SSL_DH_anon_WITH_DES_CBC_SHA:
1476 case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA:
1477 case TLS_DH_anon_WITH_AES_128_CBC_SHA:
1478 case TLS_DH_anon_WITH_AES_256_CBC_SHA:
1479 case 0xC015: /* TLS_ECDH_anon_WITH_NULL_SHA */
1480 case 0xC016: /* TLS_ECDH_anon_WITH_RC4_128_SHA */
1481 case 0xC017: /* TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA */
1482 case 0xC018: /* TLS_ECDH_anon_WITH_AES_128_CBC_SHA */
1483 case 0xC019: /* TLS_ECDH_anon_WITH_AES_256_CBC_SHA */
1484 case 0x006C: /* TLS_DH_anon_WITH_AES_128_CBC_SHA256 */
1485 case 0x006D: /* TLS_DH_anon_WITH_AES_256_CBC_SHA256 */
1486 case 0x00A6: /* TLS_DH_anon_WITH_AES_128_GCM_SHA256 */
1487 case 0x00A7: /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */
1488 /* Disable weak key ciphersuites: */
1489 case SSL_RSA_EXPORT_WITH_RC4_40_MD5:
1490 case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5:
1491 case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA:
1492 case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
1493 case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA:
1494 case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
1495 case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
1496 case SSL_RSA_WITH_DES_CBC_SHA:
1497 case SSL_DH_DSS_WITH_DES_CBC_SHA:
1498 case SSL_DH_RSA_WITH_DES_CBC_SHA:
1499 case SSL_DHE_DSS_WITH_DES_CBC_SHA:
1500 case SSL_DHE_RSA_WITH_DES_CBC_SHA:
1502 case SSL_RSA_WITH_IDEA_CBC_SHA:
1503 case SSL_RSA_WITH_IDEA_CBC_MD5:
1505 case SSL_RSA_WITH_RC4_128_MD5:
1506 case SSL_RSA_WITH_RC4_128_SHA:
1507 case 0xC002: /* TLS_ECDH_ECDSA_WITH_RC4_128_SHA */
1508 case 0xC007: /* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA*/
1509 case 0xC00C: /* TLS_ECDH_RSA_WITH_RC4_128_SHA */
1510 case 0xC011: /* TLS_ECDHE_RSA_WITH_RC4_128_SHA */
1511 case 0x008A: /* TLS_PSK_WITH_RC4_128_SHA */
1512 case 0x008E: /* TLS_DHE_PSK_WITH_RC4_128_SHA */
1513 case 0x0092: /* TLS_RSA_PSK_WITH_RC4_128_SHA */
1515 default: /* enable everything else */
1516 allowed_ciphers[allowed_ciphers_count++] = all_ciphers[i];
1520 err = SSLSetEnabledCiphers(connssl->ssl_ctx, allowed_ciphers,
1521 allowed_ciphers_count);
1523 failf(data, "SSL: SSLSetEnabledCiphers() failed: OSStatus %d", err);
1524 return CURLE_SSL_CONNECT_ERROR;
1528 Curl_safefree(all_ciphers);
1529 Curl_safefree(allowed_ciphers);
1530 failf(data, "SSL: Failed to allocate memory for allowed ciphers");
1531 return CURLE_OUT_OF_MEMORY;
1533 Curl_safefree(all_ciphers);
1534 Curl_safefree(allowed_ciphers);
1536 #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
1537 /* We want to enable 1/n-1 when using a CBC cipher unless the user
1538 specifically doesn't want us doing that: */
1539 if(SSLSetSessionOption != NULL) {
1540 /* TODO s/data->set.ssl.enable_beast/SSL_SET_OPTION(enable_beast)/g */
1541 SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionSendOneByteRecord,
1542 !data->set.ssl.enable_beast);
1543 SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionFalseStart,
1544 data->set.ssl.falsestart); /* false start support */
1546 #endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */
1548 /* Check if there's a cached ID we can/should use here! */
1549 if(SSL_SET_OPTION(primary.sessionid)) {
1550 char *ssl_sessionid;
1551 size_t ssl_sessionid_len;
1553 Curl_ssl_sessionid_lock(conn);
1554 if(!Curl_ssl_getsessionid(conn, (void **)&ssl_sessionid,
1555 &ssl_sessionid_len, sockindex)) {
1556 /* we got a session id, use it! */
1557 err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
1558 Curl_ssl_sessionid_unlock(conn);
1560 failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err);
1561 return CURLE_SSL_CONNECT_ERROR;
1563 /* Informational message */
1564 infof(data, "SSL re-using session ID\n");
1566 /* If there isn't one, then let's make one up! This has to be done prior
1567 to starting the handshake. */
1571 aprintf("%s:%d:%d:%s:%hu", ssl_cafile,
1572 verifypeer, SSL_CONN_CONFIG(verifyhost), hostname, port);
1573 ssl_sessionid_len = strlen(ssl_sessionid);
1575 err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
1577 Curl_ssl_sessionid_unlock(conn);
1578 failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err);
1579 return CURLE_SSL_CONNECT_ERROR;
1582 result = Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_sessionid_len,
1584 Curl_ssl_sessionid_unlock(conn);
1586 failf(data, "failed to store ssl session");
1592 err = SSLSetIOFuncs(connssl->ssl_ctx, SocketRead, SocketWrite);
1594 failf(data, "SSL: SSLSetIOFuncs() failed: OSStatus %d", err);
1595 return CURLE_SSL_CONNECT_ERROR;
1598 /* pass the raw socket into the SSL layers */
1599 /* We need to store the FD in a constant memory address, because
1600 * SSLSetConnection() will not copy that address. I've found that
1601 * conn->sock[sockindex] may change on its own. */
1602 connssl->ssl_sockfd = sockfd;
1603 err = SSLSetConnection(connssl->ssl_ctx, connssl);
1605 failf(data, "SSL: SSLSetConnection() failed: %d", err);
1606 return CURLE_SSL_CONNECT_ERROR;
1609 connssl->connecting_state = ssl_connect_2;
1613 static long pem_to_der(const char *in, unsigned char **out, size_t *outlen)
1615 char *sep_start, *sep_end, *cert_start, *cert_end;
1620 /* Jump through the separators at the beginning of the certificate. */
1621 sep_start = strstr(in, "-----");
1622 if(sep_start == NULL)
1624 cert_start = strstr(sep_start + 1, "-----");
1625 if(cert_start == NULL)
1630 /* Find separator after the end of the certificate. */
1631 cert_end = strstr(cert_start, "-----");
1632 if(cert_end == NULL)
1635 sep_end = strstr(cert_end + 1, "-----");
1640 len = cert_end - cert_start;
1641 b64 = malloc(len + 1);
1645 /* Create base64 string without linefeeds. */
1646 for(i = 0, j = 0; i < len; i++) {
1647 if(cert_start[i] != '\r' && cert_start[i] != '\n')
1648 b64[j++] = cert_start[i];
1652 err = Curl_base64_decode((const char *)b64, out, outlen);
1659 return sep_end - in;
1662 static int read_cert(const char *file, unsigned char **out, size_t *outlen)
1665 ssize_t n, len = 0, cap = 512;
1666 unsigned char buf[cap], *data;
1679 n = read(fd, buf, sizeof(buf));
1690 if(len + n >= cap) {
1692 data = realloc(data, cap);
1699 memcpy(data + len, buf, n);
1710 static int sslerr_to_curlerr(struct Curl_easy *data, int err)
1713 case errSSLXCertChainInvalid:
1714 failf(data, "SSL certificate problem: Invalid certificate chain");
1715 return CURLE_SSL_CACERT;
1716 case errSSLUnknownRootCert:
1717 failf(data, "SSL certificate problem: Untrusted root certificate");
1718 return CURLE_SSL_CACERT;
1719 case errSSLNoRootCert:
1720 failf(data, "SSL certificate problem: No root certificate");
1721 return CURLE_SSL_CACERT;
1722 case errSSLCertExpired:
1723 failf(data, "SSL certificate problem: Certificate chain had an "
1724 "expired certificate");
1725 return CURLE_SSL_CACERT;
1727 failf(data, "SSL certificate problem: Couldn't understand the server "
1728 "certificate format");
1729 return CURLE_SSL_CONNECT_ERROR;
1730 case errSSLHostNameMismatch:
1731 failf(data, "SSL certificate peer hostname mismatch");
1732 return CURLE_PEER_FAILED_VERIFICATION;
1734 failf(data, "SSL unexpected certificate error %d", err);
1735 return CURLE_SSL_CACERT;
1739 static int append_cert_to_array(struct Curl_easy *data,
1740 unsigned char *buf, size_t buflen,
1741 CFMutableArrayRef array)
1743 CFDataRef certdata = CFDataCreate(kCFAllocatorDefault, buf, buflen);
1745 failf(data, "SSL: failed to allocate array for CA certificate");
1746 return CURLE_OUT_OF_MEMORY;
1749 SecCertificateRef cacert =
1750 SecCertificateCreateWithData(kCFAllocatorDefault, certdata);
1751 CFRelease(certdata);
1753 failf(data, "SSL: failed to create SecCertificate from CA certificate");
1754 return CURLE_SSL_CACERT;
1757 /* Check if cacert is valid. */
1758 CFStringRef subject = CopyCertSubject(cacert);
1760 char subject_cbuf[128];
1761 memset(subject_cbuf, 0, 128);
1762 if(!CFStringGetCString(subject,
1765 kCFStringEncodingUTF8)) {
1767 failf(data, "SSL: invalid CA certificate subject");
1768 return CURLE_SSL_CACERT;
1774 failf(data, "SSL: invalid CA certificate");
1775 return CURLE_SSL_CACERT;
1778 CFArrayAppendValue(array, cacert);
1784 static int verify_cert(const char *cafile, struct Curl_easy *data,
1789 unsigned char *certbuf, *der;
1790 size_t buflen, derlen, offset = 0;
1792 if(read_cert(cafile, &certbuf, &buflen) < 0) {
1793 failf(data, "SSL: failed to read or invalid CA certificate");
1794 return CURLE_SSL_CACERT;
1798 * Certbuf now contains the contents of the certificate file, which can be
1799 * - a single DER certificate,
1800 * - a single PEM certificate or
1801 * - a bunch of PEM certificates (certificate bundle).
1803 * Go through certbuf, and convert any PEM certificate in it into DER
1806 CFMutableArrayRef array = CFArrayCreateMutable(kCFAllocatorDefault, 0,
1807 &kCFTypeArrayCallBacks);
1810 failf(data, "SSL: out of memory creating CA certificate array");
1811 return CURLE_OUT_OF_MEMORY;
1814 while(offset < buflen) {
1818 * Check if the certificate is in PEM format, and convert it to DER. If
1819 * this fails, we assume the certificate is in DER format.
1821 res = pem_to_der((const char *)certbuf + offset, &der, &derlen);
1825 failf(data, "SSL: invalid CA certificate #%d (offset %d) in bundle",
1827 return CURLE_SSL_CACERT;
1831 if(res == 0 && offset == 0) {
1832 /* This is not a PEM file, probably a certificate in DER format. */
1833 rc = append_cert_to_array(data, certbuf, buflen, array);
1835 if(rc != CURLE_OK) {
1842 /* No more certificates in the bundle. */
1847 rc = append_cert_to_array(data, der, derlen, array);
1849 if(rc != CURLE_OK) {
1857 OSStatus ret = SSLCopyPeerTrust(ctx, &trust);
1859 failf(data, "SSL: error getting certificate chain");
1861 return CURLE_OUT_OF_MEMORY;
1863 else if(ret != noErr) {
1865 return sslerr_to_curlerr(data, ret);
1868 ret = SecTrustSetAnchorCertificates(trust, array);
1871 return sslerr_to_curlerr(data, ret);
1873 ret = SecTrustSetAnchorCertificatesOnly(trust, true);
1876 return sslerr_to_curlerr(data, ret);
1879 SecTrustResultType trust_eval = 0;
1880 ret = SecTrustEvaluate(trust, &trust_eval);
1884 return sslerr_to_curlerr(data, ret);
1887 switch(trust_eval) {
1888 case kSecTrustResultUnspecified:
1889 case kSecTrustResultProceed:
1892 case kSecTrustResultRecoverableTrustFailure:
1893 case kSecTrustResultDeny:
1895 failf(data, "SSL: certificate verification failed (result: %d)",
1897 return CURLE_PEER_FAILED_VERIFICATION;
1902 darwinssl_connect_step2(struct connectdata *conn, int sockindex)
1904 struct Curl_easy *data = conn->data;
1905 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
1907 SSLCipherSuite cipher;
1908 SSLProtocol protocol = 0;
1909 const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
1912 DEBUGASSERT(ssl_connect_2 == connssl->connecting_state
1913 || ssl_connect_2_reading == connssl->connecting_state
1914 || ssl_connect_2_writing == connssl->connecting_state);
1916 /* Here goes nothing: */
1917 err = SSLHandshake(connssl->ssl_ctx);
1921 case errSSLWouldBlock: /* they're not done with us yet */
1922 connssl->connecting_state = connssl->ssl_direction ?
1923 ssl_connect_2_writing : ssl_connect_2_reading;
1926 /* The below is errSSLServerAuthCompleted; it's not defined in
1927 Leopard's headers */
1929 if(SSL_CONN_CONFIG(CAfile) && SSL_CONN_CONFIG(verifypeer)) {
1930 int res = verify_cert(SSL_CONN_CONFIG(CAfile), data,
1935 /* the documentation says we need to call SSLHandshake() again */
1936 return darwinssl_connect_step2(conn, sockindex);
1938 /* These are all certificate problems with the server: */
1939 case errSSLXCertChainInvalid:
1940 failf(data, "SSL certificate problem: Invalid certificate chain");
1941 return CURLE_SSL_CACERT;
1942 case errSSLUnknownRootCert:
1943 failf(data, "SSL certificate problem: Untrusted root certificate");
1944 return CURLE_SSL_CACERT;
1945 case errSSLNoRootCert:
1946 failf(data, "SSL certificate problem: No root certificate");
1947 return CURLE_SSL_CACERT;
1948 case errSSLCertExpired:
1949 failf(data, "SSL certificate problem: Certificate chain had an "
1950 "expired certificate");
1951 return CURLE_SSL_CACERT;
1953 failf(data, "SSL certificate problem: Couldn't understand the server "
1954 "certificate format");
1955 return CURLE_SSL_CONNECT_ERROR;
1957 /* These are all certificate problems with the client: */
1958 case errSecAuthFailed:
1959 failf(data, "SSL authentication failed");
1960 return CURLE_SSL_CONNECT_ERROR;
1961 case errSSLPeerHandshakeFail:
1962 failf(data, "SSL peer handshake failed, the server most likely "
1963 "requires a client certificate to connect");
1964 return CURLE_SSL_CONNECT_ERROR;
1965 case errSSLPeerUnknownCA:
1966 failf(data, "SSL server rejected the client certificate due to "
1967 "the certificate being signed by an unknown certificate "
1969 return CURLE_SSL_CONNECT_ERROR;
1971 /* This error is raised if the server's cert didn't match the server's
1973 case errSSLHostNameMismatch:
1974 failf(data, "SSL certificate peer verification failed, the "
1975 "certificate did not match \"%s\"\n", conn->host.dispname);
1976 return CURLE_PEER_FAILED_VERIFICATION;
1978 /* Generic handshake errors: */
1979 case errSSLConnectionRefused:
1980 failf(data, "Server dropped the connection during the SSL handshake");
1981 return CURLE_SSL_CONNECT_ERROR;
1982 case errSSLClosedAbort:
1983 failf(data, "Server aborted the SSL handshake");
1984 return CURLE_SSL_CONNECT_ERROR;
1985 case errSSLNegotiation:
1986 failf(data, "Could not negotiate an SSL cipher suite with the server");
1987 return CURLE_SSL_CONNECT_ERROR;
1988 /* Sometimes paramErr happens with buggy ciphers: */
1989 case paramErr: case errSSLInternal:
1990 failf(data, "Internal SSL engine error encountered during the "
1992 return CURLE_SSL_CONNECT_ERROR;
1993 case errSSLFatalAlert:
1994 failf(data, "Fatal SSL engine error encountered during the SSL "
1996 return CURLE_SSL_CONNECT_ERROR;
1998 failf(data, "Unknown SSL protocol error in connection to %s:%d",
2000 return CURLE_SSL_CONNECT_ERROR;
2004 /* we have been connected fine, we're not waiting for anything else. */
2005 connssl->connecting_state = ssl_connect_3;
2007 /* Informational message */
2008 (void)SSLGetNegotiatedCipher(connssl->ssl_ctx, &cipher);
2009 (void)SSLGetNegotiatedProtocolVersion(connssl->ssl_ctx, &protocol);
2012 infof(data, "SSL 2.0 connection using %s\n",
2013 SSLCipherNameForNumber(cipher));
2016 infof(data, "SSL 3.0 connection using %s\n",
2017 SSLCipherNameForNumber(cipher));
2020 infof(data, "TLS 1.0 connection using %s\n",
2021 TLSCipherNameForNumber(cipher));
2023 #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
2024 case kTLSProtocol11:
2025 infof(data, "TLS 1.1 connection using %s\n",
2026 TLSCipherNameForNumber(cipher));
2028 case kTLSProtocol12:
2029 infof(data, "TLS 1.2 connection using %s\n",
2030 TLSCipherNameForNumber(cipher));
2034 infof(data, "Unknown protocol connection\n");
2042 #ifndef CURL_DISABLE_VERBOSE_STRINGS
2043 /* This should be called during step3 of the connection at the earliest */
2045 show_verbose_server_cert(struct connectdata *conn,
2048 struct Curl_easy *data = conn->data;
2049 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2050 CFStringRef server_cert_summary;
2051 char server_cert_summary_c[128];
2052 CFArrayRef server_certs = NULL;
2053 SecCertificateRef server_cert;
2056 SecTrustRef trust = NULL;
2058 if(!connssl->ssl_ctx)
2061 #if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS
2063 #pragma unused(server_certs)
2064 err = SSLCopyPeerTrust(connssl->ssl_ctx, &trust);
2065 /* For some reason, SSLCopyPeerTrust() can return noErr and yet return
2066 a null trust, so be on guard for that: */
2067 if(err == noErr && trust) {
2068 count = SecTrustGetCertificateCount(trust);
2069 for(i = 0L ; i < count ; i++) {
2070 server_cert = SecTrustGetCertificateAtIndex(trust, i);
2071 server_cert_summary = CopyCertSubject(server_cert);
2072 memset(server_cert_summary_c, 0, 128);
2073 if(CFStringGetCString(server_cert_summary,
2074 server_cert_summary_c,
2076 kCFStringEncodingUTF8)) {
2077 infof(data, "Server certificate: %s\n", server_cert_summary_c);
2079 CFRelease(server_cert_summary);
2084 /* SSLCopyPeerCertificates() is deprecated as of Mountain Lion.
2085 The function SecTrustGetCertificateAtIndex() is officially present
2086 in Lion, but it is unfortunately also present in Snow Leopard as
2087 private API and doesn't work as expected. So we have to look for
2088 a different symbol to make sure this code is only executed under
2090 if(SecTrustEvaluateAsync != NULL) {
2091 #pragma unused(server_certs)
2092 err = SSLCopyPeerTrust(connssl->ssl_ctx, &trust);
2093 /* For some reason, SSLCopyPeerTrust() can return noErr and yet return
2094 a null trust, so be on guard for that: */
2095 if(err == noErr && trust) {
2096 count = SecTrustGetCertificateCount(trust);
2097 for(i = 0L ; i < count ; i++) {
2098 server_cert = SecTrustGetCertificateAtIndex(trust, i);
2099 server_cert_summary = CopyCertSubject(server_cert);
2100 memset(server_cert_summary_c, 0, 128);
2101 if(CFStringGetCString(server_cert_summary,
2102 server_cert_summary_c,
2104 kCFStringEncodingUTF8)) {
2105 infof(data, "Server certificate: %s\n", server_cert_summary_c);
2107 CFRelease(server_cert_summary);
2113 #if CURL_SUPPORT_MAC_10_8
2114 err = SSLCopyPeerCertificates(connssl->ssl_ctx, &server_certs);
2115 /* Just in case SSLCopyPeerCertificates() returns null too... */
2116 if(err == noErr && server_certs) {
2117 count = CFArrayGetCount(server_certs);
2118 for(i = 0L ; i < count ; i++) {
2119 server_cert = (SecCertificateRef)CFArrayGetValueAtIndex(server_certs,
2122 server_cert_summary = CopyCertSubject(server_cert);
2123 memset(server_cert_summary_c, 0, 128);
2124 if(CFStringGetCString(server_cert_summary,
2125 server_cert_summary_c,
2127 kCFStringEncodingUTF8)) {
2128 infof(data, "Server certificate: %s\n", server_cert_summary_c);
2130 CFRelease(server_cert_summary);
2132 CFRelease(server_certs);
2134 #endif /* CURL_SUPPORT_MAC_10_8 */
2136 #endif /* CURL_BUILD_IOS */
2138 #pragma unused(trust)
2139 err = SSLCopyPeerCertificates(connssl->ssl_ctx, &server_certs);
2141 count = CFArrayGetCount(server_certs);
2142 for(i = 0L ; i < count ; i++) {
2143 server_cert = (SecCertificateRef)CFArrayGetValueAtIndex(server_certs, i);
2144 server_cert_summary = CopyCertSubject(server_cert);
2145 memset(server_cert_summary_c, 0, 128);
2146 if(CFStringGetCString(server_cert_summary,
2147 server_cert_summary_c,
2149 kCFStringEncodingUTF8)) {
2150 infof(data, "Server certificate: %s\n", server_cert_summary_c);
2152 CFRelease(server_cert_summary);
2154 CFRelease(server_certs);
2156 #endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */
2158 #endif /* !CURL_DISABLE_VERBOSE_STRINGS */
2161 darwinssl_connect_step3(struct connectdata *conn,
2164 struct Curl_easy *data = conn->data;
2165 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2167 /* There is no step 3!
2168 * Well, okay, if verbose mode is on, let's print the details of the
2169 * server certificates. */
2170 #ifndef CURL_DISABLE_VERBOSE_STRINGS
2171 if(data->set.verbose)
2172 show_verbose_server_cert(conn, sockindex);
2175 connssl->connecting_state = ssl_connect_done;
2179 static Curl_recv darwinssl_recv;
2180 static Curl_send darwinssl_send;
2183 darwinssl_connect_common(struct connectdata *conn,
2189 struct Curl_easy *data = conn->data;
2190 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2191 curl_socket_t sockfd = conn->sock[sockindex];
2195 /* check if the connection has already been established */
2196 if(ssl_connection_complete == connssl->state) {
2201 if(ssl_connect_1==connssl->connecting_state) {
2202 /* Find out how much more time we're allowed */
2203 timeout_ms = Curl_timeleft(data, NULL, TRUE);
2205 if(timeout_ms < 0) {
2206 /* no need to continue if time already is up */
2207 failf(data, "SSL connection timeout");
2208 return CURLE_OPERATION_TIMEDOUT;
2211 result = darwinssl_connect_step1(conn, sockindex);
2216 while(ssl_connect_2 == connssl->connecting_state ||
2217 ssl_connect_2_reading == connssl->connecting_state ||
2218 ssl_connect_2_writing == connssl->connecting_state) {
2220 /* check allowed time left */
2221 timeout_ms = Curl_timeleft(data, NULL, TRUE);
2223 if(timeout_ms < 0) {
2224 /* no need to continue if time already is up */
2225 failf(data, "SSL connection timeout");
2226 return CURLE_OPERATION_TIMEDOUT;
2229 /* if ssl is expecting something, check if it's available. */
2230 if(connssl->connecting_state == ssl_connect_2_reading ||
2231 connssl->connecting_state == ssl_connect_2_writing) {
2233 curl_socket_t writefd = ssl_connect_2_writing ==
2234 connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
2235 curl_socket_t readfd = ssl_connect_2_reading ==
2236 connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
2238 what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
2239 nonblocking?0:timeout_ms);
2242 failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
2243 return CURLE_SSL_CONNECT_ERROR;
2245 else if(0 == what) {
2252 failf(data, "SSL connection timeout");
2253 return CURLE_OPERATION_TIMEDOUT;
2256 /* socket is readable or writable */
2259 /* Run transaction, and return to the caller if it failed or if this
2260 * connection is done nonblocking and this loop would execute again. This
2261 * permits the owner of a multi handle to abort a connection attempt
2262 * before step2 has completed while ensuring that a client using select()
2263 * or epoll() will always have a valid fdset to wait on.
2265 result = darwinssl_connect_step2(conn, sockindex);
2266 if(result || (nonblocking &&
2267 (ssl_connect_2 == connssl->connecting_state ||
2268 ssl_connect_2_reading == connssl->connecting_state ||
2269 ssl_connect_2_writing == connssl->connecting_state)))
2272 } /* repeat step2 until all transactions are done. */
2275 if(ssl_connect_3 == connssl->connecting_state) {
2276 result = darwinssl_connect_step3(conn, sockindex);
2281 if(ssl_connect_done == connssl->connecting_state) {
2282 connssl->state = ssl_connection_complete;
2283 conn->recv[sockindex] = darwinssl_recv;
2284 conn->send[sockindex] = darwinssl_send;
2290 /* Reset our connect state machine */
2291 connssl->connecting_state = ssl_connect_1;
2297 Curl_darwinssl_connect_nonblocking(struct connectdata *conn,
2301 return darwinssl_connect_common(conn, sockindex, TRUE, done);
2305 Curl_darwinssl_connect(struct connectdata *conn,
2311 result = darwinssl_connect_common(conn, sockindex, FALSE, &done);
2321 void Curl_darwinssl_close(struct connectdata *conn, int sockindex)
2323 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2325 if(connssl->ssl_ctx) {
2326 (void)SSLClose(connssl->ssl_ctx);
2327 #if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS
2328 if(SSLCreateContext != NULL)
2329 CFRelease(connssl->ssl_ctx);
2330 #if CURL_SUPPORT_MAC_10_8
2332 (void)SSLDisposeContext(connssl->ssl_ctx);
2333 #endif /* CURL_SUPPORT_MAC_10_8 */
2335 (void)SSLDisposeContext(connssl->ssl_ctx);
2336 #endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */
2337 connssl->ssl_ctx = NULL;
2339 connssl->ssl_sockfd = 0;
2342 int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex)
2344 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2345 struct Curl_easy *data = conn->data;
2351 if(!connssl->ssl_ctx)
2354 if(data->set.ftp_ccc != CURLFTPSSL_CCC_ACTIVE)
2357 Curl_darwinssl_close(conn, sockindex);
2361 what = SOCKET_READABLE(conn->sock[sockindex], SSL_SHUTDOWN_TIMEOUT);
2365 /* anything that gets here is fatally bad */
2366 failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
2371 if(!what) { /* timeout */
2372 failf(data, "SSL shutdown timeout");
2376 /* Something to read, let's do it and hope that it is the close
2377 notify alert from the server. No way to SSL_Read now, so use read(). */
2379 nread = read(conn->sock[sockindex], buf, sizeof(buf));
2382 failf(data, "read: %s", strerror(errno));
2389 what = SOCKET_READABLE(conn->sock[sockindex], 0);
2395 void Curl_darwinssl_session_free(void *ptr)
2397 /* ST, as of iOS 5 and Mountain Lion, has no public method of deleting a
2398 cached session ID inside the Security framework. There is a private
2399 function that does this, but I don't want to have to explain to you why I
2400 got your application rejected from the App Store due to the use of a
2401 private API, so the best we can do is free up our own char array that we
2402 created way back in darwinssl_connect_step1... */
2406 size_t Curl_darwinssl_version(char *buffer, size_t size)
2408 return snprintf(buffer, size, "SecureTransport");
2412 * This function uses SSLGetSessionState to determine connection status.
2415 * 1 means the connection is still in place
2416 * 0 means the connection has been closed
2417 * -1 means the connection status is unknown
2419 int Curl_darwinssl_check_cxn(struct connectdata *conn)
2421 struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET];
2423 SSLSessionState state;
2425 if(connssl->ssl_ctx) {
2426 err = SSLGetSessionState(connssl->ssl_ctx, &state);
2428 return state == kSSLConnected || state == kSSLHandshake;
2434 bool Curl_darwinssl_data_pending(const struct connectdata *conn,
2437 const struct ssl_connect_data *connssl = &conn->ssl[connindex];
2441 if(connssl->ssl_ctx) { /* SSL is in use */
2442 err = SSLGetBufferedReadSize(connssl->ssl_ctx, &buffer);
2444 return buffer > 0UL;
2451 CURLcode Curl_darwinssl_random(unsigned char *entropy,
2454 /* arc4random_buf() isn't available on cats older than Lion, so let's
2455 do this manually for the benefit of the older cats. */
2457 u_int32_t random_number = 0;
2459 for(i = 0 ; i < length ; i++) {
2460 if(i % sizeof(u_int32_t) == 0)
2461 random_number = arc4random();
2462 entropy[i] = random_number & 0xFF;
2463 random_number >>= 8;
2465 i = random_number = 0;
2469 void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */
2471 unsigned char *md5sum, /* output */
2475 (void)CC_MD5(tmp, (CC_LONG)tmplen, md5sum);
2478 bool Curl_darwinssl_false_start(void)
2480 #if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7
2481 if(SSLSetSessionOption != NULL)
2487 static ssize_t darwinssl_send(struct connectdata *conn,
2493 /*struct Curl_easy *data = conn->data;*/
2494 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2495 size_t processed = 0UL;
2498 /* The SSLWrite() function works a little differently than expected. The
2499 fourth argument (processed) is currently documented in Apple's
2500 documentation as: "On return, the length, in bytes, of the data actually
2503 Now, one could interpret that as "written to the socket," but actually,
2504 it returns the amount of data that was written to a buffer internal to
2505 the SSLContextRef instead. So it's possible for SSLWrite() to return
2506 errSSLWouldBlock and a number of bytes "written" because those bytes were
2507 encrypted and written to a buffer, not to the socket.
2509 So if this happens, then we need to keep calling SSLWrite() over and
2510 over again with no new data until it quits returning errSSLWouldBlock. */
2512 /* Do we have buffered data to write from the last time we were called? */
2513 if(connssl->ssl_write_buffered_length) {
2514 /* Write the buffered data: */
2515 err = SSLWrite(connssl->ssl_ctx, NULL, 0UL, &processed);
2518 /* processed is always going to be 0 because we didn't write to
2519 the buffer, so return how much was written to the socket */
2520 processed = connssl->ssl_write_buffered_length;
2521 connssl->ssl_write_buffered_length = 0UL;
2523 case errSSLWouldBlock: /* argh, try again */
2524 *curlcode = CURLE_AGAIN;
2527 failf(conn->data, "SSLWrite() returned error %d", err);
2528 *curlcode = CURLE_SEND_ERROR;
2533 /* We've got new data to write: */
2534 err = SSLWrite(connssl->ssl_ctx, mem, len, &processed);
2537 case errSSLWouldBlock:
2538 /* Data was buffered but not sent, we have to tell the caller
2539 to try sending again, and remember how much was buffered */
2540 connssl->ssl_write_buffered_length = len;
2541 *curlcode = CURLE_AGAIN;
2544 failf(conn->data, "SSLWrite() returned error %d", err);
2545 *curlcode = CURLE_SEND_ERROR;
2550 return (ssize_t)processed;
2553 static ssize_t darwinssl_recv(struct connectdata *conn,
2559 /*struct Curl_easy *data = conn->data;*/
2560 struct ssl_connect_data *connssl = &conn->ssl[num];
2561 size_t processed = 0UL;
2562 OSStatus err = SSLRead(connssl->ssl_ctx, buf, buffersize, &processed);
2566 case errSSLWouldBlock: /* return how much we read (if anything) */
2568 return (ssize_t)processed;
2569 *curlcode = CURLE_AGAIN;
2573 /* errSSLClosedGraceful - server gracefully shut down the SSL session
2574 errSSLClosedNoNotify - server hung up on us instead of sending a
2575 closure alert notice, read() is returning 0
2576 Either way, inform the caller that the server disconnected. */
2577 case errSSLClosedGraceful:
2578 case errSSLClosedNoNotify:
2579 *curlcode = CURLE_OK;
2584 failf(conn->data, "SSLRead() return error %d", err);
2585 *curlcode = CURLE_RECV_ERROR;
2590 return (ssize_t)processed;
2593 #endif /* USE_DARWINSSL */