aboutsummaryrefslogtreecommitdiffstats
path: root/common/rdr/TLSInStream.cxx
Commit message (Collapse)AuthorAgeFilesLines
* Don't save exceptions as std::exceptionPierre Ossman2024-11-261-3/+7
| | | | | | That type is not guaranteed to preserve anything useful at all. Instead, try to either preserve a more specific type, or use std::runtime_error which at least has a guaranteed message.
* Use standard library naming for exceptionsPierre Ossman2024-11-061-5/+5
| | | | | This makes things more consistent since we mix with the standard library exceptions so often.
* Subclass exceptions from std::exceptionPierre Ossman2024-11-061-2/+2
| | | | | Make sure our exceptions are part of the standard exception class hierarchy.
* Use what() to access exception descriptionPierre Ossman2024-11-061-2/+2
| | | | Harmonize with the standard C++ exceptions.
* Consistently use SocketException for socket errorsPierre Ossman2024-10-091-2/+2
| | | | | | The behaviour is not consistent as Windows doesn't use errno for socket errors, but Unix systems do. Always use the same exception to keep things somewhat sane.
* Use nullptr in all C++ codePierre Ossman2024-06-241-3/+3
| | | | | It's more readable than 0, and a bit safer than NULL, so let's try to follow modern norms.
* Consistently use uint8_t for data buffersPierre Ossman2023-03-181-1/+1
| | | | | These will always be byte streams at heart, so let's try to keep them with a proper type. Should make it clearer how they will be used.
* Use stdint typesPierre Ossman2023-02-011-2/+2
| | | | | Avoid having our own custom stuff and instead use the modern, standard types, for familiarity.
* Make BufferedInStream allocation more availablePierre Ossman2022-08-251-2/+2
| | | | | Allow subclasses to call it, instead of it being strictly internal. This is useful when a subclass can only provide data in minimum sized chunks.
* Don't trust GNUTLS_E_AGAINPierre Ossman2022-04-061-3/+16
| | | | | | Unfortunately this error can be given by GnuTLS even though the underlying stream still has data available. So stop trusting this value and keep track of the underlying stream explicitly.
* Propagate exceptions from GnuTLS push/pull functionsPierre Ossman2021-06-111-2/+13
| | | | | Gives us a more meaningful error rather than just "Error in push/pull function".
* Remove early data check for TLSInStreamPierre Ossman2021-06-111-5/+3
| | | | | | | Having this early check means that we somewhat randomly get different exception behaviours on errors in deeper layers as some exceptions are allowed to propagate unhindered and some are not (since they are thrown in the pull function).
* Propagate errno to GnuTLSPierre Ossman2021-06-111-0/+5
| | | | | Give GnuTLS the correct errno from deeper layers, in the cases where we know it. In most cases GnuTLS doesn't care, but just in case...
* Change streams to be asynchronousPierre Ossman2020-05-211-7/+6
| | | | | | | | | | Major restructuring of how streams work. Neither input nor output streams are now blocking. This avoids stalling the rest of the client or server when a peer is slow or unresponsive. Note that this puts an extra burden on users of streams to make sure they are allowed to do their work once the underlying transports are ready (e.g. monitoring fds).
* Log I/O errors from TLS streamsPierre Ossman2020-05-211-1/+6
|
* Simplify stream availability handlingPierre Ossman2020-05-211-2/+2
| | | | | Just have a simply number of bytes argument to avoid a lot of complexity.
* Create common base classes for buffered streamsPierre Ossman2020-05-211-37/+9
| | | | | Most streams are backed by a memory buffer. Create common base classes for this functionality to avoid code duplication.
* Add stream avail() methodsPierre Ossman2020-05-211-1/+1
| | | | | Makes it more readable to write code that needs to know how much data/space is available in a stream.
* Merge branch 'secfix' of https://github.com/CendioOssman/tigervncPierre Ossman2019-12-201-8/+10
|\
| * Be defensive about overflows in stream objectsPierre Ossman2019-11-151-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | We use a lot of lengths given to us over the network, so be more paranoid about them causing an overflow as otherwise an attacker might trick us in to overwriting other memory. This primarily affects the client which often gets lengths from the server, but there are also some scenarios where the server might theoretically be vulnerable. Issue found by Pavel Cheremushkin from Kaspersky Lab.
| * Use size_t for lengths in stream objectsPierre Ossman2019-11-151-5/+5
| | | | | | | | | | | | | | | | Provides safety against them accidentally becoming negative because of bugs in the calculations. Also does the same to CharArray and friends as they were strongly connection to the stream objects.
* | Handle pending data in TLS buffersPierre Ossman2019-12-091-3/+5
|/ | | | | | There might be more bytes left in the current TLS record, even if there is nothing on the underlying stream. Make sure we properly return this when we aren't being requested to block.
* Merge branch 'upreqs' of https://github.com/CendioOssman/tigervncPierre Ossman2015-03-121-6/+5
|\ | | | | | | | | | | Conflicts: contrib/packages/rpm/el5/SPECS/tigervnc.spec vncviewer/Viewport.cxx
| * Raise GnuTLS requirements to 3.xPierre Ossman2015-01-291-6/+5
| | | | | | | | | | | | This allows us to simplify things by getting rid of some old compatibility code. People should really be using current versions of GnuTLS anyway to stay secure.
* | Fix bad signed/unsigned comparisonsPierre Ossman2015-03-031-1/+1
|/ | | | | Either by casting, or switching to a more appropriate type for the variable.
* GnuTLS 3.x has removed gnutls_transport_set_global_errno() in favour ofPierre Ossman2012-07-031-6/+3
| | | | | | | | gnutls_transport_set_errno(). Make sure we call the right errno function depending on which GnuTLS we're using. git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4922 3789f03b-4d11-0410-bbf8-ca57d06f2519
* Refactor the TLS code so that the push/pull functions are aware of theirPierre Ossman2012-07-031-3/+11
| | | | | | | containing stream object. This is in preparation for supporting GnuTLS 3.x. git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4921 3789f03b-4d11-0410-bbf8-ca57d06f2519
* Support building with older versions of gnutls; Fix gnutls detection when ↵DRC2010-09-301-0/+4
| | | | | | building statically using build-xorg git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4147 3789f03b-4d11-0410-bbf8-ca57d06f2519
* [Bugfix] Properly report transport errors to GNUTLS.Adam Tkac2010-08-251-7/+13
| | | | | | | Signed-off-by: Martin Koegler <mkoegler@auto.tuwien.ac.at> git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4125 3789f03b-4d11-0410-bbf8-ca57d06f2519
* [Development] Implement secure TLS streams.Adam Tkac2010-04-231-0/+111
git-svn-id: svn://svn.code.sf.net/p/tigervnc/code/trunk@4044 3789f03b-4d11-0410-bbf8-ca57d06f2519
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-03 15:28:45 +0000