On the multiple_ssl_impls branch:
Rename sectrans_buckets to macosxssl_buckets, update all associated code.
git-svn-id: https://svn.apache.org/repos/asf/serf/branches/multiple_ssl_impls@1699561 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/SConstruct b/SConstruct
index 8f1b2b5..111a666 100644
--- a/SConstruct
+++ b/SConstruct
@@ -149,13 +149,13 @@
linkflags.append('-Wl,-compatibility_version,%d' % (MINOR+1,))
linkflags.append('-Wl,-current_version,%d.%d' % (MINOR+1, PATCH,))
- # enable sectans_buckets only on Mac OS X 10.7+
- securetransport = False
+ # enable macosxssl_buckets only on Mac OS X 10.7+
+ macosxssl = False
ver, _, _ = platform.mac_ver()
ver = float('.'.join(ver.split('.')[:2]))
if ver >= 10.7:
- securetransport = True
- env.Append(CFLAGS='-DSERF_HAVE_SECURETRANSPORT')
+ macosxssl = True
+ env.Append(CFLAGS='-DSERF_HAVE_MACOSXSSL')
if sys.platform == 'win32':
### we should create serf.def for Windows DLLs and add it into the link
@@ -191,7 +191,7 @@
### works for Mac OS. probably needs to change
libs = ['ssl', 'crypto', 'z', ]
- if securetransport:
+ if macosxssl:
env.Append(FRAMEWORKS=['Security', 'SecurityInterface', 'CoreFoundation',
'AppKit'])
libs.append('objc')
@@ -208,8 +208,8 @@
# PLAN THE BUILD
SOURCES = Glob('*.c') + Glob('buckets/*.c') + Glob('auth/*.c')
-if securetransport:
- SOURCES += ['buckets/sectrans_helper.m']
+if macosxssl:
+ SOURCES += ['buckets/macosxssl_helper.m']
lib_static = env.StaticLibrary(LIBNAMESTATIC, SOURCES)
lib_shared = env.SharedLibrary(LIBNAME, SOURCES)
diff --git a/buckets/bucket_private.h b/buckets/bucket_private.h
index 970a458..b77608d 100644
--- a/buckets/bucket_private.h
+++ b/buckets/bucket_private.h
@@ -225,28 +225,28 @@
};
-/* sectrans_bucket internal functions */
-#ifdef SERF_HAVE_SECURETRANSPORT
+/* macosxssl_bucket internal functions */
+#ifdef SERF_HAVE_MACOSXSSL
#include <Security/SecCertificate.h>
-/* sectrans_bucket private certificate structure. Wrapper around the
+/* macosxssl_bucket private certificate structure. Wrapper around the
SecCertificateRef ptr, with content the cached parsed information from the
certificate. */
-typedef struct sectrans_certificate_t {
+typedef struct macosxssl_certificate_t {
SecCertificateRef certref;
apr_hash_t *content;
-} sectrans_certificate_t;
+} macosxssl_certificate_t;
apr_status_t
-serf__sectrans_read_X509_DER_DN(apr_hash_t **o, CFDataRef ptr,
- apr_pool_t *pool);
+serf__macosxssl_read_X509_DER_DN(apr_hash_t **o, CFDataRef ptr,
+ apr_pool_t *pool);
apr_status_t
-serf__sectrans_read_X509_DER_certificate(apr_hash_t **o,
- const sectrans_certificate_t *cert,
- apr_pool_t *pool);
+serf__macosxssl_read_X509_DER_certificate(apr_hash_t **o,
+ const macosxssl_certificate_t *cert,
+ apr_pool_t *pool);
#endif
@@ -260,11 +260,11 @@
/* ==================================================================== */
-#if SERF_HAVE_SECURETRANSPORT
+#if SERF_HAVE_MACOSXSSL
-extern const serf_ssl_bucket_type_t serf_ssl_bucket_type_securetransport;
+extern const serf_ssl_bucket_type_t serf_ssl_bucket_type_macosxssl;
-#endif /* SERF_HAVE_SECURETRANSPORT */
+#endif /* SERF_HAVE_MACOSXSSL */
/* ==================================================================== */
diff --git a/buckets/buckets.c b/buckets/buckets.c
index b130eb0..28d64ba 100644
--- a/buckets/buckets.c
+++ b/buckets/buckets.c
@@ -49,8 +49,8 @@
#ifdef SERF_HAVE_OPENSSL
available_bucket_impls |= SERF_IMPL_SSL_OPENSSL;
#endif
-#ifdef SERF_HAVE_SECURETRANSPORT
- available_bucket_impls |= SERF_IMPL_SSL_SECTRANS;
+#ifdef SERF_HAVE_MACOSXSSL
+ available_bucket_impls |= SERF_IMPL_SSL_MACOSXSSL;
#endif
bucket_impls = available_bucket_impls;
diff --git a/buckets/sectrans_buckets.c b/buckets/macosxssl_buckets.c
similarity index 81%
rename from buckets/sectrans_buckets.c
rename to buckets/macosxssl_buckets.c
index 7778879..96be161 100644
--- a/buckets/sectrans_buckets.c
+++ b/buckets/macosxssl_buckets.c
@@ -34,14 +34,14 @@
https://github.com/lorentey/LKSecurity/blob/master/Framework%20Bugs.markdown
- A secure transport bucket implements following API's
+ A macosxssl_bucket implements following API's
- a serf_bucket_t for encryption
- a serf_bucket_t for decryption
- a serf_ssl_bucket_type_t for certificate handling, general SSL/TLS stuff.
- - extra serf_sectrans_ functions to integrate with Keychain.
+ - extra serf_macosxssl_ functions to integrate with Keychain.
*/
-#ifdef SERF_HAVE_SECURETRANSPORT
+#ifdef SERF_HAVE_MACOSXSSL
#include "serf.h"
#include "serf_private.h"
@@ -63,7 +63,7 @@
/* The minimum amount of data we try to read and decrypt in one pass. */
#define READ_BUFSIZE 8096
-typedef struct sectrans_ssl_stream_t {
+typedef struct macosxssl_ssl_stream_t {
/* For an encrypt stream: data encrypted & not yet written to the network.
For a decrypt stream: data decrypted & not yet read by the application.*/
serf_bucket_t *pending;
@@ -71,18 +71,18 @@
/* For an encrypt stream: the outgoing data provided by the application.
For a decrypt stream: encrypted data read from the network. */
serf_bucket_t *stream;
-} sectrans_ssl_stream_t;
+} macosxssl_ssl_stream_t;
/* States for the different stages in the lifecyle of an SSL session. */
typedef enum {
- SERF_SECTRANS_INIT, /* no SSL handshake yet */
- SERF_SECTRANS_HANDSHAKE, /* SSL handshake in progress */
- SERF_SECTRANS_CONNECTED, /* SSL handshake successfully finished */
- SERF_SECTRANS_CLOSING, /* SSL session closing */
-} sectrans_session_state_t;
+ SERF_MACOSXSSL_INIT, /* no SSL handshake yet */
+ SERF_MACOSXSSL_HANDSHAKE, /* SSL handshake in progress */
+ SERF_MACOSXSSL_CONNECTED, /* SSL handshake successfully finished */
+ SERF_MACOSXSSL_CLOSING, /* SSL session closing */
+} macosxssl_session_state_t;
-typedef struct sectrans_context_t {
+typedef struct macosxssl_context_t {
/* How many open buckets refer to this context. */
int refcount;
@@ -104,12 +104,12 @@
SecTrustRef trust;
/* stream of (to be) encrypted data, outgoing to the network. */
- sectrans_ssl_stream_t encrypt;
+ macosxssl_ssl_stream_t encrypt;
/* stream of (to be) decrypted data, read from the network. */
- sectrans_ssl_stream_t decrypt;
+ macosxssl_ssl_stream_t decrypt;
- sectrans_session_state_t state;
+ macosxssl_session_state_t state;
/* name of the peer, used with TLS's Server Name Indication extension. */
char *hostname;
@@ -150,14 +150,14 @@
/* Result of the evaluation of the server certificate chain. */
SecTrustResultType result;
-} sectrans_context_t;
+} macosxssl_context_t;
/* Some forward declarations */
static apr_status_t
-serf__sectrans_load_identity_from_file(void *impl_ctx,
- const serf_ssl_identity_t **identity,
- const char *file_path,
- apr_pool_t *pool);
+serf__macosxssl_load_identity_from_file(void *impl_ctx,
+ const serf_ssl_identity_t **identity,
+ const char *file_path,
+ apr_pool_t *pool);
/* Copies the unicode string from a CFStringRef to a new buffer allocated
@@ -180,7 +180,7 @@
}
static apr_status_t
-translate_sectrans_status(OSStatus osstatus)
+translate_macosxssl_status(OSStatus osstatus)
{
apr_status_t status;
@@ -229,7 +229,7 @@
static apr_status_t cfrelease_trust(void *data)
{
- sectrans_context_t *ssl_ctx = data;
+ macosxssl_context_t *ssl_ctx = data;
if (ssl_ctx->trust)
CFRelease(ssl_ctx->trust);
@@ -249,17 +249,17 @@
/** Secure Transport callback function.
Reads encrypted data from the network. **/
static OSStatus
-sectrans_read_cb(SSLConnectionRef connection,
- void *data,
- size_t *dataLength)
+macosxssl_read_cb(SSLConnectionRef connection,
+ void *data,
+ size_t *dataLength)
{
- const sectrans_context_t *ssl_ctx = connection;
+ const macosxssl_context_t *ssl_ctx = connection;
apr_status_t status = 0;
const char *buf;
char *outbuf = data;
size_t requested = *dataLength, buflen = 0;
- serf__log(SSL_VERBOSE, __FILE__, "sectrans_read_cb called for "
+ serf__log(SSL_VERBOSE, __FILE__, "macosxssl_read_cb called for "
"%d bytes.\n", requested);
*dataLength = 0;
@@ -297,14 +297,14 @@
/** Secure Transport callback function.
Writes encrypted data to the network. **/
static OSStatus
-sectrans_write_cb(SSLConnectionRef connection,
- const void *data,
- size_t *dataLength)
+macosxssl_write_cb(SSLConnectionRef connection,
+ const void *data,
+ size_t *dataLength)
{
serf_bucket_t *tmp;
- const sectrans_context_t *ctx = connection;
+ const macosxssl_context_t *ctx = connection;
- serf__log(SSL_VERBOSE, __FILE__, "sectrans_write_cb called for "
+ serf__log(SSL_VERBOSE, __FILE__, "macosxssl_write_cb called for "
"%d bytes.\n", *dataLength);
tmp = serf_bucket_simple_copy_create(data, *dataLength,
@@ -318,24 +318,25 @@
#pragma mark VALIDATE SERVER CERTIFICATES
#pragma mark -
-/* Creates a sectrans_certificate_t allocated on pool. */
+/* Creates a macosxssl_certificate_t allocated on pool. */
static apr_status_t
-create_sectrans_certificate(sectrans_certificate_t **out_sectrans_cert,
- SecCertificateRef certref,
- int parse_content,
- apr_pool_t *pool)
+create_macosxssl_certificate(macosxssl_certificate_t **out_macosxssl_cert,
+ SecCertificateRef certref,
+ int parse_content,
+ apr_pool_t *pool)
{
- sectrans_certificate_t *sectrans_cert;
+ macosxssl_certificate_t *macosxssl_cert;
apr_status_t status = APR_SUCCESS;
- sectrans_cert = apr_pcalloc(pool, sizeof(sectrans_certificate_t));
- sectrans_cert->certref = certref;
+ macosxssl_cert = apr_pcalloc(pool, sizeof(macosxssl_certificate_t));
+ macosxssl_cert->certref = certref;
if (parse_content)
- status = serf__sectrans_read_X509_DER_certificate(§rans_cert->content,
- sectrans_cert,
- pool);
- *out_sectrans_cert = sectrans_cert;
+ status = serf__macosxssl_read_X509_DER_certificate(
+ &macosxssl_cert->content,
+ macosxssl_cert,
+ pool);
+ *out_macosxssl_cert = macosxssl_cert;
return status;
}
@@ -346,16 +347,16 @@
int depth,
apr_pool_t *pool)
{
- sectrans_certificate_t *sectrans_cert;
+ macosxssl_certificate_t *macosxssl_cert;
serf_bucket_alloc_t *allocator;
/* Since we're not asking to parse the content we can ignore the status. */
- (void) create_sectrans_certificate(§rans_cert, certref, 0, pool);
+ (void) create_macosxssl_certificate(&macosxssl_cert, certref, 0, pool);
allocator = serf_bucket_allocator_create(pool, NULL, NULL);
return serf__create_certificate(allocator,
- &serf_ssl_bucket_type_securetransport,
- sectrans_cert,
+ &serf_ssl_bucket_type_macosxssl,
+ macosxssl_cert,
depth);
}
@@ -423,7 +424,7 @@
/* Logs the issuer and subject of cert. */
static void
-log_certificate(sectrans_certificate_t *cert, const char *msg)
+log_certificate(macosxssl_certificate_t *cert, const char *msg)
{
#if SSL_VERBOSE
apr_hash_t *subject, *issuer;
@@ -432,9 +433,9 @@
apr_pool_create(&tmppool, NULL);
if (!cert->content) {
apr_status_t status;
- status = serf__sectrans_read_X509_DER_certificate(&cert->content,
- cert,
- tmppool);
+ status = serf__macosxssl_read_X509_DER_certificate(&cert->content,
+ cert,
+ tmppool);
if (status)
goto cleanup;
}
@@ -487,7 +488,7 @@
SecCertificateRef's. *outcert is allocated in pool. */
static apr_status_t
find_issuer_cert_in_array(serf_ssl_certificate_t **outcert,
- sectrans_certificate_t *cert,
+ macosxssl_certificate_t *cert,
CFArrayRef certref_list,
apr_pool_t *pool)
{
@@ -508,13 +509,13 @@
compare it with the issuer data buffer. */
for (i = 0; i < CFArrayGetCount(certref_list); i++)
{
- sectrans_certificate_t *list_cert;
+ macosxssl_certificate_t *list_cert;
CFDataRef subject;
SecCertificateRef certref;
certref = (SecCertificateRef)CFArrayGetValueAtIndex(certref_list, i);
- status = create_sectrans_certificate(&list_cert, certref, 1,
- tmppool);
+ status = create_macosxssl_certificate(&list_cert, certref, 1,
+ tmppool);
if (status)
goto cleanup;
@@ -567,7 +568,7 @@
Otherwise returns an error.
*/
static int
-validate_server_certificate(sectrans_context_t *ssl_ctx)
+validate_server_certificate(macosxssl_context_t *ssl_ctx)
{
CFArrayRef anchor_certrefs = NULL;
size_t depth_of_error, chain_depth;
@@ -578,7 +579,7 @@
serf__log(SSL_VERBOSE, __FILE__, "validate_server_certificate called.\n");
osstatus = SSLCopyPeerTrust(ssl_ctx->st_ctxr, &ssl_ctx->trust);
if (osstatus != noErr) {
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
goto cleanup;
}
apr_pool_cleanup_register(ssl_ctx->handshake_pool, ssl_ctx,
@@ -587,7 +588,7 @@
if (!ssl_ctx->evaluate_in_progress)
{
CFArrayRef root_certrefs = NULL;
- void *sectrans_cls;
+ void *macosxssl_cls;
id tmp;
/* If the application provided certificates to trust, use them here. */
@@ -614,7 +615,7 @@
{
osstatus = SecTrustCopyAnchorCertificates(&root_certrefs);
if (osstatus != noErr) {
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
goto cleanup;
}
}
@@ -642,21 +643,21 @@
osstatus = SecTrustSetAnchorCertificates(ssl_ctx->trust,
all_certrefs);
if (osstatus != noErr) {
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
goto cleanup;
}
}
ssl_ctx->evaluate_in_progress = 1;
- sectrans_cls = objc_getClass("SecTrans_Buckets");
- tmp = objc_msgSend(sectrans_cls,
+ macosxssl_cls = objc_getClass("macosxssl_Buckets");
+ tmp = objc_msgSend(macosxssl_cls,
sel_getUid("evaluate:trustResult:"),
ssl_ctx->trust,
&ssl_ctx->result);
osstatus = (OSStatus)(SInt64)tmp;
if (osstatus != noErr) {
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
goto cleanup;
}
}
@@ -855,7 +856,7 @@
list of trusted anchor certificates.
*/
SecCertificateRef certref;
- sectrans_certificate_t *cert;
+ macosxssl_certificate_t *cert;
serf__log(SSL_VERBOSE, __FILE__, "Chain length (%d) is longer than "
"what we received from the server (%d). Search the "
@@ -866,8 +867,8 @@
list of trusted anchor certificates. */
certref = SecTrustGetCertificateAtIndex(ssl_ctx->trust,
certs_len - 1);
- status = create_sectrans_certificate(&cert, certref, 1,
- ssl_ctx->handshake_pool);
+ status = create_macosxssl_certificate(&cert, certref, 1,
+ ssl_ctx->handshake_pool);
status = find_issuer_cert_in_array(&certs[certs_len],
cert,
@@ -908,7 +909,7 @@
static apr_status_t delete_temp_keychain(void *data)
{
- sectrans_context_t *ssl_ctx = data;
+ macosxssl_context_t *ssl_ctx = data;
apr_status_t status = APR_SUCCESS;
OSStatus osstatus;
@@ -917,14 +918,14 @@
osstatus = SecKeychainDelete(ssl_ctx->tempKeyChainRef);
if (osstatus != errSecSuccess) {
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
}
ssl_ctx->tempKeyChainRef = NULL;
return status;
}
-static apr_status_t create_temp_keychain(sectrans_context_t *ssl_ctx,
+static apr_status_t create_temp_keychain(macosxssl_context_t *ssl_ctx,
apr_pool_t *pool)
{
apr_file_t *tmpfile;
@@ -985,7 +986,7 @@
NULL, /* Standard access rights */
&ssl_ctx->tempKeyChainRef);
if (osstatus != errSecSuccess) {
- return translate_sectrans_status(osstatus);
+ return translate_macosxssl_status(osstatus);
}
apr_pool_cleanup_register(pool, ssl_ctx,
delete_temp_keychain, delete_temp_keychain);
@@ -995,7 +996,7 @@
/* Find the certificate of the issuer of certref in the keychains. */
static apr_status_t
-find_issuer_certificate_in_keychain(sectrans_certificate_t **out_cert,
+find_issuer_certificate_in_keychain(macosxssl_certificate_t **out_cert,
SecCertificateRef certref,
apr_pool_t *pool)
{
@@ -1021,7 +1022,7 @@
else
{
CFDictionaryRef query;
- sectrans_certificate_t *cert, *issuer_cert;
+ macosxssl_certificate_t *cert, *issuer_cert;
SecCertificateRef issuer_certref;
CFDataRef cert_issuer, issuer_subject;
OSStatus osstatus;
@@ -1039,23 +1040,23 @@
CFRelease(query);
CFRelease(issuer);
if (osstatus != errSecSuccess) {
- return translate_sectrans_status(osstatus);
+ return translate_macosxssl_status(osstatus);
}
/* if SecItemCopyMatching doesn't find a matching certificate, it is
known that it returns another (no kidding), so check that we received
the right certificate.
*/
- status = create_sectrans_certificate(&cert,
- certref,
- 1,
- pool);
+ status = create_macosxssl_certificate(&cert,
+ certref,
+ 1,
+ pool);
if (status)
return status;
- status = create_sectrans_certificate(&issuer_cert,
- issuer_certref,
- 1,
- pool);
+ status = create_macosxssl_certificate(&issuer_cert,
+ issuer_certref,
+ 1,
+ pool);
if (status)
return status;
@@ -1085,7 +1086,7 @@
CFArrayRef peer_certrefs,
apr_pool_t *pool)
{
- sectrans_certificate_t *prevcert;
+ macosxssl_certificate_t *prevcert;
CFMutableArrayRef ca_certrefs;
apr_pool_t *tmppool;
apr_status_t status;
@@ -1103,14 +1104,14 @@
apr_pool_create(&tmppool, pool);
- status = create_sectrans_certificate(&prevcert, certref, 1, tmppool);
+ status = create_macosxssl_certificate(&prevcert, certref, 1, tmppool);
if (status)
goto cleanup;
/* Get the issuer DER encoded data buffer of the provided certificate. */
while (1)
{
- sectrans_certificate_t *issuer_cert;
+ macosxssl_certificate_t *issuer_cert;
CFDataRef issuer, subject;
serf_ssl_certificate_t *dummy_cert;
@@ -1174,7 +1175,7 @@
}
static apr_status_t
-callback_for_identity_password(sectrans_context_t *ssl_ctx,
+callback_for_identity_password(macosxssl_context_t *ssl_ctx,
const char *cert_path,
const char **passphrase)
{
@@ -1192,7 +1193,7 @@
}
static apr_status_t
-callback_for_identity(sectrans_context_t *ssl_ctx,
+callback_for_identity(macosxssl_context_t *ssl_ctx,
apr_hash_t **dnlist,
apr_size_t dnlen,
SecIdentityRef *identityref,
@@ -1210,8 +1211,8 @@
if (status)
return status;
- status = serf__sectrans_load_identity_from_file(ssl_ctx, &identity,
- cert_path, pool);
+ status = serf__macosxssl_load_identity_from_file(ssl_ctx, &identity,
+ cert_path, pool);
if (status)
return status;
} else if (ssl_ctx->identity_callback)
@@ -1229,7 +1230,7 @@
/* Get a client certificate for this server from the application. */
static apr_status_t
-provide_client_certificate(sectrans_context_t *ssl_ctx)
+provide_client_certificate(macosxssl_context_t *ssl_ctx)
{
SecIdentityRef identityref = NULL;
CFArrayRef dnlistrefs = NULL;
@@ -1257,7 +1258,7 @@
client certificates issued by one of these DN's are acceptable. */
osstatus = SSLCopyDistinguishedNames(ssl_ctx->st_ctxr, &dnlistrefs);
if (osstatus != noErr) {
- return translate_sectrans_status(osstatus);
+ return translate_macosxssl_status(osstatus);
}
apr_pool_create(&tmppool, ssl_ctx->pool);
@@ -1272,7 +1273,7 @@
CFDataRef cader = CFArrayGetValueAtIndex(dnlistrefs, i);
apr_hash_t *ca;
- status = serf__sectrans_read_X509_DER_DN(&ca, cader, tmppool);
+ status = serf__macosxssl_read_X509_DER_DN(&ca, cader, tmppool);
if (status)
goto cleanup;
@@ -1312,14 +1313,14 @@
osstatus = SecIdentityCopyCertificate(identityref, &cert);
if (osstatus != noErr) {
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
goto cleanup;
}
osstatus = SSLCopyPeerCertificates(ssl_ctx->st_ctxr,
&peer_certrefs);
if (osstatus != noErr) {
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
goto cleanup;
}
@@ -1341,7 +1342,7 @@
allowed to use the signing key. */
osstatus = SSLSetCertificate(ssl_ctx->st_ctxr, items);
if (osstatus != noErr) {
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
goto cleanup;
}
@@ -1361,7 +1362,7 @@
Caller is responsible to clean up items.
*/
static apr_status_t
-load_identity_from_databuf(sectrans_context_t *ssl_ctx,
+load_identity_from_databuf(macosxssl_context_t *ssl_ctx,
const serf_ssl_identity_t **identity,
const char *label,
CFDataRef databuf,
@@ -1409,8 +1410,7 @@
if (!identityref)
return SERF_ERROR_SSL_CERT_FAILED;
- *identity = serf__create_identity(
- &serf_ssl_bucket_type_securetransport,
+ *identity = serf__create_identity(&serf_ssl_bucket_type_macosxssl,
identityref, NULL, pool);
return APR_SUCCESS;
@@ -1446,15 +1446,15 @@
/********************************/
#pragma mark HANDSHAKE AND INITIALIZATION
#pragma mark -
-static apr_status_t do_handshake(sectrans_context_t *ssl_ctx)
+static apr_status_t do_handshake(macosxssl_context_t *ssl_ctx)
{
OSStatus osstatus;
apr_status_t status = APR_SUCCESS;
- if (ssl_ctx->state == SERF_SECTRANS_INIT ||
- ssl_ctx->state == SERF_SECTRANS_HANDSHAKE)
+ if (ssl_ctx->state == SERF_MACOSXSSL_INIT ||
+ ssl_ctx->state == SERF_MACOSXSSL_HANDSHAKE)
{
- ssl_ctx->state = SERF_SECTRANS_HANDSHAKE;
+ ssl_ctx->state = SERF_MACOSXSSL_HANDSHAKE;
serf__log(SSL_VERBOSE, __FILE__, "do_handshake called.\n");
@@ -1494,14 +1494,14 @@
return APR_EAGAIN;
break;
default:
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
break;
}
if (!status)
{
serf__log(SSL_VERBOSE, __FILE__, "ssl/tls handshake successful.\n");
- ssl_ctx->state = SERF_SECTRANS_CONNECTED;
+ ssl_ctx->state = SERF_MACOSXSSL_CONNECTED;
/* We can now safely cleanup the temporary resources created during
handshake (i.e. the temporary keychain used to load the client
@@ -1529,10 +1529,10 @@
return APR_EAGAIN;
}
-static sectrans_context_t *
-sectrans_init_context(serf_bucket_alloc_t *allocator)
+static macosxssl_context_t *
+macosxssl_init_context(serf_bucket_alloc_t *allocator)
{
- sectrans_context_t *ssl_ctx;
+ macosxssl_context_t *ssl_ctx;
ssl_ctx = serf_bucket_mem_calloc(allocator, sizeof(*ssl_ctx));
ssl_ctx->refcount = 0;
@@ -1549,15 +1549,15 @@
NULL);
/* Set up a Secure Transport session. */
- ssl_ctx->state = SERF_SECTRANS_INIT;
+ ssl_ctx->state = SERF_MACOSXSSL_INIT;
if (SSLNewContext(FALSE, &ssl_ctx->st_ctxr))
return NULL;
- if (SSLSetIOFuncs(ssl_ctx->st_ctxr, sectrans_read_cb, sectrans_write_cb))
+ if (SSLSetIOFuncs(ssl_ctx->st_ctxr, macosxssl_read_cb, macosxssl_write_cb))
return NULL;
- /* Ensure the sectrans_context will be passed to the read and write callback
+ /* Ensure the macosxssl_context will be passed to the read and write callback
functions. */
if (SSLSetConnection(ssl_ctx->st_ctxr, ssl_ctx))
return NULL;
@@ -1583,8 +1583,8 @@
}
static apr_status_t
-sectrans_free_context(sectrans_context_t *ssl_ctx,
- serf_bucket_alloc_t *allocator)
+macosxssl_free_context(macosxssl_context_t *ssl_ctx,
+ serf_bucket_alloc_t *allocator)
{
apr_status_t status = APR_SUCCESS;
@@ -1608,19 +1608,19 @@
#pragma mark SSL_BUCKET API
#pragma mark -
static void *
-serf__sectrans_decrypt_create(serf_bucket_t *bucket,
- serf_bucket_t *stream,
- void *impl_ctx,
- serf_bucket_alloc_t *allocator)
+serf__macosxssl_decrypt_create(serf_bucket_t *bucket,
+ serf_bucket_t *stream,
+ void *impl_ctx,
+ serf_bucket_alloc_t *allocator)
{
- sectrans_context_t *ssl_ctx;
- bucket->type = &serf_bucket_type_sectrans_decrypt;
+ macosxssl_context_t *ssl_ctx;
+ bucket->type = &serf_bucket_type_macosxssl_decrypt;
bucket->allocator = allocator;
if (impl_ctx)
bucket->data = impl_ctx;
else
- bucket->data = sectrans_init_context(allocator);
+ bucket->data = macosxssl_init_context(allocator);
ssl_ctx = bucket->data;
ssl_ctx->refcount++;
@@ -1631,19 +1631,19 @@
}
static void *
-serf__sectrans_encrypt_create(serf_bucket_t *bucket,
- serf_bucket_t *stream,
- void *impl_ctx,
- serf_bucket_alloc_t *allocator)
+serf__macosxssl_encrypt_create(serf_bucket_t *bucket,
+ serf_bucket_t *stream,
+ void *impl_ctx,
+ serf_bucket_alloc_t *allocator)
{
- sectrans_context_t *ssl_ctx;
- bucket->type = &serf_bucket_type_sectrans_encrypt;
+ macosxssl_context_t *ssl_ctx;
+ bucket->type = &serf_bucket_type_macosxssl_encrypt;
bucket->allocator = allocator;
if (impl_ctx)
bucket->data = impl_ctx;
else
- bucket->data = sectrans_init_context(allocator);
+ bucket->data = macosxssl_init_context(allocator);
ssl_ctx = bucket->data;
ssl_ctx->refcount++;
@@ -1654,76 +1654,76 @@
}
static void *
-serf__sectrans_decrypt_context_get(serf_bucket_t *bucket)
+serf__macosxssl_decrypt_context_get(serf_bucket_t *bucket)
{
return NULL;
}
static void *
-serf__sectrans_encrypt_context_get(serf_bucket_t *bucket)
+serf__macosxssl_encrypt_context_get(serf_bucket_t *bucket)
{
return NULL;
}
static void
-serf__sectrans_client_cert_provider_set(
+serf__macosxssl_client_cert_provider_set(
void *impl_ctx,
serf_ssl_need_client_cert_t callback,
void *data,
void *cache_pool)
{
- sectrans_context_t *ssl_ctx = impl_ctx;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
ssl_ctx->client_cert_callback = callback;
ssl_ctx->identity_userdata = data;
}
static void
-serf__sectrans_identity_provider_set(void *impl_ctx,
- serf_ssl_need_identity_t callback,
- void *data,
- void *cache_pool)
+serf__macosxssl_identity_provider_set(void *impl_ctx,
+ serf_ssl_need_identity_t callback,
+ void *data,
+ void *cache_pool)
{
- sectrans_context_t *ssl_ctx = impl_ctx;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
ssl_ctx->identity_callback = callback;
ssl_ctx->identity_userdata = data;
}
static void
-serf__sectrans_client_cert_password_set(
+serf__macosxssl_client_cert_password_set(
void *impl_ctx,
serf_ssl_need_cert_password_t callback,
void *data,
void *cache_pool)
{
- sectrans_context_t *ssl_ctx = impl_ctx;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
ssl_ctx->identity_pw_callback = callback;
ssl_ctx->identity_pw_userdata = data;
}
static void
-serf__sectrans_server_cert_callback_set(
+serf__macosxssl_server_cert_callback_set(
void *impl_ctx,
serf_ssl_need_server_cert_t callback,
void *data)
{
- sectrans_context_t *ssl_ctx = impl_ctx;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
ssl_ctx->server_cert_callback = callback;
ssl_ctx->server_cert_userdata = data;
}
static void
-serf__sectrans_server_cert_chain_callback_set(
+serf__macosxssl_server_cert_chain_callback_set(
void *impl_ctx,
serf_ssl_need_server_cert_t cert_callback,
serf_ssl_server_cert_chain_cb_t cert_chain_callback,
void *data)
{
- sectrans_context_t *ssl_ctx = impl_ctx;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
ssl_ctx->server_cert_callback = cert_callback;
ssl_ctx->server_cert_chain_callback = cert_chain_callback;
@@ -1731,9 +1731,9 @@
}
static apr_status_t
-serf__sectrans_set_hostname(void *impl_ctx, const char * hostname)
+serf__macosxssl_set_hostname(void *impl_ctx, const char * hostname)
{
- sectrans_context_t *ssl_ctx = impl_ctx;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
OSStatus osstatus;
ssl_ctx->hostname = serf_bstrdup(ssl_ctx->allocator, hostname);
@@ -1741,13 +1741,13 @@
ssl_ctx->hostname,
strlen(hostname));
- return translate_sectrans_status(osstatus);
+ return translate_macosxssl_status(osstatus);
}
static apr_status_t
-serf__sectrans_use_default_certificates(void *impl_ctx)
+serf__macosxssl_use_default_certificates(void *impl_ctx)
{
- sectrans_context_t *ssl_ctx = impl_ctx;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
/* When constructing the trust object to validate the server certificate
chain, extract all root certificates from the System keychain first
@@ -1794,9 +1794,9 @@
}
static apr_status_t
-serf__sectrans_load_CA_cert_from_file(serf_ssl_certificate_t **cert,
- const char *file_path,
- apr_pool_t *pool)
+serf__macosxssl_load_CA_cert_from_file(serf_ssl_certificate_t **cert,
+ const char *file_path,
+ apr_pool_t *pool)
{
CFArrayRef items;
CFDataRef databuf;
@@ -1826,14 +1826,14 @@
}
static apr_status_t
-serf__sectrans_load_identity_from_file(void *impl_ctx,
- const serf_ssl_identity_t **identity,
- const char *file_path,
- apr_pool_t *pool)
+serf__macosxssl_load_identity_from_file(void *impl_ctx,
+ const serf_ssl_identity_t **identity,
+ const char *file_path,
+ apr_pool_t *pool)
{
apr_status_t status;
CFDataRef databuf;
- sectrans_context_t *ssl_ctx = impl_ctx;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
status = load_data_from_file(file_path, &databuf, pool);
if (status)
@@ -1850,48 +1850,51 @@
}
static apr_status_t
-serf__sectrans_trust_cert(void *impl_ctx,
- serf_ssl_certificate_t *cert)
+serf__macosxssl_trust_cert(void *impl_ctx,
+ serf_ssl_certificate_t *cert)
{
- sectrans_context_t *ssl_ctx = impl_ctx;
- sectrans_certificate_t *sectrans_cert = cert->impl_cert;
+ macosxssl_context_t *ssl_ctx = impl_ctx;
+ macosxssl_certificate_t *macosxssl_cert = cert->impl_cert;
if (!ssl_ctx->anchor_certs)
ssl_ctx->anchor_certs = apr_array_make(ssl_ctx->pool, 1,
sizeof(SecCertificateRef));
APR_ARRAY_PUSH(ssl_ctx->anchor_certs,
- SecCertificateRef) = sectrans_cert->certref;
+ SecCertificateRef) = macosxssl_cert->certref;
return APR_SUCCESS;
}
static apr_hash_t *
-serf__sectrans_cert_certificate(const serf_ssl_certificate_t *cert,
- apr_pool_t *pool)
+serf__macosxssl_cert_certificate(const serf_ssl_certificate_t *cert,
+ apr_pool_t *pool)
{
apr_hash_t *tgt;
const char *date_str, *sha1;
- sectrans_certificate_t *sectrans_cert = cert->impl_cert;
+ macosxssl_certificate_t *macosxssl_cert = cert->impl_cert;
- if (!sectrans_cert->content) {
+ if (!macosxssl_cert->content) {
apr_status_t status;
- status = serf__sectrans_read_X509_DER_certificate(§rans_cert->content,
- sectrans_cert,
- pool);
+ status = serf__macosxssl_read_X509_DER_certificate(
+ &macosxssl_cert->content,
+ macosxssl_cert,
+ pool);
if (status)
return NULL;
}
tgt = apr_hash_make(pool);
- date_str = apr_hash_get(sectrans_cert->content, "notBefore", APR_HASH_KEY_STRING);
+ date_str = apr_hash_get(macosxssl_cert->content, "notBefore",
+ APR_HASH_KEY_STRING);
apr_hash_set(tgt, "notBefore", APR_HASH_KEY_STRING, date_str);
- date_str = apr_hash_get(sectrans_cert->content, "notAfter", APR_HASH_KEY_STRING);
+ date_str = apr_hash_get(macosxssl_cert->content, "notAfter",
+ APR_HASH_KEY_STRING);
apr_hash_set(tgt, "notAfter", APR_HASH_KEY_STRING, date_str);
- sha1 = apr_hash_get(sectrans_cert->content, "sha1", APR_HASH_KEY_STRING);
+ sha1 = apr_hash_get(macosxssl_cert->content, "sha1", APR_HASH_KEY_STRING);
apr_hash_set(tgt, "sha1", APR_HASH_KEY_STRING, sha1);
/* TODO: array of subjectAltName's */
@@ -1901,49 +1904,51 @@
static apr_hash_t *
-serf__sectrans_cert_issuer(const serf_ssl_certificate_t *cert,
- apr_pool_t *pool)
+serf__macosxssl_cert_issuer(const serf_ssl_certificate_t *cert,
+ apr_pool_t *pool)
{
- sectrans_certificate_t *sectrans_cert = cert->impl_cert;
+ macosxssl_certificate_t *macosxssl_cert = cert->impl_cert;
- if (!sectrans_cert->content) {
+ if (!macosxssl_cert->content) {
apr_status_t status;
- status = serf__sectrans_read_X509_DER_certificate(§rans_cert->content,
- sectrans_cert,
- pool);
+ status = serf__macosxssl_read_X509_DER_certificate(
+ &macosxssl_cert->content,
+ macosxssl_cert,
+ pool);
if (status)
return NULL;
}
- return (apr_hash_t *)apr_hash_get(sectrans_cert->content,
+ return (apr_hash_t *)apr_hash_get(macosxssl_cert->content,
"issuer", APR_HASH_KEY_STRING);
}
static apr_hash_t *
-serf__sectrans_cert_subject(const serf_ssl_certificate_t *cert,
- apr_pool_t *pool)
+serf__macosxssl_cert_subject(const serf_ssl_certificate_t *cert,
+ apr_pool_t *pool)
{
- sectrans_certificate_t *sectrans_cert = cert->impl_cert;
+ macosxssl_certificate_t *macosxssl_cert = cert->impl_cert;
- if (!sectrans_cert->content) {
+ if (!macosxssl_cert->content) {
apr_status_t status;
- status = serf__sectrans_read_X509_DER_certificate(§rans_cert->content,
- sectrans_cert,
- pool);
+ status = serf__macosxssl_read_X509_DER_certificate(
+ &macosxssl_cert->content,
+ macosxssl_cert,
+ pool);
if (status)
return NULL;
}
- return (apr_hash_t *)apr_hash_get(sectrans_cert->content,
+ return (apr_hash_t *)apr_hash_get(macosxssl_cert->content,
"subject", APR_HASH_KEY_STRING);
}
static const char *
-serf__sectrans_cert_export(const serf_ssl_certificate_t *cert,
- apr_pool_t *pool)
+serf__macosxssl_cert_export(const serf_ssl_certificate_t *cert,
+ apr_pool_t *pool)
{
- sectrans_certificate_t *sectrans_cert = cert->impl_cert;
- SecCertificateRef certref = sectrans_cert->certref;
+ macosxssl_certificate_t *macosxssl_cert = cert->impl_cert;
+ SecCertificateRef certref = macosxssl_cert->certref;
CFDataRef dataref = SecCertificateCopyData(certref);
const unsigned char *data = CFDataGetBytePtr(dataref);
char *encoded_cert;
@@ -1961,7 +1966,7 @@
}
static apr_status_t
-serf__sectrans_use_compression(void *impl_ctx, int enabled)
+serf__macosxssl_use_compression(void *impl_ctx, int enabled)
{
if (enabled) {
serf__log(SSL_VERBOSE, __FILE__,
@@ -1978,18 +1983,18 @@
#pragma mark ENCRYPTION BUCKET API
#pragma mark -
static apr_status_t
-serf_sectrans_encrypt_read(serf_bucket_t *bucket,
- apr_size_t requested,
- const char **data, apr_size_t *len)
+serf_macosxssl_encrypt_read(serf_bucket_t *bucket,
+ apr_size_t requested,
+ const char **data, apr_size_t *len)
{
- sectrans_context_t *ssl_ctx = bucket->data;
+ macosxssl_context_t *ssl_ctx = bucket->data;
apr_status_t status, status_unenc_stream;
const char *unenc_data;
struct iovec vecs[32];
int vecs_used;
size_t unenc_len;
- serf__log(SSL_VERBOSE, __FILE__, "serf_sectrans_encrypt_read called for "
+ serf__log(SSL_VERBOSE, __FILE__, "serf_macosxssl_encrypt_read called for "
"%d bytes.\n", requested);
/* Pending handshake? */
@@ -2044,7 +2049,7 @@
osstatus = SSLWrite(ssl_ctx->st_ctxr, unenc_data, unenc_len,
&written);
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
if (SERF_BUCKET_READ_ERROR(status))
return status;
@@ -2053,7 +2058,7 @@
status_unenc_stream, written, written, unenc_data, written);
/* Less data written than available! This situation can never happen,
- because SSLWrite loops until all data is sent or sectrans_write_cb
+ because SSLWrite loops until all data is sent or macosxssl_write_cb
returns errSSLWouldBlock, and the callback will never return this
error because it can process all data that it's given. */
if (written < unenc_len)
@@ -2079,34 +2084,34 @@
}
static apr_status_t
-serf_sectrans_encrypt_readline(serf_bucket_t *bucket,
- int acceptable, int *found,
- const char **data,
- apr_size_t *len)
+serf_macosxssl_encrypt_readline(serf_bucket_t *bucket,
+ int acceptable, int *found,
+ const char **data,
+ apr_size_t *len)
{
serf__log(SSL_VERBOSE, __FILE__,
- "function serf_sectrans_encrypt_readline not implemented.\n");
+ "function serf_macosxssl_encrypt_readline not implemented.\n");
return APR_ENOTIMPL;
}
static apr_status_t
-serf_sectrans_encrypt_peek(serf_bucket_t *bucket,
- const char **data,
- apr_size_t *len)
+serf_macosxssl_encrypt_peek(serf_bucket_t *bucket,
+ const char **data,
+ apr_size_t *len)
{
- sectrans_context_t *ssl_ctx = bucket->data;
+ macosxssl_context_t *ssl_ctx = bucket->data;
return serf_bucket_peek(ssl_ctx->encrypt.pending, data, len);
}
static void
-serf_sectrans_encrypt_destroy_and_data(serf_bucket_t *bucket)
+serf_macosxssl_encrypt_destroy_and_data(serf_bucket_t *bucket)
{
- sectrans_context_t *ssl_ctx = bucket->data;
+ macosxssl_context_t *ssl_ctx = bucket->data;
if (!--ssl_ctx->refcount) {
- sectrans_free_context(ssl_ctx, bucket->allocator);
+ macosxssl_free_context(ssl_ctx, bucket->allocator);
}
serf_bucket_ssl_destroy_and_data(bucket);
@@ -2117,11 +2122,11 @@
#pragma mark DECRYPTION BUCKET API
#pragma mark -
static apr_status_t
-serf_sectrans_decrypt_peek(serf_bucket_t *bucket,
- const char **data,
- apr_size_t *len)
+serf_macosxssl_decrypt_peek(serf_bucket_t *bucket,
+ const char **data,
+ apr_size_t *len)
{
- sectrans_context_t *ssl_ctx = bucket->data;
+ macosxssl_context_t *ssl_ctx = bucket->data;
return serf_bucket_peek(ssl_ctx->decrypt.pending, data, len);
}
@@ -2131,7 +2136,7 @@
This function will read and decrypt all available data.
*/
static apr_status_t
-decrypt_more_data(sectrans_context_t *ssl_ctx)
+decrypt_more_data(macosxssl_context_t *ssl_ctx)
{
/* Decrypt more data. */
serf_bucket_t *tmp;
@@ -2153,7 +2158,7 @@
default (minimum) size READ_BUFSIZE. */
osstatus = SSLGetBufferedReadSize(ssl_ctx->st_ctxr, &available_len);
if (osstatus != noErr)
- return translate_sectrans_status(osstatus);
+ return translate_macosxssl_status(osstatus);
else {
if (available_len < READ_BUFSIZE)
available_len = READ_BUFSIZE;
@@ -2167,7 +2172,7 @@
osstatus = SSLRead(ssl_ctx->st_ctxr, dec_data,
available_len,
&dec_len);
- status = translate_sectrans_status(osstatus);
+ status = translate_macosxssl_status(osstatus);
/* SSLRead can put data in dec_data while returning an error status. */
if (SERF_BUCKET_READ_ERROR(status) && !dec_len)
@@ -2187,15 +2192,15 @@
}
static apr_status_t
-serf_sectrans_decrypt_read(serf_bucket_t *bucket,
- apr_size_t requested,
- const char **data, apr_size_t *len)
+serf_macosxssl_decrypt_read(serf_bucket_t *bucket,
+ apr_size_t requested,
+ const char **data, apr_size_t *len)
{
- sectrans_context_t *ssl_ctx = bucket->data;
+ macosxssl_context_t *ssl_ctx = bucket->data;
apr_status_t status;
serf__log(SSL_VERBOSE, __FILE__,
- "serf_sectrans_decrypt_read called for %d bytes.\n", requested);
+ "serf_macosxssl_decrypt_read called for %d bytes.\n", requested);
/* Pending handshake? */
status = do_handshake(ssl_ctx);
@@ -2224,12 +2229,12 @@
}
static apr_status_t
-serf_sectrans_decrypt_readline(serf_bucket_t *bucket,
- int acceptable, int *found,
- const char **data,
- apr_size_t *len)
+serf_macosxssl_decrypt_readline(serf_bucket_t *bucket,
+ int acceptable, int *found,
+ const char **data,
+ apr_size_t *len)
{
- sectrans_context_t *ssl_ctx = bucket->data;
+ macosxssl_context_t *ssl_ctx = bucket->data;
apr_status_t status;
/* Pending handshake? */
@@ -2264,12 +2269,12 @@
}
static void
-serf_sectrans_decrypt_destroy_and_data(serf_bucket_t *bucket)
+serf_macosxssl_decrypt_destroy_and_data(serf_bucket_t *bucket)
{
- sectrans_context_t *ssl_ctx = bucket->data;
+ macosxssl_context_t *ssl_ctx = bucket->data;
if (!--ssl_ctx->refcount) {
- sectrans_free_context(ssl_ctx, bucket->allocator);
+ macosxssl_free_context(ssl_ctx, bucket->allocator);
}
serf_bucket_ssl_destroy_and_data(bucket);
@@ -2280,18 +2285,18 @@
#pragma mark KEYCHAIN HELPER FUNCTIONS
#pragma mark -
apr_status_t
-serf_sectrans_show_trust_certificate_panel(serf_ssl_context_t *ctx,
- const char *message,
- const char *ok_button,
- const char *cancel_button)
+serf_macosxssl_show_trust_certificate_panel(serf_ssl_context_t *ctx,
+ const char *message,
+ const char *ok_button,
+ const char *cancel_button)
{
-#ifdef SERF_HAVE_SECURETRANSPORT
- sectrans_context_t *ssl_ctx = serf__ssl_get_impl_context(ctx);
+#ifdef SERF_HAVE_MACOSXSSL
+ macosxssl_context_t *ssl_ctx = serf__ssl_get_impl_context(ctx);
SecTrustRef trust = ssl_ctx->trust;
apr_status_t status;
- void *sectrans_cls = objc_getClass("SecTrans_Buckets");
- id tmp = objc_msgSend(sectrans_cls,
+ void *macosxssl_cls = objc_getClass("macosxssl_Buckets");
+ id tmp = objc_msgSend(macosxssl_cls,
sel_getUid("showTrustCertificateDialog:message:"
"ok_button:cancel_button:"),
trust, message, ok_button, cancel_button);
@@ -2304,20 +2309,19 @@
}
apr_status_t
-serf_sectrans_show_select_identity_panel(
- serf_ssl_context_t *ctx,
- const serf_ssl_identity_t **identity,
- const char *message,
- const char *ok_button,
- const char *cancel_button,
- apr_pool_t *pool)
+serf_macosxssl_show_select_identity_panel(serf_ssl_context_t *ctx,
+ const serf_ssl_identity_t **identity,
+ const char *message,
+ const char *ok_button,
+ const char *cancel_button,
+ apr_pool_t *pool)
{
-#ifdef SERF_HAVE_SECURETRANSPORT
+#ifdef SERF_HAVE_MACOSXSSL
SecIdentityRef identityref;
OSStatus osstatus;
- void *sectrans_cls = objc_getClass("SecTrans_Buckets");
- id tmp = objc_msgSend(sectrans_cls,
+ void *macosxssl_cls = objc_getClass("MacOSXSSL_Buckets");
+ id tmp = objc_msgSend(macosxssl_cls,
sel_getUid("showSelectIdentityDialog:message:"
"ok_button:cancel_button:"),
&identityref, message, ok_button, cancel_button);
@@ -2327,13 +2331,13 @@
/* There is no single identity in the keychains. */
return SERF_ERROR_SSL_NO_IDENTITIES_AVAILABLE;
} else if (osstatus != noErr) {
- return translate_sectrans_status(osstatus);
+ return translate_macosxssl_status(osstatus);
}
if (!identityref)
return SERF_ERROR_SSL_CERT_FAILED;
- *identity = serf__create_identity(&serf_ssl_bucket_type_securetransport,
+ *identity = serf__create_identity(&serf_ssl_bucket_type_macosxssl,
identityref, NULL,
pool);
return APR_SUCCESS;
@@ -2343,14 +2347,14 @@
}
apr_status_t
-serf_sectrans_find_preferred_identity_in_keychain(
+serf_macosxssl_find_preferred_identity_in_keychain(
serf_ssl_context_t *ctx,
const serf_ssl_identity_t **identity,
apr_pool_t *pool)
{
-#ifdef SERF_HAVE_SECURETRANSPORT
+#ifdef SERF_HAVE_MACOSXSSL
apr_pool_t *tmppool;
- sectrans_context_t *ssl_ctx = serf__ssl_get_impl_context(ctx);
+ macosxssl_context_t *ssl_ctx = serf__ssl_get_impl_context(ctx);
SecIdentityRef identityref = NULL;
CFStringRef labelref;
const char *label;
@@ -2386,7 +2390,7 @@
if (identityref)
{
- *identity = serf__create_identity(&serf_ssl_bucket_type_securetransport,
+ *identity = serf__create_identity(&serf_ssl_bucket_type_macosxssl,
identityref, NULL, pool);
status = APR_SUCCESS;
} else {
@@ -2405,48 +2409,48 @@
}
/*****************************************************************************/
-const serf_bucket_type_t serf_bucket_type_sectrans_encrypt = {
- "SECURETRANSPORTENCRYPT",
- serf_sectrans_encrypt_read,
- serf_sectrans_encrypt_readline,
+const serf_bucket_type_t serf_bucket_type_macosxssl_encrypt = {
+ "MACOSXSSLENCRYPT",
+ serf_macosxssl_encrypt_read,
+ serf_macosxssl_encrypt_readline,
serf_default_read_iovec,
serf_default_read_for_sendfile,
serf_default_read_bucket,
- serf_sectrans_encrypt_peek,
- serf_sectrans_encrypt_destroy_and_data,
+ serf_macosxssl_encrypt_peek,
+ serf_macosxssl_encrypt_destroy_and_data,
};
-const serf_bucket_type_t serf_bucket_type_sectrans_decrypt = {
- "SECURETRANSPORTDECRYPT",
- serf_sectrans_decrypt_read,
- serf_sectrans_decrypt_readline,
+const serf_bucket_type_t serf_bucket_type_macosxssl_decrypt = {
+ "MACOSXSSLDECRYPT",
+ serf_macosxssl_decrypt_read,
+ serf_macosxssl_decrypt_readline,
serf_default_read_iovec,
serf_default_read_for_sendfile,
serf_default_read_bucket,
- serf_sectrans_decrypt_peek,
- serf_sectrans_decrypt_destroy_and_data,
+ serf_macosxssl_decrypt_peek,
+ serf_macosxssl_decrypt_destroy_and_data,
};
-const serf_ssl_bucket_type_t serf_ssl_bucket_type_securetransport = {
- serf__sectrans_decrypt_create,
- serf__sectrans_decrypt_context_get,
- serf__sectrans_encrypt_create,
- serf__sectrans_encrypt_context_get,
- serf__sectrans_set_hostname,
- serf__sectrans_client_cert_provider_set,
- serf__sectrans_identity_provider_set,
- serf__sectrans_client_cert_password_set,
- serf__sectrans_server_cert_callback_set,
- serf__sectrans_server_cert_chain_callback_set,
- serf__sectrans_use_default_certificates,
- serf__sectrans_load_CA_cert_from_file,
- serf__sectrans_load_identity_from_file,
- serf__sectrans_trust_cert,
- serf__sectrans_cert_issuer,
- serf__sectrans_cert_subject,
- serf__sectrans_cert_certificate,
- serf__sectrans_cert_export,
- serf__sectrans_use_compression,
+const serf_ssl_bucket_type_t serf_ssl_bucket_type_macosxssl = {
+ serf__macosxssl_decrypt_create,
+ serf__macosxssl_decrypt_context_get,
+ serf__macosxssl_encrypt_create,
+ serf__macosxssl_encrypt_context_get,
+ serf__macosxssl_set_hostname,
+ serf__macosxssl_client_cert_provider_set,
+ serf__macosxssl_identity_provider_set,
+ serf__macosxssl_client_cert_password_set,
+ serf__macosxssl_server_cert_callback_set,
+ serf__macosxssl_server_cert_chain_callback_set,
+ serf__macosxssl_use_default_certificates,
+ serf__macosxssl_load_CA_cert_from_file,
+ serf__macosxssl_load_identity_from_file,
+ serf__macosxssl_trust_cert,
+ serf__macosxssl_cert_issuer,
+ serf__macosxssl_cert_subject,
+ serf__macosxssl_cert_certificate,
+ serf__macosxssl_cert_export,
+ serf__macosxssl_use_compression,
NULL,
NULL,
NULL,
@@ -2455,13 +2459,13 @@
#else
-const serf_bucket_type_t serf_bucket_type_sectrans_encrypt = {
- "SECURETRANSPORTENCRYPT",
+const serf_bucket_type_t serf_bucket_type_macosxssl_encrypt = {
+ "MACOSXSSLENCRYPT",
NULL, NULL, NULL, NULL, NULL, NULL, NULL,
};
-const serf_bucket_type_t serf_bucket_type_sectrans_decrypt = {
- "SECURETRANSPORTDECRYPT",
+const serf_bucket_type_t serf_bucket_type_macosxssl_decrypt = {
+ "MACOSXSSLDECRYPT",
NULL, NULL, NULL, NULL, NULL, NULL, NULL,
};
-#endif /* SERF_HAVE_SECURETRANSPORT */
+#endif /* SERF_HAVE_MACOSXSSL */
diff --git a/buckets/sectrans_helper.m b/buckets/macosxssl_helper.m
similarity index 98%
rename from buckets/sectrans_helper.m
rename to buckets/macosxssl_helper.m
index a230dc4..9ece1e8 100644
--- a/buckets/sectrans_helper.m
+++ b/buckets/macosxssl_helper.m
@@ -20,7 +20,7 @@
#import "serf.h"
-@interface SecTrans_Buckets : NSObject
+@interface MacOSXSSL_Buckets : NSObject
{
}
+ (OSStatus) evaluate:(SecTrustRef)trust
@@ -32,7 +32,7 @@
cancel_button:(const char *)cancel_button;
@end
-@implementation SecTrans_Buckets
+@implementation MacOSXSSL_Buckets
/* Evaluate the trust object asynchronously. When the results are received,
store them in the provided resultPtr address. */
diff --git a/buckets/sectrans_x509_cert.c b/buckets/macosxssl_x509_cert.c
similarity index 97%
rename from buckets/sectrans_x509_cert.c
rename to buckets/macosxssl_x509_cert.c
index 6a9465c..c081146 100644
--- a/buckets/sectrans_x509_cert.c
+++ b/buckets/macosxssl_x509_cert.c
@@ -13,7 +13,7 @@
* limitations under the License.
*/
-#ifdef SERF_HAVE_SECURETRANSPORT
+#ifdef SERF_HAVE_MACOSXSSL
#include <stdlib.h>
@@ -432,8 +432,8 @@
*/
apr_status_t
-serf__sectrans_read_X509_DER_DN(apr_hash_t **o, CFDataRef dndata,
- apr_pool_t *pool)
+serf__macosxssl_read_X509_DER_DN(apr_hash_t **o, CFDataRef dndata,
+ apr_pool_t *pool)
{
CFDataRef dnder;
apr_hash_t *dn;
@@ -465,9 +465,9 @@
- _subject_der
*/
apr_status_t
-serf__sectrans_read_X509_DER_certificate(apr_hash_t **o,
- const sectrans_certificate_t *cert,
- apr_pool_t *pool)
+serf__macosxssl_read_X509_DER_certificate(apr_hash_t **o,
+ const macosxssl_certificate_t *cert,
+ apr_pool_t *pool)
{
apr_hash_t *x509_cert, *issuer, *subject;
CFDataRef issuer_der, subject_der;
@@ -618,4 +618,4 @@
return status;
}
-#endif /* SERF_HAVE_SECURETRANSPORT */
+#endif /* SERF_HAVE_MACOSXSSL */
diff --git a/buckets/ssl_buckets.c b/buckets/ssl_buckets.c
index 970baba..a460bd7 100644
--- a/buckets/ssl_buckets.c
+++ b/buckets/ssl_buckets.c
@@ -52,9 +52,9 @@
/* Prefer SSL implementation integrated in host platform, depending
on what's builtin and what the application allows. */
-#ifdef SERF_HAVE_SECURETRANSPORT
- if (bucket_impls & SERF_IMPL_SSL_SECTRANS)
- return &serf_ssl_bucket_type_securetransport;
+#ifdef SERF_HAVE_MACOSXSSL
+ if (bucket_impls & SERF_IMPL_SSL_MACOSXSSL)
+ return &serf_ssl_bucket_type_macosxssl;
#endif
#ifdef SERF_HAVE_OPENSSL
if (bucket_impls & SERF_IMPL_SSL_OPENSSL)
diff --git a/outgoing.c b/outgoing.c
index 44afcca..a12746c 100644
--- a/outgoing.c
+++ b/outgoing.c
@@ -782,20 +782,24 @@
&conn->vec_len);
if (!conn->hit_eof) {
- if (APR_STATUS_IS_EAGAIN(read_status) ||
- read_status == SERF_ERROR_WAIT_CONN) {
+ if (APR_STATUS_IS_EAGAIN(read_status)) {
/* We read some stuff, but should not try to read again. */
stop_reading = 1;
+ }
+ else if (read_status == SERF_ERROR_WAIT_CONN) {
+ /* The bucket told us that it can't provide more data until
+ more data is read from the socket. This normally happens
+ during a SSL handshake.
+
+ We should avoid looking for writability for a while so
+ that (hopefully) something will appear in the bucket so
+ we can actually write something. otherwise, we could
+ end up in a CPU spin: socket wants something, but we
+ don't have anything (and keep returning EAGAIN)
+ */
conn->stop_writing = 1;
conn->dirty_conn = 1;
conn->ctx->dirty_pollset = 1;
-
- /* ### we should avoid looking for writability for a while so
- ### that (hopefully) something will appear in the bucket so
- ### we can actually write something. otherwise, we could
- ### end up in a CPU spin: socket wants something, but we
- ### don't have anything (and keep returning EAGAIN)
- */
}
else if (read_status && !APR_STATUS_IS_EOF(read_status)) {
/* Something bad happened. Propagate any errors. */
diff --git a/serf_bucket_types.h b/serf_bucket_types.h
index 38bf2f0..1edac7c 100644
--- a/serf_bucket_types.h
+++ b/serf_bucket_types.h
@@ -36,7 +36,7 @@
#endif
-#define SERF_IMPL_SSL_SECTRANS 0x0001
+#define SERF_IMPL_SSL_MACOSXSSL 0x0001
#define SERF_IMPL_SSL_OPENSSL 0x0002
#define SERF_IMPL_SSL_ALL 0x0003
@@ -523,12 +523,12 @@
#define SERF_SSL_CERT_CONFIRM_NEEDED 0x40
extern const serf_bucket_type_t serf_bucket_type_openssl_encrypt;
-extern const serf_bucket_type_t serf_bucket_type_sectrans_encrypt;
+extern const serf_bucket_type_t serf_bucket_type_macosxssl_encrypt;
extern const serf_bucket_type_t serf_bucket_type_ssl_encrypt;
#define SERF_BUCKET_IS_SSL_ENCRYPT(b) \
(((b)->type == &serf_bucket_type_openssl_encrypt) || \
- ((b)->type == &serf_bucket_type_sectrans_encrypt))
+ ((b)->type == &serf_bucket_type_macosxssl_encrypt))
typedef struct serf_ssl_context_t serf_ssl_context_t;
typedef struct serf_ssl_certificate_t serf_ssl_certificate_t;
@@ -775,18 +775,18 @@
also gives the option to store the user's decision for this certificate
permanently in the Keychain (requires password).
- This function will return APR_ENOTIMPL when SERF_HAVE_SECURETRANSPORT is not
+ This function will return APR_ENOTIMPL when SERF_HAVE_MACOSXSSL is not
defined.
*/
apr_status_t
-serf_sectrans_show_trust_certificate_panel(serf_ssl_context_t *ssl_ctx,
- const char *message,
- const char *ok_button_label,
- const char *cancel_button_label);
+serf_macosxssl_show_trust_certificate_panel(serf_ssl_context_t *ssl_ctx,
+ const char *message,
+ const char *ok_button_label,
+ const char *cancel_button_label);
-
-/* Note: both serf_sectrans_show_select_identity_panel and
- serf_sectrans_find_preferred_identity_in_keychain support smart cards.
+
+/* Note: both serf_macosxssl_show_select_identity_panel and
+ serf_macosxssl_find_preferred_identity_in_keychain support smart cards.
As soon as the card is inserted in the reader, an extra keychain will be
created containing the certificate(s) and private key(s) stored on the smart
@@ -804,25 +804,25 @@
TODO: should take list of acceptable CA's.
- This function will return APR_ENOTIMPL when SERF_HAVE_SECURETRANSPORT is not
+ This function will return APR_ENOTIMPL when SERF_HAVE_MACOSXSSL is not
defined.
*/
apr_status_t
-serf_sectrans_show_select_identity_panel(serf_ssl_context_t *ssl_ctx,
- const serf_ssl_identity_t **identity,
- const char *message,
- const char *ok_button_label,
- const char *cancel_button_label,
- apr_pool_t *pool);
+serf_macosxssl_show_select_identity_panel(serf_ssl_context_t *ssl_ctx,
+ const serf_ssl_identity_t **identity,
+ const char *message,
+ const char *ok_button_label,
+ const char *cancel_button_label,
+ apr_pool_t *pool);
/* Find a preferred identity for this hostname in the kechains.
(identity preference entry).
- This function will return APR_ENOTIMPL when SERF_HAVE_SECURETRANSPORT is not
+ This function will return APR_ENOTIMPL when SERF_HAVE_MACOSXSSL is not
defined.
*/
apr_status_t
-serf_sectrans_find_preferred_identity_in_keychain(
+serf_macosxssl_find_preferred_identity_in_keychain(
serf_ssl_context_t *ssl_ctx,
const serf_ssl_identity_t **identity,
apr_pool_t *pool);
@@ -842,12 +842,12 @@
/* ==================================================================== */
extern const serf_bucket_type_t serf_bucket_type_openssl_decrypt;
-extern const serf_bucket_type_t serf_bucket_type_sectrans_decrypt;
+extern const serf_bucket_type_t serf_bucket_type_macosxssl_decrypt;
extern const serf_bucket_type_t serf_bucket_type_ssl_decrypt;
#define SERF_BUCKET_IS_SSL_DECRYPT(b) \
(((b)->type == &serf_bucket_type_openssl_decrypt) || \
- ((b)->type == &serf_bucket_type_sectrans_decrypt))
+ ((b)->type == &serf_bucket_type_macosxssl_decrypt))
serf_bucket_t *serf_bucket_ssl_decrypt_create(
serf_bucket_t *stream,
diff --git a/test/serf_get.c b/test/serf_get.c
index 2045a23..708d061 100644
--- a/test/serf_get.c
+++ b/test/serf_get.c
@@ -26,7 +26,7 @@
#include "serf.h"
/* Add Connection: close header to each request. */
-/* #define CONNECTION_CLOSE_HDR */
+#define CONNECTION_CLOSE_HDR
typedef struct {
const char *hostinfo;
diff --git a/test/test_context.c b/test/test_context.c
index 192803b..365f37a 100644
--- a/test/test_context.c
+++ b/test/test_context.c
@@ -1079,7 +1079,7 @@
if (failures) {
apr_status_t status;
- status = serf_sectrans_show_trust_certificate_panel(tb->ssl_context,
+ status = serf_macosxssl_show_trust_certificate_panel(tb->ssl_context,
"Server certificate requires validation",
"Accept",
"Cancel");
@@ -1734,14 +1734,14 @@
*/
/* First check if the user has set a preferred identity for this server. */
- status = serf_sectrans_find_preferred_identity_in_keychain(tb->ssl_context,
- identity,
- pool);
+ status = serf_macosxssl_find_preferred_identity_in_keychain(tb->ssl_context,
+ identity,
+ pool);
if (status == APR_SUCCESS)
return APR_SUCCESS;
/* Choose an identity from the available identities in the keychains. */
- status = serf_sectrans_show_select_identity_panel(tb->ssl_context,
+ status = serf_macosxssl_show_select_identity_panel(tb->ssl_context,
identity,
"Select client identity.", "Accept", "Cancel",
pool);
@@ -2341,7 +2341,7 @@
CuSuite *test_context(void)
{
CuSuite *suite = CuSuiteNew();
- CuSuite *openssl_suite, *sectransssl_suite;
+ CuSuite *openssl_suite, *macosxssl_suite;
CuSuiteSetSetupTeardownCallbacks(suite, test_setup, test_teardown);
@@ -2383,27 +2383,27 @@
CuSuiteAddSuite(suite, openssl_suite);
#endif
-#ifdef SERF_HAVE_SECURETRANSPORT
- sectransssl_suite = CuSuiteNew();
+#ifdef SERF_HAVE_MACOSXSSL
+ macosxssl_suite = CuSuiteNew();
- CuSuiteSetSetupTeardownCallbacks(sectransssl_suite, test_sectransssl_setup,
- test_sectransssl_teardown);
+ CuSuiteSetSetupTeardownCallbacks(macosxssl_suite, test_macosxssl_setup,
+ test_macosxssl_teardown);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_handshake);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_trust_rootca);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_application_rejects_cert);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_certificate_chain_with_anchor);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_certificate_chain_all_from_server);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_no_servercert_callback_allok);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_no_servercert_callback_fail);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_large_response);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_large_request);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_client_certificate);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_identity);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_expired_server_cert);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_future_server_cert);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_handshake);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_trust_rootca);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_application_rejects_cert);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_certificate_chain_with_anchor);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_certificate_chain_all_from_server);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_no_servercert_callback_allok);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_no_servercert_callback_fail);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_large_response);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_large_request);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_client_certificate);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_identity);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_expired_server_cert);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_future_server_cert);
- CuSuiteAddSuite(suite, sectransssl_suite);
+ CuSuiteAddSuite(suite, macosxssl_suite);
#endif
return suite;
diff --git a/test/test_serf.h b/test/test_serf.h
index 5c39b61..3e5b46f 100644
--- a/test/test_serf.h
+++ b/test/test_serf.h
@@ -188,8 +188,8 @@
void *test_teardown(void *baton);
void *test_openssl_setup(void *baton);
void *test_openssl_teardown(void *baton);
-void *test_sectransssl_setup(void *baton);
-void *test_sectransssl_teardown(void *baton);
+void *test_macosxssl_setup(void *baton);
+void *test_macosxssl_teardown(void *baton);
typedef struct {
serf_response_acceptor_t acceptor;
diff --git a/test/test_ssl.c b/test/test_ssl.c
index 005c78e..2775a2f 100644
--- a/test/test_ssl.c
+++ b/test/test_ssl.c
@@ -442,9 +442,9 @@
},
};
-static void test_sectrans_DER_decoding(CuTest *tc)
+static void test_macosxssl_DER_decoding(CuTest *tc)
{
-#ifdef SERF_HAVE_SECURETRANSPORT
+#ifdef SERF_HAVE_MACOSXSSL
serf_bucket_t *filebkt;
apr_file_t *fp;
char buf[16384];
@@ -483,9 +483,9 @@
status = load_CA_cert_from_buffer(&cert, pemdata, pemlen, test_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
- status = serf__sectrans_read_X509_DER_certificate(&actual,
- cert->impl_cert,
- test_pool);
+ status = serf__macosxssl_read_X509_DER_certificate(&actual,
+ cert->impl_cert,
+ test_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
validate_cert(tc, &thiscert, actual);
@@ -522,7 +522,7 @@
CuSuite *test_ssl(void)
{
CuSuite *suite = CuSuiteNew();
- CuSuite *openssl_suite, *sectransssl_suite;
+ CuSuite *openssl_suite, *macosxssl_suite;
CuSuiteSetSetupTeardownCallbacks(suite, test_setup, test_teardown);
@@ -539,26 +539,26 @@
SUITE_ADD_TEST(openssl_suite, test_ssl_cert_certificate);
SUITE_ADD_TEST(openssl_suite, test_ssl_load_CA_cert_from_file);
SUITE_ADD_TEST(openssl_suite, test_ssl_cert_export);
- SUITE_ADD_TEST(openssl_suite, test_sectrans_DER_decoding);
+ SUITE_ADD_TEST(openssl_suite, test_macosxssl_DER_decoding);
CuSuiteAddSuite(suite, openssl_suite);
#endif
-#ifdef SERF_HAVE_SECURETRANSPORT
- sectransssl_suite = CuSuiteNew();
+#ifdef SERF_HAVE_MACOSXSSL
+ macosxssl_suite = CuSuiteNew();
- CuSuiteSetSetupTeardownCallbacks(sectransssl_suite, test_sectransssl_setup,
- test_sectransssl_teardown);
+ CuSuiteSetSetupTeardownCallbacks(macosxssl_suite, test_macosxssl_setup,
+ test_macosxssl_teardown);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_init);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_load_cert_file);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_cert_subject);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_cert_issuer);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_cert_certificate);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_load_CA_cert_from_file);
- SUITE_ADD_TEST(sectransssl_suite, test_ssl_cert_export);
- SUITE_ADD_TEST(sectransssl_suite, test_sectrans_DER_decoding);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_init);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_load_cert_file);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_cert_subject);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_cert_issuer);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_cert_certificate);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_load_CA_cert_from_file);
+ SUITE_ADD_TEST(macosxssl_suite, test_ssl_cert_export);
+ SUITE_ADD_TEST(macosxssl_suite, test_macosxssl_DER_decoding);
- CuSuiteAddSuite(suite, sectransssl_suite);
+ CuSuiteAddSuite(suite, macosxssl_suite);
#endif
SUITE_ADD_TEST(suite, test_ssl_no_implementations);
diff --git a/test/test_util.c b/test/test_util.c
index 9423714..ff37fe2 100644
--- a/test/test_util.c
+++ b/test/test_util.c
@@ -392,14 +392,14 @@
return test_teardown(baton);
}
-void *test_sectransssl_setup(void *dummy)
+void *test_macosxssl_setup(void *dummy)
{
serf_config_disable_bucket_impls(SERF_IMPL_SSL_ALL);
- serf_config_enable_bucket_impls(SERF_IMPL_SSL_SECTRANS);
+ serf_config_enable_bucket_impls(SERF_IMPL_SSL_MACOSXSSL);
return test_setup(dummy);
}
-void *test_sectransssl_teardown(void *baton)
+void *test_macosxssl_teardown(void *baton)
{
serf_config_enable_bucket_impls(SERF_IMPL_SSL_ALL);
return test_teardown(baton);
