static void
_bson_append_cftyperef (bson_string_t *retval, const char *label, CFTypeRef str)
{
char *cs;
if (str) {
cs = _mongoc_cfstringref_to_cstring (str);
if (cs) {
bson_string_append_printf (retval, "%s%s", label, cs);
bson_free (cs);
} else {
bson_string_append_printf (retval, "%s(null)", label);
}
}
}
bool
mongoc_stream_tls_secure_transport_handshake (mongoc_stream_t *stream,
const char *host,
int *events,
bson_error_t *error)
{
OSStatus ret = 0;
CFStringRef err;
char *err_str;
mongoc_stream_tls_t *tls = (mongoc_stream_tls_t *) stream;
mongoc_stream_tls_secure_transport_t *secure_transport =
(mongoc_stream_tls_secure_transport_t *) tls->ctx;
ENTRY;
BSON_ASSERT (secure_transport);
ret = SSLHandshake (secure_transport->ssl_ctx_ref);
/* Weak certificate validation requested, eg: none */
if (ret == errSSLServerAuthCompleted) {
ret = errSSLWouldBlock;
}
if (ret == noErr) {
RETURN (true);
}
if (ret == errSSLWouldBlock) {
*events = POLLIN | POLLOUT;
} else {
*events = 0;
err = SecCopyErrorMessageString (ret, NULL);
err_str = _mongoc_cfstringref_to_cstring (err);
bson_set_error (error,
MONGOC_ERROR_STREAM,
MONGOC_ERROR_STREAM_SOCKET,
"TLS handshake failed: %s (%d)",
err_str,
ret);
bson_free (err_str);
CFRelease (err);
}
RETURN (false);
}
