Pile of fix for h2 (#305)

Author: marty1885

trantor/net/inner/TcpConnectionImpl.cc

@@ -1298,7 +1298,8 @@ void TcpConnectionImpl::startEncryption(
         return;
     }
     auto sslContextPtr = newSSLContext(*policy, isServer);
-    tlsProviderPtr_ = newTLSProvider(this, policy, sslContextPtr);
+    tlsProviderPtr_ =
+        newTLSProvider(this, std::move(policy), std::move(sslContextPtr));
     tlsProviderPtr_->setWriteCallback(onSslWrite);
     tlsProviderPtr_->setErrorCallback(onSslError);
     tlsProviderPtr_->setHandshakeCallback(onHandshakeFinished);
@@ -1311,9 +1312,9 @@ void TcpConnectionImpl::startEncryption(
 
 void TcpConnectionImpl::onSslError(TcpConnection *self, SSLError err)
 {
-    self->forceClose();
     if (self->sslErrorCallback_)
         self->sslErrorCallback_(err);
+    self->forceClose();
 }
 void TcpConnectionImpl::onHandshakeFinished(TcpConnection *self)
 {

trantor/net/inner/tlsprovider/BotanTLSProvider.cc

@@ -32,6 +32,19 @@ static std::once_flag systemCertStoreInitFlag;
 
 using namespace trantor;
 
+static std::string join(const std::vector<std::string> &vec,
+                        const std::string &delim)
+{
+    std::string ret;
+    for (auto const &str : vec)
+    {
+        if (ret.empty() == false)
+            ret += delim;
+        ret += str;
+    }
+    return ret;
+}
+
 class Credentials : public Botan::Credentials_Manager
 {
   public:
@@ -328,6 +341,28 @@ struct BotanTLSProvider : public TLSProvider,
             messageCallback_(conn_, &recvBuffer_);
     }
 
+    std::string tls_server_choose_app_protocol(
+        const std::vector<std::string> &client_protos) override
+    {
+        assert(contextPtr_->isServer);
+        if (policyPtr_->getAlpnProtocols().empty() || client_protos.empty())
+            return "";
+
+        for (auto const &proto : client_protos)
+        {
+            if (std::find(policyPtr_->getAlpnProtocols().begin(),
+                          policyPtr_->getAlpnProtocols().end(),
+                          proto) != policyPtr_->getAlpnProtocols().end())
+                return proto;
+        }
+
+        throw Botan::TLS::TLS_Exception(
+            Botan::TLS::Alert::NoApplicationProtocol,
+            "No supported application protocol found. Client offered: " +
+                join(client_protos, ", ") + " but we support: " +
+                join(policyPtr_->getAlpnProtocols(), ", "));
+    }
+
     void tls_alert(Botan::TLS::Alert alert) override
     {
         if (alert.type() == Botan::TLS::Alert::CloseNotify)

trantor/utils/crypto/botan.cc

@@ -1,6 +1,8 @@
 #include <botan/hash.h>
 #include <trantor/utils/Utilities.h>
 
+#include <cassert>
+
 namespace trantor
 {
 namespace utils
@@ -36,6 +38,7 @@ Hash256 sha3(const void* data, size_t len)
 {
     Hash256 hash;
     auto sha3 = Botan::HashFunction::create("SHA-3(256)");
+    assert(sha3 != nullptr);
     sha3->update((const unsigned char*)data, len);
     sha3->final((unsigned char*)&hash);
     return hash;
@@ -45,6 +48,7 @@ Hash256 blake2b(const void* data, size_t len)
 {
     Hash256 hash;
     auto blake2b = Botan::HashFunction::create("BLAKE2b(256)");
+    assert(blake2b != nullptr);
     blake2b->update((const unsigned char*)data, len);
     blake2b->final((unsigned char*)&hash);
     return hash;