AppleTLS: Set error state when handshake fails...

+ some minor formatting issues.

src/AppleTLSSession.cc

@@ -276,6 +276,7 @@ static inline std::string suiteToString(const SSLCipherSuite suite)
       return s.name;
     }
   }
+
   std::stringstream ss;
   ss << "Unknown suite (0x" << std::hex << suite
      << ") like TLS_NULL_WITH_NULL_NULL";
@@ -298,6 +299,7 @@ static inline bool isBlockedSuite(SSLCipherSuite suite)
       return true;
     }
   }
+
   return false;
 }
 
@@ -357,10 +359,12 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
 #else
   lastError_ = SSLNewContext(ctx->getSide() == TLS_SERVER, &sslCtx_);
 #endif
+
   if (lastError_ != noErr) {
     state_ = st_error;
     return;
   }
+
 #if defined(__MAC_10_8)
   switch (ctx->getMinTLSVersion()) {
   case TLS_PROTO_SSL3:
@@ -442,12 +446,14 @@ AppleTLSSession::AppleTLSSession(AppleTLSContext* ctx)
     state_ = st_error;
     return;
   }
+
   CFArrayRef certs = CFArrayCreate(nullptr, (const void**)&creds, 1, nullptr);
   if (!certs) {
     A2_LOG_ERROR("AppleTLS: Failed to setup credentials");
     state_ = st_error;
     return;
   }
+
   std::unique_ptr<void, decltype(&CFRelease)> del_certs((void*)certs,
                                                         CFRelease);
   lastError_ = SSLSetCertificate(sslCtx_, certs);
@@ -489,17 +495,20 @@ int AppleTLSSession::init(sock_t sockfd)
     lastError_ = noErr;
     return TLS_ERR_ERROR;
   }
+
+  sockfd_ = sockfd;
   lastError_ = SSLSetIOFuncs(sslCtx_, SocketRead, SocketWrite);
   if (lastError_ != noErr) {
     state_ = st_error;
     return TLS_ERR_ERROR;
   }
+
   lastError_ = SSLSetConnection(sslCtx_, this);
   if (lastError_ != noErr) {
     state_ = st_error;
     return TLS_ERR_ERROR;
   }
-  sockfd_ = sockfd;
+
   state_ = st_initialized;
   return TLS_ERR_OK;
 }
@@ -510,6 +519,7 @@ int AppleTLSSession::setSNIHostname(const std::string& hostname)
     lastError_ = noErr;
     return TLS_ERR_ERROR;
   }
+
   lastError_ =
       SSLSetPeerDomainName(sslCtx_, hostname.c_str(), hostname.length());
   return (lastError_ != noErr) ? TLS_ERR_ERROR : TLS_ERR_OK;
@@ -521,6 +531,7 @@ int AppleTLSSession::closeConnection()
     lastError_ = noErr;
     return TLS_ERR_ERROR;
   }
+
   lastError_ = SSLClose(sslCtx_);
   state_ = st_closed;
   return lastError_ == noErr ? TLS_ERR_OK : TLS_ERR_ERROR;
@@ -552,6 +563,7 @@ ssize_t AppleTLSSession::writeData(const void* data, size_t len)
     lastError_ = noErr;
     return TLS_ERR_ERROR;
   }
+
   size_t processed = 0;
   if (writeBuffered_) {
     lastError_ = SSLWrite(sslCtx_, nullptr, 0, &processed);
@@ -596,6 +608,7 @@ ssize_t AppleTLSSession::writeData(const void* data, size_t len)
     return TLS_ERR_ERROR;
   }
 }
+
 OSStatus AppleTLSSession::sockWrite(const void* data, size_t* len)
 {
   size_t remain = *len;
@@ -618,12 +631,14 @@ OSStatus AppleTLSSession::sockWrite(const void* data, size_t* len)
   }
   return noErr;
 }
+
 ssize_t AppleTLSSession::readData(void* data, size_t len)
 {
   if (state_ != st_connected) {
     lastError_ = noErr;
     return TLS_ERR_ERROR;
   }
+
   size_t processed = 0;
   lastError_ = SSLRead(sslCtx_, data, len, &processed);
   switch (lastError_) {
@@ -686,6 +701,7 @@ int AppleTLSSession::tlsConnect(const std::string& hostname,
   if (state_ != st_initialized) {
     return TLS_ERR_ERROR;
   }
+
   if (!hostname.empty()) {
     setSNIHostname(hostname);
   }
@@ -702,8 +718,10 @@ int AppleTLSSession::tlsConnect(const std::string& hostname,
 
   default:
     handshakeErr = getLastErrorString();
+    state_ = st_error;
     return TLS_ERR_ERROR;
   }
+
   state_ = st_connected;
 
   SSLProtocol proto = kSSLProtocolUnknown;
@@ -798,4 +816,5 @@ std::string AppleTLSSession::getLastErrorString()
     return fmt("Unspecified error %ld", (long)lastError_);
   }
 }
+
 } // namespace aria2