ConnSSL_HandleError: Code cleanup, more documentation
This commit is contained in:
Alexander Barton
parent
4828bae8d3
commit
dd4c60cf39
|
|
@ -488,16 +488,23 @@ ConnSSL_PrepareConnect(CONNECTION *c, UNUSED CONF_SERVER *s)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/**
|
||||||
Check an Handle Error return code after failed calls to ssl/tls functions.
|
* Check and handle error return codes after failed calls to SSL/TLS functions.
|
||||||
OpenSSL:
|
*
|
||||||
SSL_connect(), SSL_accept(), SSL_do_handshake(), SSL_read(), SSL_peek(), or SSL_write() on ssl.
|
* OpenSSL:
|
||||||
GNUTLS:
|
* SSL_connect(), SSL_accept(), SSL_do_handshake(), SSL_read(), SSL_peek(), or
|
||||||
gnutlsssl_read(), gnutls_write() or gnutls_handshake().
|
* SSL_write() on ssl.
|
||||||
Return: -1 on fatal error, 0 if we can try again later.
|
*
|
||||||
|
* GNUTLS:
|
||||||
|
* gnutlsssl_read(), gnutls_write() or gnutls_handshake().
|
||||||
|
*
|
||||||
|
* @param c The connection handle.
|
||||||
|
* @prarm code The return code.
|
||||||
|
* @param fname The name of the function in which the error occurred.
|
||||||
|
* @return -1 on fatal errors, 0 if we can try again later.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
ConnSSL_HandleError( CONNECTION *c, const int code, const char *fname )
|
ConnSSL_HandleError(CONNECTION * c, const int code, const char *fname)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_LIBSSL
|
#ifdef HAVE_LIBSSL
|
||||||
int ret = SSL_ERROR_SYSCALL;
|
int ret = SSL_ERROR_SYSCALL;
|
||||||
|
|
@ -518,21 +525,22 @@ ConnSSL_HandleError( CONNECTION *c, const int code, const char *fname )
|
||||||
case SSL_ERROR_ZERO_RETURN:
|
case SSL_ERROR_ZERO_RETURN:
|
||||||
LogDebug("TLS/SSL connection shut down normally");
|
LogDebug("TLS/SSL connection shut down normally");
|
||||||
break;
|
break;
|
||||||
/*
|
|
||||||
SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT, SSL_ERROR_WANT_X509_LOOKUP
|
|
||||||
*/
|
|
||||||
case SSL_ERROR_SYSCALL:
|
case SSL_ERROR_SYSCALL:
|
||||||
|
/* SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT,
|
||||||
|
* and SSL_ERROR_WANT_X509_LOOKUP */
|
||||||
sslerr = ERR_get_error();
|
sslerr = ERR_get_error();
|
||||||
if (sslerr) {
|
if (sslerr) {
|
||||||
Log( LOG_ERR, "%s: %s", fname, ERR_error_string(sslerr, NULL ));
|
Log(LOG_ERR, "%s: %s", fname,
|
||||||
|
ERR_error_string(sslerr, NULL));
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
switch (code) { /* EOF that violated protocol */
|
switch (code) { /* EOF that violated protocol */
|
||||||
case 0:
|
case 0:
|
||||||
Log(LOG_ERR, "%s: Client Disconnected", fname );
|
Log(LOG_ERR, "%s: Client Disconnected", fname);
|
||||||
break;
|
break;
|
||||||
case -1: /* low level socket I/O error, check errno */
|
case -1: /* low level socket I/O error, check errno */
|
||||||
Log(LOG_ERR, "%s: %s", fname, strerror(real_errno));
|
Log(LOG_ERR, "%s: %s", fname,
|
||||||
|
strerror(real_errno));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
@ -540,7 +548,7 @@ ConnSSL_HandleError( CONNECTION *c, const int code, const char *fname )
|
||||||
LogOpenSSLError("TLS/SSL Protocol Error", fname);
|
LogOpenSSLError("TLS/SSL Protocol Error", fname);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
Log( LOG_ERR, "%s: Unknown error %d!", fname, ret);
|
Log(LOG_ERR, "%s: Unknown error %d!", fname, ret);
|
||||||
}
|
}
|
||||||
ConnSSL_Free(c);
|
ConnSSL_Free(c);
|
||||||
return -1;
|
return -1;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue