[or-cvs] Apparently, ASN1 failures are not treated as SSL connection...
Nick Mathewson
nickm at seul.org
Sat Apr 23 20:35:40 UTC 2005
Update of /home/or/cvsroot/tor/src/common
In directory moria.mit.edu:/tmp/cvs-serv16892/src/common
Modified Files:
tortls.c
Log Message:
Apparently, ASN1 failures are not treated as SSL connection errors, but are just general OpenSSL errors. Or something. Anyway, bulletproof tor_tls_handshake.
Index: tortls.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/common/tortls.c,v
retrieving revision 1.92
retrieving revision 1.93
diff -u -d -r1.92 -r1.93
--- tortls.c 23 Apr 2005 14:34:41 -0000 1.92
+++ tortls.c 23 Apr 2005 20:35:38 -0000 1.93
@@ -528,12 +528,17 @@
tor_assert(tls);
tor_assert(tls->ssl);
tor_assert(tls->state == TOR_TLS_ST_HANDSHAKE);
+ check_no_tls_errors();
if (tls->isServer) {
r = SSL_accept(tls->ssl);
} else {
r = SSL_connect(tls->ssl);
}
r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO);
+ if (ERR_peek_error() != 0) {
+ tls_log_errors(LOG_WARN, "handshaking");
+ return TOR_TLS_ERROR;
+ }
if (r == TOR_TLS_DONE) {
tls->state = TOR_TLS_ST_OPEN;
}
More information about the tor-commits
mailing list