Resolve XXXXs in tortls.c

svn:r443
This commit is contained in:
Nick Mathewson 2003-09-11 21:38:57 +00:00
parent f5b4ef1fa2
commit 529d3bc56f

View File

@ -10,6 +10,7 @@
#include "./crypto.h" #include "./crypto.h"
#include "./tortls.h" #include "./tortls.h"
#include "./util.h" #include "./util.h"
#include "./log.h"
#include <assert.h> #include <assert.h>
#include <openssl/ssl.h> #include <openssl/ssl.h>
@ -271,7 +272,7 @@ tor_tls_read(tor_tls *tls, char *cp, int len)
tls->state = TOR_TLS_ST_CLOSED; tls->state = TOR_TLS_ST_CLOSED;
return TOR_TLS_CLOSE; return TOR_TLS_CLOSE;
} else { } else {
/* XXXX Make sure it's not TOR_TLS_DONE. */ assert(err != TOR_TLS_DONE);
return err; return err;
} }
} }
@ -287,12 +288,12 @@ tor_tls_write(tor_tls *tls, char *cp, int n)
int r, err; int r, err;
assert(tls && tls->ssl); assert(tls && tls->ssl);
assert(tls->state == TOR_TLS_ST_OPEN); assert(tls->state == TOR_TLS_ST_OPEN);
if (n == 0)
return 0;
r = SSL_write(tls->ssl, cp, n); r = SSL_write(tls->ssl, cp, n);
err = tor_tls_get_error(tls, r, 1); err = tor_tls_get_error(tls, r, 1);
if (err == _TOR_TLS_ZERORETURN) { assert(err != _TOR_TLS_ZERORETURN);
/* should never happen XXXX */ if (err == TOR_TLS_DONE) {
return 0;
} else if (err == TOR_TLS_DONE) {
return r; return r;
} else { } else {
return err; return err;
@ -332,41 +333,54 @@ tor_tls_shutdown(tor_tls *tls)
char buf[128]; char buf[128];
assert(tls && tls->ssl); assert(tls && tls->ssl);
if (tls->state == TOR_TLS_ST_SENTCLOSE) { while (1) {
do { if (tls->state == TOR_TLS_ST_SENTCLOSE) {
r = SSL_read(tls->ssl, buf, 128); /* If we've already called shutdown once to send a close message,
} while (r>0); * we read until the other side has closed too.
*/
do {
r = SSL_read(tls->ssl, buf, 128);
} while (r>0);
err = tor_tls_get_error(tls, r, 1);
if (err == _TOR_TLS_ZERORETURN) {
tls->state = TOR_TLS_ST_GOTCLOSE;
/* fall through... */
} else {
if (err == _TOR_TLS_SYSCALL)
err = TOR_TLS_ERROR;
return err;
}
}
r = SSL_shutdown(tls->ssl);
if (r == 1) {
/* If shutdown returns 1, the connection is entirely closed. */
tls->state = TOR_TLS_ST_CLOSED;
return TOR_TLS_DONE;
}
err = tor_tls_get_error(tls, r, 1); err = tor_tls_get_error(tls, r, 1);
if (err == _TOR_TLS_ZERORETURN) { if (err == _TOR_TLS_SYSCALL) {
tls->state = TOR_TLS_ST_GOTCLOSE; /* The underlying TCP connection closed while we were shutting down. */
/* fall through */ tls->state = TOR_TLS_ST_CLOSED;
return TOR_TLS_DONE;
} else if (err == _TOR_TLS_ZERORETURN) {
/* The TLS connection says that it sent a shutdown record, but
* isn't done shutting down yet. Make sure that this hasn't
* happened before, then go back to the start of the function
* and try to read.
*/
if (tls->state == TOR_TLS_ST_GOTCLOSE ||
tls->state == TOR_TLS_ST_SENTCLOSE) {
log(LOG_ERR,
"TLS returned \"half-closed\" value while already half-closed");
return TOR_TLS_ERROR;
}
tls->state = TOR_TLS_ST_SENTCLOSE;
/* fall through ... */
} else { } else {
if (err == _TOR_TLS_SYSCALL)
err = TOR_TLS_ERROR;
return err; return err;
} }
} } /* end loop */
r = SSL_shutdown(tls->ssl);
if (r == 1) {
tls->state = TOR_TLS_ST_CLOSED;
return TOR_TLS_DONE;
}
err = tor_tls_get_error(tls, r, 1);
if (err == _TOR_TLS_SYSCALL)
return TOR_TLS_ST_CLOSED; /* XXXX is this right? */
else if (err == _TOR_TLS_ZERORETURN) {
if (tls->state == TOR_TLS_ST_GOTCLOSE ||
tls->state == TOR_TLS_ST_SENTCLOSE) {
/* XXXX log; unexpected. */
return TOR_TLS_ERROR;
}
tls->state = TOR_TLS_ST_SENTCLOSE;
return tor_tls_shutdown(tls);
} else {
/* XXXX log if not error. */
return err;
}
} }
/* Return true iff this TLS connection is authenticated. /* Return true iff this TLS connection is authenticated.