mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-20 18:22:09 +01:00
Code Issues Projects Releases Wiki Activity

Fix TLS error logging

Browse Source 
svn:r458
This commit is contained in:
Nick Mathewson 2003-09-15 18:37:49 +00:00
parent 408bff4a23
commit 633a5ffc0b
1 changed files with 19 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/common/tortls.c
View File

@ -44,20 +44,22 @@ static int tls_library_is_initialized = 0;
/* These functions are declared in crypto.c but not exported. */ /* These functions are declared in crypto.c but not exported. */
EVP_PKEY *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env); EVP_PKEY *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env);
crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa); crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa);
char *crypto_perror();
static void static void
tls_log_error(int severity, char *doing) tls_log_error(int severity, const char *doing, int err)
{ {
const char *msg = (const char*)ERR_reason_error_string(err);
if (!err) msg = "(null)";
if (doing) { if (doing) {
log(severity, "TLS error while %s: %s", doing, crypto_perror()); log(severity, "TLS error while %s: %s", doing, msg);
} else { } else {
log(severity, "TLS error: %s",crypto_perror()); log(severity, "TLS error: %s", msg);
} }
} }
static int static int
tor_tls_get_error(tor_tls *tls, int r, int extra) tor_tls_get_error(tor_tls *tls, int r, int extra,
const char *doing, int severity)
{ {
int err = SSL_get_error(tls->ssl, r); int err = SSL_get_error(tls->ssl, r);
switch (err) { switch (err) {
@ -68,10 +70,15 @@ tor_tls_get_error(tor_tls *tls, int r, int extra)
case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_WRITE:
return TOR_TLS_WANTWRITE; return TOR_TLS_WANTWRITE;
case SSL_ERROR_SYSCALL: case SSL_ERROR_SYSCALL:
/* This is oververbose XXX */
tls_log_error(severity, doing, err);
return extra ? _TOR_TLS_SYSCALL : TOR_TLS_ERROR; return extra ? _TOR_TLS_SYSCALL : TOR_TLS_ERROR;
case SSL_ERROR_ZERO_RETURN: case SSL_ERROR_ZERO_RETURN:
/* This is oververbose XXX */
tls_log_error(severity, doing, err);
return extra ? _TOR_TLS_ZERORETURN : TOR_TLS_ERROR; return extra ? _TOR_TLS_ZERORETURN : TOR_TLS_ERROR;
default: default:
tls_log_error(severity, doing, err);
return TOR_TLS_ERROR; return TOR_TLS_ERROR;
} }
} }
@ -80,6 +87,7 @@ static void
tor_tls_init() { tor_tls_init() {
if (!tls_library_is_initialized) { if (!tls_library_is_initialized) {
SSL_library_init(); SSL_library_init();
crypto_global_init();
tls_library_is_initialized = 1; tls_library_is_initialized = 1;
} }
} }
@ -289,16 +297,15 @@ tor_tls_read(tor_tls *tls, char *cp, int len)
r = SSL_read(tls->ssl, cp, len); r = SSL_read(tls->ssl, cp, len);
if (r > 0) if (r > 0)
return r; return r;
err = tor_tls_get_error(tls, r, 1); err = tor_tls_get_error(tls, r, 1, "reading", LOG_ERR);
if (err == _TOR_TLS_SYSCALL) { if (err == _TOR_TLS_SYSCALL) {
tls_log_error(LOG_ERR, "reading"); log(LOG_ERR, "TLS error while reading: syscall error");
return TOR_TLS_ERROR; return TOR_TLS_ERROR;
} else if (err == _TOR_TLS_ZERORETURN) { } else if (err == _TOR_TLS_ZERORETURN) {
tls->state = TOR_TLS_ST_CLOSED; tls->state = TOR_TLS_ST_CLOSED;
return TOR_TLS_CLOSE; return TOR_TLS_CLOSE;
} else { } else {
assert(err != TOR_TLS_DONE); assert(err != TOR_TLS_DONE);
tls_log_error(LOG_ERR, "reading");
return err; return err;
} }
} }
@ -317,13 +324,11 @@ tor_tls_write(tor_tls *tls, char *cp, int n)
if (n == 0) if (n == 0)
return 0; return 0;
r = SSL_write(tls->ssl, cp, n); r = SSL_write(tls->ssl, cp, n);
err = tor_tls_get_error(tls, r, 1); err = tor_tls_get_error(tls, r, 1, "writing", LOG_ERR);
assert(err != _TOR_TLS_ZERORETURN); assert(err != _TOR_TLS_ZERORETURN);
if (err == TOR_TLS_DONE) { if (err == TOR_TLS_DONE) {
return r; return r;
} else { } else {
if (err != TOR_TLS_WANTREAD && err != TOR_TLS_WANTWRITE)
tls_log_error(LOG_ERR, "writing");
return err; return err;
} }
} }
@ -343,11 +348,9 @@ tor_tls_handshake(tor_tls *tls)
} else { } else {
r = SSL_connect(tls->ssl); r = SSL_connect(tls->ssl);
} }
r = tor_tls_get_error(tls,r,0); r = tor_tls_get_error(tls,r,0, "handshaking", LOG_ERR);
if (r == TOR_TLS_DONE) { if (r == TOR_TLS_DONE) {
tls->state = TOR_TLS_ST_OPEN; tls->state = TOR_TLS_ST_OPEN;
} else if (r != TOR_TLS_WANTREAD && r != TOR_TLS_WANTWRITE) {
tls_log_error(LOG_ERR, "handshaking");
} }
return r; return r;
} }
@ -371,15 +374,13 @@ tor_tls_shutdown(tor_tls *tls)
do { do {
r = SSL_read(tls->ssl, buf, 128); r = SSL_read(tls->ssl, buf, 128);
} while (r>0); } while (r>0);
err = tor_tls_get_error(tls, r, 1); err = tor_tls_get_error(tls, r, 1, "reading to shut down", LOG_ERR);
if (err == _TOR_TLS_ZERORETURN) { if (err == _TOR_TLS_ZERORETURN) {
tls->state = TOR_TLS_ST_GOTCLOSE; tls->state = TOR_TLS_ST_GOTCLOSE;
/* fall through... */ /* fall through... */
} else { } else {
if (err == _TOR_TLS_SYSCALL) if (err == _TOR_TLS_SYSCALL)
err = TOR_TLS_ERROR; err = TOR_TLS_ERROR;
if (err != TOR_TLS_WANTREAD && err != TOR_TLS_WANTWRITE)
tls_log_error(LOG_ERR, "shutting down");
return err; return err;
} }
} }
@ -390,7 +391,7 @@ tor_tls_shutdown(tor_tls *tls)
tls->state = TOR_TLS_ST_CLOSED; tls->state = TOR_TLS_ST_CLOSED;
return TOR_TLS_DONE; return TOR_TLS_DONE;
} }
err = tor_tls_get_error(tls, r, 1); err = tor_tls_get_error(tls, r, 1, "shutting down", LOG_ERR);
if (err == _TOR_TLS_SYSCALL) { if (err == _TOR_TLS_SYSCALL) {
/* The underlying TCP connection closed while we were shutting down. */ /* The underlying TCP connection closed while we were shutting down. */
tls->state = TOR_TLS_ST_CLOSED; tls->state = TOR_TLS_ST_CLOSED;
@ -410,8 +411,6 @@ tor_tls_shutdown(tor_tls *tls)
tls->state = TOR_TLS_ST_SENTCLOSE; tls->state = TOR_TLS_ST_SENTCLOSE;
/* fall through ... */ /* fall through ... */
} else { } else {
if (err != TOR_TLS_WANTREAD && err != TOR_TLS_WANTWRITE)
tls_log_error(LOG_ERR, "shutting down");
return err; return err;
} }
} /* end loop */ } /* end loop */