| ︙ | | |
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
-
|
* Side effects:
* Closes the socket of the channel.
*
*-------------------------------------------------------------------
*/
static int TlsCloseProc(ClientData instanceData, Tcl_Interp *interp) {
State *statePtr = (State *) instanceData;
(void *) interp;
|
| ︙ | | |
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
|
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
|
-
+
-
+
-
+
-
+
|
} else if (backingError == 0 && err == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
if (*errorCodePtr == ECONNRESET) {
*errorCodePtr = ECONNABORTED;
}
Tls_Error(statePtr, Tcl_ErrnoMsg(Tcl_GetErrno()));
Tls_Error(statePtr, (char *) Tcl_ErrnoMsg(Tcl_GetErrno()));
} else {
dprintf("I/O error occurred (backingError = %lu)", backingError);
*errorCodePtr = backingError;
if (*errorCodePtr == ECONNRESET) {
*errorCodePtr = ECONNABORTED;
}
Tls_Error(statePtr, ERR_reason_error_string(backingError));
Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError));
}
statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED;
return(-1);
case SSL_ERROR_SSL:
/* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
dprintf("SSL_ERROR_SSL: Got permanent fatal SSL error, aborting immediately");
if (backingError != 0) {
Tls_Error(statePtr, ERR_reason_error_string(backingError));
Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError));
}
if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) {
Tls_Error(statePtr, X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl)));
Tls_Error(statePtr, (char *) X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl)));
}
statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED;
*errorCodePtr = ECONNABORTED;
return(-1);
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
|
| ︙ | | |
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
|
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
|
-
+
|
dprintBuffer(buf, bytesRead);
break;
case SSL_ERROR_SSL:
/* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
dprintf("SSL error, indicating that the connection has been aborted");
if (backingError != 0) {
Tls_Error(statePtr, ERR_reason_error_string(backingError));
Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError));
}
*errorCodePtr = ECONNABORTED;
bytesRead = -1;
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
/* Unexpected EOF from the peer for OpenSSL 3.0+ */
if (ERR_GET_REASON(backingError) == SSL_R_UNEXPECTED_EOF_WHILE_READING) {
|
| ︙ | | |
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
|
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
|
-
+
-
+
|
bytesRead = 0;
Tls_Error(statePtr, "EOF reached");
} else if (backingError == 0 && bytesRead == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
bytesRead = -1;
Tls_Error(statePtr, Tcl_ErrnoMsg(Tcl_GetErrno()));
Tls_Error(statePtr, (char *) Tcl_ErrnoMsg(Tcl_GetErrno()));
} else {
dprintf("I/O error occurred (backingError = %lu)", backingError);
*errorCodePtr = backingError;
bytesRead = -1;
Tls_Error(statePtr, ERR_reason_error_string(backingError));
Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError));
}
break;
case SSL_ERROR_ZERO_RETURN:
dprintf("Got SSL_ERROR_ZERO_RETURN, this means an EOF has been reached");
bytesRead = 0;
*errorCodePtr = 0;
|
| ︙ | | |
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
|
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
|
-
+
-
+
-
+
|
written = 0;
Tls_Error(statePtr, "EOF reached");
} else if (backingError == 0 && written == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
written = -1;
Tls_Error(statePtr, Tcl_ErrnoMsg(Tcl_GetErrno()));
Tls_Error(statePtr, (char *) Tcl_ErrnoMsg(Tcl_GetErrno()));
} else {
dprintf("I/O error occurred (backingError = %lu)", backingError);
*errorCodePtr = backingError;
written = -1;
Tls_Error(statePtr, ERR_reason_error_string(backingError));
Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError));
}
break;
case SSL_ERROR_SSL:
/* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
dprintf("SSL error, indicating that the connection has been aborted");
if (backingError != 0) {
Tls_Error(statePtr, ERR_reason_error_string(backingError));
Tls_Error(statePtr, (char *) ERR_reason_error_string(backingError));
}
*errorCodePtr = ECONNABORTED;
written = -1;
break;
default:
dprintf("unknown error: %d", err);
|
| ︙ | | |
940
941
942
943
944
945
946
947
948
949
|
939
940
941
942
943
944
945
946
947
948
|
-
+
|
NULL, /* Flush proc */
TlsNotifyProc, /* Handling of events bubbling up */
NULL, /* Wide seek proc */
NULL, /* Thread action */
NULL /* Truncate */
};
Tcl_ChannelType *Tls_ChannelType(void) {
const Tcl_ChannelType *Tls_ChannelType(void) {
return &tlsChannelType;
}
|