Overview
| Comment: | Fix Tls_Error() signature |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | bohagan |
| Files: | files | file ages | folders |
| SHA3-256: |
bc6ff744494d3b41a546157bee80d7a5 |
| User & Date: | jan.nijtmans on 2024-05-28 15:08:03 |
| Other Links: | branch diff | manifest | tags |
Context
|
2024-05-28
| ||
| 15:08 | Fix Tls_Error() signature Leaf check-in: bc6ff74449 user: jan.nijtmans tags: bohagan | |
| 15:00 | Fix Tls_Error() signature check-in: 53b28536f9 user: jan.nijtmans tags: nijtmans | |
| 14:45 | merge check-in: f6811a4dc1 user: jan.nijtmans tags: bohagan | |
Changes
Modified generic/tls.c from [3dad396c4f] to [6655a24c69].
| ︙ | ︙ | |||
417 418 419 420 421 422 423 | * Side effects: * The err field of the currently operative State is set * to a string describing the SSL negotiation failure reason * *------------------------------------------------------------------- */ void | | | 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 |
* Side effects:
* The err field of the currently operative State is set
* to a string describing the SSL negotiation failure reason
*
*-------------------------------------------------------------------
*/
void
Tls_Error(State *statePtr, const char *msg) {
Tcl_Interp *interp = statePtr->interp;
Tcl_Obj *cmdPtr, *listPtr;
unsigned long err;
statePtr->err = msg;
dprintf("Called");
|
| ︙ | ︙ |
Modified generic/tlsIO.c from [7afd4f24f1] to [8b14832fee].
| ︙ | ︙ | |||
236 237 238 239 240 241 242 |
} else if (backingError == 0 && err == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
if (*errorCodePtr == ECONNRESET) {
*errorCodePtr = ECONNABORTED;
}
| | | | | | 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 |
} else if (backingError == 0 && err == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
if (*errorCodePtr == ECONNRESET) {
*errorCodePtr = ECONNABORTED;
}
Tls_Error(statePtr, Tcl_ErrnoMsg(*errorCodePtr));
} else {
dprintf("I/O error occurred (backingError = %lu)", backingError);
*errorCodePtr = Tcl_GetErrno();
if (*errorCodePtr == ECONNRESET) {
*errorCodePtr = ECONNABORTED;
}
Tls_Error(statePtr, ERR_reason_error_string(backingError));
}
statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED;
return -1;
case SSL_ERROR_SSL:
/* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
dprintf("SSL_ERROR_SSL: Got permanent fatal SSL error, aborting immediately");
if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) {
Tls_Error(statePtr, X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl)));
}
if (backingError != 0) {
Tls_Error(statePtr, ERR_reason_error_string(backingError));
}
statePtr->flags |= TLS_TCL_HANDSHAKE_FAILED;
*errorCodePtr = ECONNABORTED;
return -1;
default:
/* The operation did not complete and should be retried later. */
dprintf("Operation did not complete, call function again later: %i", rc);
|
| ︙ | ︙ | |||
371 372 373 374 375 376 377 |
dprintBuffer(buf, bytesRead);
break;
case SSL_ERROR_SSL:
/* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
dprintf("SSL error, indicating that the connection has been aborted");
if (backingError != 0) {
| | | | 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 |
dprintBuffer(buf, bytesRead);
break;
case SSL_ERROR_SSL:
/* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
dprintf("SSL error, indicating that the connection has been aborted");
if (backingError != 0) {
Tls_Error(statePtr, ERR_reason_error_string(backingError));
} else if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) {
Tls_Error(statePtr, X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl)));
} else {
Tls_Error(statePtr, "Unknown SSL error");
}
*errorCodePtr = ECONNABORTED;
bytesRead = -1;
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
|
| ︙ | ︙ | |||
405 406 407 408 409 410 411 |
bytesRead = 0;
Tls_Error(statePtr, "EOF reached");
} else if (backingError == 0 && bytesRead == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
bytesRead = -1;
| | | | 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 |
bytesRead = 0;
Tls_Error(statePtr, "EOF reached");
} else if (backingError == 0 && bytesRead == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
bytesRead = -1;
Tls_Error(statePtr, Tcl_ErrnoMsg(*errorCodePtr));
} else {
dprintf("I/O error occurred (backingError = %lu)", backingError);
*errorCodePtr = Tcl_GetErrno();
bytesRead = -1;
Tls_Error(statePtr, ERR_reason_error_string(backingError));
}
break;
case SSL_ERROR_ZERO_RETURN:
dprintf("Got SSL_ERROR_ZERO_RETURN, this means an EOF has been reached");
bytesRead = 0;
*errorCodePtr = 0;
|
| ︙ | ︙ | |||
578 579 580 581 582 583 584 |
written = 0;
Tls_Error(statePtr, "EOF reached");
} else if (backingError == 0 && written == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
written = -1;
| | | | | | 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 |
written = 0;
Tls_Error(statePtr, "EOF reached");
} else if (backingError == 0 && written == -1) {
dprintf("I/O error occurred (errno = %lu)", (unsigned long) Tcl_GetErrno());
*errorCodePtr = Tcl_GetErrno();
written = -1;
Tls_Error(statePtr, Tcl_ErrnoMsg(*errorCodePtr));
} else {
dprintf("I/O error occurred (backingError = %lu)", backingError);
*errorCodePtr = Tcl_GetErrno();
written = -1;
Tls_Error(statePtr, ERR_reason_error_string(backingError));
}
break;
case SSL_ERROR_SSL:
/* A non-recoverable, fatal error in the SSL library occurred, usually a protocol error */
dprintf("SSL error, indicating that the connection has been aborted");
if (backingError != 0) {
Tls_Error(statePtr, ERR_reason_error_string(backingError));
} else if (SSL_get_verify_result(statePtr->ssl) != X509_V_OK) {
Tls_Error(statePtr, X509_verify_cert_error_string(SSL_get_verify_result(statePtr->ssl)));
} else {
Tls_Error(statePtr, "Unknown SSL error");
}
*errorCodePtr = ECONNABORTED;
written = -1;
break;
|
| ︙ | ︙ |
Modified generic/tlsInt.h from [bdd63383e2] to [fde818022b].
| ︙ | ︙ | |||
201 202 203 204 205 206 207 | * Forward declarations */ const Tcl_ChannelType *Tls_ChannelType(void); Tcl_Channel Tls_GetParent(State *statePtr, int maskFlags); Tcl_Obj *Tls_NewX509Obj(Tcl_Interp *interp, X509 *cert); Tcl_Obj *Tls_NewCAObj(Tcl_Interp *interp, const SSL *ssl, int peer); | | | 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 | * Forward declarations */ const Tcl_ChannelType *Tls_ChannelType(void); Tcl_Channel Tls_GetParent(State *statePtr, int maskFlags); Tcl_Obj *Tls_NewX509Obj(Tcl_Interp *interp, X509 *cert); Tcl_Obj *Tls_NewCAObj(Tcl_Interp *interp, const SSL *ssl, int peer); void Tls_Error(State *statePtr, const char *msg); #if TCL_MAJOR_VERSION > 8 void Tls_Free(void *blockPtr); #else void Tls_Free(char *blockPtr); #endif void Tls_Clean(State *statePtr); int Tls_WaitForConnect(State *statePtr, int *errorCodePtr, int handshakeFailureIsPermanent); |
| ︙ | ︙ |