|
@@ -44,6 +44,17 @@ static int tls_library_is_initialized = 0;
|
|
|
/* These functions are declared in crypto.c but not exported. */
|
|
/* These functions are declared in crypto.c but not exported. */
|
|
|
EVP_PKEY *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env);
|
|
EVP_PKEY *_crypto_pk_env_get_evp_pkey(crypto_pk_env_t *env);
|
|
|
crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa);
|
|
crypto_pk_env_t *_crypto_new_pk_env_rsa(RSA *rsa);
|
|
|
|
|
+char *crypto_perror();
|
|
|
|
|
+
|
|
|
|
|
+static void
|
|
|
|
|
+tls_log_error(int severity, char *doing)
|
|
|
|
|
+{
|
|
|
|
|
+ if (doing) {
|
|
|
|
|
+ log(severity, "TLS error while %s: %s", doing, crypto_perror());
|
|
|
|
|
+ } else {
|
|
|
|
|
+ log(severity, "TLS error: %s",crypto_perror());
|
|
|
|
|
+ }
|
|
|
|
|
+}
|
|
|
|
|
|
|
|
static int
|
|
static int
|
|
|
tor_tls_get_error(tor_tls *tls, int r, int extra)
|
|
tor_tls_get_error(tor_tls *tls, int r, int extra)
|
|
@@ -279,13 +290,15 @@ tor_tls_read(tor_tls *tls, char *cp, int len)
|
|
|
if (r > 0)
|
|
if (r > 0)
|
|
|
return r;
|
|
return r;
|
|
|
err = tor_tls_get_error(tls, r, 1);
|
|
err = tor_tls_get_error(tls, r, 1);
|
|
|
- if (err == _TOR_TLS_SYSCALL)
|
|
|
|
|
|
|
+ if (err == _TOR_TLS_SYSCALL) {
|
|
|
|
|
+ tls_log_error(LOG_ERR, "reading");
|
|
|
return TOR_TLS_ERROR;
|
|
return TOR_TLS_ERROR;
|
|
|
- else if (err == _TOR_TLS_ZERORETURN) {
|
|
|
|
|
|
|
+ } else if (err == _TOR_TLS_ZERORETURN) {
|
|
|
tls->state = TOR_TLS_ST_CLOSED;
|
|
tls->state = TOR_TLS_ST_CLOSED;
|
|
|
return TOR_TLS_CLOSE;
|
|
return TOR_TLS_CLOSE;
|
|
|
} else {
|
|
} else {
|
|
|
assert(err != TOR_TLS_DONE);
|
|
assert(err != TOR_TLS_DONE);
|
|
|
|
|
+ tls_log_error(LOG_ERR, "reading");
|
|
|
return err;
|
|
return err;
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
@@ -309,6 +322,8 @@ tor_tls_write(tor_tls *tls, char *cp, int n)
|
|
|
if (err == TOR_TLS_DONE) {
|
|
if (err == TOR_TLS_DONE) {
|
|
|
return r;
|
|
return r;
|
|
|
} else {
|
|
} else {
|
|
|
|
|
+ if (err != TOR_TLS_WANTREAD && err != TOR_TLS_WANTWRITE)
|
|
|
|
|
+ tls_log_error(LOG_ERR, "writing");
|
|
|
return err;
|
|
return err;
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
@@ -331,6 +346,8 @@ tor_tls_handshake(tor_tls *tls)
|
|
|
r = tor_tls_get_error(tls,r,0);
|
|
r = tor_tls_get_error(tls,r,0);
|
|
|
if (r == TOR_TLS_DONE) {
|
|
if (r == TOR_TLS_DONE) {
|
|
|
tls->state = TOR_TLS_ST_OPEN;
|
|
tls->state = TOR_TLS_ST_OPEN;
|
|
|
|
|
+ } else if (r != TOR_TLS_WANTREAD && r != TOR_TLS_WANTWRITE) {
|
|
|
|
|
+ tls_log_error(LOG_ERR, "handshaking");
|
|
|
}
|
|
}
|
|
|
return r;
|
|
return r;
|
|
|
}
|
|
}
|
|
@@ -361,6 +378,8 @@ tor_tls_shutdown(tor_tls *tls)
|
|
|
} else {
|
|
} else {
|
|
|
if (err == _TOR_TLS_SYSCALL)
|
|
if (err == _TOR_TLS_SYSCALL)
|
|
|
err = TOR_TLS_ERROR;
|
|
err = TOR_TLS_ERROR;
|
|
|
|
|
+ if (err != TOR_TLS_WANTREAD && err != TOR_TLS_WANTWRITE)
|
|
|
|
|
+ tls_log_error(LOG_ERR, "shutting down");
|
|
|
return err;
|
|
return err;
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
@@ -391,6 +410,8 @@ tor_tls_shutdown(tor_tls *tls)
|
|
|
tls->state = TOR_TLS_ST_SENTCLOSE;
|
|
tls->state = TOR_TLS_ST_SENTCLOSE;
|
|
|
/* fall through ... */
|
|
/* fall through ... */
|
|
|
} else {
|
|
} else {
|
|
|
|
|
+ if (err != TOR_TLS_WANTREAD && err != TOR_TLS_WANTWRITE)
|
|
|
|
|
+ tls_log_error(LOG_ERR, "shutting down");
|
|
|
return err;
|
|
return err;
|
|
|
}
|
|
}
|
|
|
} /* end loop */
|
|
} /* end loop */
|
Nick Mathewson