17 years ago · e2f25558b9
--- a/ChangeLog
+++ b/ChangeLog
@@ -72,6 +72,10 @@ Changes in version 0.2.0.20-?? - 2008-02-??
 
				     - Alter the code that tries to recover from unhandled write
			
 
				       errors, to not try to flush onto a socket that's given us
			
 
				       unhandled errors.  Bugfix on 0.1.2.x.
			
 
				+    - Report TLS "zero return" case as a "clean close" and "IO error"
			
 
				+      as a "close".  Stop calling closes "unexpected closes": existing
			
 
				+      Tors don't use SSL_close(), so having a connection close without
			
 
				+      the TLS shutdown handshake is hardly unexpected.
			
 
				 
			
 
				   o Code simplifications and refactoring:
			
 
				     - Remove the tor_strpartition function: its logic was confused,
			
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -282,12 +282,9 @@ tor_tls_get_error(tor_tls_t *tls, int r, int extra,
 
				     case SSL_ERROR_ZERO_RETURN:
			
 
				       if (extra&CATCH_ZERO)
			
 
				         return _TOR_TLS_ZERORETURN;
			
 
				-      log(severity, LD_NET, "TLS error: Zero return");
			
 
				+      log(severity, LD_NET, "TLS connection closed while %s", doing);
			
 
				       tls_log_errors(tls, severity, doing);
			
 
				-      /* XXXX020rc Actually, a 'zero return' error has a pretty specific
			
 
				-       * meaning: the connection has been closed cleanly. -NM
			
 
				-       * Great. Do something smart here then. :) -RD */
			
 
				-      return TOR_TLS_ERROR_MISC;
			
 
				+      return TOR_TLS_CLOSE;
			
 
				     default:
			
 
				       tls_log_errors(tls, severity, doing);
			
 
				       return TOR_TLS_ERROR_MISC;
			
@@ -858,7 +855,7 @@ tor_tls_read(tor_tls_t *tls, char *cp, size_t len)
 
				     return r;
			
 
				   }
			
 
				   err = tor_tls_get_error(tls, r, CATCH_ZERO, "reading", LOG_DEBUG);
			
 
				-  if (err == _TOR_TLS_ZERORETURN) {
			
 
				+  if (err == _TOR_TLS_ZERORETURN || err == TOR_TLS_CLOSE) {
			
 
				     log_debug(LD_NET,"read returned r=%d; TLS is closed",r);
			
 
				     tls->state = TOR_TLS_ST_CLOSED;
			
 
				     return TOR_TLS_CLOSE;
			
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -22,7 +22,7 @@ typedef struct tor_tls_t tor_tls_t;
 
				 /* Possible return values for most tor_tls_* functions. */
			
 
				 #define _MIN_TOR_TLS_ERROR_VAL     -9
			
 
				 #define TOR_TLS_ERROR_MISC         -9
			
 
				-/* Rename to unexpected close or something. XXXX */
			
 
				+/* Rename to unexpected close or something. XXXX021 */
			
 
				 #define TOR_TLS_ERROR_IO           -8
			
 
				 #define TOR_TLS_ERROR_CONNREFUSED  -7
			
 
				 #define TOR_TLS_ERROR_CONNRESET    -6
			
@@ -33,16 +33,20 @@ typedef struct tor_tls_t tor_tls_t;
 
				 #define TOR_TLS_WANTWRITE          -1
			
 
				 #define TOR_TLS_DONE                0
			
 
				 
			
 
				-/** Use this macro in a switch statement to catch _any_ TLS error.  That way,
			
 
				- * if more errors are added, your switches will still work. */
			
 
				-#define CASE_TOR_TLS_ERROR_ANY                  \
			
 
				+/** DOCDOC XXXX021 also rename me. */
			
 
				+#define CASE_TOR_TLS_ERROR_ANY_NONIO            \
			
 
				   case TOR_TLS_ERROR_MISC:                      \
			
 
				-  case TOR_TLS_ERROR_IO:                        \
			
 
				   case TOR_TLS_ERROR_CONNREFUSED:               \
			
 
				   case TOR_TLS_ERROR_CONNRESET:                 \
			
 
				   case TOR_TLS_ERROR_NO_ROUTE:                  \
			
 
				   case TOR_TLS_ERROR_TIMEOUT
			
 
				 
			
 
				+/** Use this macro in a switch statement to catch _any_ TLS error.  That way,
			
 
				+ * if more errors are added, your switches will still work. */
			
 
				+#define CASE_TOR_TLS_ERROR_ANY                  \
			
 
				+  CASE_TOR_TLS_ERROR_ANY_NONIO:                 \
			
 
				+  case TOR_TLS_ERROR_IO
			
 
				+
			
 
				 #define TOR_TLS_IS_ERROR(rv) ((rv) < TOR_TLS_CLOSE)
			
 
				 const char *tor_tls_err_to_string(int err);
			
 
				 
			
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1945,12 +1945,14 @@ connection_read_to_buf(connection_t *conn, int *max_to_read)
 
				 
			
 
				     switch (result) {
			
 
				       case TOR_TLS_CLOSE:
			
 
				-        log_info(LD_NET,"TLS connection closed on read. Closing. "
			
 
				+      case TOR_TLS_ERROR_IO:
			
 
				+        log_info(LD_NET,"TLS connection closed %son read. Closing. "
			
 
				                  "(Nickname %s, address %s",
			
 
				+                 result == TOR_TLS_CLOSE ? "cleanly " : "",
			
 
				                  or_conn->nickname ? or_conn->nickname : "not set",
			
 
				                  conn->address);
			
 
				         return result;
			
 
				-      CASE_TOR_TLS_ERROR_ANY:
			
 
				+      CASE_TOR_TLS_ERROR_ANY_NONIO:
			
 
				         log_info(LD_NET,"tls error [%s]. breaking (nickname %s, address %s).",
			
 
				                  tor_tls_err_to_string(result),
			
 
				                  or_conn->nickname ? or_conn->nickname : "not set",