diff options
author | Nick Mathewson <nickm@torproject.org> | 2005-04-23 20:35:38 +0000 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2005-04-23 20:35:38 +0000 |
commit | 4fb95f166edfe06b39700ce7a9f06ea4abad0fea (patch) | |
tree | d719005b3df9fbf8b0354c0627cfbab3276e831d | |
parent | 6128cdead023343368a8430d90b289b53900176e (diff) | |
download | tor-4fb95f166edfe06b39700ce7a9f06ea4abad0fea.tar.gz tor-4fb95f166edfe06b39700ce7a9f06ea4abad0fea.zip |
Apparently, ASN1 failures are not treated as SSL connection errors, but are just general OpenSSL errors. Or something. Anyway, bulletproof tor_tls_handshake.
svn:r4098
-rw-r--r-- | src/common/tortls.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/common/tortls.c b/src/common/tortls.c index 823fbe7a90..7acc786326 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -528,12 +528,17 @@ tor_tls_handshake(tor_tls *tls) tor_assert(tls); tor_assert(tls->ssl); tor_assert(tls->state == TOR_TLS_ST_HANDSHAKE); + check_no_tls_errors(); if (tls->isServer) { r = SSL_accept(tls->ssl); } else { r = SSL_connect(tls->ssl); } r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO); + if (ERR_peek_error() != 0) { + tls_log_errors(LOG_WARN, "handshaking"); + return TOR_TLS_ERROR; + } if (r == TOR_TLS_DONE) { tls->state = TOR_TLS_ST_OPEN; } |