From 4fb95f166edfe06b39700ce7a9f06ea4abad0fea Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Sat, 23 Apr 2005 20:35:38 +0000
Subject: Apparently, ASN1 failures are not treated as SSL connection errors,
 but are just general OpenSSL errors.  Or something.  Anyway, bulletproof
 tor_tls_handshake.

svn:r4098
---
 src/common/tortls.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 823fbe7a90..7acc786326 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -528,12 +528,17 @@ tor_tls_handshake(tor_tls *tls)
   tor_assert(tls);
   tor_assert(tls->ssl);
   tor_assert(tls->state == TOR_TLS_ST_HANDSHAKE);
+  check_no_tls_errors();
   if (tls->isServer) {
     r = SSL_accept(tls->ssl);
   } else {
     r = SSL_connect(tls->ssl);
   }
   r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO);
+  if (ERR_peek_error() != 0) {
+    tls_log_errors(LOG_WARN, "handshaking");
+    return TOR_TLS_ERROR;
+  }
   if (r == TOR_TLS_DONE) {
     tls->state = TOR_TLS_ST_OPEN;
   }
-- 
cgit v1.2.3-54-g00ecf