[sr-dev] git:andrei/tcp_tls_changes: tls: don't report SSL protocol errors as bugs
Andrei Pelinescu-Onciul
andrei at iptel.org
Fri Jul 9 20:17:14 CEST 2010
Module: sip-router
Branch: andrei/tcp_tls_changes
Commit: e536c71c072c3c74b1b89a58e996b347a583255a
URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=e536c71c072c3c74b1b89a58e996b347a583255a
Author: Andrei Pelinescu-Onciul <andrei at iptel.org>
Committer: Andrei Pelinescu-Onciul <andrei at iptel.org>
Date: Fri Jul 9 20:01:41 2010 +0200
tls: don't report SSL protocol errors as bugs
Report SSL protocol level error at a L_ERR level and not as bugs.
---
modules/tls/tls_server.c | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/modules/tls/tls_server.c b/modules/tls/tls_server.c
index cc065c5..8d45b53 100644
--- a/modules/tls/tls_server.c
+++ b/modules/tls/tls_server.c
@@ -514,6 +514,7 @@ static int tls_shutdown(struct tcp_connection *c)
}
goto err;
+ case SSL_ERROR_SSL:
default:
TLS_ERR("SSL error:");
goto err;
@@ -786,6 +787,10 @@ redo_wr:
send_flags->f &= ~SND_F_CON_CLOSE;
}
break; /* or goto end */
+ case SSL_ERROR_SSL:
+ /* protocol level error */
+ TLS_ERR(err_src);
+ goto error;
#if OPENSSL_VERSION_NUMBER >= 0x00907000L /*0.9.7*/
case SSL_ERROR_WANT_CONNECT:
/* only if the underlying BIO is not yet connected
@@ -1150,6 +1155,10 @@ ssl_read_skipped:
BUG("write buffer too small (%d/%d bytes)\n",
wr.used, wr.size);
goto bug;
+ case SSL_ERROR_SSL:
+ /* protocol level error */
+ TLS_ERR(err_src);
+ goto error;
#if OPENSSL_VERSION_NUMBER >= 0x00907000L /*0.9.7*/
case SSL_ERROR_WANT_CONNECT:
/* only if the underlying BIO is not yet connected
More information about the sr-dev
mailing list