From 831a755d9e78471a4f68529a8c8945386d8c7bf5 Mon Sep 17 00:00:00 2001 From: Paul Bakker Date: Wed, 18 May 2011 13:32:51 +0000 Subject: [PATCH] - Changed behaviour of net_recv(), ssl_fetch_input() and ssl_read(). net_recv() now returns 0 on EOF instead of POLARSSL_ERR_NET_CONN_RESET. ssl_fetch_input() returns POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function. ssl_read() returns 0 if a POLARSSL_ERR_SSL_CONN_EOF is received after the handshake. - Network functions now return POLARSSL_ERR_NET_WANT_READ or POLARSSL_ERR_NET_WANT_WRITE instead of the ambiguous POLARSSL_ERR_NET_TRY_AGAIN --- ChangeLog | 9 +++++++++ include/polarssl/error.h | 2 +- include/polarssl/net.h | 7 ++++--- include/polarssl/ssl.h | 14 +++++++++----- library/error.c | 16 +++++++++------- library/net.c | 13 +++++-------- library/ssl_tls.c | 9 +++++++++ programs/ssl/ssl_client1.c | 4 ++-- programs/ssl/ssl_client2.c | 6 +++--- programs/ssl/ssl_server.c | 6 +++--- programs/test/ssl_test.c | 6 ++++-- programs/x509/cert_app.c | 2 +- 12 files changed, 59 insertions(+), 35 deletions(-) diff --git a/ChangeLog b/ChangeLog index f0d44a233..76f8696fc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -20,6 +20,15 @@ Changes * The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative. + * Changed behaviour of net_read(), ssl_fetch_input() and ssl_recv(). + net_recv() now returns 0 on EOF instead of + POLARSSL_ERR_NET_CONN_RESET. ssl_fetch_input() returns + POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function. + ssl_read() returns 0 if a POLARSSL_ERR_SSL_CONN_EOF is received + after the handshake. + * Network functions now return POLARSSL_ERR_NET_WANT_READ or + POLARSSL_ERR_NET_WANT_WRITE instead of the ambiguous + POLARSSL_ERR_NET_TRY_AGAIN = Version 0.99-pre4 released on 2011-04-01 Features diff --git a/include/polarssl/error.h b/include/polarssl/error.h index b9a73affb..8a3f30446 100644 --- a/include/polarssl/error.h +++ b/include/polarssl/error.h @@ -56,7 +56,7 @@ * XTEA 1 0x0028-0x0028 * PADLOCK 1 0x0030-0x0030 * DES 1 0x0032-0x0032 - * NET 10 0x0040-0x0052 + * NET 11 0x0040-0x0054 * * High-level module nr (3 bits - 0x1...-0x8...) * Name ID Nr of Errors diff --git a/include/polarssl/net.h b/include/polarssl/net.h index d828a3e95..ee231803e 100644 --- a/include/polarssl/net.h +++ b/include/polarssl/net.h @@ -38,7 +38,8 @@ #define POLARSSL_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ #define POLARSSL_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ #define POLARSSL_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ -#define POLARSSL_ERR_NET_TRY_AGAIN -0x0052 /**< Connection was busy, try again. */ +#define POLARSSL_ERR_NET_WANT_READ -0x0052 /**< Connection requires a read call. */ +#define POLARSSL_ERR_NET_WANT_WRITE -0x0054 /**< Connection requires a write call. */ #ifdef __cplusplus extern "C" { @@ -123,7 +124,7 @@ void net_usleep( unsigned long usec ); * \param len Maximum length of the buffer * * \return This function returns the number of bytes received, - * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN + * or a non-zero error code; POLARSSL_ERR_NET_WANT_READ * indicates read() is blocking. */ int net_recv( void *ctx, unsigned char *buf, size_t len ); @@ -137,7 +138,7 @@ int net_recv( void *ctx, unsigned char *buf, size_t len ); * \param len The length of the buffer * * \return This function returns the number of bytes sent, - * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN + * or a non-zero error code; POLARSSL_ERR_NET_WANT_WRITE * indicates write() is blocking. */ int net_send( void *ctx, unsigned char *buf, size_t len ); diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index af9ec117a..1108b8b79 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -52,7 +52,7 @@ #define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ #define POLARSSL_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ #define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ -#define POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE -0x7280 /**< An invalid modulus size was received. */ +#define POLARSSL_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ #define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ #define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ #define POLARSSL_ERR_SSL_NO_SESSION_FOUND -0x7400 /**< No session to recover was found. */ @@ -596,8 +596,8 @@ const char *ssl_get_version( const ssl_context *ssl ); * * \param ssl SSL context * - * \return 0 if successful, POLARSSL_ERR_NET_TRY_AGAIN, - * or a specific SSL error code. + * \return 0 if successful, POLARSSL_ERR_NET_WANT_READ, + * POLARSSL_ERR_NET_WANT_WRITE, or a specific SSL error code. */ int ssl_handshake( ssl_context *ssl ); @@ -608,7 +608,7 @@ int ssl_handshake( ssl_context *ssl ); * \param buf buffer that will hold the data * \param len how many bytes must be read * - * \return This function returns the number of bytes read, + * \return This function returns the number of bytes read, 0 for EOF, * or a negative error code. */ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ); @@ -623,7 +623,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ); * \return This function returns the number of bytes written, * or a negative error code. * - * \note When this function returns POLARSSL_ERR_NET_TRY_AGAIN, + * \note When this function returns POLARSSL_ERR_NET_WANT_WRITE, * it must be called later with the *same* arguments, * until it returns a positive value. */ @@ -653,6 +653,10 @@ int ssl_derive_keys( ssl_context *ssl ); void ssl_calc_verify( ssl_context *ssl, unsigned char hash[36] ); int ssl_read_record( ssl_context *ssl ); +/** + * \return 0 if successful, POLARSSL_ERR_SSL_CONN_EOF on EOF or + * another negative error code. + */ int ssl_fetch_input( ssl_context *ssl, size_t nb_want ); int ssl_write_record( ssl_context *ssl ); diff --git a/library/error.c b/library/error.c index 4c12d8dc9..32925c14f 100644 --- a/library/error.c +++ b/library/error.c @@ -71,7 +71,7 @@ #include "polarssl/rsa.h" #endif -#if defined(POLARSSL_SSL_C) +#if defined(POLARSSL_SSL_TLS_C) #include "polarssl/ssl.h" #endif @@ -162,7 +162,7 @@ void error_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" ); #endif /* POLARSSL_RSA_C */ -#if defined(POLARSSL_SSL_C) +#if defined(POLARSSL_SSL_TLS_C) if( use_ret == -(POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE) ) snprintf( buf, buflen, "SSL - The requested feature is not available" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_INPUT_DATA) ) @@ -171,8 +171,8 @@ void error_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "SSL - Verification of the message MAC failed" ); if( use_ret == -(POLARSSL_ERR_SSL_INVALID_RECORD) ) snprintf( buf, buflen, "SSL - An invalid SSL record was received" ); - if( use_ret == -(POLARSSL_ERR_SSL_INVALID_MODULUS_SIZE) ) - snprintf( buf, buflen, "SSL - An invalid modulus size was received" ); + if( use_ret == -(POLARSSL_ERR_SSL_CONN_EOF) ) + snprintf( buf, buflen, "SSL - The connection indicated an EOF" ); if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_CIPHER) ) snprintf( buf, buflen, "SSL - An unknown cipher was received" ); if( use_ret == -(POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN) ) @@ -221,7 +221,7 @@ void error_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" ); if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) ) snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" ); -#endif /* POLARSSL_SSL_C */ +#endif /* POLARSSL_SSL_TLS_C */ #if defined(POLARSSL_X509_PARSE_C) if( use_ret == -(POLARSSL_ERR_X509_FEATURE_UNAVAILABLE) ) @@ -355,8 +355,10 @@ void error_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "NET - Sending information through the socket failed" ); if( use_ret == -(POLARSSL_ERR_NET_CONN_RESET) ) snprintf( buf, buflen, "NET - Connection was reset by peer" ); - if( use_ret == -(POLARSSL_ERR_NET_TRY_AGAIN) ) - snprintf( buf, buflen, "NET - Connection was busy, try again" ); + if( use_ret == -(POLARSSL_ERR_NET_WANT_READ) ) + snprintf( buf, buflen, "NET - Connection requires a read call" ); + if( use_ret == -(POLARSSL_ERR_NET_WANT_WRITE) ) + snprintf( buf, buflen, "NET - Connection requires a write call" ); #endif /* POLARSSL_NET_C */ #if defined(POLARSSL_PADLOCK_C) diff --git a/library/net.c b/library/net.c index 5e811a50a..ad2b2787b 100644 --- a/library/net.c +++ b/library/net.c @@ -239,7 +239,7 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip ) if( *client_fd < 0 ) { if( net_is_blocking() != 0 ) - return( POLARSSL_ERR_NET_TRY_AGAIN ); + return( POLARSSL_ERR_NET_WANT_READ ); return( POLARSSL_ERR_NET_ACCEPT_FAILED ); } @@ -292,13 +292,10 @@ int net_recv( void *ctx, unsigned char *buf, size_t len ) { int ret = read( *((int *) ctx), buf, len ); - if( len > 0 && ret == 0 ) - return( POLARSSL_ERR_NET_CONN_RESET ); - if( ret < 0 ) { if( net_is_blocking() != 0 ) - return( POLARSSL_ERR_NET_TRY_AGAIN ); + return( POLARSSL_ERR_NET_WANT_READ ); #if defined(_WIN32) || defined(_WIN32_WCE) if( WSAGetLastError() == WSAECONNRESET ) @@ -308,7 +305,7 @@ int net_recv( void *ctx, unsigned char *buf, size_t len ) return( POLARSSL_ERR_NET_CONN_RESET ); if( errno == EINTR ) - return( POLARSSL_ERR_NET_TRY_AGAIN ); + return( POLARSSL_ERR_NET_WANT_READ ); #endif return( POLARSSL_ERR_NET_RECV_FAILED ); @@ -327,7 +324,7 @@ int net_send( void *ctx, unsigned char *buf, size_t len ) if( ret < 0 ) { if( net_is_blocking() != 0 ) - return( POLARSSL_ERR_NET_TRY_AGAIN ); + return( POLARSSL_ERR_NET_WANT_WRITE ); #if defined(_WIN32) || defined(_WIN32_WCE) if( WSAGetLastError() == WSAECONNRESET ) @@ -337,7 +334,7 @@ int net_send( void *ctx, unsigned char *buf, size_t len ) return( POLARSSL_ERR_NET_CONN_RESET ); if( errno == EINTR ) - return( POLARSSL_ERR_NET_TRY_AGAIN ); + return( POLARSSL_ERR_NET_WANT_WRITE ); #endif return( POLARSSL_ERR_NET_SEND_FAILED ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 8ee2d0800..47723cce8 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -878,6 +878,9 @@ int ssl_fetch_input( ssl_context *ssl, size_t nb_want ) ssl->in_left, nb_want ) ); SSL_DEBUG_RET( 2, "ssl->f_recv", ret ); + if( ret == 0 ) + return( POLARSSL_ERR_SSL_CONN_EOF ); + if( ret < 0 ) return( ret ); @@ -2092,6 +2095,9 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ) { if( ( ret = ssl_read_record( ssl ) ) != 0 ) { + if( ret == POLARSSL_ERR_SSL_CONN_EOF ) + return( 0 ); + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); return( ret ); } @@ -2104,6 +2110,9 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ) */ if( ( ret = ssl_read_record( ssl ) ) != 0 ) { + if( ret == POLARSSL_ERR_SSL_CONN_EOF ) + return( 0 ); + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); return( ret ); } diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 1c75bc5d8..fefb0410b 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -115,7 +115,7 @@ int main( void ) while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 ) { - if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) { printf( " failed\n ! ssl_write returned %d\n\n", ret ); goto exit; @@ -137,7 +137,7 @@ int main( void ) memset( buf, 0, sizeof( buf ) ); ret = ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE ) continue; if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY ) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 353c21cde..fcfa89da0 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -298,7 +298,7 @@ int main( int argc, char *argv[] ) while( ( ret = ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) { printf( " failed\n ! ssl_handshake returned %d\n\n", ret ); goto exit; @@ -348,7 +348,7 @@ int main( int argc, char *argv[] ) while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 ) { - if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) { printf( " failed\n ! ssl_write returned %d\n\n", ret ); goto exit; @@ -370,7 +370,7 @@ int main( int argc, char *argv[] ) memset( buf, 0, sizeof( buf ) ); ret = ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE ) continue; if( ret == POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY ) diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 096482ec2..e1d2bacb6 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -305,7 +305,7 @@ accept: while( ( ret = ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) { printf( " failed\n ! ssl_handshake returned %d\n\n", ret ); goto accept; @@ -326,7 +326,7 @@ accept: memset( buf, 0, sizeof( buf ) ); ret = ssl_read( &ssl, buf, len ); - if( ret == POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret == POLARSSL_ERR_NET_WANT_READ || ret == POLARSSL_ERR_NET_WANT_WRITE ) continue; if( ret <= 0 ) @@ -371,7 +371,7 @@ accept: goto accept; } - if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) { printf( " failed\n ! ssl_write returned %d\n\n", ret ); goto exit; diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c index 61aeb9a8f..f294e2cd5 100644 --- a/programs/test/ssl_test.c +++ b/programs/test/ssl_test.c @@ -293,7 +293,8 @@ static int ssl_test( struct options *opt ) goto exit; } - if( ret < 0 && ret != POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret < 0 && ret != POLARSSL_ERR_NET_WANT_READ && + ret != POLARSSL_ERR_NET_WANT_WRITE ) { printf( " ! ssl_write returned %d\n\n", ret ); break; @@ -336,7 +337,8 @@ static int ssl_test( struct options *opt ) goto exit; } - if( ret < 0 && ret != POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret < 0 && ret != POLARSSL_ERR_NET_WANT_READ && + ret != POLARSSL_ERR_NET_WANT_WRITE ) { printf( " ! ssl_read returned %d\n\n", ret ); break; diff --git a/programs/x509/cert_app.c b/programs/x509/cert_app.c index 12a122483..0c632bafb 100644 --- a/programs/x509/cert_app.c +++ b/programs/x509/cert_app.c @@ -243,7 +243,7 @@ int main( int argc, char *argv[] ) */ while( ( ret = ssl_handshake( &ssl ) ) != 0 ) { - if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) + if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE ) { printf( " failed\n ! ssl_handshake returned %d\n\n", ret ); goto exit;