yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-29 16:14:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Clean up error codes

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2015-09-08 11:21:21 +02:00
parent 11331fc25b
commit be619c1264
3 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/mbedtls/ssl.h
View File

@ -125,6 +125,7 @@
#define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< Connection requires a read call. */ #define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< Connection requires a read call. */
#define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ #define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */
#define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ #define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */
#define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */
/* /*
* Various constants * Various constants

2
library/error.c
View File

@ -428,6 +428,8 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
mbedtls_snprintf( buf, buflen, "SSL - Connection requires a write call" ); mbedtls_snprintf( buf, buflen, "SSL - Connection requires a write call" );
if( use_ret == -(MBEDTLS_ERR_SSL_TIMEOUT) ) if( use_ret == -(MBEDTLS_ERR_SSL_TIMEOUT) )
mbedtls_snprintf( buf, buflen, "SSL - The operation timed out" ); mbedtls_snprintf( buf, buflen, "SSL - The operation timed out" );
if( use_ret == -(MBEDTLS_ERR_SSL_CLIENT_RECONNECT) )
mbedtls_snprintf( buf, buflen, "SSL - The client initiated a reconnect from the same port" );
#endif /* MBEDTLS_SSL_TLS_C */ #endif /* MBEDTLS_SSL_TLS_C */
#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C) #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)

26
library/ssl_tls.c
View File

@ -3276,7 +3276,7 @@ static int ssl_dummy_recv(void *ctx, unsigned char *buf, size_t len) {
* return MBEDTLS_ERR_SSL_INVALID_RECORD (ignore this record) * return MBEDTLS_ERR_SSL_INVALID_RECORD (ignore this record)
* - if the input looks like a ClientHello with a valid cookie, * - if the input looks like a ClientHello with a valid cookie,
* reset the session of the current context, and * reset the session of the current context, and
* return MBEDTLS_ERR_SSL_CLIENT_RECONNECT (WIP: TODO) * return MBEDTLS_ERR_SSL_CLIENT_RECONNECT
* *
* Currently adopts a heavyweight strategy by allocating a secondary ssl * Currently adopts a heavyweight strategy by allocating a secondary ssl
* context. Will be refactored into something more acceptable later. * context. Will be refactored into something more acceptable later.
@ -3293,8 +3293,7 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
ret = mbedtls_ssl_setup( &tmp_ssl, ssl->conf ); ret = mbedtls_ssl_setup( &tmp_ssl, ssl->conf );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 0, "nested ssl_setup", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "nested ssl_setup", ret );
ret = MBEDTLS_ERR_SSL_INVALID_RECORD;
goto cleanup; goto cleanup;
} }
@ -3305,8 +3304,7 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
ssl->cli_id, ssl->cli_id_len ); ssl->cli_id, ssl->cli_id_len );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 0, "nested set_client_id", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "nested set_client_id", ret );
ret = MBEDTLS_ERR_SSL_INVALID_RECORD;
goto cleanup; goto cleanup;
} }
@ -3322,22 +3320,20 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
ret = mbedtls_ssl_handshake_step( &tmp_ssl ); ret = mbedtls_ssl_handshake_step( &tmp_ssl );
if( ret != 0 ) if( ret != 0 )
{ {
MBEDTLS_SSL_DEBUG_RET( 0, "nested handshake_step", ret ); MBEDTLS_SSL_DEBUG_RET( 1, "nested handshake_step", ret );
ret = MBEDTLS_ERR_SSL_INVALID_RECORD;
goto cleanup; goto cleanup;
} }
cookie_is_good = tmp_ssl.handshake->verify_cookie_len == 0; cookie_is_good = tmp_ssl.handshake->verify_cookie_len == 0;
MBEDTLS_SSL_DEBUG_MSG( 0, ( "good ClientHello with %s cookie", MBEDTLS_SSL_DEBUG_MSG( 1, ( "good ClientHello with %s cookie",
cookie_is_good ? "good" : "bad" ) ); cookie_is_good ? "good" : "bad" ) );
/* Send HelloVerifyRequest? */ /* Send HelloVerifyRequest? */
if( !cookie_is_good ) if( !cookie_is_good )
{ {
ret = mbedtls_ssl_handshake_step( &tmp_ssl ); ret = mbedtls_ssl_handshake_step( &tmp_ssl );
MBEDTLS_SSL_DEBUG_RET( 0, "nested handshake_step", ret ); if( ret != 0 )
MBEDTLS_SSL_DEBUG_RET( 1, "nested handshake_step", ret );
ret = MBEDTLS_ERR_SSL_INVALID_RECORD;
goto cleanup; goto cleanup;
} }
@ -3346,11 +3342,14 @@ static int ssl_handle_possible_reconnect( mbedtls_ssl_context *ssl )
* that the client will resend */ * that the client will resend */
mbedtls_ssl_session_reset( ssl ); mbedtls_ssl_session_reset( ssl );
/* ret = ... */ ret = MBEDTLS_ERR_SSL_CLIENT_RECONNECT;
cleanup: cleanup:
mbedtls_ssl_free( &tmp_ssl ); mbedtls_ssl_free( &tmp_ssl );
if( ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT )
ret = MBEDTLS_ERR_SSL_INVALID_RECORD;
return( ret ); return( ret );
} }
#endif /* MBEDTLS_SSL_PROTO_DTLS && #endif /* MBEDTLS_SSL_PROTO_DTLS &&
@ -3658,7 +3657,8 @@ read_record_header:
if( ( ret = ssl_parse_record_header( ssl ) ) != 0 ) if( ( ret = ssl_parse_record_header( ssl ) ) != 0 )
{ {
#if defined(MBEDTLS_SSL_PROTO_DTLS) #if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
ret != MBEDTLS_ERR_SSL_CLIENT_RECONNECT )
{ {
/* Ignore bad record and get next one; drop the whole datagram /* Ignore bad record and get next one; drop the whole datagram
* since current header cannot be trusted to find the next record * since current header cannot be trusted to find the next record