Browse code

tls: don't report SSL protocol errors as bugs

Report SSL protocol level error at a L_ERR level and not as bugs.

Andrei Pelinescu-Onciul authored on 09/07/2010 18:01:41
Showing 1 changed files
... ...
@@ -514,6 +514,7 @@ static int tls_shutdown(struct tcp_connection *c)
514 514
 			}
515 515
 			goto err;
516 516
 			
517
+		case SSL_ERROR_SSL:
517 518
 		default:
518 519
 			TLS_ERR("SSL error:");
519 520
 			goto err;
... ...
@@ -786,6 +787,10 @@ redo_wr:
786 786
 					send_flags->f &= ~SND_F_CON_CLOSE;
787 787
 				}
788 788
 				break; /* or goto end */
789
+			case SSL_ERROR_SSL:
790
+				/* protocol level error */
791
+				TLS_ERR(err_src);
792
+				goto error;
789 793
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L /*0.9.7*/
790 794
 			case SSL_ERROR_WANT_CONNECT:
791 795
 				/* only if the underlying BIO is not yet connected
... ...
@@ -1150,6 +1155,10 @@ ssl_read_skipped:
1150 1150
 			BUG("write buffer too small (%d/%d bytes)\n",
1151 1151
 					wr.used, wr.size);
1152 1152
 			goto bug;
1153
+		case SSL_ERROR_SSL:
1154
+			/* protocol level error */
1155
+			TLS_ERR(err_src);
1156
+			goto error;
1153 1157
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L /*0.9.7*/
1154 1158
 		case SSL_ERROR_WANT_CONNECT:
1155 1159
 			/* only if the underlying BIO is not yet connected