Browse Source

crypto: fix ssl error handling

Make HandleSSLError() correctly process a zero status code: sometimes it
indicates an error and sometimes it doesn't.
v0.9.4-release
Sergey Kholodilov 12 years ago
committed by Ben Noordhuis
parent
commit
019ad346e0
  1. 24
      src/node_crypto.cc
  2. 8
      src/node_crypto.h

24
src/node_crypto.cc

@ -890,8 +890,9 @@ int Connection::HandleBIOError(BIO *bio, const char* func, int rv) {
}
int Connection::HandleSSLError(const char* func, int rv) {
if (rv >= 0) return rv;
int Connection::HandleSSLError(const char* func, int rv, ZeroStatus zs) {
if (rv > 0) return rv;
if ((rv == 0) && (zs == kZeroIsNotAnError)) return rv;
int err = SSL_get_error(ssl_, rv);
@ -1348,17 +1349,17 @@ Handle<Value> Connection::ClearOut(const Arguments& args) {
if (ss->is_server_) {
rv = SSL_accept(ss->ssl_);
ss->HandleSSLError("SSL_accept:ClearOut", rv);
ss->HandleSSLError("SSL_accept:ClearOut", rv, kZeroIsAnError);
} else {
rv = SSL_connect(ss->ssl_);
ss->HandleSSLError("SSL_connect:ClearOut", rv);
ss->HandleSSLError("SSL_connect:ClearOut", rv, kZeroIsAnError);
}
if (rv < 0) return scope.Close(Integer::New(rv));
}
int bytes_read = SSL_read(ss->ssl_, buffer_data + off, len);
ss->HandleSSLError("SSL_read:ClearOut", bytes_read);
ss->HandleSSLError("SSL_read:ClearOut", bytes_read, kZeroIsNotAnError);
ss->SetShutdownFlags();
return scope.Close(Integer::New(bytes_read));
@ -1458,10 +1459,10 @@ Handle<Value> Connection::ClearIn(const Arguments& args) {
int rv;
if (ss->is_server_) {
rv = SSL_accept(ss->ssl_);
ss->HandleSSLError("SSL_accept:ClearIn", rv);
ss->HandleSSLError("SSL_accept:ClearIn", rv, kZeroIsAnError);
} else {
rv = SSL_connect(ss->ssl_);
ss->HandleSSLError("SSL_connect:ClearIn", rv);
ss->HandleSSLError("SSL_connect:ClearIn", rv, kZeroIsAnError);
}
if (rv < 0) return scope.Close(Integer::New(rv));
@ -1469,7 +1470,7 @@ Handle<Value> Connection::ClearIn(const Arguments& args) {
int bytes_written = SSL_write(ss->ssl_, buffer_data + off, len);
ss->HandleSSLError("SSL_write:ClearIn", bytes_written);
ss->HandleSSLError("SSL_write:ClearIn", bytes_written, kZeroIsAnError);
ss->SetShutdownFlags();
return scope.Close(Integer::New(bytes_written));
@ -1697,10 +1698,10 @@ Handle<Value> Connection::Start(const Arguments& args) {
int rv;
if (ss->is_server_) {
rv = SSL_accept(ss->ssl_);
ss->HandleSSLError("SSL_accept:Start", rv);
ss->HandleSSLError("SSL_accept:Start", rv, kZeroIsAnError);
} else {
rv = SSL_connect(ss->ssl_);
ss->HandleSSLError("SSL_connect:Start", rv);
ss->HandleSSLError("SSL_connect:Start", rv, kZeroIsAnError);
}
return scope.Close(Integer::New(rv));
@ -1717,8 +1718,7 @@ Handle<Value> Connection::Shutdown(const Arguments& args) {
if (ss->ssl_ == NULL) return False();
int rv = SSL_shutdown(ss->ssl_);
ss->HandleSSLError("SSL_shutdown", rv);
ss->HandleSSLError("SSL_shutdown", rv, kZeroIsNotAnError);
ss->SetShutdownFlags();
return scope.Close(Integer::New(rv));

8
src/node_crypto.h

@ -214,7 +214,13 @@ class Connection : ObjectWrap {
#endif
int HandleBIOError(BIO *bio, const char* func, int rv);
int HandleSSLError(const char* func, int rv);
enum ZeroStatus {
kZeroIsNotAnError,
kZeroIsAnError
};
int HandleSSLError(const char* func, int rv, ZeroStatus zs);
void ClearError();
void SetShutdownFlags();

Loading…
Cancel
Save