Commit 4fb95f16 authored by Nick Mathewson's avatar Nick Mathewson 🦀
Browse files

Apparently, ASN1 failures are not treated as SSL connection errors, but are...

Apparently, ASN1 failures are not treated as SSL connection errors, but are just general OpenSSL errors.  Or something.  Anyway, bulletproof tor_tls_handshake.


svn:r4098
parent 6128cdea
Loading
Loading
Loading
Loading
+5 −0
Original line number Diff line number Diff line
@@ -528,12 +528,17 @@ tor_tls_handshake(tor_tls *tls)
  tor_assert(tls);
  tor_assert(tls->ssl);
  tor_assert(tls->state == TOR_TLS_ST_HANDSHAKE);
  check_no_tls_errors();
  if (tls->isServer) {
    r = SSL_accept(tls->ssl);
  } else {
    r = SSL_connect(tls->ssl);
  }
  r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO);
  if (ERR_peek_error() != 0) {
    tls_log_errors(LOG_WARN, "handshaking");
    return TOR_TLS_ERROR;
  }
  if (r == TOR_TLS_DONE) {
    tls->state = TOR_TLS_ST_OPEN;
  }