Loading src/common/Makefile.am +0 −1 Original line number Diff line number Diff line Loading @@ -51,7 +51,6 @@ noinst_HEADERS = \ torint.h \ torlog.h \ tortls.h \ tortls_states.h \ util.h common_sha1.i: $(libor_SOURCES) $(libor_crypto_a_SOURCES) $(noinst_HEADERS) Loading src/common/tortls.c +9 −27 Original line number Diff line number Diff line Loading @@ -237,22 +237,6 @@ static int tls_library_is_initialized = 0; #define _TOR_TLS_SYSCALL (_MIN_TOR_TLS_ERROR_VAL - 2) #define _TOR_TLS_ZERORETURN (_MIN_TOR_TLS_ERROR_VAL - 1) #include "tortls_states.h" /** Return the symbolic name of an OpenSSL state. */ static const char * ssl_state_to_string(int ssl_state) { static char buf[40]; int i; for (i = 0; state_map[i].name; ++i) { if (state_map[i].state == ssl_state) return state_map[i].name; } tor_snprintf(buf, sizeof(buf), "Unknown state %d", ssl_state); return buf; } /** Write a description of the current state of <b>tls</b> into the * <b>sz</b>-byte buffer at <b>buf</b>. */ void Loading @@ -266,7 +250,7 @@ tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz) return; } ssl_state = ssl_state_to_string(tls->ssl->state); ssl_state = SSL_state_string_long(tls->ssl); switch (tls->state) { #define CASE(st) case TOR_TLS_ST_##st: tortls_state = " in "#st ; break CASE(HANDSHAKE); Loading @@ -293,10 +277,8 @@ tor_tls_log_one_error(tor_tls_t *tls, unsigned long err, { const char *state = NULL, *addr; const char *msg, *lib, *func; int st; st = (tls && tls->ssl) ? tls->ssl->state : -1; state = (st>=0)?ssl_state_to_string(st):"---"; state = (tls && tls->ssl)?SSL_state_string_long(tls->ssl):"---"; addr = tls ? tls->address : NULL; Loading Loading @@ -433,14 +415,14 @@ tor_tls_get_error(tor_tls_t *tls, int r, int extra, return _TOR_TLS_SYSCALL; if (r == 0) { log(severity, LD_NET, "TLS error: unexpected close while %s (%s)", doing, ssl_state_to_string(tls->ssl->state)); doing, SSL_state_string_long(tls->ssl)); tor_error = TOR_TLS_ERROR_IO; } else { int e = tor_socket_errno(tls->socket); log(severity, LD_NET, "TLS error: <syscall error while %s> (errno=%d: %s; state=%s)", doing, e, tor_socket_strerror(e), ssl_state_to_string(tls->ssl->state)); SSL_state_string_long(tls->ssl)); tor_error = tor_errno_to_tls_error(e); } tls_log_errors(tls, severity, domain, doing); Loading @@ -449,7 +431,7 @@ tor_tls_get_error(tor_tls_t *tls, int r, int extra, if (extra&CATCH_ZERO) return _TOR_TLS_ZERORETURN; log(severity, LD_NET, "TLS connection closed while %s in state %s", doing, ssl_state_to_string(tls->ssl->state)); doing, SSL_state_string_long(tls->ssl)); tls_log_errors(tls, severity, domain, doing); return TOR_TLS_CLOSE; default: Loading Loading @@ -1350,7 +1332,7 @@ static void tor_tls_debug_state_callback(const SSL *ssl, int type, int val) { log_debug(LD_HANDSHAKE, "SSL %p is now in state %s [type=%d,val=%d].", ssl, ssl_state_to_string(ssl->state), type, val); ssl, SSL_state_string_long(ssl), type, val); } /** Invoked when we're accepting a connection on <b>ssl</b>, and the connection Loading Loading @@ -1755,16 +1737,16 @@ tor_tls_handshake(tor_tls_t *tls) oldstate = tls->ssl->state; if (tls->isServer) { log_debug(LD_HANDSHAKE, "About to call SSL_accept on %p (%s)", tls, ssl_state_to_string(tls->ssl->state)); SSL_state_string_long(tls->ssl)); r = SSL_accept(tls->ssl); } else { log_debug(LD_HANDSHAKE, "About to call SSL_connect on %p (%s)", tls, ssl_state_to_string(tls->ssl->state)); SSL_state_string_long(tls->ssl)); r = SSL_connect(tls->ssl); } if (oldstate != tls->ssl->state) log_debug(LD_HANDSHAKE, "After call, %p was in state %s", tls, ssl_state_to_string(tls->ssl->state)); tls, SSL_state_string_long(tls->ssl)); /* We need to call this here and not earlier, since OpenSSL has a penchant * for clearing its flags when you say accept or connect. */ tor_tls_unblock_renegotiation(tls); Loading src/common/tortls_states.hdeleted 100644 → 0 +0 −414 Original line number Diff line number Diff line /* Copyright (c) 2003, Roger Dingledine * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. * Copyright (c) 2007-2011, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /* Helper file: included only in tortls.c */ #ifndef _TORTLS_STATES_H #define _TORTLS_STATES_H /* The main body of this file was mechanically generated with this perl script: my %keys = (); for $fn (@ARGV) { open(F, $fn); while (<F>) { next unless /^#define ((?:SSL|DTLS)\w*_ST_\w*)/; $keys{$1} = 1; } close(F); } for $k (sort keys %keys) { print "#ifdef $k\n S($k),\n#endif\n" } */ /** Mapping from allowed value of SSL.state to the name of C macro for that * state. Used for debugging an openssl connection. */ static const struct { int state; const char *name; } state_map[] = { #define S(state) { state, #state } #ifdef DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A S(DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A), #endif #ifdef DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B S(DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B), #endif #ifdef DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A S(DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A), #endif #ifdef DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B S(DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B), #endif #ifdef SSL23_ST_CR_SRVR_HELLO_A S(SSL23_ST_CR_SRVR_HELLO_A), #endif #ifdef SSL23_ST_CR_SRVR_HELLO_B S(SSL23_ST_CR_SRVR_HELLO_B), #endif #ifdef SSL23_ST_CW_CLNT_HELLO_A S(SSL23_ST_CW_CLNT_HELLO_A), #endif #ifdef SSL23_ST_CW_CLNT_HELLO_B S(SSL23_ST_CW_CLNT_HELLO_B), #endif #ifdef SSL23_ST_SR_CLNT_HELLO_A S(SSL23_ST_SR_CLNT_HELLO_A), #endif #ifdef SSL23_ST_SR_CLNT_HELLO_B S(SSL23_ST_SR_CLNT_HELLO_B), #endif #ifdef SSL2_ST_CLIENT_START_ENCRYPTION S(SSL2_ST_CLIENT_START_ENCRYPTION), #endif #ifdef SSL2_ST_GET_CLIENT_FINISHED_A S(SSL2_ST_GET_CLIENT_FINISHED_A), #endif #ifdef SSL2_ST_GET_CLIENT_FINISHED_B S(SSL2_ST_GET_CLIENT_FINISHED_B), #endif #ifdef SSL2_ST_GET_CLIENT_HELLO_A S(SSL2_ST_GET_CLIENT_HELLO_A), #endif #ifdef SSL2_ST_GET_CLIENT_HELLO_B S(SSL2_ST_GET_CLIENT_HELLO_B), #endif #ifdef SSL2_ST_GET_CLIENT_HELLO_C S(SSL2_ST_GET_CLIENT_HELLO_C), #endif #ifdef SSL2_ST_GET_CLIENT_MASTER_KEY_A S(SSL2_ST_GET_CLIENT_MASTER_KEY_A), #endif #ifdef SSL2_ST_GET_CLIENT_MASTER_KEY_B S(SSL2_ST_GET_CLIENT_MASTER_KEY_B), #endif #ifdef SSL2_ST_GET_SERVER_FINISHED_A S(SSL2_ST_GET_SERVER_FINISHED_A), #endif #ifdef SSL2_ST_GET_SERVER_FINISHED_B S(SSL2_ST_GET_SERVER_FINISHED_B), #endif #ifdef SSL2_ST_GET_SERVER_HELLO_A S(SSL2_ST_GET_SERVER_HELLO_A), #endif #ifdef SSL2_ST_GET_SERVER_HELLO_B S(SSL2_ST_GET_SERVER_HELLO_B), #endif #ifdef SSL2_ST_GET_SERVER_VERIFY_A S(SSL2_ST_GET_SERVER_VERIFY_A), #endif #ifdef SSL2_ST_GET_SERVER_VERIFY_B S(SSL2_ST_GET_SERVER_VERIFY_B), #endif #ifdef SSL2_ST_SEND_CLIENT_CERTIFICATE_A S(SSL2_ST_SEND_CLIENT_CERTIFICATE_A), #endif #ifdef SSL2_ST_SEND_CLIENT_CERTIFICATE_B S(SSL2_ST_SEND_CLIENT_CERTIFICATE_B), #endif #ifdef SSL2_ST_SEND_CLIENT_CERTIFICATE_C S(SSL2_ST_SEND_CLIENT_CERTIFICATE_C), #endif #ifdef SSL2_ST_SEND_CLIENT_CERTIFICATE_D S(SSL2_ST_SEND_CLIENT_CERTIFICATE_D), #endif #ifdef SSL2_ST_SEND_CLIENT_FINISHED_A S(SSL2_ST_SEND_CLIENT_FINISHED_A), #endif #ifdef SSL2_ST_SEND_CLIENT_FINISHED_B S(SSL2_ST_SEND_CLIENT_FINISHED_B), #endif #ifdef SSL2_ST_SEND_CLIENT_HELLO_A S(SSL2_ST_SEND_CLIENT_HELLO_A), #endif #ifdef SSL2_ST_SEND_CLIENT_HELLO_B S(SSL2_ST_SEND_CLIENT_HELLO_B), #endif #ifdef SSL2_ST_SEND_CLIENT_MASTER_KEY_A S(SSL2_ST_SEND_CLIENT_MASTER_KEY_A), #endif #ifdef SSL2_ST_SEND_CLIENT_MASTER_KEY_B S(SSL2_ST_SEND_CLIENT_MASTER_KEY_B), #endif #ifdef SSL2_ST_SEND_REQUEST_CERTIFICATE_A S(SSL2_ST_SEND_REQUEST_CERTIFICATE_A), #endif #ifdef SSL2_ST_SEND_REQUEST_CERTIFICATE_B S(SSL2_ST_SEND_REQUEST_CERTIFICATE_B), #endif #ifdef SSL2_ST_SEND_REQUEST_CERTIFICATE_C S(SSL2_ST_SEND_REQUEST_CERTIFICATE_C), #endif #ifdef SSL2_ST_SEND_REQUEST_CERTIFICATE_D S(SSL2_ST_SEND_REQUEST_CERTIFICATE_D), #endif #ifdef SSL2_ST_SEND_SERVER_FINISHED_A S(SSL2_ST_SEND_SERVER_FINISHED_A), #endif #ifdef SSL2_ST_SEND_SERVER_FINISHED_B S(SSL2_ST_SEND_SERVER_FINISHED_B), #endif #ifdef SSL2_ST_SEND_SERVER_HELLO_A S(SSL2_ST_SEND_SERVER_HELLO_A), #endif #ifdef SSL2_ST_SEND_SERVER_HELLO_B S(SSL2_ST_SEND_SERVER_HELLO_B), #endif #ifdef SSL2_ST_SEND_SERVER_VERIFY_A S(SSL2_ST_SEND_SERVER_VERIFY_A), #endif #ifdef SSL2_ST_SEND_SERVER_VERIFY_B S(SSL2_ST_SEND_SERVER_VERIFY_B), #endif #ifdef SSL2_ST_SEND_SERVER_VERIFY_C S(SSL2_ST_SEND_SERVER_VERIFY_C), #endif #ifdef SSL2_ST_SERVER_START_ENCRYPTION S(SSL2_ST_SERVER_START_ENCRYPTION), #endif #ifdef SSL2_ST_X509_GET_CLIENT_CERTIFICATE S(SSL2_ST_X509_GET_CLIENT_CERTIFICATE), #endif #ifdef SSL2_ST_X509_GET_SERVER_CERTIFICATE S(SSL2_ST_X509_GET_SERVER_CERTIFICATE), #endif #ifdef SSL3_ST_CR_CERT_A S(SSL3_ST_CR_CERT_A), #endif #ifdef SSL3_ST_CR_CERT_B S(SSL3_ST_CR_CERT_B), #endif #ifdef SSL3_ST_CR_CERT_REQ_A S(SSL3_ST_CR_CERT_REQ_A), #endif #ifdef SSL3_ST_CR_CERT_REQ_B S(SSL3_ST_CR_CERT_REQ_B), #endif #ifdef SSL3_ST_CR_CERT_STATUS_A S(SSL3_ST_CR_CERT_STATUS_A), #endif #ifdef SSL3_ST_CR_CERT_STATUS_B S(SSL3_ST_CR_CERT_STATUS_B), #endif #ifdef SSL3_ST_CR_CHANGE_A S(SSL3_ST_CR_CHANGE_A), #endif #ifdef SSL3_ST_CR_CHANGE_B S(SSL3_ST_CR_CHANGE_B), #endif #ifdef SSL3_ST_CR_FINISHED_A S(SSL3_ST_CR_FINISHED_A), #endif #ifdef SSL3_ST_CR_FINISHED_B S(SSL3_ST_CR_FINISHED_B), #endif #ifdef SSL3_ST_CR_KEY_EXCH_A S(SSL3_ST_CR_KEY_EXCH_A), #endif #ifdef SSL3_ST_CR_KEY_EXCH_B S(SSL3_ST_CR_KEY_EXCH_B), #endif #ifdef SSL3_ST_CR_SESSION_TICKET_A S(SSL3_ST_CR_SESSION_TICKET_A), #endif #ifdef SSL3_ST_CR_SESSION_TICKET_B S(SSL3_ST_CR_SESSION_TICKET_B), #endif #ifdef SSL3_ST_CR_SRVR_DONE_A S(SSL3_ST_CR_SRVR_DONE_A), #endif #ifdef SSL3_ST_CR_SRVR_DONE_B S(SSL3_ST_CR_SRVR_DONE_B), #endif #ifdef SSL3_ST_CR_SRVR_HELLO_A S(SSL3_ST_CR_SRVR_HELLO_A), #endif #ifdef SSL3_ST_CR_SRVR_HELLO_B S(SSL3_ST_CR_SRVR_HELLO_B), #endif #ifdef SSL3_ST_CW_CERT_A S(SSL3_ST_CW_CERT_A), #endif #ifdef SSL3_ST_CW_CERT_B S(SSL3_ST_CW_CERT_B), #endif #ifdef SSL3_ST_CW_CERT_C S(SSL3_ST_CW_CERT_C), #endif #ifdef SSL3_ST_CW_CERT_D S(SSL3_ST_CW_CERT_D), #endif #ifdef SSL3_ST_CW_CERT_VRFY_A S(SSL3_ST_CW_CERT_VRFY_A), #endif #ifdef SSL3_ST_CW_CERT_VRFY_B S(SSL3_ST_CW_CERT_VRFY_B), #endif #ifdef SSL3_ST_CW_CHANGE_A S(SSL3_ST_CW_CHANGE_A), #endif #ifdef SSL3_ST_CW_CHANGE_B S(SSL3_ST_CW_CHANGE_B), #endif #ifdef SSL3_ST_CW_CLNT_HELLO_A S(SSL3_ST_CW_CLNT_HELLO_A), #endif #ifdef SSL3_ST_CW_CLNT_HELLO_B S(SSL3_ST_CW_CLNT_HELLO_B), #endif #ifdef SSL3_ST_CW_FINISHED_A S(SSL3_ST_CW_FINISHED_A), #endif #ifdef SSL3_ST_CW_FINISHED_B S(SSL3_ST_CW_FINISHED_B), #endif #ifdef SSL3_ST_CW_FLUSH S(SSL3_ST_CW_FLUSH), #endif #ifdef SSL3_ST_CW_KEY_EXCH_A S(SSL3_ST_CW_KEY_EXCH_A), #endif #ifdef SSL3_ST_CW_KEY_EXCH_B S(SSL3_ST_CW_KEY_EXCH_B), #endif #ifdef SSL3_ST_SR_CERT_A S(SSL3_ST_SR_CERT_A), #endif #ifdef SSL3_ST_SR_CERT_B S(SSL3_ST_SR_CERT_B), #endif #ifdef SSL3_ST_SR_CERT_VRFY_A S(SSL3_ST_SR_CERT_VRFY_A), #endif #ifdef SSL3_ST_SR_CERT_VRFY_B S(SSL3_ST_SR_CERT_VRFY_B), #endif #ifdef SSL3_ST_SR_CHANGE_A S(SSL3_ST_SR_CHANGE_A), #endif #ifdef SSL3_ST_SR_CHANGE_B S(SSL3_ST_SR_CHANGE_B), #endif #ifdef SSL3_ST_SR_CLNT_HELLO_A S(SSL3_ST_SR_CLNT_HELLO_A), #endif #ifdef SSL3_ST_SR_CLNT_HELLO_B S(SSL3_ST_SR_CLNT_HELLO_B), #endif #ifdef SSL3_ST_SR_CLNT_HELLO_C S(SSL3_ST_SR_CLNT_HELLO_C), #endif #ifdef SSL3_ST_SR_FINISHED_A S(SSL3_ST_SR_FINISHED_A), #endif #ifdef SSL3_ST_SR_FINISHED_B S(SSL3_ST_SR_FINISHED_B), #endif #ifdef SSL3_ST_SR_KEY_EXCH_A S(SSL3_ST_SR_KEY_EXCH_A), #endif #ifdef SSL3_ST_SR_KEY_EXCH_B S(SSL3_ST_SR_KEY_EXCH_B), #endif #ifdef SSL3_ST_SW_CERT_A S(SSL3_ST_SW_CERT_A), #endif #ifdef SSL3_ST_SW_CERT_B S(SSL3_ST_SW_CERT_B), #endif #ifdef SSL3_ST_SW_CERT_REQ_A S(SSL3_ST_SW_CERT_REQ_A), #endif #ifdef SSL3_ST_SW_CERT_REQ_B S(SSL3_ST_SW_CERT_REQ_B), #endif #ifdef SSL3_ST_SW_CERT_STATUS_A S(SSL3_ST_SW_CERT_STATUS_A), #endif #ifdef SSL3_ST_SW_CERT_STATUS_B S(SSL3_ST_SW_CERT_STATUS_B), #endif #ifdef SSL3_ST_SW_CHANGE_A S(SSL3_ST_SW_CHANGE_A), #endif #ifdef SSL3_ST_SW_CHANGE_B S(SSL3_ST_SW_CHANGE_B), #endif #ifdef SSL3_ST_SW_FINISHED_A S(SSL3_ST_SW_FINISHED_A), #endif #ifdef SSL3_ST_SW_FINISHED_B S(SSL3_ST_SW_FINISHED_B), #endif #ifdef SSL3_ST_SW_FLUSH S(SSL3_ST_SW_FLUSH), #endif #ifdef SSL3_ST_SW_HELLO_REQ_A S(SSL3_ST_SW_HELLO_REQ_A), #endif #ifdef SSL3_ST_SW_HELLO_REQ_B S(SSL3_ST_SW_HELLO_REQ_B), #endif #ifdef SSL3_ST_SW_HELLO_REQ_C S(SSL3_ST_SW_HELLO_REQ_C), #endif #ifdef SSL3_ST_SW_KEY_EXCH_A S(SSL3_ST_SW_KEY_EXCH_A), #endif #ifdef SSL3_ST_SW_KEY_EXCH_B S(SSL3_ST_SW_KEY_EXCH_B), #endif #ifdef SSL3_ST_SW_SESSION_TICKET_A S(SSL3_ST_SW_SESSION_TICKET_A), #endif #ifdef SSL3_ST_SW_SESSION_TICKET_B S(SSL3_ST_SW_SESSION_TICKET_B), #endif #ifdef SSL3_ST_SW_SRVR_DONE_A S(SSL3_ST_SW_SRVR_DONE_A), #endif #ifdef SSL3_ST_SW_SRVR_DONE_B S(SSL3_ST_SW_SRVR_DONE_B), #endif #ifdef SSL3_ST_SW_SRVR_HELLO_A S(SSL3_ST_SW_SRVR_HELLO_A), #endif #ifdef SSL3_ST_SW_SRVR_HELLO_B S(SSL3_ST_SW_SRVR_HELLO_B), #endif #ifdef SSL_ST_ACCEPT S(SSL_ST_ACCEPT), #endif #ifdef SSL_ST_BEFORE S(SSL_ST_BEFORE), #endif #ifdef SSL_ST_CONNECT S(SSL_ST_CONNECT), #endif #ifdef SSL_ST_INIT S(SSL_ST_INIT), #endif #ifdef SSL_ST_MASK S(SSL_ST_MASK), #endif #ifdef SSL_ST_OK S(SSL_ST_OK), #endif #ifdef SSL_ST_READ_BODY S(SSL_ST_READ_BODY), #endif #ifdef SSL_ST_READ_DONE S(SSL_ST_READ_DONE), #endif #ifdef SSL_ST_READ_HEADER S(SSL_ST_READ_HEADER), #endif #ifdef SSL_ST_RENEGOTIATE S(SSL_ST_RENEGOTIATE), #endif { 0, NULL } }; #endif Loading
src/common/Makefile.am +0 −1 Original line number Diff line number Diff line Loading @@ -51,7 +51,6 @@ noinst_HEADERS = \ torint.h \ torlog.h \ tortls.h \ tortls_states.h \ util.h common_sha1.i: $(libor_SOURCES) $(libor_crypto_a_SOURCES) $(noinst_HEADERS) Loading
src/common/tortls.c +9 −27 Original line number Diff line number Diff line Loading @@ -237,22 +237,6 @@ static int tls_library_is_initialized = 0; #define _TOR_TLS_SYSCALL (_MIN_TOR_TLS_ERROR_VAL - 2) #define _TOR_TLS_ZERORETURN (_MIN_TOR_TLS_ERROR_VAL - 1) #include "tortls_states.h" /** Return the symbolic name of an OpenSSL state. */ static const char * ssl_state_to_string(int ssl_state) { static char buf[40]; int i; for (i = 0; state_map[i].name; ++i) { if (state_map[i].state == ssl_state) return state_map[i].name; } tor_snprintf(buf, sizeof(buf), "Unknown state %d", ssl_state); return buf; } /** Write a description of the current state of <b>tls</b> into the * <b>sz</b>-byte buffer at <b>buf</b>. */ void Loading @@ -266,7 +250,7 @@ tor_tls_get_state_description(tor_tls_t *tls, char *buf, size_t sz) return; } ssl_state = ssl_state_to_string(tls->ssl->state); ssl_state = SSL_state_string_long(tls->ssl); switch (tls->state) { #define CASE(st) case TOR_TLS_ST_##st: tortls_state = " in "#st ; break CASE(HANDSHAKE); Loading @@ -293,10 +277,8 @@ tor_tls_log_one_error(tor_tls_t *tls, unsigned long err, { const char *state = NULL, *addr; const char *msg, *lib, *func; int st; st = (tls && tls->ssl) ? tls->ssl->state : -1; state = (st>=0)?ssl_state_to_string(st):"---"; state = (tls && tls->ssl)?SSL_state_string_long(tls->ssl):"---"; addr = tls ? tls->address : NULL; Loading Loading @@ -433,14 +415,14 @@ tor_tls_get_error(tor_tls_t *tls, int r, int extra, return _TOR_TLS_SYSCALL; if (r == 0) { log(severity, LD_NET, "TLS error: unexpected close while %s (%s)", doing, ssl_state_to_string(tls->ssl->state)); doing, SSL_state_string_long(tls->ssl)); tor_error = TOR_TLS_ERROR_IO; } else { int e = tor_socket_errno(tls->socket); log(severity, LD_NET, "TLS error: <syscall error while %s> (errno=%d: %s; state=%s)", doing, e, tor_socket_strerror(e), ssl_state_to_string(tls->ssl->state)); SSL_state_string_long(tls->ssl)); tor_error = tor_errno_to_tls_error(e); } tls_log_errors(tls, severity, domain, doing); Loading @@ -449,7 +431,7 @@ tor_tls_get_error(tor_tls_t *tls, int r, int extra, if (extra&CATCH_ZERO) return _TOR_TLS_ZERORETURN; log(severity, LD_NET, "TLS connection closed while %s in state %s", doing, ssl_state_to_string(tls->ssl->state)); doing, SSL_state_string_long(tls->ssl)); tls_log_errors(tls, severity, domain, doing); return TOR_TLS_CLOSE; default: Loading Loading @@ -1350,7 +1332,7 @@ static void tor_tls_debug_state_callback(const SSL *ssl, int type, int val) { log_debug(LD_HANDSHAKE, "SSL %p is now in state %s [type=%d,val=%d].", ssl, ssl_state_to_string(ssl->state), type, val); ssl, SSL_state_string_long(ssl), type, val); } /** Invoked when we're accepting a connection on <b>ssl</b>, and the connection Loading Loading @@ -1755,16 +1737,16 @@ tor_tls_handshake(tor_tls_t *tls) oldstate = tls->ssl->state; if (tls->isServer) { log_debug(LD_HANDSHAKE, "About to call SSL_accept on %p (%s)", tls, ssl_state_to_string(tls->ssl->state)); SSL_state_string_long(tls->ssl)); r = SSL_accept(tls->ssl); } else { log_debug(LD_HANDSHAKE, "About to call SSL_connect on %p (%s)", tls, ssl_state_to_string(tls->ssl->state)); SSL_state_string_long(tls->ssl)); r = SSL_connect(tls->ssl); } if (oldstate != tls->ssl->state) log_debug(LD_HANDSHAKE, "After call, %p was in state %s", tls, ssl_state_to_string(tls->ssl->state)); tls, SSL_state_string_long(tls->ssl)); /* We need to call this here and not earlier, since OpenSSL has a penchant * for clearing its flags when you say accept or connect. */ tor_tls_unblock_renegotiation(tls); Loading
src/common/tortls_states.hdeleted 100644 → 0 +0 −414 Original line number Diff line number Diff line /* Copyright (c) 2003, Roger Dingledine * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. * Copyright (c) 2007-2011, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /* Helper file: included only in tortls.c */ #ifndef _TORTLS_STATES_H #define _TORTLS_STATES_H /* The main body of this file was mechanically generated with this perl script: my %keys = (); for $fn (@ARGV) { open(F, $fn); while (<F>) { next unless /^#define ((?:SSL|DTLS)\w*_ST_\w*)/; $keys{$1} = 1; } close(F); } for $k (sort keys %keys) { print "#ifdef $k\n S($k),\n#endif\n" } */ /** Mapping from allowed value of SSL.state to the name of C macro for that * state. Used for debugging an openssl connection. */ static const struct { int state; const char *name; } state_map[] = { #define S(state) { state, #state } #ifdef DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A S(DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A), #endif #ifdef DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B S(DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B), #endif #ifdef DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A S(DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A), #endif #ifdef DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B S(DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B), #endif #ifdef SSL23_ST_CR_SRVR_HELLO_A S(SSL23_ST_CR_SRVR_HELLO_A), #endif #ifdef SSL23_ST_CR_SRVR_HELLO_B S(SSL23_ST_CR_SRVR_HELLO_B), #endif #ifdef SSL23_ST_CW_CLNT_HELLO_A S(SSL23_ST_CW_CLNT_HELLO_A), #endif #ifdef SSL23_ST_CW_CLNT_HELLO_B S(SSL23_ST_CW_CLNT_HELLO_B), #endif #ifdef SSL23_ST_SR_CLNT_HELLO_A S(SSL23_ST_SR_CLNT_HELLO_A), #endif #ifdef SSL23_ST_SR_CLNT_HELLO_B S(SSL23_ST_SR_CLNT_HELLO_B), #endif #ifdef SSL2_ST_CLIENT_START_ENCRYPTION S(SSL2_ST_CLIENT_START_ENCRYPTION), #endif #ifdef SSL2_ST_GET_CLIENT_FINISHED_A S(SSL2_ST_GET_CLIENT_FINISHED_A), #endif #ifdef SSL2_ST_GET_CLIENT_FINISHED_B S(SSL2_ST_GET_CLIENT_FINISHED_B), #endif #ifdef SSL2_ST_GET_CLIENT_HELLO_A S(SSL2_ST_GET_CLIENT_HELLO_A), #endif #ifdef SSL2_ST_GET_CLIENT_HELLO_B S(SSL2_ST_GET_CLIENT_HELLO_B), #endif #ifdef SSL2_ST_GET_CLIENT_HELLO_C S(SSL2_ST_GET_CLIENT_HELLO_C), #endif #ifdef SSL2_ST_GET_CLIENT_MASTER_KEY_A S(SSL2_ST_GET_CLIENT_MASTER_KEY_A), #endif #ifdef SSL2_ST_GET_CLIENT_MASTER_KEY_B S(SSL2_ST_GET_CLIENT_MASTER_KEY_B), #endif #ifdef SSL2_ST_GET_SERVER_FINISHED_A S(SSL2_ST_GET_SERVER_FINISHED_A), #endif #ifdef SSL2_ST_GET_SERVER_FINISHED_B S(SSL2_ST_GET_SERVER_FINISHED_B), #endif #ifdef SSL2_ST_GET_SERVER_HELLO_A S(SSL2_ST_GET_SERVER_HELLO_A), #endif #ifdef SSL2_ST_GET_SERVER_HELLO_B S(SSL2_ST_GET_SERVER_HELLO_B), #endif #ifdef SSL2_ST_GET_SERVER_VERIFY_A S(SSL2_ST_GET_SERVER_VERIFY_A), #endif #ifdef SSL2_ST_GET_SERVER_VERIFY_B S(SSL2_ST_GET_SERVER_VERIFY_B), #endif #ifdef SSL2_ST_SEND_CLIENT_CERTIFICATE_A S(SSL2_ST_SEND_CLIENT_CERTIFICATE_A), #endif #ifdef SSL2_ST_SEND_CLIENT_CERTIFICATE_B S(SSL2_ST_SEND_CLIENT_CERTIFICATE_B), #endif #ifdef SSL2_ST_SEND_CLIENT_CERTIFICATE_C S(SSL2_ST_SEND_CLIENT_CERTIFICATE_C), #endif #ifdef SSL2_ST_SEND_CLIENT_CERTIFICATE_D S(SSL2_ST_SEND_CLIENT_CERTIFICATE_D), #endif #ifdef SSL2_ST_SEND_CLIENT_FINISHED_A S(SSL2_ST_SEND_CLIENT_FINISHED_A), #endif #ifdef SSL2_ST_SEND_CLIENT_FINISHED_B S(SSL2_ST_SEND_CLIENT_FINISHED_B), #endif #ifdef SSL2_ST_SEND_CLIENT_HELLO_A S(SSL2_ST_SEND_CLIENT_HELLO_A), #endif #ifdef SSL2_ST_SEND_CLIENT_HELLO_B S(SSL2_ST_SEND_CLIENT_HELLO_B), #endif #ifdef SSL2_ST_SEND_CLIENT_MASTER_KEY_A S(SSL2_ST_SEND_CLIENT_MASTER_KEY_A), #endif #ifdef SSL2_ST_SEND_CLIENT_MASTER_KEY_B S(SSL2_ST_SEND_CLIENT_MASTER_KEY_B), #endif #ifdef SSL2_ST_SEND_REQUEST_CERTIFICATE_A S(SSL2_ST_SEND_REQUEST_CERTIFICATE_A), #endif #ifdef SSL2_ST_SEND_REQUEST_CERTIFICATE_B S(SSL2_ST_SEND_REQUEST_CERTIFICATE_B), #endif #ifdef SSL2_ST_SEND_REQUEST_CERTIFICATE_C S(SSL2_ST_SEND_REQUEST_CERTIFICATE_C), #endif #ifdef SSL2_ST_SEND_REQUEST_CERTIFICATE_D S(SSL2_ST_SEND_REQUEST_CERTIFICATE_D), #endif #ifdef SSL2_ST_SEND_SERVER_FINISHED_A S(SSL2_ST_SEND_SERVER_FINISHED_A), #endif #ifdef SSL2_ST_SEND_SERVER_FINISHED_B S(SSL2_ST_SEND_SERVER_FINISHED_B), #endif #ifdef SSL2_ST_SEND_SERVER_HELLO_A S(SSL2_ST_SEND_SERVER_HELLO_A), #endif #ifdef SSL2_ST_SEND_SERVER_HELLO_B S(SSL2_ST_SEND_SERVER_HELLO_B), #endif #ifdef SSL2_ST_SEND_SERVER_VERIFY_A S(SSL2_ST_SEND_SERVER_VERIFY_A), #endif #ifdef SSL2_ST_SEND_SERVER_VERIFY_B S(SSL2_ST_SEND_SERVER_VERIFY_B), #endif #ifdef SSL2_ST_SEND_SERVER_VERIFY_C S(SSL2_ST_SEND_SERVER_VERIFY_C), #endif #ifdef SSL2_ST_SERVER_START_ENCRYPTION S(SSL2_ST_SERVER_START_ENCRYPTION), #endif #ifdef SSL2_ST_X509_GET_CLIENT_CERTIFICATE S(SSL2_ST_X509_GET_CLIENT_CERTIFICATE), #endif #ifdef SSL2_ST_X509_GET_SERVER_CERTIFICATE S(SSL2_ST_X509_GET_SERVER_CERTIFICATE), #endif #ifdef SSL3_ST_CR_CERT_A S(SSL3_ST_CR_CERT_A), #endif #ifdef SSL3_ST_CR_CERT_B S(SSL3_ST_CR_CERT_B), #endif #ifdef SSL3_ST_CR_CERT_REQ_A S(SSL3_ST_CR_CERT_REQ_A), #endif #ifdef SSL3_ST_CR_CERT_REQ_B S(SSL3_ST_CR_CERT_REQ_B), #endif #ifdef SSL3_ST_CR_CERT_STATUS_A S(SSL3_ST_CR_CERT_STATUS_A), #endif #ifdef SSL3_ST_CR_CERT_STATUS_B S(SSL3_ST_CR_CERT_STATUS_B), #endif #ifdef SSL3_ST_CR_CHANGE_A S(SSL3_ST_CR_CHANGE_A), #endif #ifdef SSL3_ST_CR_CHANGE_B S(SSL3_ST_CR_CHANGE_B), #endif #ifdef SSL3_ST_CR_FINISHED_A S(SSL3_ST_CR_FINISHED_A), #endif #ifdef SSL3_ST_CR_FINISHED_B S(SSL3_ST_CR_FINISHED_B), #endif #ifdef SSL3_ST_CR_KEY_EXCH_A S(SSL3_ST_CR_KEY_EXCH_A), #endif #ifdef SSL3_ST_CR_KEY_EXCH_B S(SSL3_ST_CR_KEY_EXCH_B), #endif #ifdef SSL3_ST_CR_SESSION_TICKET_A S(SSL3_ST_CR_SESSION_TICKET_A), #endif #ifdef SSL3_ST_CR_SESSION_TICKET_B S(SSL3_ST_CR_SESSION_TICKET_B), #endif #ifdef SSL3_ST_CR_SRVR_DONE_A S(SSL3_ST_CR_SRVR_DONE_A), #endif #ifdef SSL3_ST_CR_SRVR_DONE_B S(SSL3_ST_CR_SRVR_DONE_B), #endif #ifdef SSL3_ST_CR_SRVR_HELLO_A S(SSL3_ST_CR_SRVR_HELLO_A), #endif #ifdef SSL3_ST_CR_SRVR_HELLO_B S(SSL3_ST_CR_SRVR_HELLO_B), #endif #ifdef SSL3_ST_CW_CERT_A S(SSL3_ST_CW_CERT_A), #endif #ifdef SSL3_ST_CW_CERT_B S(SSL3_ST_CW_CERT_B), #endif #ifdef SSL3_ST_CW_CERT_C S(SSL3_ST_CW_CERT_C), #endif #ifdef SSL3_ST_CW_CERT_D S(SSL3_ST_CW_CERT_D), #endif #ifdef SSL3_ST_CW_CERT_VRFY_A S(SSL3_ST_CW_CERT_VRFY_A), #endif #ifdef SSL3_ST_CW_CERT_VRFY_B S(SSL3_ST_CW_CERT_VRFY_B), #endif #ifdef SSL3_ST_CW_CHANGE_A S(SSL3_ST_CW_CHANGE_A), #endif #ifdef SSL3_ST_CW_CHANGE_B S(SSL3_ST_CW_CHANGE_B), #endif #ifdef SSL3_ST_CW_CLNT_HELLO_A S(SSL3_ST_CW_CLNT_HELLO_A), #endif #ifdef SSL3_ST_CW_CLNT_HELLO_B S(SSL3_ST_CW_CLNT_HELLO_B), #endif #ifdef SSL3_ST_CW_FINISHED_A S(SSL3_ST_CW_FINISHED_A), #endif #ifdef SSL3_ST_CW_FINISHED_B S(SSL3_ST_CW_FINISHED_B), #endif #ifdef SSL3_ST_CW_FLUSH S(SSL3_ST_CW_FLUSH), #endif #ifdef SSL3_ST_CW_KEY_EXCH_A S(SSL3_ST_CW_KEY_EXCH_A), #endif #ifdef SSL3_ST_CW_KEY_EXCH_B S(SSL3_ST_CW_KEY_EXCH_B), #endif #ifdef SSL3_ST_SR_CERT_A S(SSL3_ST_SR_CERT_A), #endif #ifdef SSL3_ST_SR_CERT_B S(SSL3_ST_SR_CERT_B), #endif #ifdef SSL3_ST_SR_CERT_VRFY_A S(SSL3_ST_SR_CERT_VRFY_A), #endif #ifdef SSL3_ST_SR_CERT_VRFY_B S(SSL3_ST_SR_CERT_VRFY_B), #endif #ifdef SSL3_ST_SR_CHANGE_A S(SSL3_ST_SR_CHANGE_A), #endif #ifdef SSL3_ST_SR_CHANGE_B S(SSL3_ST_SR_CHANGE_B), #endif #ifdef SSL3_ST_SR_CLNT_HELLO_A S(SSL3_ST_SR_CLNT_HELLO_A), #endif #ifdef SSL3_ST_SR_CLNT_HELLO_B S(SSL3_ST_SR_CLNT_HELLO_B), #endif #ifdef SSL3_ST_SR_CLNT_HELLO_C S(SSL3_ST_SR_CLNT_HELLO_C), #endif #ifdef SSL3_ST_SR_FINISHED_A S(SSL3_ST_SR_FINISHED_A), #endif #ifdef SSL3_ST_SR_FINISHED_B S(SSL3_ST_SR_FINISHED_B), #endif #ifdef SSL3_ST_SR_KEY_EXCH_A S(SSL3_ST_SR_KEY_EXCH_A), #endif #ifdef SSL3_ST_SR_KEY_EXCH_B S(SSL3_ST_SR_KEY_EXCH_B), #endif #ifdef SSL3_ST_SW_CERT_A S(SSL3_ST_SW_CERT_A), #endif #ifdef SSL3_ST_SW_CERT_B S(SSL3_ST_SW_CERT_B), #endif #ifdef SSL3_ST_SW_CERT_REQ_A S(SSL3_ST_SW_CERT_REQ_A), #endif #ifdef SSL3_ST_SW_CERT_REQ_B S(SSL3_ST_SW_CERT_REQ_B), #endif #ifdef SSL3_ST_SW_CERT_STATUS_A S(SSL3_ST_SW_CERT_STATUS_A), #endif #ifdef SSL3_ST_SW_CERT_STATUS_B S(SSL3_ST_SW_CERT_STATUS_B), #endif #ifdef SSL3_ST_SW_CHANGE_A S(SSL3_ST_SW_CHANGE_A), #endif #ifdef SSL3_ST_SW_CHANGE_B S(SSL3_ST_SW_CHANGE_B), #endif #ifdef SSL3_ST_SW_FINISHED_A S(SSL3_ST_SW_FINISHED_A), #endif #ifdef SSL3_ST_SW_FINISHED_B S(SSL3_ST_SW_FINISHED_B), #endif #ifdef SSL3_ST_SW_FLUSH S(SSL3_ST_SW_FLUSH), #endif #ifdef SSL3_ST_SW_HELLO_REQ_A S(SSL3_ST_SW_HELLO_REQ_A), #endif #ifdef SSL3_ST_SW_HELLO_REQ_B S(SSL3_ST_SW_HELLO_REQ_B), #endif #ifdef SSL3_ST_SW_HELLO_REQ_C S(SSL3_ST_SW_HELLO_REQ_C), #endif #ifdef SSL3_ST_SW_KEY_EXCH_A S(SSL3_ST_SW_KEY_EXCH_A), #endif #ifdef SSL3_ST_SW_KEY_EXCH_B S(SSL3_ST_SW_KEY_EXCH_B), #endif #ifdef SSL3_ST_SW_SESSION_TICKET_A S(SSL3_ST_SW_SESSION_TICKET_A), #endif #ifdef SSL3_ST_SW_SESSION_TICKET_B S(SSL3_ST_SW_SESSION_TICKET_B), #endif #ifdef SSL3_ST_SW_SRVR_DONE_A S(SSL3_ST_SW_SRVR_DONE_A), #endif #ifdef SSL3_ST_SW_SRVR_DONE_B S(SSL3_ST_SW_SRVR_DONE_B), #endif #ifdef SSL3_ST_SW_SRVR_HELLO_A S(SSL3_ST_SW_SRVR_HELLO_A), #endif #ifdef SSL3_ST_SW_SRVR_HELLO_B S(SSL3_ST_SW_SRVR_HELLO_B), #endif #ifdef SSL_ST_ACCEPT S(SSL_ST_ACCEPT), #endif #ifdef SSL_ST_BEFORE S(SSL_ST_BEFORE), #endif #ifdef SSL_ST_CONNECT S(SSL_ST_CONNECT), #endif #ifdef SSL_ST_INIT S(SSL_ST_INIT), #endif #ifdef SSL_ST_MASK S(SSL_ST_MASK), #endif #ifdef SSL_ST_OK S(SSL_ST_OK), #endif #ifdef SSL_ST_READ_BODY S(SSL_ST_READ_BODY), #endif #ifdef SSL_ST_READ_DONE S(SSL_ST_READ_DONE), #endif #ifdef SSL_ST_READ_HEADER S(SSL_ST_READ_HEADER), #endif #ifdef SSL_ST_RENEGOTIATE S(SSL_ST_RENEGOTIATE), #endif { 0, NULL } }; #endif
