MbedTLS: Store error codes properly.

OpenSSL uses `unsigned long' type for its error codes, so that's
what (lib)ratbox used to store the error values.

Unfortunately, MbedTLS uses int, and its error codes are negative.
On machines where `int' and `long' are the same size, this could
result in storing a truncated error code.

This patch inverts the sign bit on error codes and then casts them
to unsigned long for storage.

MbedTLS itself (specifically, `mbedtls_strerror()') will function
properly with negative or positive input values. It even converts
negative input values to positive before checking them against the
list of known error codes!

See also: `library/error.c' in the MbedTLS 2.1+ distribution.
This commit is contained in:
Aaron Jones 2016-09-15 11:46:00 +00:00
parent 8668cb9b9d
commit db12df5c16
No known key found for this signature in database
GPG key ID: EC6F86EE9CD840B5

View file

@ -244,7 +244,7 @@ rb_ssl_accept_common(rb_fde_t *const F, void *const data)
return;
default:
errno = EIO;
F->ssl_errno = ret;
F->ssl_errno = (unsigned long) -ret;
F->accept->callback(F, RB_ERROR_SSL, NULL, 0, F->accept->data);
return;
}
@ -279,7 +279,7 @@ rb_ssl_tryconn_cb(rb_fde_t *const F, void *const data)
return;
default:
errno = EIO;
F->ssl_errno = ret;
F->ssl_errno = (unsigned long) -ret;
rb_ssl_connect_realcb(F, RB_ERROR_SSL, data);
return;
}
@ -531,7 +531,7 @@ rb_get_random(void *const buf, size_t length)
const char *
rb_get_ssl_strerror(rb_fde_t *const F)
{
return rb_ssl_strerror(F->ssl_errno);
return rb_ssl_strerror((int) F->ssl_errno);
}
int
@ -627,7 +627,7 @@ rb_ssl_read(rb_fde_t *const F, void *const buf, size_t count)
return RB_RW_SSL_NEED_WRITE;
default:
errno = EIO;
F->ssl_errno = ret;
F->ssl_errno = (unsigned long) -ret;
return RB_RW_SSL_ERROR;
}
}
@ -653,7 +653,7 @@ rb_ssl_write(rb_fde_t *const F, const void *const buf, size_t count)
return RB_RW_SSL_NEED_WRITE;
default:
errno = EIO;
F->ssl_errno = ret;
F->ssl_errno = (unsigned long) -ret;
return RB_RW_SSL_ERROR;
}
}