MbedTLS: Store error codes properly.
OpenSSL uses `unsigned long' type for its error codes, so that's what (lib)ratbox used to store the error values. Unfortunately, MbedTLS uses int, and its error codes are negative. On machines where `int' and `long' are the same size, this could result in storing a truncated error code. This patch inverts the sign bit on error codes and then casts them to unsigned long for storage. MbedTLS itself (specifically, `mbedtls_strerror()') will function properly with negative or positive input values. It even converts negative input values to positive before checking them against the list of known error codes! See also: `library/error.c' in the MbedTLS 2.1+ distribution.
This commit is contained in:
parent
8668cb9b9d
commit
db12df5c16
1 changed files with 5 additions and 5 deletions
|
@ -244,7 +244,7 @@ rb_ssl_accept_common(rb_fde_t *const F, void *const data)
|
|||
return;
|
||||
default:
|
||||
errno = EIO;
|
||||
F->ssl_errno = ret;
|
||||
F->ssl_errno = (unsigned long) -ret;
|
||||
F->accept->callback(F, RB_ERROR_SSL, NULL, 0, F->accept->data);
|
||||
return;
|
||||
}
|
||||
|
@ -279,7 +279,7 @@ rb_ssl_tryconn_cb(rb_fde_t *const F, void *const data)
|
|||
return;
|
||||
default:
|
||||
errno = EIO;
|
||||
F->ssl_errno = ret;
|
||||
F->ssl_errno = (unsigned long) -ret;
|
||||
rb_ssl_connect_realcb(F, RB_ERROR_SSL, data);
|
||||
return;
|
||||
}
|
||||
|
@ -531,7 +531,7 @@ rb_get_random(void *const buf, size_t length)
|
|||
const char *
|
||||
rb_get_ssl_strerror(rb_fde_t *const F)
|
||||
{
|
||||
return rb_ssl_strerror(F->ssl_errno);
|
||||
return rb_ssl_strerror((int) F->ssl_errno);
|
||||
}
|
||||
|
||||
int
|
||||
|
@ -627,7 +627,7 @@ rb_ssl_read(rb_fde_t *const F, void *const buf, size_t count)
|
|||
return RB_RW_SSL_NEED_WRITE;
|
||||
default:
|
||||
errno = EIO;
|
||||
F->ssl_errno = ret;
|
||||
F->ssl_errno = (unsigned long) -ret;
|
||||
return RB_RW_SSL_ERROR;
|
||||
}
|
||||
}
|
||||
|
@ -653,7 +653,7 @@ rb_ssl_write(rb_fde_t *const F, const void *const buf, size_t count)
|
|||
return RB_RW_SSL_NEED_WRITE;
|
||||
default:
|
||||
errno = EIO;
|
||||
F->ssl_errno = ret;
|
||||
F->ssl_errno = (unsigned long) -ret;
|
||||
return RB_RW_SSL_ERROR;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue