ERR_get_error() returns unsigned long, not int.
This commit is contained in:
Todd C. Miller
@@ -724,6 +724,7 @@ relay_server_msg_cb(int fd, int what, void *v)
|
|||||||
err = SSL_read_ex(ssl, buf->data + buf->len, buf->size - buf->len,
|
err = SSL_read_ex(ssl, buf->data + buf->len, buf->size - buf->len,
|
||||||
&nread);
|
&nread);
|
||||||
if (err) {
|
if (err) {
|
||||||
|
unsigned long errcode;
|
||||||
const char *errstr;
|
const char *errstr;
|
||||||
|
|
||||||
switch (SSL_get_error(ssl, err)) {
|
switch (SSL_get_error(ssl, err)) {
|
||||||
@@ -759,16 +760,16 @@ relay_server_msg_cb(int fd, int what, void *v)
|
|||||||
* alert when we read ServerHello. Convert to a more useful
|
* alert when we read ServerHello. Convert to a more useful
|
||||||
* message and hope that no actual internal error occurs.
|
* message and hope that no actual internal error occurs.
|
||||||
*/
|
*/
|
||||||
err = ERR_get_error();
|
errcode = ERR_get_error();
|
||||||
#if !defined(HAVE_WOLFSSL)
|
#if !defined(HAVE_WOLFSSL)
|
||||||
if (closure->state == INITIAL &&
|
if (closure->state == INITIAL &&
|
||||||
ERR_GET_REASON(err) == SSL_R_TLSV1_ALERT_INTERNAL_ERROR) {
|
ERR_GET_REASON(errcode) == SSL_R_TLSV1_ALERT_INTERNAL_ERROR) {
|
||||||
errstr = _("relay host name does not match certificate");
|
errstr = _("relay host name does not match certificate");
|
||||||
closure->errstr = errstr;
|
closure->errstr = errstr;
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
errstr = ERR_reason_error_string(err);
|
errstr = ERR_reason_error_string(errcode);
|
||||||
closure->errstr = _("error reading from relay");
|
closure->errstr = _("error reading from relay");
|
||||||
}
|
}
|
||||||
sudo_warnx("%s: SSL_read_ex: %s",
|
sudo_warnx("%s: SSL_read_ex: %s",
|
||||||
|
|||||||
@@ -308,8 +308,8 @@ read_io_buf(struct client_closure *closure)
|
|||||||
closure->bufsize = new_size;
|
closure->bufsize = new_size;
|
||||||
}
|
}
|
||||||
|
|
||||||
nread = iolog_read(&closure->iolog_files[timing->event], closure->buf,
|
nread = (size_t)iolog_read(&closure->iolog_files[timing->event],
|
||||||
timing->u.nbytes, &errstr);
|
closure->buf, timing->u.nbytes, &errstr);
|
||||||
if (nread == (size_t)-1) {
|
if (nread == (size_t)-1) {
|
||||||
sudo_warnx(U_("unable to read %s/%s: %s"), iolog_dir,
|
sudo_warnx(U_("unable to read %s/%s: %s"), iolog_dir,
|
||||||
iolog_fd_to_name(timing->event), errstr);
|
iolog_fd_to_name(timing->event), errstr);
|
||||||
@@ -1284,6 +1284,7 @@ server_msg_cb(int fd, int what, void *v)
|
|||||||
err = SSL_read_ex(ssl, buf->data + buf->len, buf->size - buf->len,
|
err = SSL_read_ex(ssl, buf->data + buf->len, buf->size - buf->len,
|
||||||
&nread);
|
&nread);
|
||||||
if (err) {
|
if (err) {
|
||||||
|
unsigned long errcode;
|
||||||
const char *errstr;
|
const char *errstr;
|
||||||
|
|
||||||
switch (SSL_get_error(ssl, err)) {
|
switch (SSL_get_error(ssl, err)) {
|
||||||
@@ -1318,15 +1319,15 @@ server_msg_cb(int fd, int what, void *v)
|
|||||||
* alert when we read ServerHello. Convert to a more useful
|
* alert when we read ServerHello. Convert to a more useful
|
||||||
* message and hope that no actual internal error occurs.
|
* message and hope that no actual internal error occurs.
|
||||||
*/
|
*/
|
||||||
err = ERR_get_error();
|
errcode = ERR_get_error();
|
||||||
#if !defined(HAVE_WOLFSSL)
|
#if !defined(HAVE_WOLFSSL)
|
||||||
if (closure->state == RECV_HELLO &&
|
if (closure->state == RECV_HELLO &&
|
||||||
ERR_GET_REASON(err) == SSL_R_TLSV1_ALERT_INTERNAL_ERROR) {
|
ERR_GET_REASON(errcode) == SSL_R_TLSV1_ALERT_INTERNAL_ERROR) {
|
||||||
errstr = U_("host name does not match certificate");
|
errstr = U_("host name does not match certificate");
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
errstr = ERR_reason_error_string(err);
|
errstr = ERR_reason_error_string(errcode);
|
||||||
}
|
}
|
||||||
sudo_warnx("%s", errstr ? errstr : strerror(errno));
|
sudo_warnx("%s", errstr ? errstr : strerror(errno));
|
||||||
goto bad;
|
goto bad;
|
||||||
|
|||||||
@@ -1699,6 +1699,7 @@ server_msg_cb(int fd, int what, void *v)
|
|||||||
int err = SSL_read_ex(closure->ssl, buf->data + buf->len,
|
int err = SSL_read_ex(closure->ssl, buf->data + buf->len,
|
||||||
buf->size - buf->len, &nread);
|
buf->size - buf->len, &nread);
|
||||||
if (err) {
|
if (err) {
|
||||||
|
unsigned long errcode;
|
||||||
const char *errstr;
|
const char *errstr;
|
||||||
|
|
||||||
switch (SSL_get_error(closure->ssl, err)) {
|
switch (SSL_get_error(closure->ssl, err)) {
|
||||||
@@ -1736,15 +1737,15 @@ server_msg_cb(int fd, int what, void *v)
|
|||||||
* alert when we read ServerHello. Convert to a more useful
|
* alert when we read ServerHello. Convert to a more useful
|
||||||
* message and hope that no actual internal error occurs.
|
* message and hope that no actual internal error occurs.
|
||||||
*/
|
*/
|
||||||
err = ERR_get_error();
|
errcode = ERR_get_error();
|
||||||
#if !defined(HAVE_WOLFSSL)
|
#if !defined(HAVE_WOLFSSL)
|
||||||
if (closure->state == RECV_HELLO &&
|
if (closure->state == RECV_HELLO &&
|
||||||
ERR_GET_REASON(err) == SSL_R_TLSV1_ALERT_INTERNAL_ERROR) {
|
ERR_GET_REASON(errcode) == SSL_R_TLSV1_ALERT_INTERNAL_ERROR) {
|
||||||
errstr = U_("host name does not match certificate");
|
errstr = U_("host name does not match certificate");
|
||||||
} else
|
} else
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
errstr = ERR_reason_error_string(err);
|
errstr = ERR_reason_error_string(errcode);
|
||||||
}
|
}
|
||||||
sudo_warnx("%s", errstr ? errstr : strerror(errno));
|
sudo_warnx("%s", errstr ? errstr : strerror(errno));
|
||||||
goto bad;
|
goto bad;
|
||||||
|
|||||||
Reference in New Issue
Block a user