diff options
| author |   jsing <jsing@openbsd.org> | 2020-09-13 15:04:35 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-09-13 15:04:35 +0000 |
| commit | b46ff837465795d19c6b0598cac7fd213b7a33ae (patch) | |
| tree | c70622582f3020e1d9adcbae99f7f291c6922d79 /lib/libssl/ssl_ciph.c | |
| parent | unbreak dt-enabled builds; it seems an unrelated change snuck in in -r1.3 (diff) | |
| download | wireguard-openbsd-b46ff837465795d19c6b0598cac7fd213b7a33ae.tar.xz wireguard-openbsd-b46ff837465795d19c6b0598cac7fd213b7a33ae.zip | |
Improve handling of BIO_read()/BIO_write() failures in the TLSv1.3 stack.
When BIO returns a failure, it does not always add an error to the error
stack. In the case of the legacy stack, this was generally handled by the
guesswork performed by SSL_get_error(). However, in the case of the new
stack we push an 'unknown' error onto the stack.
Improve this situation by specifically checking errno in the case of a
BIO_read() or BIO_write() failure. If the error stack is empty then push
a SYSerror() with the errno which is preferable to the 'unknown' error
later.
Noted by bluhm@ via syslogd regress.
ok beck@ tb@
Diffstat (limited to 'lib/libssl/ssl_ciph.c')
0 files changed, 0 insertions, 0 deletions