Mercurial > pidgin.yaz
comparison libpurple/plugins/ssl/ssl-gnutls.c @ 15785:eed84b59c252
There were a few problems here
1. Raw gnutls error codes were being printed in debug messages. This
isn't necessarily bad, but it's much less useful than the text
returned from gnutls_strerror(). Never underestimate the value of
good error handling.
2. ssl_gnutls_read() and ssl_gnutls_write() were returning 0 when there
was an error reading from or writing to the ssl connection. They
should return -1 to indicate failure (0 normally indicates that the
server closed the connection)
3. ssl_gnutls_read() and ssl_gnutls_write() weren't setting errno when
they failed. errno would be set to something random, which seemed
to frequently be EAGAIN for me when reading, which causes Gaim to
keep trying to read from the connection even though it's closed.
Ideally ssl-gnutls.c would have a function equivalent to set_errno()
in ssl-nss.c, but the gnutls documentation does a poor job of
telling you what possible error codes could be returned from
gnutls_record_recv() and gnutls_record_send()
Even better would be if we allowed the ssl plugins to keep track of
the error message themselves, then added a new ssl ops function
to fetch the message from the plugin.
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Tue, 13 Mar 2007 06:53:43 +0000 |
| parents | 5fe8042783c1 |
| children | 32c366eeeb99 |
comparison
equal
deleted
inserted
replaced
| 15784:f75aa2bf4973 | 15785:eed84b59c252 |
|---|---|
| 81 | 81 |
| 82 gaim_input_remove(gnutls_data->handshake_handler); | 82 gaim_input_remove(gnutls_data->handshake_handler); |
| 83 gnutls_data->handshake_handler = 0; | 83 gnutls_data->handshake_handler = 0; |
| 84 | 84 |
| 85 if(ret != 0) { | 85 if(ret != 0) { |
| 86 gaim_debug_error("gnutls", "Handshake failed. Error %d\n", ret); | 86 gaim_debug_error("gnutls", "Handshake failed. Error %s\n", |
| 87 gnutls_strerror(ret)); | |
| 87 | 88 |
| 88 if(gsc->error_cb != NULL) | 89 if(gsc->error_cb != NULL) |
| 89 gsc->error_cb(gsc, GAIM_SSL_HANDSHAKE_FAILED, | 90 gsc->error_cb(gsc, GAIM_SSL_HANDSHAKE_FAILED, |
| 90 gsc->connect_cb_data); | 91 gsc->connect_cb_data); |
| 91 | 92 |
| 154 | 155 |
| 155 if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) { | 156 if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) { |
| 156 s = -1; | 157 s = -1; |
| 157 errno = EAGAIN; | 158 errno = EAGAIN; |
| 158 } else if(s < 0) { | 159 } else if(s < 0) { |
| 159 gaim_debug_error("gnutls", "receive failed: %d\n", s); | 160 gaim_debug_error("gnutls", "receive failed: %s\n", |
| 160 s = 0; | 161 gnutls_strerror(s)); |
| 162 s = -1; | |
| 163 /* | |
| 164 * TODO: Set errno to something more appropriate. Or even | |
| 165 * better: allow ssl plugins to keep track of their | |
| 166 * own error message, then add a new ssl_ops function | |
| 167 * that returns the error message. | |
| 168 */ | |
| 169 errno = EIO; | |
| 161 } | 170 } |
| 162 | 171 |
| 163 return s; | 172 return s; |
| 164 } | 173 } |
| 165 | 174 |
| 175 | 184 |
| 176 if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) { | 185 if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) { |
| 177 s = -1; | 186 s = -1; |
| 178 errno = EAGAIN; | 187 errno = EAGAIN; |
| 179 } else if(s < 0) { | 188 } else if(s < 0) { |
| 180 gaim_debug_error("gnutls", "send failed: %d\n", s); | 189 gaim_debug_error("gnutls", "send failed: %s\n", |
| 181 s = 0; | 190 gnutls_strerror(s)); |
| 191 s = -1; | |
| 192 /* | |
| 193 * TODO: Set errno to something more appropriate. Or even | |
| 194 * better: allow ssl plugins to keep track of their | |
| 195 * own error message, then add a new ssl_ops function | |
| 196 * that returns the error message. | |
| 197 */ | |
| 198 errno = EIO; | |
| 182 } | 199 } |
| 183 | 200 |
| 184 return s; | 201 return s; |
| 185 } | 202 } |
| 186 | 203 |