Error handling cleanup

Remove RSE_SOME_ERROR.
rs_tls_init: Push SSL error stack on libradsec error stack.

5 files changed, 18 insertions, 20 deletions

diff --git a/lib/err.c b/lib/err.c
index fe79040..650c05e 100644
--- a/lib/err.c
+++ b/lib/err.c
@@ -29,10 +29,6 @@ static const char *_errtxt[] = {
   "invalid packet",		/* 15 RSE_INVALID_PKT */
   "I/O timeout",		/* 16 RSE_IOTIMEOUT */
   "invalid argument",		/* 17 RSE_INVAL */
-  "ERR 18",			/*  RSE_ */
-  "ERR 19",			/*  RSE_ */
-  "ERR 20",			/*  RSE_ */
-  "some error",			/* 21 RSE_SOME_ERROR */
 };
 #define ERRTXT_SIZE (sizeof(_errtxt) / sizeof(*_errtxt))
 
diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h
index 7fa5741..75ed522 100644
--- a/lib/include/radsec/radsec.h
+++ b/lib/include/radsec/radsec.h
@@ -23,7 +23,6 @@ enum rs_err_code {
     RSE_INVALID_PKT = 15,
     RSE_IOTIMEOUT = 16,
     RSE_INVAL = 17,
-    RSE_SOME_ERROR = 21,  /* Unspecified error.  Shouldn't happen.  */
 };
 
 enum rs_conn_type {
diff --git a/lib/packet.c b/lib/packet.c
index f13434b..7b8d1cc 100644
--- a/lib/packet.c
+++ b/lib/packet.c
@@ -401,13 +401,13 @@ _init_socket (struct rs_connection *conn, struct rs_peer *p)
   conn->fd = socket (p->addr->ai_family, p->addr->ai_socktype,
 		     p->addr->ai_protocol);
   if (conn->fd < 0)
-    return rs_err_conn_push_fl (conn, RSE_SOME_ERROR, __FILE__, __LINE__,
+    return rs_err_conn_push_fl (conn, RSE_SOCKERR, __FILE__, __LINE__,
 				strerror (errno));
   if (evutil_make_socket_nonblocking (conn->fd) < 0)
     {
       evutil_closesocket (conn->fd);
       conn->fd = -1;
-      return rs_err_conn_push_fl (conn, RSE_SOME_ERROR, __FILE__, __LINE__,
+      return rs_err_conn_push_fl (conn, RSE_SOCKERR, __FILE__, __LINE__,
 				  strerror (errno));
     }
   return RSE_OK;
diff --git a/lib/radsec.c b/lib/radsec.c
index 1d8dafc..45c4f42 100644
--- a/lib/radsec.c
+++ b/lib/radsec.c
@@ -54,7 +54,7 @@ rs_context_create(struct rs_context **ctx, const char *dict)
   fn = basename (buf2);
   if (dict_init (dir, fn) < 0)
     {
-      err = RSE_SOME_ERROR;
+      err = RSE_FR;
       goto err_out;
     }
   free (buf1);
diff --git a/lib/tls.c b/lib/tls.c
index d9eb801..f57c027 100644
--- a/lib/tls.c
+++ b/lib/tls.c
@@ -6,6 +6,7 @@
 
 #include <assert.h>
 #include <openssl/ssl.h>
+#include <openssl/err.h>
 #include <radsec/radsec.h>
 #include <radsec/radsec-impl.h>
 
@@ -42,10 +43,12 @@ _get_tlsconf (struct rs_connection *conn, const struct rs_realm *realm)
 int
 rs_tls_init (struct rs_connection *conn)
 {
-  struct rs_context *ctx;
-  struct tls *tlsconf;
-  SSL_CTX *ssl_ctx;
-  SSL *ssl;
+  struct rs_context *ctx = NULL;
+  struct tls *tlsconf = NULL;
+  SSL_CTX *ssl_ctx = NULL;
+  SSL *ssl = NULL;
+  unsigned long sslerr = 0;
+
   assert (conn->ctx);
   ctx = conn->ctx;
 
@@ -55,18 +58,18 @@ rs_tls_init (struct rs_connection *conn)
   ssl_ctx = tlsgetctx (RADPROT_TLS, tlsconf);
   if (!ssl_ctx)
     {
-      /* TODO: check radsecproxy error  */
-      return rs_err_conn_push_fl (conn, RSE_SOME_ERROR, __FILE__, __LINE__,
-				  NULL);
+      for (sslerr = ERR_get_error (); sslerr; sslerr = ERR_get_error ())
+	 rs_err_conn_push_fl (conn, RSE_SSLERR, __FILE__, __LINE__,
+			      ERR_error_string (sslerr, NULL));
+      return -1;
     }
-
   ssl = SSL_new (ssl_ctx);
   if (!ssl)
     {
-      /* TODO: check and report SSL error  */
-      /* TODO: free ssl_ctx  */
-      return rs_err_conn_push_fl (conn, RSE_SOME_ERROR, __FILE__, __LINE__,
-				  NULL);
+      for (sslerr = ERR_get_error (); sslerr; sslerr = ERR_get_error ())
+	rs_err_conn_push_fl (conn, RSE_SSLERR, __FILE__, __LINE__,
+			     ERR_error_string (sslerr, NULL));
+      return -1;
     }
 
   conn->tls_ctx = ssl_ctx;