diff options
author | Linus Nordberg <linus@nordberg.se> | 2014-03-31 15:15:24 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordberg.se> | 2014-03-31 15:19:37 +0200 |
commit | 6a090252b1188f06379c20b45a25d878e517a31f (patch) | |
tree | 2b4a7c1af5c7aeab7caa829ca529086d17082e39 /tls.c | |
parent | c11c725bb7f01311a314bce5c4840de4d1a02923 (diff) |
Emit an error log line if client writer fails writing (SSL_write()).t46
Also, don't try to write zero number of octets because OpenSSL might
not like that.
I would like to close the connection too but would have to look into
the UDP and DTLS cases more before that can be done.
This is for figuring out more about how to treat SSL_write() errors,
https://project.nordu.net/browse/RADSECPROXY-46.
Diffstat (limited to 'tls.c')
-rw-r--r-- | tls.c | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -254,10 +254,15 @@ int clientradputtls(struct server *server, unsigned char *rad) { if (!server->connectionok) return 0; len = RADLEN(rad); + if (len == 0) { + debug(DBG_ERR, "%s: refusing to write 0 octets to %s", + __func__, conf->name); + return 0; + } if ((cnt = SSL_write(server->ssl, rad, len)) <= 0) { while ((error = ERR_get_error())) debug(DBG_ERR, "clientradputtls: TLS: %s", ERR_error_string(error, NULL)); - return 0; + return cnt; } debug(DBG_DBG, "clientradputtls: Sent %d bytes, Radius packet of length %d to TLS peer %s", cnt, len, conf->name); |