summaryrefslogtreecommitdiff
path: root/tls.c
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordberg.se>2014-03-31 15:15:24 +0200
committerLinus Nordberg <linus@nordberg.se>2014-03-31 15:19:37 +0200
commit6a090252b1188f06379c20b45a25d878e517a31f (patch)
tree2b4a7c1af5c7aeab7caa829ca529086d17082e39 /tls.c
parentc11c725bb7f01311a314bce5c4840de4d1a02923 (diff)
Emit an error log line if client writer fails writing (SSL_write()).t46
Also, don't try to write zero number of octets because OpenSSL might not like that. I would like to close the connection too but would have to look into the UDP and DTLS cases more before that can be done. This is for figuring out more about how to treat SSL_write() errors, https://project.nordu.net/browse/RADSECPROXY-46.
Diffstat (limited to 'tls.c')
-rw-r--r--tls.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/tls.c b/tls.c
index 28c3ec3..efaf263 100644
--- a/tls.c
+++ b/tls.c
@@ -254,10 +254,15 @@ int clientradputtls(struct server *server, unsigned char *rad) {
if (!server->connectionok)
return 0;
len = RADLEN(rad);
+ if (len == 0) {
+ debug(DBG_ERR, "%s: refusing to write 0 octets to %s",
+ __func__, conf->name);
+ return 0;
+ }
if ((cnt = SSL_write(server->ssl, rad, len)) <= 0) {
while ((error = ERR_get_error()))
debug(DBG_ERR, "clientradputtls: TLS: %s", ERR_error_string(error, NULL));
- return 0;
+ return cnt;
}
debug(DBG_DBG, "clientradputtls: Sent %d bytes, Radius packet of length %d to TLS peer %s", cnt, len, conf->name);