"invalid packet", /* 15 RSE_INVALID_PKT */
"I/O timeout", /* 16 RSE_IOTIMEOUT */
"invalid argument", /* 17 RSE_INVAL */
- "ERR 18", /* RSE_ */
- "ERR 19", /* RSE_ */
- "ERR 20", /* RSE_ */
- "some error", /* 21 RSE_SOME_ERROR */
};
#define ERRTXT_SIZE (sizeof(_errtxt) / sizeof(*_errtxt))
conn->fd = socket (p->addr->ai_family, p->addr->ai_socktype,
p->addr->ai_protocol);
if (conn->fd < 0)
- return rs_err_conn_push_fl (conn, RSE_SOME_ERROR, __FILE__, __LINE__,
+ return rs_err_conn_push_fl (conn, RSE_SOCKERR, __FILE__, __LINE__,
strerror (errno));
if (evutil_make_socket_nonblocking (conn->fd) < 0)
{
evutil_closesocket (conn->fd);
conn->fd = -1;
- return rs_err_conn_push_fl (conn, RSE_SOME_ERROR, __FILE__, __LINE__,
+ return rs_err_conn_push_fl (conn, RSE_SOCKERR, __FILE__, __LINE__,
strerror (errno));
}
return RSE_OK;
#include <assert.h>
#include <openssl/ssl.h>
+#include <openssl/err.h>
#include <radsec/radsec.h>
#include <radsec/radsec-impl.h>
int
rs_tls_init (struct rs_connection *conn)
{
- struct rs_context *ctx;
- struct tls *tlsconf;
- SSL_CTX *ssl_ctx;
- SSL *ssl;
+ struct rs_context *ctx = NULL;
+ struct tls *tlsconf = NULL;
+ SSL_CTX *ssl_ctx = NULL;
+ SSL *ssl = NULL;
+ unsigned long sslerr = 0;
+
assert (conn->ctx);
ctx = conn->ctx;
ssl_ctx = tlsgetctx (RADPROT_TLS, tlsconf);
if (!ssl_ctx)
{
- /* TODO: check radsecproxy error */
- return rs_err_conn_push_fl (conn, RSE_SOME_ERROR, __FILE__, __LINE__,
- NULL);
+ for (sslerr = ERR_get_error (); sslerr; sslerr = ERR_get_error ())
+ rs_err_conn_push_fl (conn, RSE_SSLERR, __FILE__, __LINE__,
+ ERR_error_string (sslerr, NULL));
+ return -1;
}
-
ssl = SSL_new (ssl_ctx);
if (!ssl)
{
- /* TODO: check and report SSL error */
- /* TODO: free ssl_ctx */
- return rs_err_conn_push_fl (conn, RSE_SOME_ERROR, __FILE__, __LINE__,
- NULL);
+ for (sslerr = ERR_get_error (); sslerr; sslerr = ERR_get_error ())
+ rs_err_conn_push_fl (conn, RSE_SSLERR, __FILE__, __LINE__,
+ ERR_error_string (sslerr, NULL));
+ return -1;
}
conn->tls_ctx = ssl_ctx;