* creating, using and closing TLS/SSL connections.
*
* Copyright : Written by and Copyright (c) 2017 Vaclav Svec. FIT CVUT.
- * Copyright (C) 2018-2019 by Fabian Keil <fk@fabiankeil.de>
+ * Copyright (C) 2018-2020 by Fabian Keil <fk@fabiankeil.de>
*
* This program is free software; you can redistribute it
* and/or modify it under the terms of the GNU General
send_len = (int)max_fragment_size;
}
+ log_error(LOG_LEVEL_WRITING, "TLS: %N", send_len, buf+pos);
+
/*
* Sending one part of the buffer
*/
* 2 : buf = Pointer to buffer where data will be written
* 3 : max_length = Maximum number of bytes to read
*
- * Returns : Number of bytes read, 0 for EOF, or negative
- * value on error.
+ * Returns : Number of bytes read, 0 for EOF, or -1
+ * on error.
*
*********************************************************************/
extern int ssl_recv_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t max_length)
{
char err_buf[ERROR_BUF_SIZE];
+ if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY)
+ {
+ log_error(LOG_LEVEL_CONNECT,
+ "The peer notified us that the connection is going to be closed");
+ return 0;
+ }
mbedtls_strerror(ret, err_buf, sizeof(err_buf));
log_error(LOG_LEVEL_ERROR,
"Receiving data over TLS/SSL failed: %s", err_buf);
+
+ return -1;
}
+ log_error(LOG_LEVEL_RECEIVED, "TLS: %N", ret, buf);
+
return ret;
}
* Handshake with server
*/
log_error(LOG_LEVEL_CONNECT,
- "Performing the TLS/SSL handshake with server");
+ "Performing the TLS/SSL handshake with the server");
while ((ret = mbedtls_ssl_handshake(&(csp->mbedtls_server_attr.ssl))) != 0)
{
* contain NULL and no private key is generated.
*
* Parameters :
- * 1 : key_buf = buffer to save new generated key
- * 2 : csp = Current client state (buffers, headers, etc...)
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : key_buf = buffer to save new generated key
*
* Returns : -1 => Error while generating private key
* 0 => Key already exists
* >0 => Length of generated private key
*
*********************************************************************/
-static int generate_key(unsigned char **key_buf, struct client_state *csp)
+static int generate_key(struct client_state *csp, unsigned char **key_buf)
{
mbedtls_pk_context key;
key_options key_opt;
/*
* Create key for requested host
*/
- int subject_key_len = generate_key(&key_buf, csp);
+ int subject_key_len = generate_key(csp, &key_buf);
if (subject_key_len < 0)
{
log_error(LOG_LEVEL_ERROR, "Key generating failed");
*
* Function : make_certs_path
*
- * Description : Creates path to file from three pieces. This fuction
+ * Description : Creates path to file from three pieces. This function
* takes parameters and puts them in one new mallocated
* char * in correct order. Returned variable must be freed
* by caller. This function is mainly used for creating