comment for errno clobbering, to indicate why we do this.

ok deraadt@ jsing@
author: beck <> 2015-09-10 10:59:22 +0000
committer: beck <> 2015-09-10 10:59:22 +0000
commit: b7f746543bde6f57a62b85be0b7f48844180f2a0 (patch)
tree: 6b5726cb80f4c19a53329fd4497ee1da5d5546dc
parent: ffbb5cea377ce5384766b197519c10264d878196 (diff)
download: openbsd-b7f746543bde6f57a62b85be0b7f48844180f2a0.tar.gz
openbsd-b7f746543bde6f57a62b85be0b7f48844180f2a0.tar.bz2
openbsd-b7f746543bde6f57a62b85be0b7f48844180f2a0.zip
2 files changed, 9 insertions, 5 deletions
diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c
index 448b048b33..4378c5980a 100644
--- a/src/lib/libtls/tls.c
+++ b/src/lib/libtls/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.22 2015/09/10 10:26:49 beck Exp $ */
+/* $OpenBSD: tls.c,v 1.23 2015/09/10 10:59:22 beck Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -379,6 +379,7 @@ tls_handshake(struct tls *ctx)
        else if ((ctx->flags & TLS_SERVER_CONN) != 0)
                rv = tls_handshake_server(ctx);
+        /* Prevent callers from performing incorrect error handling */
        errno = 0;
        return (rv);
 }
@@ -406,6 +407,7 @@ tls_read(struct tls *ctx, void *buf, size_t buflen)
        rv = (ssize_t)tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "read");
 out:
+        /* Prevent callers from performing incorrect error handling */
        errno = 0;
        return (rv);
 }
@@ -433,6 +435,7 @@ tls_write(struct tls *ctx, const void *buf, size_t buflen)
        rv =  (ssize_t)tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "write");
 out:
+        /* Prevent callers from performing incorrect error handling */
        errno = 0;
        return (rv);
 }
@@ -470,6 +473,7 @@ tls_close(struct tls *ctx)
                ctx->socket = -1;
        }
 out:
+        /* Prevent callers from performing incorrect error handling */
        errno = 0;
        return (rv);
 }
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3
index 17822d444d..1c27c9be2c 100644
--- a/src/lib/libtls/tls_init.3
+++ b/src/lib/libtls/tls_init.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: tls_init.3,v 1.26 2015/09/10 09:10:42 jsing Exp $
+.\" $OpenBSD: tls_init.3,v 1.27 2015/09/10 10:59:22 beck Exp $
 .\"
 .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
 .\"
@@ -435,16 +435,16 @@ and
 function families, have two special return values:
 .Pp
 .Bl -tag -width "TLS_WRITE_AGAIN" -offset indent -compact
-.It Dv TLS_READ_AGAIN
+.It Dv TLS_WANT_POLLIN
 A read operation is necessary to continue.
-.It Dv TLS_WRITE_AGAIN
+.It Dv TLS_WANT_POLLOUT
 A write operation is necessary to continue.
 .El
 .Pp
 There are underlying TLS engine read or write operations which may
 not correspond with the name of the function called.
 For example, it is possible to receive a
-.Dv TLS_READ_AGAIN
+.Dv TLS_WANT_POLLIN
 even when calling
 .Fn tls_write .
 .Pp
author	beck <>	2015-09-10 10:59:22 +0000
committer	beck <>	2015-09-10 10:59:22 +0000
commit	b7f746543bde6f57a62b85be0b7f48844180f2a0 (patch)
tree	6b5726cb80f4c19a53329fd4497ee1da5d5546dc
parent	ffbb5cea377ce5384766b197519c10264d878196 (diff)
download	openbsd-b7f746543bde6f57a62b85be0b7f48844180f2a0.tar.gz openbsd-b7f746543bde6f57a62b85be0b7f48844180f2a0.tar.bz2 openbsd-b7f746543bde6f57a62b85be0b7f48844180f2a0.zip