From b7f746543bde6f57a62b85be0b7f48844180f2a0 Mon Sep 17 00:00:00 2001 From: beck <> Date: Thu, 10 Sep 2015 10:59:22 +0000 Subject: comment for errno clobbering, to indicate why we do this. ok deraadt@ jsing@ --- src/lib/libtls/tls.c | 6 +++++- src/lib/libtls/tls_init.3 | 8 ++++---- 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c index 448b048b33..4378c5980a 100644 --- a/src/lib/libtls/tls.c +++ b/src/lib/libtls/tls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls.c,v 1.22 2015/09/10 10:26:49 beck Exp $ */ +/* $OpenBSD: tls.c,v 1.23 2015/09/10 10:59:22 beck Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -379,6 +379,7 @@ tls_handshake(struct tls *ctx) else if ((ctx->flags & TLS_SERVER_CONN) != 0) rv = tls_handshake_server(ctx); + /* Prevent callers from performing incorrect error handling */ errno = 0; return (rv); } @@ -406,6 +407,7 @@ tls_read(struct tls *ctx, void *buf, size_t buflen) rv = (ssize_t)tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "read"); out: + /* Prevent callers from performing incorrect error handling */ errno = 0; return (rv); } @@ -433,6 +435,7 @@ tls_write(struct tls *ctx, const void *buf, size_t buflen) rv = (ssize_t)tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "write"); out: + /* Prevent callers from performing incorrect error handling */ errno = 0; return (rv); } @@ -470,6 +473,7 @@ tls_close(struct tls *ctx) ctx->socket = -1; } out: + /* Prevent callers from performing incorrect error handling */ errno = 0; return (rv); } diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index 17822d444d..1c27c9be2c 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tls_init.3,v 1.26 2015/09/10 09:10:42 jsing Exp $ +.\" $OpenBSD: tls_init.3,v 1.27 2015/09/10 10:59:22 beck Exp $ .\" .\" Copyright (c) 2014 Ted Unangst .\" @@ -435,16 +435,16 @@ and function families, have two special return values: .Pp .Bl -tag -width "TLS_WRITE_AGAIN" -offset indent -compact -.It Dv TLS_READ_AGAIN +.It Dv TLS_WANT_POLLIN A read operation is necessary to continue. -.It Dv TLS_WRITE_AGAIN +.It Dv TLS_WANT_POLLOUT A write operation is necessary to continue. .El .Pp There are underlying TLS engine read or write operations which may not correspond with the name of the function called. For example, it is possible to receive a -.Dv TLS_READ_AGAIN +.Dv TLS_WANT_POLLIN even when calling .Fn tls_write . .Pp -- cgit v1.2.3-55-g6feb