/**
* gnutls_alert_send_appropriate:
* @session: is a #gnutls_session_t type.
* @err: is an integer
*
* Sends an alert to the peer depending on the error code returned by
* a gnutls function. This function will call gnutls_error_to_alert()
* to determine the appropriate alert to send.
*
* This function may also return %GNUTLS_E_AGAIN, or
* %GNUTLS_E_INTERRUPTED.
*
* If the return value is %GNUTLS_E_INVALID_REQUEST, then no alert has
* been sent to the peer.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
* an error code is returned.
*/
int gnutls_alert_send_appropriate(gnutls_session_t session, int err)
{
int alert;
int level;
alert = gnutls_error_to_alert(err, &level);
if (alert < 0) {
return alert;
}
return gnutls_alert_send(session, level, alert);
}
static int gnutls_do_handshake(mgs_handle_t * ctxt) {
int ret;
int errcode;
int maxtries = HANDSHAKE_MAX_TRIES;
if (ctxt->status != 0 || ctxt->session == NULL) {
return -1;
}
tryagain:
do {
ret = gnutls_handshake(ctxt->session);
maxtries--;
} while ((ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN)
&& maxtries > 0);
if (maxtries < 1) {
ctxt->status = -1;
#if USING_2_1_RECENT
ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, ctxt->c,
"GnuTLS: Handshake Failed. Hit Maximum Attempts");
#else
ap_log_error(APLOG_MARK, APLOG_ERR, 0,
ctxt->c->base_server,
"GnuTLS: Handshake Failed. Hit Maximum Attempts");
#endif
if (ctxt->session) {
gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL,
gnutls_error_to_alert
(GNUTLS_E_INTERNAL_ERROR, NULL));
gnutls_deinit(ctxt->session);
}
ctxt->session = NULL;
return -1;
}
if (ret < 0) {
if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED
|| ret == GNUTLS_E_FATAL_ALERT_RECEIVED) {
errcode = gnutls_alert_get(ctxt->session);
ap_log_error(APLOG_MARK, APLOG_INFO, 0,
ctxt->c->base_server,
"GnuTLS: Hanshake Alert (%d) '%s'.",
errcode,
gnutls_alert_get_name(errcode));
}
if (!gnutls_error_is_fatal(ret)) {
ap_log_error(APLOG_MARK, APLOG_INFO, 0,
ctxt->c->base_server,
"GnuTLS: Non-Fatal Handshake Error: (%d) '%s'",
ret, gnutls_strerror(ret));
goto tryagain;
}
#if USING_2_1_RECENT
ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c,
"GnuTLS: Handshake Failed (%d) '%s'", ret,
gnutls_strerror(ret));
#else
ap_log_error(APLOG_MARK, APLOG_INFO, 0,
ctxt->c->base_server,
"GnuTLS: Handshake Failed (%d) '%s'", ret,
gnutls_strerror(ret));
#endif
ctxt->status = -1;
if (ctxt->session) {
gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL,
gnutls_error_to_alert(ret,
NULL));
gnutls_deinit(ctxt->session);
}
ctxt->session = NULL;
return ret;
} else {
/* all done with the handshake */
ctxt->status = 1;
/* If the session was resumed, we did not set the correct
* server_rec in ctxt->sc. Go Find it. (ick!)
*/
if (gnutls_session_is_resumed(ctxt->session)) {
mgs_srvconf_rec *sc;
sc = mgs_find_sni_server(ctxt->session);
if (sc) {
ctxt->sc = sc;
}
}
return 0;
}
}
