/** * gnutls_alert_send_appropriate: * @session: is a #gnutls_session_t type. * @err: is an integer * * Sends an alert to the peer depending on the error code returned by * a gnutls function. This function will call gnutls_error_to_alert() * to determine the appropriate alert to send. * * This function may also return %GNUTLS_E_AGAIN, or * %GNUTLS_E_INTERRUPTED. * * If the return value is %GNUTLS_E_INVALID_REQUEST, then no alert has * been sent to the peer. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise * an error code is returned. */ int gnutls_alert_send_appropriate(gnutls_session_t session, int err) { int alert; int level; alert = gnutls_error_to_alert(err, &level); if (alert < 0) { return alert; } return gnutls_alert_send(session, level, alert); }
static int gnutls_do_handshake(mgs_handle_t * ctxt) { int ret; int errcode; int maxtries = HANDSHAKE_MAX_TRIES; if (ctxt->status != 0 || ctxt->session == NULL) { return -1; } tryagain: do { ret = gnutls_handshake(ctxt->session); maxtries--; } while ((ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN) && maxtries > 0); if (maxtries < 1) { ctxt->status = -1; #if USING_2_1_RECENT ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, ctxt->c, "GnuTLS: Handshake Failed. Hit Maximum Attempts"); #else ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, "GnuTLS: Handshake Failed. Hit Maximum Attempts"); #endif if (ctxt->session) { gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL, gnutls_error_to_alert (GNUTLS_E_INTERNAL_ERROR, NULL)); gnutls_deinit(ctxt->session); } ctxt->session = NULL; return -1; } if (ret < 0) { if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) { errcode = gnutls_alert_get(ctxt->session); ap_log_error(APLOG_MARK, APLOG_INFO, 0, ctxt->c->base_server, "GnuTLS: Hanshake Alert (%d) '%s'.", errcode, gnutls_alert_get_name(errcode)); } if (!gnutls_error_is_fatal(ret)) { ap_log_error(APLOG_MARK, APLOG_INFO, 0, ctxt->c->base_server, "GnuTLS: Non-Fatal Handshake Error: (%d) '%s'", ret, gnutls_strerror(ret)); goto tryagain; } #if USING_2_1_RECENT ap_log_cerror(APLOG_MARK, APLOG_INFO, 0, ctxt->c, "GnuTLS: Handshake Failed (%d) '%s'", ret, gnutls_strerror(ret)); #else ap_log_error(APLOG_MARK, APLOG_INFO, 0, ctxt->c->base_server, "GnuTLS: Handshake Failed (%d) '%s'", ret, gnutls_strerror(ret)); #endif ctxt->status = -1; if (ctxt->session) { gnutls_alert_send(ctxt->session, GNUTLS_AL_FATAL, gnutls_error_to_alert(ret, NULL)); gnutls_deinit(ctxt->session); } ctxt->session = NULL; return ret; } else { /* all done with the handshake */ ctxt->status = 1; /* If the session was resumed, we did not set the correct * server_rec in ctxt->sc. Go Find it. (ick!) */ if (gnutls_session_is_resumed(ctxt->session)) { mgs_srvconf_rec *sc; sc = mgs_find_sni_server(ctxt->session); if (sc) { ctxt->sc = sc; } } return 0; } }