Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

tls: hookup passing back the error string to lua

Before Ryan's cert fix I was debugging what was happening. In the
process I hooked up getting the error string back out to lua and
emitting an error event.

e.g. test-tls-connect-simple-twice returned:

    unhandled error!
    "140646688597824:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:../deps/openssl/openssl/crypto/asn1/asn1_lib.c:142:\n140646688597824:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:../deps/openssl/openssl/crypto/asn1/tasn_dec.c:1306:\n140646688597824:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:../deps/openssl/openssl/crypto/asn1/tasn_dec.c:381:Type=X509\n140646688597824:error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:../deps/openssl/openssl/crypto/pem/pem_oth.c:83:\n"
      FAIL assert - assertion failed - Line: 37
  • Loading branch information...
commit 1ec2d02c9efebaca328a6ac354e4caf145a80a71 1 parent 0b9f429
@philips philips authored
View
13 lib/luvit/tls.lua
@@ -26,6 +26,8 @@ local table = require('table')
local net = require('net')
local bind = require('utils').bind
+local Error = require('core').Error
+
local string = require('string')
local fmt = string.format
@@ -279,7 +281,6 @@ function CryptoStream:_push()
chunkBytes, tmpData = self:_pusher()
if self.pair.ssl and self.pair.ssl:getError() then
- p('push error')
self.pair:err()
return
end
@@ -593,10 +594,14 @@ end
function SecurePair:err()
dbg('SecurePair:err')
if self._secureEstablished == false then
- local err = self.ssl:getError()
- if not err then
+ local ssl_err, ssl_err_str = self.ssl:getError()
+ local err = nil
+ if not ssl_err then
err = Error:new('socket hang up')
err.code = 'ECONNRESET'
+ else
+ err = Error:new(ssl_err_str)
+ err.code = ssl_err
end
self:emit('error', err)
self:destroy()
@@ -701,7 +706,7 @@ function Server:initialize(...)
end)
pair:on('error', function(err)
- dbg('on error' .. err)
+ self:emit('clientError', err)
end)
end)
View
14 src/luv_tls_conn.c
@@ -53,6 +53,7 @@ typedef struct tls_conn_t {
SSL *ssl;
int is_server;
int error;
+ char error_buf[512];
/* SNI Support */
char *server_name;
@@ -146,6 +147,7 @@ newCONN(lua_State *L)
tc->is_server = is_server;
tc->server_name = NULL;
tc->error = 0;
+ strncpy(tc->error_buf, "No error", sizeof(tc->error_buf));
if (tc->is_server) {
if (!is_request_cert) {
@@ -229,6 +231,7 @@ tls_handle_ssl_error_x(tls_conn_t *tc, SSL *ssl, int rv, const char *func) {
if ((bio = BIO_new(BIO_s_mem()))) {
ERR_print_errors(bio);
BIO_get_mem_ptr(bio, &mem);
+ strncpy(tc->error_buf, mem->data, sizeof(tc->error_buf));
DBG("[%p] SSL: error %s\n", ssl, mem->data);
BIO_free(bio);
}
@@ -418,8 +421,15 @@ tls_conn_shutdown(lua_State *L) {
static int
tls_conn_get_error(lua_State *L) {
tls_conn_t *tc = getCONN(L, 1);
- tc->error ? lua_pushnumber(L, tc->error) : lua_pushnil(L);
- return 1;
+ if (tc->error) {
+ lua_pushstring(L, tc->error_buf);
+ lua_pushnumber(L, tc->error);
+ return 2;
+ }
+ else {
+ lua_pushnil(L);
+ return 1;
+ }
}
static int
View
43 tests/test-tls-connect-simple-twice.lua
@@ -0,0 +1,43 @@
+require('helper')
+local fixture = require('./fixture-tls')
+local tls = require('tls')
+
+local options = {
+ cert = fixture.certPem,
+ key = fixture.keyPem
+}
+
+local serverConnected = 0
+local clientConnected = 0
+
+local server
+server = tls.createServer(options, function(conn)
+ serverConnected = serverConnected + 1
+ if (serverConnected == 2) then
+ server:close()
+ end
+end)
+
+server:listen(fixture.commonPort, function()
+ local client1, client2
+ client1 = tls.connect({port = fixture.commonPort, host = '127.0.0.1'}, {}, function()
+ clientConnected = clientConnected + 1
+ client1:destroy()
+
+ client2 = tls.connect({port = fixture.commonPort, host = '127.0.0.1'}, {}, function()
+ clientConnected = clientConnected + 1
+ client2:destroy()
+ end)
+ end)
+end)
+
+process:on('error', function(err)
+ print('unhandled error!')
+ p(err)
+ assert(false)
+end)
+
+process:on('exit', function()
+ assert(serverConnected == 2)
+ assert(clientConnected == 2)
+end)
Please sign in to comment.
Something went wrong with that request. Please try again.