diff --git a/include/polarssl/error.h b/include/polarssl/error.h index a64960c06..55a8a45af 100644 --- a/include/polarssl/error.h +++ b/include/polarssl/error.h @@ -85,7 +85,7 @@ * ECP 4 7 (Started from top) * MD 5 4 * CIPHER 6 6 - * SSL 6 7 (Started from top) + * SSL 6 8 (Started from top) * SSL 7 31 * * Module dependent error code (5 bits 0x.08.-0x.F8.) diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index c682c0ad2..fbcbbea67 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -132,6 +132,7 @@ #define POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define POLARSSL_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ #define POLARSSL_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unkown identity received (eg, PSK identity) */ +#define POLARSSL_ERR_SSL_INTERNAL_ERROR -0x6C00 /**< Internal error (eg, unexpected failure in lower-level module) */ /* * Various constants diff --git a/library/error.c b/library/error.c index ff6fb071e..d17338a83 100644 --- a/library/error.c +++ b/library/error.c @@ -422,6 +422,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen ) snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" ); if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_IDENTITY) ) snprintf( buf, buflen, "SSL - Unkown identity received (eg, PSK identity)" ); + if( use_ret == -(POLARSSL_ERR_SSL_INTERNAL_ERROR) ) + snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" ); #endif /* POLARSSL_SSL_TLS_C */ #if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index b1e502151..4d654795c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1060,8 +1060,7 @@ static int ssl_encrypt_buf( ssl_context *ssl ) { SSL_DEBUG_MSG( 1, ( "total encrypted length incorrect %d %d", ssl->out_msglen, olen ) ); - // TODO Real error number - return( -1 ); + return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); } if( ( ret = cipher_finish( &ssl->transform_out->cipher_ctx_enc, @@ -1075,8 +1074,7 @@ static int ssl_encrypt_buf( ssl_context *ssl ) { SSL_DEBUG_MSG( 1, ( "total encrypted length incorrect %d %d", 0, olen ) ); - // TODO Real error number - return( -1 ); + return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); } } else @@ -1277,8 +1275,7 @@ static int ssl_encrypt_buf( ssl_context *ssl ) { SSL_DEBUG_MSG( 1, ( "total encrypted length incorrect %d %d", enc_msglen, olen ) ); - // TODO Real error number - return( -1 ); + return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); } #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) @@ -1360,8 +1357,7 @@ static int ssl_decrypt_buf( ssl_context *ssl ) if( ssl->in_msglen != olen ) { SSL_DEBUG_MSG( 1, ( "total encrypted length incorrect" ) ); - // TODO Real error number - return( -1 ); + return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); } if( ( ret = cipher_finish( &ssl->transform_in->cipher_ctx_dec, @@ -1374,8 +1370,7 @@ static int ssl_decrypt_buf( ssl_context *ssl ) if( 0 != olen ) { SSL_DEBUG_MSG( 1, ( "total encrypted length incorrect" ) ); - // TODO Real error number - return( -1 ); + return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); } } else @@ -1557,8 +1552,7 @@ static int ssl_decrypt_buf( ssl_context *ssl ) if( dec_msglen != olen ) { SSL_DEBUG_MSG( 1, ( "total encrypted length incorrect" ) ); - // TODO Real error number - return( -1 ); + return( POLARSSL_ERR_SSL_INTERNAL_ERROR ); } #if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1)