nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

NSS: Log an error message when SSL_ExportKeyingMaterial() fails

Browse Source 
Diagnostic for 29241.
This commit is contained in:
Nick Mathewson 2019-03-29 13:38:14 -04:00 committed by teor
parent 3b9e3cca94
commit 680fd3f8fb
No known key found for this signature in database
GPG Key ID: 10FEAA0E7075672A
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
changes/29241_diagnostic Normal file
View File

@ -0,0 +1,4 @@
o Minor features (NSS, diagnostic):
- Try to log an error from NSS (if there is any) and a more useful
description of our situation if we are using NSS and a call to
SSL_ExportKeyingMaterial() fails. Diagnostic for ticket 29241.

8
src/lib/tls/tortls_nss.c
View File

@ -726,10 +726,18 @@ tor_tls_export_key_material,(tor_tls_t *tls, uint8_t *secrets_out,
tor_assert(context_len <= UINT_MAX); tor_assert(context_len <= UINT_MAX);
SECStatus s; SECStatus s;
/* Make sure that the error code is set here, so that we can be sure that
* any error code set after a failure was in fact caused by
* SSL_ExportKeyingMaterial. */
PR_SetError(PR_UNKNOWN_ERROR, 0);
s = SSL_ExportKeyingMaterial(tls->ssl, s = SSL_ExportKeyingMaterial(tls->ssl,
label, (unsigned)strlen(label), label, (unsigned)strlen(label),
PR_TRUE, context, (unsigned)context_len, PR_TRUE, context, (unsigned)context_len,
secrets_out, DIGEST256_LEN); secrets_out, DIGEST256_LEN);
if (s != SECSuccess) {
tls_log_errors(tls, LOG_WARN, LD_CRYPTO,
"exporting key material for a TLS handshake");
}
return (s == SECSuccess) ? 0 : -1; return (s == SECSuccess) ? 0 : -1;
} }