From e3a2575776cebe16a8033dc0a1f84a37b7fd2b80 Mon Sep 17 00:00:00 2001
From: Perry Werneck <perry.werneck@gmail.com>
Date: Wed, 21 Oct 2020 15:31:39 -0300
Subject: [PATCH] Fixing SSL connect error messages.

---
 src/network_modules/openssl/context.c | 10 ++++++++++
 src/network_modules/openssl/start.c   | 16 +++++++++-------
 2 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/src/network_modules/openssl/context.c b/src/network_modules/openssl/context.c
index 42796b6..da7e53d 100644
--- a/src/network_modules/openssl/context.c
+++ b/src/network_modules/openssl/context.c
@@ -112,6 +112,16 @@ static void info_callback(INFO_CONST SSL *s, int where, int ret)
 				err_buf[0] = '\0';
 			}
 
+			debug("SSL Connect error %d\nMessage: %s\nState: %s\nAlert: %s\n",
+							ret,
+							err_buf,
+							SSL_state_string_long(s),
+							SSL_alert_type_string_long(ret)
+						);
+
+			hSession->ssl.error = e;
+			debug("hSession->ssl.error=%d",hSession->ssl.error);
+
 			trace_ssl(hSession,"SSL Connect error %d\nMessage: %s\nState: %s\nAlert: %s\n",
 							ret,
 							err_buf,
diff --git a/src/network_modules/openssl/start.c b/src/network_modules/openssl/start.c
index 1b261d6..f0ecb92 100644
--- a/src/network_modules/openssl/start.c
+++ b/src/network_modules/openssl/start.c
@@ -216,6 +216,7 @@
 	}
 
 	trace_ssl(hSession, "%s","Running SSL_connect\n");
+	hSession->ssl.error = 0;
 	int rv = SSL_connect(context->con);
 	trace_ssl(hSession, "SSL_connect exits with rc=%d\n",rv);
 
@@ -223,13 +224,14 @@
 	{
 		LIB3270_SSL_MESSAGE message = {
 			.type = LIB3270_NOTIFY_ERROR,
-			.title = N_( "SSL Connect failed" ),
-			.summary = N_("The client was unable to negotiate a secure connection with the host"),
+			.title = N_( "Connection failed" ),
+			.summary = N_("Unable to negotiate a secure connection with the host"),
 		};
 
-		int code = SSL_get_error(context->con,rv);
+		if(!hSession->ssl.error)
+			hSession->ssl.error = SSL_get_error(context->con,rv);
 
-		if(code == SSL_ERROR_SYSCALL) {
+		if(hSession->ssl.error == SSL_ERROR_SYSCALL) {
 
 			// Some I/O error occurred.
 			// The OpenSSL error queue may contain more information on the error.
@@ -248,12 +250,12 @@
 
 		} else {
 
-			message.body = ERR_reason_error_string(code);
+			message.body = ERR_reason_error_string(hSession->ssl.error);
 
 		}
 
-		debug("SSL_connect failed: %s (rc=%d)\n",message.body ? message.body : message.summary, code);
-		trace_ssl(hSession,"SSL_connect failed: %s (rc=%d)\n",message.body ? message.body : message.summary, code);
+		debug("SSL_connect failed: %s (rc=%d)\n",message.body ? message.body : message.summary, hSession->ssl.error);
+		trace_ssl(hSession,"SSL_connect failed: %s (rc=%d)\n",message.body ? message.body : message.summary, hSession->ssl.error);
 
 		hSession->ssl.message = &message;
 		return -1;
--
libgit2 0.21.2