Download as
Browse Code »

Commit e5febe418be66e78e5145859f550ab4037852b76

Authored by Perry Werneck
1 parent 77471b00
Exists in master and in 2 other branches develop, macos

Adjustments on SSL error message.

Showing 2 changed files with 32 additions and 12 deletions   Show diff stats
src/network_modules/openssl/context.c
  Diff comments   View file @e5febe4
@@ -67,6 +67,8 @@ static void info_callback(INFO_CONST SSL *s, int where, int ret) @@ -67,6 +67,8 @@ static void info_callback(INFO_CONST SSL *s, int where, int ret)
67 H3270 *hSession = (H3270 *) SSL_get_ex_data(s,ssl_ex_index); 67 H3270 *hSession = (H3270 *) SSL_get_ex_data(s,ssl_ex_index);
68 LIB3270_NET_CONTEXT * context = hSession->network.context; 68 LIB3270_NET_CONTEXT * context = hSession->network.context;
69 69
  70 + debug("************************ %s where=%d",__FUNCTION__,where);
  71 +
70 switch(where) 72 switch(where)
71 { 73 {
72 case SSL_CB_CONNECT_LOOP: 74 case SSL_CB_CONNECT_LOOP:
@@ -125,12 +127,10 @@ static void info_callback(INFO_CONST SSL *s, int where, int ret) @@ -125,12 +127,10 @@ static void info_callback(INFO_CONST SSL *s, int where, int ret)
125 trace_ssl(hSession,"SSL Current state is \"%s\"\n",context->state.message); 127 trace_ssl(hSession,"SSL Current state is \"%s\"\n",context->state.message);
126 } 128 }
127 129
128 -#ifdef DEBUG  
129 if(where & SSL_CB_EXIT) 130 if(where & SSL_CB_EXIT)
130 { 131 {
131 - trace("%s: SSL_CB_EXIT ret=%d\n",__FUNCTION__,ret); 132 + trace_ssl(hSession,"SSL_CB_EXIT ret=%d\n",ret);
132 } 133 }
133 -#endif  
134 134
135 if(where & SSL_CB_ALERT) 135 if(where & SSL_CB_ALERT)
136 { 136 {
src/network_modules/openssl/start.c
  Diff comments   View file @e5febe4
@@ -221,19 +221,39 @@ @@ -221,19 +221,39 @@
221 221
222 if (rv != 1) 222 if (rv != 1)
223 { 223 {
  224 + LIB3270_SSL_MESSAGE message = {
  225 + .type = LIB3270_NOTIFY_ERROR,
  226 + .title = N_( "SSL Connect failed" ),
  227 + .summary = N_("The client was unable to negotiate a secure connection with the host"),
  228 + };
  229 +
224 int code = SSL_get_error(context->con,rv); 230 int code = SSL_get_error(context->con,rv);
225 231
226 - if(code == SSL_ERROR_SYSCALL && hSession->ssl.error)  
227 - code = hSession->ssl.error;  
228 - else  
229 - hSession->ssl.error = code; 232 + if(code == SSL_ERROR_SYSCALL) {
230 233
231 - trace_ssl(hSession,"SSL_connect failed: %s\n",ERR_reason_error_string(code)); 234 + // Some I/O error occurred.
  235 + // The OpenSSL error queue may contain more information on the error.
  236 + // If the error queue is empty (i.e. ERR_get_error() returns 0), ret
  237 + // can be used to find out more about the error:
  238 + // If ret == 0, an EOF was observed that violates the protocol.
  239 + // If ret == -1, the underlying BIO reported an I/O error
  240 + // (for socket I/O on Unix systems, consult errno for details).
232 241
233 - static const LIB3270_SSL_MESSAGE message = {  
234 - .summary = N_( "SSL Connect failed" ),  
235 - .body = N_("The client was unable to negotiate a secure connection with the host")  
236 - }; 242 + if(rv == 0) {
  243 + message.body = N_("An EOF was observed that violates the protocol");
  244 + } else if(errno)
  245 + message.body = strerror(errno);
  246 + else
  247 + message.body = N_("Unexpected I/O error");
  248 +
  249 + } else {
  250 +
  251 + message.body = ERR_reason_error_string(code);
  252 +
  253 + }
  254 +
  255 + debug("SSL_connect failed: %s (rc=%d)\n",message.body ? message.body : message.summary, code);
  256 + trace_ssl(hSession,"SSL_connect failed: %s (rc=%d)\n",message.body ? message.body : message.summary, code);
237 257
238 hSession->ssl.message = &message; 258 hSession->ssl.message = &message;
239 return -1; 259 return -1;