diff options
| author | Přemysl Janouch <p.janouch@gmail.com> | 2014-08-19 20:28:54 +0200 |
|---|---|---|
| committer | Přemysl Janouch <p.janouch@gmail.com> | 2014-08-19 20:33:28 +0200 |
| commit | 19ff2715b5733c8d476f97c8d1cd7cd95cbd2d9f (patch) | |
| tree | e758ee0306e8935955e233167272e162ef0d20fa | |
| parent | 0484f7e995e4caf92a7bd49aea8d73e64742478d (diff) | |
| download | xK-19ff2715b5733c8d476f97c8d1cd7cd95cbd2d9f.tar.gz xK-19ff2715b5733c8d476f97c8d1cd7cd95cbd2d9f.tar.xz xK-19ff2715b5733c8d476f97c8d1cd7cd95cbd2d9f.zip | |
ZyklonB: better errors on TLS/SSL failure
| -rw-r--r-- | zyklonb.c | 16 |
1 files changed, 13 insertions, 3 deletions
@@ -270,6 +270,7 @@ irc_send (struct bot_context *ctx, const char *format, ...) static bool irc_initialize_ssl (struct bot_context *ctx, struct error **e) { + const char *error_info = NULL; ctx->ssl_ctx = SSL_CTX_new (SSLv23_client_method ()); if (!ctx->ssl_ctx) goto error_ssl_1; @@ -300,8 +301,16 @@ irc_initialize_ssl (struct bot_context *ctx, struct error **e) goto error_ssl_3; // Avoid SSL_write() returning SSL_ERROR_WANT_READ SSL_set_mode (ctx->ssl, SSL_MODE_AUTO_RETRY); - if (SSL_connect (ctx->ssl) > 0) + + switch (xssl_get_error (ctx->ssl, SSL_connect (ctx->ssl), &error_info)) + { + case SSL_ERROR_NONE: return true; + case SSL_ERROR_ZERO_RETURN: + error_info = "server closed the connection"; + default: + break; + } error_ssl_3: SSL_free (ctx->ssl); @@ -312,8 +321,9 @@ error_ssl_2: error_ssl_1: // XXX: these error strings are really nasty; also there could be // multiple errors on the OpenSSL stack. - error_set (e, "%s: %s", "could not initialize SSL", - ERR_error_string (ERR_get_error (), NULL)); + if (!error_info) + error_info = ERR_error_string (ERR_get_error (), NULL); + error_set (e, "%s: %s", "could not initialize SSL", error_info); return false; } |