summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPřemysl Janouch <p.janouch@gmail.com>2014-08-19 20:28:54 +0200
committerPřemysl Janouch <p.janouch@gmail.com>2014-08-19 20:33:28 +0200
commit19ff2715b5733c8d476f97c8d1cd7cd95cbd2d9f (patch)
treee758ee0306e8935955e233167272e162ef0d20fa
parent0484f7e995e4caf92a7bd49aea8d73e64742478d (diff)
downloadxK-19ff2715b5733c8d476f97c8d1cd7cd95cbd2d9f.tar.gz
xK-19ff2715b5733c8d476f97c8d1cd7cd95cbd2d9f.tar.xz
xK-19ff2715b5733c8d476f97c8d1cd7cd95cbd2d9f.zip
ZyklonB: better errors on TLS/SSL failure
-rw-r--r--zyklonb.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/zyklonb.c b/zyklonb.c
index f8d931a..8f8bcda 100644
--- a/zyklonb.c
+++ b/zyklonb.c
@@ -270,6 +270,7 @@ irc_send (struct bot_context *ctx, const char *format, ...)
static bool
irc_initialize_ssl (struct bot_context *ctx, struct error **e)
{
+ const char *error_info = NULL;
ctx->ssl_ctx = SSL_CTX_new (SSLv23_client_method ());
if (!ctx->ssl_ctx)
goto error_ssl_1;
@@ -300,8 +301,16 @@ irc_initialize_ssl (struct bot_context *ctx, struct error **e)
goto error_ssl_3;
// Avoid SSL_write() returning SSL_ERROR_WANT_READ
SSL_set_mode (ctx->ssl, SSL_MODE_AUTO_RETRY);
- if (SSL_connect (ctx->ssl) > 0)
+
+ switch (xssl_get_error (ctx->ssl, SSL_connect (ctx->ssl), &error_info))
+ {
+ case SSL_ERROR_NONE:
return true;
+ case SSL_ERROR_ZERO_RETURN:
+ error_info = "server closed the connection";
+ default:
+ break;
+ }
error_ssl_3:
SSL_free (ctx->ssl);
@@ -312,8 +321,9 @@ error_ssl_2:
error_ssl_1:
// XXX: these error strings are really nasty; also there could be
// multiple errors on the OpenSSL stack.
- error_set (e, "%s: %s", "could not initialize SSL",
- ERR_error_string (ERR_get_error (), NULL));
+ if (!error_info)
+ error_info = ERR_error_string (ERR_get_error (), NULL);
+ error_set (e, "%s: %s", "could not initialize SSL", error_info);
return false;
}