p/xK
1
1
Fork 0
Code Issues 1 Pull Requests Releases 11 Wiki Activity

ZyklonB: better errors on TLS/SSL failure

Browse Source
This commit is contained in:
Přemysl Eric Janouch 2014-08-19 20:28:54 +02:00
parent 0484f7e995
commit 19ff2715b5
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
zyklonb.c
View File

@ -270,6 +270,7 @@ irc_send (struct bot_context *ctx, const char *format, ...)
static bool
irc_initialize_ssl (struct bot_context *ctx, struct error **e)
{
const char *error_info = NULL;
ctx->ssl_ctx = SSL_CTX_new (SSLv23_client_method ());
if (!ctx->ssl_ctx)
goto error_ssl_1;
@ -300,8 +301,16 @@ irc_initialize_ssl (struct bot_context *ctx, struct error **e)
goto error_ssl_3;
// Avoid SSL_write() returning SSL_ERROR_WANT_READ
SSL_set_mode (ctx->ssl, SSL_MODE_AUTO_RETRY);
if (SSL_connect (ctx->ssl) > 0)
switch (xssl_get_error (ctx->ssl, SSL_connect (ctx->ssl), &error_info))
{
case SSL_ERROR_NONE:
return true;
case SSL_ERROR_ZERO_RETURN:
error_info = "server closed the connection";
default:
break;
}
error_ssl_3:
SSL_free (ctx->ssl);
@ -312,8 +321,9 @@ error_ssl_2:
error_ssl_1:
// XXX: these error strings are really nasty; also there could be
// multiple errors on the OpenSSL stack.
error_set (e, "%s: %s", "could not initialize SSL",
ERR_error_string (ERR_get_error (), NULL));
if (!error_info)
error_info = ERR_error_string (ERR_get_error (), NULL);
error_set (e, "%s: %s", "could not initialize SSL", error_info);
return false;
}