Add additional logging for SSL errors
This was added to provide more information when things fails as in issue #118.
This commit is contained in:
parent
7d8675074f
commit
908ad64d84
24
ssl.c
24
ssl.c
@ -22,6 +22,24 @@
|
|||||||
#include "rdesktop.h"
|
#include "rdesktop.h"
|
||||||
#include "ssl.h"
|
#include "ssl.h"
|
||||||
|
|
||||||
|
/* Helper function to log internal SSL errors using logger */
|
||||||
|
void
|
||||||
|
rdssl_log_ssl_errors(const char *prefix)
|
||||||
|
{
|
||||||
|
unsigned long err;
|
||||||
|
while (1)
|
||||||
|
{
|
||||||
|
err = ERR_get_error();
|
||||||
|
if (err == 0)
|
||||||
|
break;
|
||||||
|
|
||||||
|
logger(Protocol, Error,
|
||||||
|
"%s, 0x%.8x:%s:%s: %s",
|
||||||
|
prefix, err, ERR_lib_error_string(err),
|
||||||
|
ERR_func_error_string(err), ERR_reason_error_string(err));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
rdssl_sha1_init(RDSSL_SHA1 * sha1)
|
rdssl_sha1_init(RDSSL_SHA1 * sha1)
|
||||||
{
|
{
|
||||||
@ -157,6 +175,8 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
|
|||||||
{
|
{
|
||||||
logger(Protocol, Error,
|
logger(Protocol, Error,
|
||||||
"rdssl_cert_to_key(), failed to get public key from certificate");
|
"rdssl_cert_to_key(), failed to get public key from certificate");
|
||||||
|
rdssl_log_ssl_errors("rdssl_cert_to_key()");
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -165,6 +185,8 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
|
|||||||
{
|
{
|
||||||
logger(Protocol, Error,
|
logger(Protocol, Error,
|
||||||
"rdssl_cert_to_key(), failed to get algorithm used for public key");
|
"rdssl_cert_to_key(), failed to get algorithm used for public key");
|
||||||
|
rdssl_log_ssl_errors("rdssl_cert_to_key()");
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -181,6 +203,8 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
|
|||||||
{
|
{
|
||||||
logger(Protocol, Error,
|
logger(Protocol, Error,
|
||||||
"rdssl_cert_to_rkey(), failed to extract public key from certificate");
|
"rdssl_cert_to_rkey(), failed to extract public key from certificate");
|
||||||
|
rdssl_log_ssl_errors("rdssl_cert_to_key()");
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
4
ssl.h
4
ssl.h
@ -3,6 +3,7 @@
|
|||||||
Secure sockets abstraction layer
|
Secure sockets abstraction layer
|
||||||
Copyright (C) Matthew Chapman 1999-2008
|
Copyright (C) Matthew Chapman 1999-2008
|
||||||
Copyright (C) Jay Sorg 2006-2008
|
Copyright (C) Jay Sorg 2006-2008
|
||||||
|
Copyright 2017 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||||
|
|
||||||
This program is free software: you can redistribute it and/or modify
|
This program is free software: you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
@ -24,6 +25,7 @@
|
|||||||
#include <openssl/rc4.h>
|
#include <openssl/rc4.h>
|
||||||
#include <openssl/md5.h>
|
#include <openssl/md5.h>
|
||||||
#include <openssl/sha.h>
|
#include <openssl/sha.h>
|
||||||
|
#include <openssl/err.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/x509v3.h>
|
#include <openssl/x509v3.h>
|
||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
@ -63,5 +65,5 @@ RD_BOOL rdssl_sig_ok(uint8 * exponent, uint32 exp_len, uint8 * modulus, uint32 m
|
|||||||
|
|
||||||
void rdssl_hmac_md5(const void *key, int key_len,
|
void rdssl_hmac_md5(const void *key, int key_len,
|
||||||
const unsigned char *msg, int msg_len, unsigned char *md);
|
const unsigned char *msg, int msg_len, unsigned char *md);
|
||||||
|
void rdssl_log_ssl_errors(const char *prefix);
|
||||||
#endif
|
#endif
|
||||||
|
5
tcp.c
5
tcp.c
@ -35,6 +35,7 @@
|
|||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
|
||||||
#include "rdesktop.h"
|
#include "rdesktop.h"
|
||||||
|
#include "ssl.h"
|
||||||
|
|
||||||
#ifdef _WIN32
|
#ifdef _WIN32
|
||||||
#define socklen_t int
|
#define socklen_t int
|
||||||
@ -248,7 +249,7 @@ tcp_recv(STREAM s, uint32 length)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
ERR_print_errors_fp(stdout);
|
rdssl_log_ssl_errors("tcp_recv()");
|
||||||
g_network_error = True;
|
g_network_error = True;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@ -356,7 +357,7 @@ tcp_tls_connect(void)
|
|||||||
|
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
{
|
{
|
||||||
ERR_print_errors_fp(stdout);
|
rdssl_log_ssl_errors("tcp_tls_connect()");
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user