Add additional logging for SSL errors
This was added to provide more information when things fails as in issue #118.
This commit is contained in:
parent
7d8675074f
commit
908ad64d84
24
ssl.c
24
ssl.c
@ -22,6 +22,24 @@
|
||||
#include "rdesktop.h"
|
||||
#include "ssl.h"
|
||||
|
||||
/* Helper function to log internal SSL errors using logger */
|
||||
void
|
||||
rdssl_log_ssl_errors(const char *prefix)
|
||||
{
|
||||
unsigned long err;
|
||||
while (1)
|
||||
{
|
||||
err = ERR_get_error();
|
||||
if (err == 0)
|
||||
break;
|
||||
|
||||
logger(Protocol, Error,
|
||||
"%s, 0x%.8x:%s:%s: %s",
|
||||
prefix, err, ERR_lib_error_string(err),
|
||||
ERR_func_error_string(err), ERR_reason_error_string(err));
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
rdssl_sha1_init(RDSSL_SHA1 * sha1)
|
||||
{
|
||||
@ -157,6 +175,8 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
|
||||
{
|
||||
logger(Protocol, Error,
|
||||
"rdssl_cert_to_key(), failed to get public key from certificate");
|
||||
rdssl_log_ssl_errors("rdssl_cert_to_key()");
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -165,6 +185,8 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
|
||||
{
|
||||
logger(Protocol, Error,
|
||||
"rdssl_cert_to_key(), failed to get algorithm used for public key");
|
||||
rdssl_log_ssl_errors("rdssl_cert_to_key()");
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -181,6 +203,8 @@ rdssl_cert_to_rkey(RDSSL_CERT * cert, uint32 * key_len)
|
||||
{
|
||||
logger(Protocol, Error,
|
||||
"rdssl_cert_to_rkey(), failed to extract public key from certificate");
|
||||
rdssl_log_ssl_errors("rdssl_cert_to_key()");
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
4
ssl.h
4
ssl.h
@ -3,6 +3,7 @@
|
||||
Secure sockets abstraction layer
|
||||
Copyright (C) Matthew Chapman 1999-2008
|
||||
Copyright (C) Jay Sorg 2006-2008
|
||||
Copyright 2017 Henrik Andersson <hean01@cendio.se> for Cendio AB
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
@ -24,6 +25,7 @@
|
||||
#include <openssl/rc4.h>
|
||||
#include <openssl/md5.h>
|
||||
#include <openssl/sha.h>
|
||||
#include <openssl/err.h>
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/hmac.h>
|
||||
@ -63,5 +65,5 @@ RD_BOOL rdssl_sig_ok(uint8 * exponent, uint32 exp_len, uint8 * modulus, uint32 m
|
||||
|
||||
void rdssl_hmac_md5(const void *key, int key_len,
|
||||
const unsigned char *msg, int msg_len, unsigned char *md);
|
||||
|
||||
void rdssl_log_ssl_errors(const char *prefix);
|
||||
#endif
|
||||
|
5
tcp.c
5
tcp.c
@ -35,6 +35,7 @@
|
||||
#include <openssl/err.h>
|
||||
|
||||
#include "rdesktop.h"
|
||||
#include "ssl.h"
|
||||
|
||||
#ifdef _WIN32
|
||||
#define socklen_t int
|
||||
@ -248,7 +249,7 @@ tcp_recv(STREAM s, uint32 length)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ERR_print_errors_fp(stdout);
|
||||
rdssl_log_ssl_errors("tcp_recv()");
|
||||
g_network_error = True;
|
||||
return NULL;
|
||||
}
|
||||
@ -356,7 +357,7 @@ tcp_tls_connect(void)
|
||||
|
||||
if (err < 0)
|
||||
{
|
||||
ERR_print_errors_fp(stdout);
|
||||
rdssl_log_ssl_errors("tcp_tls_connect()");
|
||||
goto fail;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user