Repository: trafficserver Updated Branches: refs/heads/master 68668e767 -> 49d0ef822
TS-3452: Better debug messages for SSL_ERROR_SSL Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/6cd3e45c Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/6cd3e45c Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/6cd3e45c Branch: refs/heads/master Commit: 6cd3e45c9d8cc579f0bdc4dbd99b10aeb6438e1a Parents: 68668e7 Author: Brian Geffon <bri...@apache.org> Authored: Tue Mar 17 14:47:57 2015 -0700 Committer: Brian Geffon <bri...@apache.org> Committed: Tue Mar 17 14:47:57 2015 -0700 ---------------------------------------------------------------------- iocore/net/SSLUtils.cc | 43 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 36 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/6cd3e45c/iocore/net/SSLUtils.cc ---------------------------------------------------------------------- diff --git a/iocore/net/SSLUtils.cc b/iocore/net/SSLUtils.cc index 83ce5e5..eea8e98 100644 --- a/iocore/net/SSLUtils.cc +++ b/iocore/net/SSLUtils.cc @@ -2044,7 +2044,7 @@ SSLWriteBuffer(SSL * ssl, const void * buf, int64_t nbytes, int64_t& nwritten) if (unlikely(nbytes == 0)) { return SSL_ERROR_NONE; } - + ERR_clear_error(); int ret = SSL_write(ssl, buf, (int)nbytes); if (ret > 0) { nwritten = ret; @@ -2054,8 +2054,14 @@ SSLWriteBuffer(SSL * ssl, const void * buf, int64_t nbytes, int64_t& nwritten) } return SSL_ERROR_NONE; } - - return SSL_get_error(ssl, ret); + int ssl_error = SSL_get_error(ssl, ret); + if (ssl_error == SSL_ERROR_SSL) { + char buf[512]; + unsigned long e = ERR_get_error(); + ERR_error_string_n(e, buf, sizeof(buf)); + Debug("ssl.error.write", "SSL write returned %d, ssl_error=%ld, ERR_get_error=%d (%s)", ret, ssl_error, e, buf); + } + return ssl_error; } ssl_error_t @@ -2066,34 +2072,57 @@ SSLReadBuffer(SSL * ssl, void * buf, int64_t nbytes, int64_t& nread) if (unlikely(nbytes == 0)) { return SSL_ERROR_NONE; } - + ERR_clear_error(); int ret = SSL_read(ssl, buf, (int)nbytes); if (ret > 0) { nread = ret; return SSL_ERROR_NONE; } + int ssl_error = SSL_get_error(ssl, ret); + if (ssl_error == SSL_ERROR_SSL) { + char buf[512]; + unsigned long e = ERR_get_error(); + ERR_error_string_n(e, buf, sizeof(buf)); + Debug("ssl.error.read", "SSL read returned %d, ssl_error=%ld, ERR_get_error=%d (%s)", ret, ssl_error, e, buf); + } - return SSL_get_error(ssl, ret); + return ssl_error; } ssl_error_t SSLAccept(SSL * ssl) { + ERR_clear_error(); int ret = SSL_accept(ssl); if (ret > 0) { return SSL_ERROR_NONE; } + int ssl_error = SSL_get_error(ssl, ret); + if (ssl_error == SSL_ERROR_SSL) { + char buf[512]; + unsigned long e = ERR_get_error(); + ERR_error_string_n(e, buf, sizeof(buf)); + Debug("ssl.error.accept", "SSL accept returned %d, ssl_error=%ld, ERR_get_error=%d (%s)", ret, ssl_error, e, buf); + } - return SSL_get_error(ssl, ret); + return ssl_error; } ssl_error_t SSLConnect(SSL * ssl) { + ERR_clear_error(); int ret = SSL_connect(ssl); if (ret > 0) { return SSL_ERROR_NONE; } + int ssl_error = SSL_get_error(ssl, ret); + if (ssl_error == SSL_ERROR_SSL) { + char buf[512]; + unsigned long e = ERR_get_error(); + ERR_error_string_n(e, buf, sizeof(buf)); + Debug("ssl.error.connect", "SSL connect returned %d, ssl_error=%ld, ERR_get_error=%d (%s)", ret, ssl_error, e, buf); + } - return SSL_get_error(ssl, ret); + return ssl_error; }