SSL: Properly report SSL_connect() errors.

author: Yossi Gottlieb <yossigo@gmail.com> 2019-08-22 16:19:05 +0300
committer: Yossi Gottlieb <yossigo@gmail.com> 2019-08-22 16:20:41 +0300
commit: 153b8f632ba40fe7a0225fd4940d06e2a6e871f5 (patch)
tree: 7f7817e94324a7698964ba4841ff0ac26569990c
parent: f5f855c91239706b173e2412cea301f4a3643e2d (diff)
1 files changed, 13 insertions, 1 deletions
diff --git a/sslio.c b/sslio.c
index 25cb5c2..dc75e97 100644
--- a/sslio.c
+++ b/sslio.c
@@ -5,6 +5,9 @@
 #ifdef HIREDIS_SSL
 #include <pthread.h>
 #include <errno.h>
+#include <string.h>
+
+#include <openssl/err.h>
 
 void __redisSetError(redisContext *c, int type, const char *str);
 
@@ -143,6 +146,7 @@ int redisSslCreate(redisContext *c, const char *capath, const char *certpath,
     SSL_set_connect_state(s->ssl);
 
     c->flags |= REDIS_SSL;
+    ERR_clear_error();
     int rv = SSL_connect(c->ssl->ssl);
     if (rv == 1) {
         return REDIS_OK;
@@ -155,7 +159,15 @@ int redisSslCreate(redisContext *c, const char *capath, const char *certpath,
     }
 
     if (c->err == 0) {
-        __redisSetError(c, REDIS_ERR_IO, "SSL_connect() failed");
+        char err[512];
+        if (rv == SSL_ERROR_SYSCALL)
+            snprintf(err,sizeof(err)-1,"SSL_connect failed: %s",strerror(errno));
+        else {
+            unsigned long e = ERR_peek_last_error();
+            snprintf(err,sizeof(err)-1,"SSL_connect failed: %s",
+                    ERR_reason_error_String(e));
+        }
+        __redisSetError(c, REDIS_ERR_IO, err);
     }
     return REDIS_ERR;
 }
author	Yossi Gottlieb <yossigo@gmail.com>	2019-08-22 16:19:05 +0300
committer	Yossi Gottlieb <yossigo@gmail.com>	2019-08-22 16:20:41 +0300
commit	153b8f632ba40fe7a0225fd4940d06e2a6e871f5 (patch)
tree	7f7817e94324a7698964ba4841ff0ac26569990c
parent	f5f855c91239706b173e2412cea301f4a3643e2d (diff)