mirror of
https://github.com/matrix-construct/construct
synced 2024-12-27 07:54:05 +01:00
openssl: Avoid cutting off OpenSSL errors at 119 chars.
ERR_error_string() is just broken, as it returns at most 119 chars which means error messages are frequently truncated. Allow for 511 chars using ERR_error_string_n().
This commit is contained in:
parent
73d83e6db0
commit
918d73d562
1 changed files with 16 additions and 7 deletions
|
@ -287,6 +287,15 @@ verify_accept_all_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static const char *
|
||||||
|
get_ssl_error(unsigned long err)
|
||||||
|
{
|
||||||
|
static char buf[512];
|
||||||
|
|
||||||
|
ERR_error_string_n(err, buf, sizeof buf);
|
||||||
|
return buf;
|
||||||
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
rb_init_ssl(void)
|
rb_init_ssl(void)
|
||||||
{
|
{
|
||||||
|
@ -299,7 +308,7 @@ rb_init_ssl(void)
|
||||||
if(ssl_server_ctx == NULL)
|
if(ssl_server_ctx == NULL)
|
||||||
{
|
{
|
||||||
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL server context: %s",
|
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL server context: %s",
|
||||||
ERR_error_string(ERR_get_error(), NULL));
|
get_ssl_error(ERR_get_error()));
|
||||||
ret = 0;
|
ret = 0;
|
||||||
}
|
}
|
||||||
/* Disable SSLv2, make the client use our settings */
|
/* Disable SSLv2, make the client use our settings */
|
||||||
|
@ -311,7 +320,7 @@ rb_init_ssl(void)
|
||||||
if(ssl_client_ctx == NULL)
|
if(ssl_client_ctx == NULL)
|
||||||
{
|
{
|
||||||
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL client context: %s",
|
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL client context: %s",
|
||||||
ERR_error_string(ERR_get_error(), NULL));
|
get_ssl_error(ERR_get_error()));
|
||||||
ret = 0;
|
ret = 0;
|
||||||
}
|
}
|
||||||
return ret;
|
return ret;
|
||||||
|
@ -332,7 +341,7 @@ rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile)
|
||||||
{
|
{
|
||||||
err = ERR_get_error();
|
err = ERR_get_error();
|
||||||
rb_lib_log("rb_setup_ssl_server: Error loading certificate file [%s]: %s", cert,
|
rb_lib_log("rb_setup_ssl_server: Error loading certificate file [%s]: %s", cert,
|
||||||
ERR_error_string(err, NULL));
|
get_ssl_error(err));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -347,7 +356,7 @@ rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile)
|
||||||
{
|
{
|
||||||
err = ERR_get_error();
|
err = ERR_get_error();
|
||||||
rb_lib_log("rb_setup_ssl_server: Error loading keyfile [%s]: %s", keyfile,
|
rb_lib_log("rb_setup_ssl_server: Error loading keyfile [%s]: %s", keyfile,
|
||||||
ERR_error_string(err, NULL));
|
get_ssl_error(err));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -363,7 +372,7 @@ rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile)
|
||||||
err = ERR_get_error();
|
err = ERR_get_error();
|
||||||
rb_lib_log
|
rb_lib_log
|
||||||
("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
|
("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
|
||||||
dhfile, ERR_error_string(err, NULL));
|
dhfile, get_ssl_error(err));
|
||||||
BIO_free(bio);
|
BIO_free(bio);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -374,7 +383,7 @@ rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile)
|
||||||
{
|
{
|
||||||
err = ERR_get_error();
|
err = ERR_get_error();
|
||||||
rb_lib_log("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
|
rb_lib_log("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
|
||||||
dhfile, ERR_error_string(err, NULL));
|
dhfile, get_ssl_error(err));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -609,7 +618,7 @@ rb_get_pseudo_random(void *buf, size_t length)
|
||||||
const char *
|
const char *
|
||||||
rb_get_ssl_strerror(rb_fde_t *F)
|
rb_get_ssl_strerror(rb_fde_t *F)
|
||||||
{
|
{
|
||||||
return ERR_error_string(F->ssl_errno, NULL);
|
return get_ssl_error(F->ssl_errno);
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
|
|
Loading…
Reference in a new issue