diff options
author | Steffan Karger <steffan.karger@fox-it.com> | 2013-03-22 09:54:21 +0100 |
---|---|---|
committer | Gert Doering <gert@greenie.muc.de> | 2013-03-22 16:53:59 +0100 |
commit | 0219f115f3a2711d5c51457d6e97d6930916653b (patch) | |
tree | 7a1c3d792376ead870919c4f6038a7ef7ef0a2c9 /src/openvpn | |
parent | 4a56d19fc3aa59d0eebd99f102ecaaa3665c5088 (diff) | |
download | openvpn-0219f115f3a2711d5c51457d6e97d6930916653b.tar.gz openvpn-0219f115f3a2711d5c51457d6e97d6930916653b.tar.xz openvpn-0219f115f3a2711d5c51457d6e97d6930916653b.zip |
Improve PolarSSL key_state_read_{cipher, plain}text messages
Instead of logging the fact that an error occured, log the error code and
description (when available in the PolarSSL build).
Signed-off-by: Joachim Schipper <joachim.schipper@fox-it.com>
Acked-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1363942465-3251-3-git-send-email-steffan.karger@fox-it.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/7440
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Diffstat (limited to 'src/openvpn')
-rw-r--r-- | src/openvpn/ssl_polarssl.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/openvpn/ssl_polarssl.c b/src/openvpn/ssl_polarssl.c index 4d00ad6..c787374 100644 --- a/src/openvpn/ssl_polarssl.c +++ b/src/openvpn/ssl_polarssl.c @@ -643,6 +643,7 @@ key_state_read_ciphertext (struct key_state_ssl *ks, struct buffer *buf, { int retval = 0; int len = 0; + char error_message[1024]; perf_push (PERF_BIO_READ_CIPHERTEXT); @@ -668,7 +669,8 @@ key_state_read_ciphertext (struct key_state_ssl *ks, struct buffer *buf, perf_pop (); if (POLARSSL_ERR_NET_WANT_WRITE == retval || POLARSSL_ERR_NET_WANT_READ == retval) return 0; - msg (D_TLS_ERRORS, "TLS_ERROR: read tls_read_plaintext error"); + error_strerror(retval, error_message, sizeof(error_message)); + msg (D_TLS_ERRORS, "TLS_ERROR: read tls_read_ciphertext error: %d %s", retval, error_message); buf->len = 0; return -1; } @@ -740,6 +742,7 @@ key_state_read_plaintext (struct key_state_ssl *ks, struct buffer *buf, { int retval = 0; int len = 0; + char error_message[1024]; perf_push (PERF_BIO_READ_PLAINTEXT); @@ -764,7 +767,8 @@ key_state_read_plaintext (struct key_state_ssl *ks, struct buffer *buf, { if (POLARSSL_ERR_NET_WANT_WRITE == retval || POLARSSL_ERR_NET_WANT_READ == retval) return 0; - msg (D_TLS_ERRORS, "TLS_ERROR: read tls_read_plaintext error"); + error_strerror(retval, error_message, sizeof(error_message)); + msg (D_TLS_ERRORS, "TLS_ERROR: read tls_read_plaintext error: %d %s", retval, error_message); buf->len = 0; perf_pop (); return -1; |