SSL: Properly report SSL_connect() errors.

2019-08-22 16:19:05 +03:00 · 2019-08-22 16:19:05 +03:00 · 153b8f632b
parent f5f855c912
commit 153b8f632b
1 changed files with 13 additions and 1 deletions
--- a/sslio.c
+++ b/sslio.c
@ -5,6 +5,9 @@
 #ifdef HIREDIS_SSL
 #include <pthread.h>
 #include <errno.h>
+#include <string.h>
+
+#include <openssl/err.h>

 void __redisSetError(redisContext *c, int type, const char *str);

@ -143,6 +146,7 @@ int redisSslCreate(redisContext *c, const char *capath, const char *certpath,
    SSL_set_connect_state(s->ssl);

    c->flags |= REDIS_SSL;
+    ERR_clear_error();
    int rv = SSL_connect(c->ssl->ssl);
    if (rv == 1) {
        return REDIS_OK;
@ -155,7 +159,15 @@ int redisSslCreate(redisContext *c, const char *capath, const char *certpath,
    }

    if (c->err == 0) {
-        __redisSetError(c, REDIS_ERR_IO, "SSL_connect() failed");
+        char err[512];
+        if (rv == SSL_ERROR_SYSCALL)
+            snprintf(err,sizeof(err)-1,"SSL_connect failed: %s",strerror(errno));
+        else {
+            unsigned long e = ERR_peek_last_error();
+            snprintf(err,sizeof(err)-1,"SSL_connect failed: %s",
+                    ERR_reason_error_String(e));
+        }
+        __redisSetError(c, REDIS_ERR_IO, err);
    }
    return REDIS_ERR;
 }