diff options
author | Sean Bright <sean.bright@gmail.com> | 2017-03-23 10:45:35 -0400 |
---|---|---|
committer | Sean Bright <sean.bright@gmail.com> | 2017-03-23 08:58:53 -0600 |
commit | be94105d6dc0cfb41ed88badd2d7cfd18ab7fe89 (patch) | |
tree | 4547ad5e519582bf897de5c3e4c61707c636d70e /res/res_xmpp.c | |
parent | c1ab8ca74cec45730107cca3ed47fc61460365e4 (diff) |
res_xmpp: Try to provide useful errors messages from OpenSSL
If any errors occur during the TLS connection setup, we currently dump a
fairly generic error message. So instead we try to pull in something
useful from OpenSSL to report instead.
ASTERISK-24712
Reported by: Matthias Urlichs
Change-Id: I288500991a9681f447d92913b11fedaf426087f4
Diffstat (limited to 'res/res_xmpp.c')
-rw-r--r-- | res/res_xmpp.c | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/res/res_xmpp.c b/res/res_xmpp.c index 1aa865cd6..4e6685291 100644 --- a/res/res_xmpp.c +++ b/res/res_xmpp.c @@ -2629,12 +2629,31 @@ static int xmpp_client_request_tls(struct ast_xmpp_client *client, struct ast_xm #endif } +#ifdef HAVE_OPENSSL +static char *openssl_error_string(void) +{ + char *buf = NULL, *ret; + size_t len; + BIO *bio = BIO_new(BIO_s_mem()); + + ERR_print_errors(bio); + len = BIO_get_mem_data(bio, &buf); + ret = ast_calloc(1, len + 1); + if (ret) { + memcpy(ret, buf, len); + } + BIO_free(bio); + return ret; +} +#endif + /*! \brief Internal function called when we receive a response to our TLS initiation request */ static int xmpp_client_requested_tls(struct ast_xmpp_client *client, struct ast_xmpp_client_config *cfg, int type, iks *node) { #ifdef HAVE_OPENSSL int sock; long ssl_opts; + char *err; #endif if (!strcmp(iks_name(node), "success")) { @@ -2690,7 +2709,10 @@ static int xmpp_client_requested_tls(struct ast_xmpp_client *client, struct ast_ return 0; failure: - ast_log(LOG_ERROR, "TLS connection for client '%s' cannot be established. OpenSSL initialization failed.\n", client->name); + err = openssl_error_string(); + ast_log(LOG_ERROR, "TLS connection for client '%s' cannot be established. " + "OpenSSL initialization failed: %s\n", client->name, err); + ast_free(err); return -1; #endif } |