Bug#11745920/Bug#21287: "SSL connection error" is not helpful! (ssl-verify-server-cert=true vs localhos)

SSL errors on client and now more specific to aid end-user with debugging. Also restructures error handling for compliance with SSL docs.
author: Tatjana Azundris Nuernberg <tatjana.nuernberg@oracle.com> 2011-05-19 10:47:43 +0100
committer: Tatjana Azundris Nuernberg <tatjana.nuernberg@oracle.com> 2011-05-19 10:47:43 +0100
commit: 92b901d297e666b20343e00c4e0b39b5843299ce (patch)
tree: d077b2f692ced3f83d965153a609265891c06dda /vio/viossl.c
parent: 359549beabcdafaa847dc41ef2566d414331f79d (diff)
download: mariadb-git-92b901d297e666b20343e00c4e0b39b5843299ce.tar.gz
1 files changed, 9 insertions, 8 deletions
diff --git a/vio/viossl.c b/vio/viossl.c
index 5cb5f36f20d..290abf788c2 100644
--- a/vio/viossl.c
+++ b/vio/viossl.c
@@ -144,8 +144,9 @@ void vio_ssl_delete(Vio *vio)
 
 
 static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
-                  int (*connect_accept_func)(SSL*))
+                  int (*connect_accept_func)(SSL*), unsigned long *errptr)
 {
+  int r;
   SSL *ssl;
   my_bool unused;
   my_bool was_blocking;
@@ -160,7 +161,7 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
   if (!(ssl= SSL_new(ptr->ssl_context)))
   {
     DBUG_PRINT("error", ("SSL_new failure"));
-    report_errors(ssl);
+    *errptr= ERR_get_error();
     vio_blocking(vio, was_blocking, &unused);
     DBUG_RETURN(1);
   }
@@ -169,10 +170,10 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
   SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout);
   SSL_set_fd(ssl, vio->sd);
 
-  if (connect_accept_func(ssl) < 1)
+  if ((r= connect_accept_func(ssl)) < 1)
   {
     DBUG_PRINT("error", ("SSL_connect/accept failure"));
-    report_errors(ssl);
+    *errptr= SSL_get_error(ssl, r);
     SSL_free(ssl);
     vio_blocking(vio, was_blocking, &unused);
     DBUG_RETURN(1);
@@ -220,17 +221,17 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
 }
 
 
-int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
+int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout, unsigned long *errptr)
 {
   DBUG_ENTER("sslaccept");
-  DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_accept));
+  DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_accept, errptr));
 }
 
 
-int sslconnect(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
+int sslconnect(struct st_VioSSLFd *ptr, Vio *vio, long timeout, unsigned long *errptr)
 {
   DBUG_ENTER("sslconnect");
-  DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_connect));
+  DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_connect, errptr));
 }
author	Tatjana Azundris Nuernberg <tatjana.nuernberg@oracle.com>	2011-05-19 10:47:43 +0100
committer	Tatjana Azundris Nuernberg <tatjana.nuernberg@oracle.com>	2011-05-19 10:47:43 +0100
commit	92b901d297e666b20343e00c4e0b39b5843299ce (patch)
tree	d077b2f692ced3f83d965153a609265891c06dda /vio/viossl.c
parent	359549beabcdafaa847dc41ef2566d414331f79d (diff)
download	mariadb-git-92b901d297e666b20343e00c4e0b39b5843299ce.tar.gz