diff options
author | Alya Berciu <alya.berciu@mongodb.com> | 2019-06-04 10:53:02 -0400 |
---|---|---|
committer | Alya Berciu <alya.berciu@mongodb.com> | 2019-06-11 16:39:34 -0400 |
commit | 6fd8c8dc3d029c7e69db80bf0a209905e95c5f72 (patch) | |
tree | e2a5420b710db51e7658a234ee692dad39dbd50a /src/mongo/util | |
parent | c5e246473ee692cb5866827ac40f5dba006672dc (diff) | |
download | mongo-6fd8c8dc3d029c7e69db80bf0a209905e95c5f72.tar.gz |
SERVER-28469 Improve SSLManager error handling
Diffstat (limited to 'src/mongo/util')
-rw-r--r-- | src/mongo/util/net/sock_test.cpp | 8 | ||||
-rw-r--r-- | src/mongo/util/net/ssl_manager_openssl.cpp | 8 |
2 files changed, 12 insertions, 4 deletions
diff --git a/src/mongo/util/net/sock_test.cpp b/src/mongo/util/net/sock_test.cpp index 77931df8b94..14cc5721e29 100644 --- a/src/mongo/util/net/sock_test.cpp +++ b/src/mongo/util/net/sock_test.cpp @@ -269,7 +269,9 @@ TEST_F(SocketFailPointTest, TestSend) { ASSERT_TRUE(tryRecv()); { const ScopedFailPointEnabler enabled(*_failPoint); - ASSERT_THROWS(trySend(), NetworkException); + auto expectedEx = + makeSocketError(SocketErrorKind::SEND_ERROR, _sockets.first->remoteString()); + ASSERT_THROWS_WHAT(trySend(), NetworkException, expectedEx.reason()); } // Channel should be working again ASSERT_TRUE(trySend()); @@ -293,7 +295,9 @@ TEST_F(SocketFailPointTest, TestRecv) { { ASSERT_TRUE(trySend()); // data for recv const ScopedFailPointEnabler enabled(*_failPoint); - ASSERT_THROWS(tryRecv(), NetworkException); + auto expectedEx = + makeSocketError(SocketErrorKind::RECV_ERROR, _sockets.first->remoteString()); + ASSERT_THROWS_WHAT(tryRecv(), NetworkException, expectedEx.reason()); } ASSERT_TRUE(trySend()); // data for recv ASSERT_TRUE(tryRecv()); diff --git a/src/mongo/util/net/ssl_manager_openssl.cpp b/src/mongo/util/net/ssl_manager_openssl.cpp index ae59c671058..59695f00504 100644 --- a/src/mongo/util/net/ssl_manager_openssl.cpp +++ b/src/mongo/util/net/ssl_manager_openssl.cpp @@ -1705,6 +1705,7 @@ std::string SSLManagerInterface::getSSLErrorMessage(int code) { void SSLManagerOpenSSL::_handleSSLError(SSLConnectionOpenSSL* conn, int ret) { int code = SSL_get_error(conn->ssl, ret); int err = ERR_get_error(); + SocketErrorKind errToThrow = SocketErrorKind::CONNECT_ERROR; switch (code) { case SSL_ERROR_WANT_READ: @@ -1713,12 +1714,15 @@ void SSLManagerOpenSSL::_handleSSLError(SSLConnectionOpenSSL* conn, int ret) { // However, it turns out this CAN happen during a connect, if the other side // accepts the socket connection but fails to do the SSL handshake in a timely // manner. + errToThrow = (code == SSL_ERROR_WANT_READ) ? SocketErrorKind::RECV_ERROR + : SocketErrorKind::SEND_ERROR; error() << "SSL: " << code << ", possibly timed out during connect"; break; case SSL_ERROR_ZERO_RETURN: // TODO: Check if we can avoid throwing an exception for this condition - LOG(3) << "SSL network connection closed"; + // If so, change error() back to LOG(3) + error() << "SSL network connection closed"; break; case SSL_ERROR_SYSCALL: // If ERR_get_error returned 0, the error queue is empty @@ -1741,6 +1745,6 @@ void SSLManagerOpenSSL::_handleSSLError(SSLConnectionOpenSSL* conn, int ret) { break; } _flushNetworkBIO(conn); - throwSocketError(SocketErrorKind::CONNECT_ERROR, ""); + throwSocketError(errToThrow, conn->socket->remoteString()); } } // namespace mongo |