[glib-networking/mcatanzaro/#13: 4/4] Improve handshake error messages as far as possible
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/mcatanzaro/#13: 4/4] Improve handshake error messages as far as possible
- Date: Mon, 24 Jun 2019 00:58:20 +0000 (UTC)
commit e9b22711ed34bf55a90c16e68bafb72a42835bb1
Author: Michael Catanzaro <mcatanzaro igalia com>
Date: Sun Jun 23 10:46:00 2019 -0500
Improve handshake error messages as far as possible
Let's add a bit more detail to these very generic error messages.
Fixes #13
tls/gnutls/gtlsconnection-gnutls.c | 23 +++++++++++++++--------
tls/openssl/gtlsconnection-openssl.c | 4 ++--
2 files changed, 17 insertions(+), 10 deletions(-)
---
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 62caa53..947695f 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -347,14 +347,21 @@ end_gnutls_io (GTlsConnectionGnutls *gnutls,
if (handshaking && !ever_handshaked)
{
if (g_error_matches (my_error, G_IO_ERROR, G_IO_ERROR_FAILED) ||
- g_error_matches (my_error, G_IO_ERROR, G_IO_ERROR_BROKEN_PIPE) ||
- status == GNUTLS_E_UNEXPECTED_PACKET_LENGTH ||
+ g_error_matches (my_error, G_IO_ERROR, G_IO_ERROR_BROKEN_PIPE))
+ {
+ g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
+ _("Peer failed to perform TLS handshake: %s"), my_error->message);
+ g_clear_error (&my_error);
+ return G_TLS_CONNECTION_BASE_ERROR;
+ }
+
+ if (status == GNUTLS_E_UNEXPECTED_PACKET_LENGTH ||
status == GNUTLS_E_DECRYPTION_FAILED ||
status == GNUTLS_E_UNSUPPORTED_VERSION_PACKET)
{
g_clear_error (&my_error);
- g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
- _("Peer failed to perform TLS handshake"));
+ g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
+ _("Peer failed to perform TLS handshake: %s"), gnutls_strerror (status));
return G_TLS_CONNECTION_BASE_ERROR;
}
}
@@ -377,8 +384,8 @@ end_gnutls_io (GTlsConnectionGnutls *gnutls,
if (handshaking && !ever_handshaked)
{
g_clear_error (&my_error);
- g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
- _("Peer failed to perform TLS handshake"));
+ g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
+ _("Peer failed to perform TLS handshake: %s"), gnutls_strerror (status));
return G_TLS_CONNECTION_BASE_ERROR;
}
@@ -408,8 +415,8 @@ end_gnutls_io (GTlsConnectionGnutls *gnutls,
if (ret == GNUTLS_E_CERTIFICATE_ERROR)
{
g_clear_error (&my_error);
- g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
- _("Unacceptable TLS certificate"));
+ g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
+ _("Unacceptable TLS certificate"));
return G_TLS_CONNECTION_BASE_ERROR;
}
diff --git a/tls/openssl/gtlsconnection-openssl.c b/tls/openssl/gtlsconnection-openssl.c
index 96dcd16..58c08eb 100644
--- a/tls/openssl/gtlsconnection-openssl.c
+++ b/tls/openssl/gtlsconnection-openssl.c
@@ -135,8 +135,8 @@ end_openssl_io (GTlsConnectionOpenssl *openssl,
reason == SSL_R_UNKNOWN_PROTOCOL)
{
g_clear_error (&my_error);
- g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
- _("Peer failed to perform TLS handshake"));
+ g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
+ _("Peer failed to perform TLS handshake: %s"), ERR_reason_error_string (err));
return G_TLS_CONNECTION_BASE_ERROR;
}
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
