Fix PeerConnector::handleNegotiationResult() error debugging (#1055)

    ERROR: failure while establishing TLS connection on FD: 70x123456*1

* FD value was malformed. Now report all Connection details instead.
* Error details were not reported (a pointer value was reported).

Also, for error message prefix, use a single/constant phrase instead of
error-dependent phrases. This principle is for level-0/1 messages, but
it is OK to apply it here as well, especially given the related TODO.

Also improved RawPointer reporting so that we can use it for this fix.
Some of these changes are not necessary (for the final code state), but
all of them except the last one were necessary at some point during the
work on this fix, and they all may become handy in the future:

* Print nothing if ptr is nil. Both existing callers benefit from this.
* Allow the caller to set the label/object delimiter. Also faster.
* Support reporting object values on a dedicated Debug::Extra line.
* Support (and do not attempt to print) nil RawPointer() labels.

diff --git a/src/base/IoManip.h b/src/base/IoManip.h
index 7f14953ead8f36a645df8af22a7cb237ce254ca1..f13c697b621c88b92e25c17fede7ac9f0fbdddab 100644 (file)
--- a/src/base/IoManip.h
+++ b/src/base/IoManip.h
@@ -9,17 +9,25 @@
 #ifndef SQUID_SRC_BASE_IO_MANIP_H
 #define SQUID_SRC_BASE_IO_MANIP_H
 
+#include "debug/Stream.h"
+
 #include <iostream>
 #include <iomanip>
 
-/// debugs objects pointed by possibly nil pointers: label=object
+/// Safely prints an object pointed to by the given pointer: [label]<object>
+/// Prints nothing at all if the pointer is nil.
 template <class Pointer>
 class RawPointerT {
 public:
     RawPointerT(const char *aLabel, const Pointer &aPtr):
         label(aLabel), ptr(aPtr) {}
+
+    /// Report the pointed-to-object on a dedicated Debug::Extra line.
+    RawPointerT<Pointer> &asExtra() { onExtraLine = true; return *this; }
+
     const char *label; /// the name or description of the being-debugged object
     const Pointer &ptr; /// a possibly nil pointer to the being-debugged object
+    bool onExtraLine = false;
 };
 
 /// convenience wrapper for creating  RawPointerT<> objects
@@ -35,11 +43,17 @@ template <class Pointer>
 inline std::ostream &
 operator <<(std::ostream &os, const RawPointerT<Pointer> &pd)
 {
-    os << pd.label << '=';
-    if (pd.ptr)
-        os << *pd.ptr;
-    else
-        os << "[nil]";
+    if (!pd.ptr)
+        return os;
+
+    if (pd.onExtraLine)
+        os << Debug::Extra;
+
+    if (pd.label)
+        os << pd.label;
+
+    os << *pd.ptr;
+
     return os;
 }
 

diff --git a/src/security/PeerConnector.cc b/src/security/PeerConnector.cc
index 61eac7eb5e3c94b1eed8c6256eb45668818b3283..27c6ceedb805edf63969897d3633863d52a851aa 100644 (file)
--- a/src/security/PeerConnector.cc
+++ b/src/security/PeerConnector.cc
@@ -276,8 +276,9 @@ Security::PeerConnector::handleNegotiationResult(const Security::IoResult &resul
     }
 
     // TODO: Honor result.important when working in a reverse proxy role?
-    debugs(83, 2, "ERROR: " << result.errorDescription <<
-           " while establishing TLS connection on FD: " << serverConnection()->fd << result.errorDetail);
+    debugs(83, 2, "ERROR: Cannot establish a TLS connection to " << serverConnection() << ':' <<
+           Debug::Extra << "problem: " << result.errorDescription <<
+           RawPointer("detail: ", result.errorDetail).asExtra());
     recordNegotiationDetails();
     noteNegotiationError(result.errorDetail);
 }
@@ -339,7 +340,7 @@ Security::PeerConnector::sslCrtvdHandleReply(Ssl::CertValidationResponse::Pointe
     if (Debug::Enabled(83, 5)) {
         Security::SessionPointer ssl(fd_table[serverConnection()->fd].ssl);
         SBuf *server = static_cast<SBuf *>(SSL_get_ex_data(ssl.get(), ssl_ex_index_server));
-        debugs(83,5, RawPointer("host", server) << " cert validation result: " << validationResponse->resultCode);
+        debugs(83, 5, "cert validation result: " << validationResponse->resultCode << RawPointer(" host: ", server));
     }
 
     if (validationResponse->resultCode == ::Helper::Error) {