Bug 4236: SSL negotiation error of 'success'

author Nathan Hoad <nathan@getoffmalawn.com>

Wed, 13 May 2015 12:00:37 +0000 (05:00 -0700)

committer Amos Jeffries <squid3@treenet.co.nz>

Wed, 13 May 2015 12:00:37 +0000 (05:00 -0700)
author Nathan Hoad <nathan@getoffmalawn.com>
Wed, 13 May 2015 12:00:37 +0000 (05:00 -0700)
committer Amos Jeffries <squid3@treenet.co.nz>
Wed, 13 May 2015 12:00:37 +0000 (05:00 -0700)
diff --git a/src/client_side.cc b/src/client_side.cc

index b211aec49355ce597015bb4051b0c0f0bbec7f5c..93a54dceaf92a0bb2967508b1cafc35740451317 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -3572,7 +3572,9 @@ Squid_SSL_accept(ConnStateData *conn, PF *callback)
      SSL *ssl = fd_table[fd].ssl;
      int ret;
  
+    errno = 0;
      if ((ret = SSL_accept(ssl)) <= 0) {
+        int xerrno = errno;
          int ssl_error = SSL_get_error(ssl, ret);
  
          switch (ssl_error) {
@@ -3586,17 +3588,11 @@ Squid_SSL_accept(ConnStateData *conn, PF *callback)
              return 0;
  
          case SSL_ERROR_SYSCALL:
-
              if (ret == 0) {
                  debugs(83, 2, "Error negotiating SSL connection on FD " << fd << ": Aborted by client: " << ssl_error);
              } else {
-                int hard = 1;
-
-                if (errno == ECONNRESET)
-                    hard = 0;
-
-                debugs(83, hard ? 1 : 2, "Error negotiating SSL connection on FD " <<
-                       fd << ": " << strerror(errno) << " (" << errno << ")");
+                debugs(83, (xerrno == ECONNRESET) ? 1 : 2, "Error negotiating SSL connection on FD " << fd << ": " <<
+                           (xerrno == 0 ? ERR_error_string(ssl_error, NULL) : xstrerr(xerrno)));
              }
              return -1;
author	Nathan Hoad <nathan@getoffmalawn.com>
	Wed, 13 May 2015 12:00:37 +0000 (05:00 -0700)
committer	Amos Jeffries <squid3@treenet.co.nz>
	Wed, 13 May 2015 12:00:37 +0000 (05:00 -0700)