From: Frédéric Lécaille Date: Tue, 28 Sep 2021 07:04:12 +0000 (+0200) Subject: MINOR: quic: Add a function to dump SSL stack errors X-Git-Tag: v2.5-dev9~43 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6f0fadb5a79959bfa0c7796164393952d3427aed;p=thirdparty%2Fhaproxy.git MINOR: quic: Add a function to dump SSL stack errors This has been very helpful to fix SSL related issues. --- diff --git a/src/xprt_quic.c b/src/xprt_quic.c index d7cef7631c..750e4d016c 100644 --- a/src/xprt_quic.c +++ b/src/xprt_quic.c @@ -1562,6 +1562,26 @@ static inline int qc_parse_ack_frm(struct quic_frame *frm, struct ssl_sock_ctx * return 0; } +/* This function gives the detail of the SSL error. It is used only + * if the debug mode and the verbose mode are activated. It dump all + * the SSL error until the stack was empty. + */ +static forceinline void qc_ssl_dump_errors(struct connection *conn) +{ + if (unlikely(global.mode & MODE_DEBUG)) { + while (1) { + unsigned long ret; + + ret = ERR_get_error(); + if (!ret) + return; + + fprintf(stderr, "conn. @%p OpenSSL error[0x%lx] %s: %s\n", conn, ret, + ERR_func_error_string(ret), ERR_reason_error_string(ret)); + } + } +} + /* Provide CRYPTO data to the TLS stack found at with as length * from encryption level with as QUIC connection context. * Remaining parameter are there for debugging purposes.