From 2f3e52b5c8110680454503a5551fb4fbbf7b2c2a Mon Sep 17 00:00:00 2001
From: Christos Tsantilas <chtsanti@users.sourceforge.net>
Date: Fri, 18 Nov 2011 18:40:10 +0200
Subject: [PATCH] Fill access log's %error_detail when responding with
 ERR_SECURE_CONNECT_FAIL.

This is a Measurement Factory project
---
 src/format/Format.cc  | 12 ++++++++++++
 src/forward.cc        |  5 +++++
 src/ssl/ErrorDetail.h |  2 ++
 3 files changed, 19 insertions(+)

diff --git a/src/format/Format.cc b/src/format/Format.cc
index 13708abed8..02eadd2947 100644
--- a/src/format/Format.cc
+++ b/src/format/Format.cc
@@ -11,6 +11,10 @@
 #include "rfc1738.h"
 #include "SquidTime.h"
 #include "Store.h"
+#if USE_SSL
+#include "ssl/ErrorDetail.h"
+#endif
+
 
 /// Convert a string to NULL pointer if it is ""
 #define strOrNull(s) ((s)==NULL||(s)[0]=='\0'?NULL:(s))
@@ -822,6 +826,14 @@ Format::Format::assemble(MemBuf &mb, AccessLogEntry *al, int logSequenceNumber)
             break;
 
         case LFT_SQUID_ERROR_DETAIL:
+#if USE_SSL
+            if (al->request && al->request->errType == ERR_SECURE_CONNECT_FAIL) {
+                if (! (out = Ssl::GetErrorName(al->request->errDetail))) {
+                    snprintf(tmp, sizeof(tmp), "SSL_ERR=%d", al->request->errDetail);
+                    out = tmp;
+                }
+            } else 
+#endif
             if (al->request && al->request->errDetail != ERR_DETAIL_NONE) {
                 if (al->request->errDetail > ERR_DETAIL_START  &&
                         al->request->errDetail < ERR_DETAIL_MAX)
diff --git a/src/forward.cc b/src/forward.cc
index c1462c9101..f2bb3e22f4 100644
--- a/src/forward.cc
+++ b/src/forward.cc
@@ -332,6 +332,11 @@ FwdState::fail(ErrorState * errorState)
     if (!errorState->request)
         errorState->request = HTTPMSGLOCK(request);
 
+#if USE_SSL
+    if (errorState->type == ERR_SECURE_CONNECT_FAIL && errorState->detail)
+        request->detailError(errorState->type, errorState->detail->errorNo());
+    else
+#endif
     request->detailError(errorState->type, errorState->xerrno);
 }
 
diff --git a/src/ssl/ErrorDetail.h b/src/ssl/ErrorDetail.h
index 94c84072bf..2e28962636 100644
--- a/src/ssl/ErrorDetail.h
+++ b/src/ssl/ErrorDetail.h
@@ -52,6 +52,8 @@ public:
     void useRequest(HttpRequest *aRequest) { if (aRequest != NULL) request = aRequest;}
     /// The error name to embed in squid error pages
     const char *errorName() const {return err_code();}
+    /// The error no
+    ssl_error_t errorNo() const {return error_no;}
     ///Sets the low-level error returned by OpenSSL ERR_get_error()
     void setLibError(unsigned long lib_err_no) {lib_error_no = lib_err_no;}
 
-- 
2.47.2