resolved: log error messages for openssl/gnutls context creation

In https://bugzilla.redhat.com/show_bug.cgi?id=2322937 we're getting
an error message:
Okt 29 22:21:03 fedora systemd-resolved[29311]: Could not create manager: Cannot allocate memory
I expect that this actually comes from dnstls_manager_init(), the
openssl version. But without real logs it's hard to know for sure.

Use EIO instead of ENOMEM, because the problem is unlikely to be actually
related to memory.

diff --git a/src/resolve/resolved-dnstls-gnutls.c b/src/resolve/resolved-dnstls-gnutls.c
index 6ac026ee7942f942ac3914846c830a4c709806a7..321595f295ea9b9853681fe64e167f4e348f5284 100644 (file)
--- a/src/resolve/resolved-dnstls-gnutls.c
+++ b/src/resolve/resolved-dnstls-gnutls.c
@@ -236,7 +236,9 @@ int dnstls_manager_init(Manager *manager) {
 
         r = gnutls_certificate_allocate_credentials(&manager->dnstls_data.cert_cred);
         if (r < 0)
-                return -ENOMEM;
+                return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+                                         "Failed to allocate SSL credentials: %s",
+                                         gnutls_strerror(r));
 
         r = gnutls_certificate_set_x509_system_trust(manager->dnstls_data.cert_cred);
         if (r < 0)

diff --git a/src/resolve/resolved-dnstls-openssl.c b/src/resolve/resolved-dnstls-openssl.c
index 3112ccb677b75041418706a2c0eeca2e011fd719..d814c174ea2d272b3360298e80b380ec3e9db15c 100644 (file)
--- a/src/resolve/resolved-dnstls-openssl.c
+++ b/src/resolve/resolved-dnstls-openssl.c
@@ -394,11 +394,15 @@ int dnstls_manager_init(Manager *manager) {
 
         manager->dnstls_data.ctx = SSL_CTX_new(TLS_client_method());
         if (!manager->dnstls_data.ctx)
-                return -ENOMEM;
+                return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+                                         "Failed to create SSL context: %s",
+                                         ERR_error_string(ERR_get_error(), NULL));
 
         r = SSL_CTX_set_min_proto_version(manager->dnstls_data.ctx, TLS1_2_VERSION);
         if (r == 0)
-                return -EIO;
+                return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+                                         "Failed to set protocol version on SSL context: %s",
+                                         ERR_error_string(ERR_get_error(), NULL));
 
         (void) SSL_CTX_set_options(manager->dnstls_data.ctx, SSL_OP_NO_COMPRESSION);
 
@@ -407,7 +411,6 @@ int dnstls_manager_init(Manager *manager) {
                 return log_warning_errno(SYNTHETIC_ERRNO(EIO),
                                          "Failed to load system trust store: %s",
                                          ERR_error_string(ERR_get_error(), NULL));
-
         return 0;
 }