Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 4adb4b99032b8f1a593cd48e856c0930f8523496
commit4adb4b99032b8f1a593cd48e856c0930f8523496[log] [tgz]
authorWilliam Lallemand <wlallemand@haproxy.org>Fri May 12 17:13:46 2023 +0200
committerWilliam Lallemand <wlallemand@haproxy.org>Fri May 12 17:43:58 2023 +0200
tree69d2704704e4b78cf47761f12fe59dd2e73b0677
parentee65efbfaea35df4038ec9a9a0fb8c63ad0eb0cc [diff]
MEDIUM: session/ssl: return the SSL error string during a SSL handshake error

SSL hanshake error were unable to dump the OpenSSL error string by
default, to do so it was mandatory to configure a error-log-format with
the ssl_fc_err fetch.

This patch implements the session_build_err_string() function which creates
the error log to send during session_kill_embryonic(), a special case is
made with CO_ER_SSL_HANDSHAKE which is able to dump the error string
with ERR_error_string().

Before:
    <134>May 12 17:14:04 haproxy[183151]: 127.0.0.1:49346 [12/May/2023:17:14:04.571] frt2/1: SSL handshake failure

After:
    <134>May 12 17:14:04 haproxy[183151]: 127.0.0.1:49346 [12/May/2023:17:14:04.571] frt2/1: SSL handshake failure (error:0A000418:SSL routines::tlsv1 alert unknown ca)
1 file changed
tree: 69d2704704e4b78cf47761f12fe59dd2e73b0677
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .mailmap
  16. .travis.yml
  17. BRANCHES
  18. CHANGELOG
  19. CONTRIBUTING
  20. INSTALL
  21. LICENSE
  22. MAINTAINERS
  23. Makefile
  24. README
  25. SUBVERS
  26. VERDATE
  27. VERSION