summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Harris <jgh146exb@wizmail.org>2023-07-15 16:12:58 +0100
committerJeremy Harris <jgh146exb@wizmail.org>2023-07-15 16:12:58 +0100
commitb90406e36cfef4cf6aaf104c3a403f6745763b5b (patch)
treec32d5eea10607f886cc0f39e345b6dc77b0faa22
parent05144fcef30e94a727e26e011f60df8bb851f07b (diff)
OpenSSL: add remote host info to log line for in-connection TLS error. Bug 3010
-rw-r--r--src/src/receive.c5
-rw-r--r--src/src/tls-openssl.c7
-rwxr-xr-xtest/runtest2
3 files changed, 9 insertions, 5 deletions
diff --git a/src/src/receive.c b/src/src/receive.c
index 0891a4a8c..4271561d7 100644
--- a/src/src/receive.c
+++ b/src/src/receive.c
@@ -3911,8 +3911,7 @@ else
break;
}
- g = string_append(NULL, 2, US"F=",
- sender_address[0] == 0 ? US"<>" : sender_address);
+ g = string_append(NULL, 2, US"F=", *sender_address ? sender_address : US"<>");
g = add_host_info_for_log(g);
log_write(0, LOG_MAIN|LOG_REJECT, "%Y %srejected by local_scan(): %.256s",
@@ -4056,7 +4055,7 @@ g = string_get(256);
g = string_append(g, 2,
fake_response == FAIL ? US"(= " : US"<= ",
- sender_address[0] == 0 ? US"<>" : sender_address);
+ *sender_address ? sender_address : US"<>");
if (message_reference)
g = string_append(g, 2, US" R=", message_reference);
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 22c8ea99a..2e537a160 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -4532,10 +4532,15 @@ switch(error)
/* Handle genuine errors */
case SSL_ERROR_SSL:
+ {
+ uschar * conn_info = smtp_get_connection_info();
+ if (Ustrncmp(conn_info, US"SMTP ", 5) == 0) conn_info += 5;
+ /* I'd like to get separated H= here, but too hard for now */
ERR_error_string_n(ERR_get_error(), ssl_errstring, sizeof(ssl_errstring));
- log_write(0, LOG_MAIN, "TLS error (SSL_read): %s", ssl_errstring);
+ log_write(0, LOG_MAIN, "TLS error (SSL_read): on %s %s", conn_info, ssl_errstring);
ssl_xfer_error = TRUE;
return FALSE;
+ }
default:
DEBUG(D_tls) debug_printf("Got SSL error %d\n", error);
diff --git a/test/runtest b/test/runtest
index e918b0cdf..17f7ab4c9 100755
--- a/test/runtest
+++ b/test/runtest
@@ -1556,7 +1556,7 @@ RESET_AFTER_EXTRA_LINE_READ:
# OpenSSL version variances
s/(TLS error on connection [^:]*: error:)[0-9A-F]{8}(:system library):(?:fopen|func\(4095\)|):(No such file or directory)$/$1xxxxxxxx$2:fopen:$3/;
- next if /TLS error \(SSL_read\): error:0A000126:SSL routines::unexpected eof while reading$/ ;
+ next if /TLS error \(SSL_read\): .*error:0A000126:SSL routines::unexpected eof while reading$/ ;
s/EVDATA: \K\(SSL_accept\): error:0A000126:SSL routines::unexpected eof while reading/SSL_accept: TCP connection closed by peer/;
s/(DANE attempt failed.*error:)[0-9A-F]{8}(:SSL routines:)(?:(?i)ssl3_get_server_certificate|tls_process_server_certificate|CONNECT_CR_CERT|)(?=:certificate verify failed$)/$1xxxxxxxx$2ssl3_get_server_certificate/;
s/(DKIM: validation error: )error:[0-9A-F]{8}:rsa routines:(?:(?i)int_rsa_verify|CRYPTO_internal):(?:bad signature|algorithm mismatch)$/$1Public key signature verification has failed./;