32 #include <openssl/err.h>
33 #include <openssl/ssl.h>
46 void ToStdErr(
const char *tid,
const char *msg,
bool sslerr)
48 std::cerr <<
"TLS: " <<msg <<
'\n' <<std::flush;
96 int ssl_msg_CB(
const char *str,
size_t len,
void *u)
97 {
const char *tid = (
const char *)u;
98 msgCB(tid, str,
true);
99 if (echoMsg &&
msgCB != ToStdErr) ToStdErr(tid, str,
true);
109 if (!tid) tid =
"TLS";
114 {
msgCB(tid, msg,
false);
115 if (echoMsg &&
msgCB != ToStdErr) ToStdErr(tid, msg,
false);
120 if (flush) ERR_print_errors_cb(ssl_msg_CB, (
void *)tid);
131 return std::string(
"connection closed");
134 return std::string(
"x509 certificate is missing");
137 return std::string(
"context is missing");
140 return std::string(
"host name verification failed");
143 return std::string(
"TLS fatal error");
146 if (errno == 0)
return std::string(
"socket error");
150 return std::string(
"unknown error occurred, sorry!");
153 return std::string(
"x509 certificate verification failed");
156 return std::string(
"unhandled TLS accept");
159 return std::string(
"unhandled TLS connect");
162 return std::string(
"unhandled TLS read want");
165 return std::string(
"unhandled TLS write want");
170 return std::string(
"unfathomable error occurred!");
198 msgCB = (cbP ? cbP : ToStdErr);
210 {
case SSL_ERROR_NONE:
return TLS_AOK;
240 {
case SSL_ERROR_NONE:
return "error_none";
242 case SSL_ERROR_ZERO_RETURN:
return "zero_return";
244 case SSL_ERROR_WANT_READ:
return "want_read";
246 case SSL_ERROR_WANT_WRITE:
return "want_write";
248 case SSL_ERROR_WANT_ACCEPT:
return "want_accept";
250 case SSL_ERROR_WANT_CONNECT:
return "want_connect";
252 case SSL_ERROR_WANT_X509_LOOKUP:
return "want_x509_lookup";
254 case SSL_ERROR_SYSCALL:
return "error_syscall";
256 case SSL_ERROR_SSL:
return "error_ssl";
258 default:
return dflt;
const char * XrdSysE2T(int errcode)
void SetLogger(XrdSysLogger *logp)
void(* msgCB_t)(const char *tid, const char *msg, bool sslmsg)
static void SetMsgCB(msgCB_t cbP)
static std::string RC2Text(XrdTls::RC rc, bool dbg=false)
static RC ssl2RC(int sslrc)
static const int dbgOUT
Force msgs to stderr for easier client debug.
static void Emsg(const char *tid, const char *msg=0, bool flush=true)
static void ClearErrorQueue()
Clear the SSL error queue for the calling thread.
static const char * ssl2Text(int sslrc, const char *dflt="unknown_error")
@ TLS_AOK
All went well, will always be zero.
@ TLS_WantWrite
Reissue call when writes do not block.
@ TLS_HNV_Error
A hostname validation error occuured.
@ TLS_CON_Closed
TLS connection has been closed.
@ TLS_WantRead
Reissue call when reads do not block.
@ TLS_VER_Error
Certificate verification failed.
@ TLS_CRT_Missing
The x509 certificate missing.
@ TLS_WantAccept
Reissue call when Accept() completes.
@ TLS_UNK_Error
An unknown error occurred.
@ TLS_SYS_Error
A system call error occurred.
@ TLS_WantConnect
Reissue call when Connect() completes.
@ TLS_SSL_Error
An SSL error occurred.
@ TLS_CTX_Missing
The TLS context is missing.
static void SetDebug(int opts, XrdSysLogger *logP=0)
XrdSsiLogger::MCB_t * msgCB
XrdSysTrace SysTrace("TLS", 0)