1 files changed, 41 insertions, 10 deletions

diff --git a/lib/server/SocketStreamTLS.cpp b/lib/server/SocketStreamTLS.cpp
index e6299bfa..fc9652b7 100644
--- a/lib/server/SocketStreamTLS.cpp
+++ b/lib/server/SocketStreamTLS.cpp
@@ -10,8 +10,7 @@
 #include "Box.h"
 
 #define TLS_CLASS_IMPLEMENTATION_CPP
-#include <openssl/ssl.h>
-#include <openssl/bio.h>
+
 #include <errno.h>
 #include <fcntl.h>
 
@@ -19,6 +18,10 @@
 #include <poll.h>
 #endif
 
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
 #include "autogen_ConnectionException.h"
 #include "autogen_ServerException.h"
 #include "BoxTime.h"
@@ -126,8 +129,8 @@ void SocketStreamTLS::Handshake(const TLSContext &rContext, bool IsServer)
 	mpBIO = ::BIO_new(::BIO_s_socket());
 	if(mpBIO == 0)
 	{
-		CryptoUtils::LogError("creating socket bio");
-		THROW_EXCEPTION(ServerException, TLSAllocationFailed)
+		THROW_EXCEPTION_MESSAGE(ServerException, TLSAllocationFailed,
+			"Failed to create SSL BIO: " << CryptoUtils::LogError("creating socket bio"));
 	}
 
 	tOSSocketHandle socket = GetSocketHandle();
@@ -137,8 +140,8 @@ void SocketStreamTLS::Handshake(const TLSContext &rContext, bool IsServer)
 	mpSSL = ::SSL_new(rContext.GetRawContext());
 	if(mpSSL == 0)
 	{
-		CryptoUtils::LogError("creating SSL object");
-		THROW_EXCEPTION(ServerException, TLSAllocationFailed)
+		THROW_EXCEPTION_MESSAGE(ServerException, TLSAllocationFailed,
+			"Failed to create SSL object: " << CryptoUtils::LogError("creating SSL object"));
 	}
 
 	// Make the socket non-blocking so timeouts on Read work
@@ -203,15 +206,43 @@ void SocketStreamTLS::Handshake(const TLSContext &rContext, bool IsServer)
 			
 		default: // (and SSL_ERROR_ZERO_RETURN)
 			// Error occured
+#if HAVE_DECL_SSL_R_EE_KEY_TOO_SMALL
+			int err_reason = ERR_GET_REASON(ERR_peek_error());
+			const char *file, *data;
+			int line, flags;
+			ERR_peek_error_line_data(&file, &line, &data, &flags);
+			long verify_result = SSL_get_verify_result(mpSSL);
+
+			if(se == SSL_ERROR_SSL && verify_result == X509_V_ERR_CA_KEY_TOO_SMALL)
+			{
+				// Would be nice to use GetPeerCommonName() in these error messages,
+				// but since the certificate isn't trusted, that might be misleading,
+				// and it's not available to us anyway :(
+
+				THROW_EXCEPTION_MESSAGE(ConnectionException, TLSPeerWeakCertificate,
+					(IsServer ? "Failed to accept connection from" :
+						"Failed to connect to") << " " << mPeerSocketDesc <<
+					": key too short for current security level");
+			}
+			else if(se == SSL_ERROR_SSL && verify_result == X509_V_ERR_CA_MD_TOO_WEAK)
+			{
+				THROW_EXCEPTION_MESSAGE(ConnectionException, TLSPeerWeakCertificate,
+					(IsServer ? "Failed to accept connection from" :
+						"Failed to connect to") << " " << mPeerSocketDesc <<
+					": hash too weak for current security level");
+			}
+			else
+#endif // HAVE_DECL_SSL_R_EE_KEY_TOO_SMALL
 			if(IsServer)
 			{
-				CryptoUtils::LogError("accepting connection");
-				THROW_EXCEPTION(ConnectionException, TLSHandshakeFailed)
+				THROW_EXCEPTION_MESSAGE(ConnectionException, TLSHandshakeFailed,
+					"Failed to accept connection: " <<
+					CryptoUtils::LogError("accepting connection"));
 			}
 			else
 			{
-				CryptoUtils::LogError("connecting");
-				THROW_EXCEPTION(ConnectionException, TLSHandshakeFailed)
+				THROW_EXCEPTION_MESSAGE(ConnectionException, TLSHandshakeFailed,
+					"Failed to connect: " << CryptoUtils::LogError("connecting"));
 			}
 		}
 	}