From 92ec6f89960149c0b843725b0dc3bd3b643eba52 Mon Sep 17 00:00:00 2001
From: Chris Wilson <chris+github@qwirx.com>
Date: Thu, 7 Feb 2008 17:37:00 +0000
Subject: Improve error messages when loading SSL key files fails.

---
 lib/server/SSLLib.cpp          |  4 ++--
 lib/server/SSLLib.h            |  2 +-
 lib/server/SocketStreamTLS.cpp | 14 +++++++-------
 lib/server/TLSContext.cpp      | 14 ++++++++++----
 4 files changed, 20 insertions(+), 14 deletions(-)

(limited to 'lib/server')

diff --git a/lib/server/SSLLib.cpp b/lib/server/SSLLib.cpp
index e9c990b9..7ae93ee6 100644
--- a/lib/server/SSLLib.cpp
+++ b/lib/server/SSLLib.cpp
@@ -63,14 +63,14 @@ void SSLLib::Initialise()
 //		Created: 2003/08/06
 //
 // --------------------------------------------------------------------------
-void SSLLib::LogError(const char *ErrorDuringAction)
+void SSLLib::LogError(const std::string& rErrorDuringAction)
 {
 	unsigned long errcode;
 	char errname[256];		// SSL docs say at least 120 bytes
 	while((errcode = ERR_get_error()) != 0)
 	{
 		::ERR_error_string_n(errcode, errname, sizeof(errname));
-		BOX_ERROR("SSL error during " << ErrorDuringAction << ": " <<
+		BOX_ERROR("SSL error while " << rErrorDuringAction << ": " <<
 			errname);
 	}
 }
diff --git a/lib/server/SSLLib.h b/lib/server/SSLLib.h
index cdff4f04..5802a601 100644
--- a/lib/server/SSLLib.h
+++ b/lib/server/SSLLib.h
@@ -29,7 +29,7 @@
 namespace SSLLib
 {
 	void Initialise();
-	void LogError(const char *ErrorDuringAction);
+	void LogError(const std::string& rErrorDuringAction);
 };
 
 #endif // SSLLIB__H
diff --git a/lib/server/SocketStreamTLS.cpp b/lib/server/SocketStreamTLS.cpp
index 58dc5754..4ffe16b4 100644
--- a/lib/server/SocketStreamTLS.cpp
+++ b/lib/server/SocketStreamTLS.cpp
@@ -123,7 +123,7 @@ void SocketStreamTLS::Handshake(const TLSContext &rContext, bool IsServer)
 	mpBIO = ::BIO_new(::BIO_s_socket());
 	if(mpBIO == 0)
 	{
-		SSLLib::LogError("Create socket bio");
+		SSLLib::LogError("creating socket bio");
 		THROW_EXCEPTION(ServerException, TLSAllocationFailed)
 	}
 
@@ -134,7 +134,7 @@ void SocketStreamTLS::Handshake(const TLSContext &rContext, bool IsServer)
 	mpSSL = ::SSL_new(rContext.GetRawContext());
 	if(mpSSL == 0)
 	{
-		SSLLib::LogError("Create ssl");
+		SSLLib::LogError("creating SSL object");
 		THROW_EXCEPTION(ServerException, TLSAllocationFailed)
 	}
 
@@ -202,12 +202,12 @@ void SocketStreamTLS::Handshake(const TLSContext &rContext, bool IsServer)
 			// Error occured
 			if(IsServer)
 			{
-				SSLLib::LogError("Accept");
+				SSLLib::LogError("accepting connection");
 				THROW_EXCEPTION(ConnectionException, Conn_TLSHandshakeFailed)
 			}
 			else
 			{
-				SSLLib::LogError("Connect");
+				SSLLib::LogError("connecting");
 				THROW_EXCEPTION(ConnectionException, Conn_TLSHandshakeFailed)
 			}
 		}
@@ -334,7 +334,7 @@ int SocketStreamTLS::Read(void *pBuffer, int NBytes, int Timeout)
 			break;
 			
 		default:
-			SSLLib::LogError("Read");
+			SSLLib::LogError("reading");
 			THROW_EXCEPTION(ConnectionException, Conn_TLSReadFailed)
 			break;
 		}
@@ -399,7 +399,7 @@ void SocketStreamTLS::Write(const void *pBuffer, int NBytes)
 			break;
 		
 		default:
-			SSLLib::LogError("Write");
+			SSLLib::LogError("writing");
 			THROW_EXCEPTION(ConnectionException, Conn_TLSWriteFailed)
 			break;
 		}
@@ -441,7 +441,7 @@ void SocketStreamTLS::Shutdown(bool Read, bool Write)
 
 	if(::SSL_shutdown(mpSSL) < 0)
 	{
-		SSLLib::LogError("Shutdown");
+		SSLLib::LogError("shutting down");
 		THROW_EXCEPTION(ConnectionException, Conn_TLSShutdownFailed)
 	}
 
diff --git a/lib/server/TLSContext.cpp b/lib/server/TLSContext.cpp
index 49143801..ebc7384a 100644
--- a/lib/server/TLSContext.cpp
+++ b/lib/server/TLSContext.cpp
@@ -75,19 +75,25 @@ void TLSContext::Initialise(bool AsServer, const char *CertificatesFile, const c
 	// Setup our identity
 	if(::SSL_CTX_use_certificate_chain_file(mpContext, CertificatesFile) != 1)
 	{
-		SSLLib::LogError("Load certificates");
+		std::string msg = "loading certificates from ";
+		msg += CertificatesFile;
+		SSLLib::LogError(msg);
 		THROW_EXCEPTION(ServerException, TLSLoadCertificatesFailed)
 	}
 	if(::SSL_CTX_use_PrivateKey_file(mpContext, PrivateKeyFile, SSL_FILETYPE_PEM) != 1)
 	{
-		SSLLib::LogError("Load private key");
+		std::string msg = "loading private key from ";
+		msg += PrivateKeyFile;
+		SSLLib::LogError(msg);
 		THROW_EXCEPTION(ServerException, TLSLoadPrivateKeyFailed)
 	}
 	
 	// Setup the identify of CAs we trust
 	if(::SSL_CTX_load_verify_locations(mpContext, TrustedCAsFile, NULL) != 1)
 	{
-		SSLLib::LogError("Load CA cert");
+		std::string msg = "loading CA cert from ";
+		msg += TrustedCAsFile;
+		SSLLib::LogError(msg);
 		THROW_EXCEPTION(ServerException, TLSLoadTrustedCAsFailed)
 	}
 	
@@ -99,7 +105,7 @@ void TLSContext::Initialise(bool AsServer, const char *CertificatesFile, const c
 	// Setup allowed ciphers
 	if(::SSL_CTX_set_cipher_list(mpContext, CIPHER_LIST) != 1)
 	{
-		SSLLib::LogError("Set cipher list");
+		SSLLib::LogError("setting cipher list to " CIPHER_LIST);
 		THROW_EXCEPTION(ServerException, TLSSetCiphersFailed)
 	}
 }
-- 
cgit v1.2.3