Commit e9b22711 authored by Michael Catanzaro's avatar Michael Catanzaro Committed by Michael Catanzaro

Improve handshake error messages as far as possible

Let's add a bit more detail to these very generic error messages.

Fixes #13
parent e943903b
Pipeline #90307 passed with stage
in 2 minutes and 14 seconds
......@@ -347,14 +347,21 @@ end_gnutls_io (GTlsConnectionGnutls *gnutls,
if (handshaking && !ever_handshaked)
{
if (g_error_matches (my_error, G_IO_ERROR, G_IO_ERROR_FAILED) ||
g_error_matches (my_error, G_IO_ERROR, G_IO_ERROR_BROKEN_PIPE) ||
status == GNUTLS_E_UNEXPECTED_PACKET_LENGTH ||
g_error_matches (my_error, G_IO_ERROR, G_IO_ERROR_BROKEN_PIPE))
{
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake: %s"), my_error->message);
g_clear_error (&my_error);
return G_TLS_CONNECTION_BASE_ERROR;
}
if (status == GNUTLS_E_UNEXPECTED_PACKET_LENGTH ||
status == GNUTLS_E_DECRYPTION_FAILED ||
status == GNUTLS_E_UNSUPPORTED_VERSION_PACKET)
{
g_clear_error (&my_error);
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake"));
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake: %s"), gnutls_strerror (status));
return G_TLS_CONNECTION_BASE_ERROR;
}
}
......@@ -377,8 +384,8 @@ end_gnutls_io (GTlsConnectionGnutls *gnutls,
if (handshaking && !ever_handshaked)
{
g_clear_error (&my_error);
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake"));
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake: %s"), gnutls_strerror (status));
return G_TLS_CONNECTION_BASE_ERROR;
}
......@@ -408,8 +415,8 @@ end_gnutls_io (GTlsConnectionGnutls *gnutls,
if (ret == GNUTLS_E_CERTIFICATE_ERROR)
{
g_clear_error (&my_error);
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
_("Unacceptable TLS certificate"));
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
_("Unacceptable TLS certificate"));
return G_TLS_CONNECTION_BASE_ERROR;
}
......
......@@ -135,8 +135,8 @@ end_openssl_io (GTlsConnectionOpenssl *openssl,
reason == SSL_R_UNKNOWN_PROTOCOL)
{
g_clear_error (&my_error);
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake"));
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake: %s"), ERR_reason_error_string (err));
return G_TLS_CONNECTION_BASE_ERROR;
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment