mirror of https://github.com/Icinga/icinga2.git
Michael Friedrich
parent
de5485060e
commit
87e63edb93
|
|
@ -38,11 +38,13 @@ bool I2_EXPORT TlsStream::m_SSLIndexInitialized = false;
|
||||||
TlsStream::TlsStream(const Socket::Ptr& socket, ConnectionRole role, const shared_ptr<SSL_CTX>& sslContext)
|
TlsStream::TlsStream(const Socket::Ptr& socket, ConnectionRole role, const shared_ptr<SSL_CTX>& sslContext)
|
||||||
: m_Socket(socket), m_Role(role)
|
: m_Socket(socket), m_Role(role)
|
||||||
{
|
{
|
||||||
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
|
|
||||||
m_SSL = shared_ptr<SSL>(SSL_new(sslContext.get()), SSL_free);
|
m_SSL = shared_ptr<SSL>(SSL_new(sslContext.get()), SSL_free);
|
||||||
|
|
||||||
if (!m_SSL) {
|
if (!m_SSL) {
|
||||||
std::ostringstream msgbuf;
|
msgbuf << "SSL_new() failed with code " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
msgbuf << "SSL_new() failed with code " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
|
||||||
Log(LogCritical, "TlsStream", msgbuf.str());
|
Log(LogCritical, "TlsStream", msgbuf.str());
|
||||||
|
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
|
|
@ -93,6 +95,9 @@ shared_ptr<X509> TlsStream::GetPeerCertificate(void) const
|
||||||
|
|
||||||
void TlsStream::Handshake(void)
|
void TlsStream::Handshake(void)
|
||||||
{
|
{
|
||||||
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
int rc, err;
|
int rc, err;
|
||||||
|
|
||||||
|
|
@ -121,8 +126,7 @@ void TlsStream::Handshake(void)
|
||||||
Close();
|
Close();
|
||||||
return;
|
return;
|
||||||
default:
|
default:
|
||||||
std::ostringstream msgbuf;
|
msgbuf << "SSL_do_handshake() failed with code " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
msgbuf << "SSL_do_handshake() failed with code " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
|
||||||
Log(LogCritical, "TlsStream", msgbuf.str());
|
Log(LogCritical, "TlsStream", msgbuf.str());
|
||||||
|
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
|
|
@ -138,6 +142,8 @@ void TlsStream::Handshake(void)
|
||||||
size_t TlsStream::Read(void *buffer, size_t count)
|
size_t TlsStream::Read(void *buffer, size_t count)
|
||||||
{
|
{
|
||||||
size_t left = count;
|
size_t left = count;
|
||||||
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
|
|
||||||
while (left > 0) {
|
while (left > 0) {
|
||||||
int rc, err;
|
int rc, err;
|
||||||
|
|
@ -166,8 +172,7 @@ size_t TlsStream::Read(void *buffer, size_t count)
|
||||||
Close();
|
Close();
|
||||||
return count - left;
|
return count - left;
|
||||||
default:
|
default:
|
||||||
std::ostringstream msgbuf;
|
msgbuf << "SSL_read() failed with code " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
msgbuf << "SSL_read() failed with code " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
|
||||||
Log(LogCritical, "TlsStream", msgbuf.str());
|
Log(LogCritical, "TlsStream", msgbuf.str());
|
||||||
|
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
|
|
@ -185,6 +190,8 @@ size_t TlsStream::Read(void *buffer, size_t count)
|
||||||
void TlsStream::Write(const void *buffer, size_t count)
|
void TlsStream::Write(const void *buffer, size_t count)
|
||||||
{
|
{
|
||||||
size_t left = count;
|
size_t left = count;
|
||||||
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
|
|
||||||
while (left > 0) {
|
while (left > 0) {
|
||||||
int rc, err;
|
int rc, err;
|
||||||
|
|
@ -213,8 +220,7 @@ void TlsStream::Write(const void *buffer, size_t count)
|
||||||
Close();
|
Close();
|
||||||
return;
|
return;
|
||||||
default:
|
default:
|
||||||
std::ostringstream msgbuf;
|
msgbuf << "SSL_write() failed with code " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
msgbuf << "SSL_write() failed with code " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
|
||||||
Log(LogCritical, "TlsStream", msgbuf.str());
|
Log(LogCritical, "TlsStream", msgbuf.str());
|
||||||
|
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
|
|
|
||||||
|
|
@ -77,6 +77,8 @@ static void InitializeOpenSSL(void)
|
||||||
shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& privkey, const String& cakey)
|
shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& privkey, const String& cakey)
|
||||||
{
|
{
|
||||||
std::ostringstream msgbuf;
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
|
|
||||||
InitializeOpenSSL();
|
InitializeOpenSSL();
|
||||||
|
|
||||||
shared_ptr<SSL_CTX> sslContext = shared_ptr<SSL_CTX>(SSL_CTX_new(TLSv1_method()), SSL_CTX_free);
|
shared_ptr<SSL_CTX> sslContext = shared_ptr<SSL_CTX>(SSL_CTX_new(TLSv1_method()), SSL_CTX_free);
|
||||||
|
|
@ -84,7 +86,7 @@ shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& privkey,
|
||||||
SSL_CTX_set_mode(sslContext.get(), SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
|
SSL_CTX_set_mode(sslContext.get(), SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
|
||||||
|
|
||||||
if (!SSL_CTX_use_certificate_chain_file(sslContext.get(), pubkey.CStr())) {
|
if (!SSL_CTX_use_certificate_chain_file(sslContext.get(), pubkey.CStr())) {
|
||||||
msgbuf << "Error with public key file '" << pubkey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error with public key file '" << pubkey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("SSL_CTX_use_certificate_chain_file")
|
<< boost::errinfo_api_function("SSL_CTX_use_certificate_chain_file")
|
||||||
|
|
@ -93,7 +95,7 @@ shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& privkey,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!SSL_CTX_use_PrivateKey_file(sslContext.get(), privkey.CStr(), SSL_FILETYPE_PEM)) {
|
if (!SSL_CTX_use_PrivateKey_file(sslContext.get(), privkey.CStr(), SSL_FILETYPE_PEM)) {
|
||||||
msgbuf << "Error with private key file '" << privkey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error with private key file '" << privkey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("SSL_CTX_use_PrivateKey_file")
|
<< boost::errinfo_api_function("SSL_CTX_use_PrivateKey_file")
|
||||||
|
|
@ -102,7 +104,7 @@ shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& privkey,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!SSL_CTX_check_private_key(sslContext.get())) {
|
if (!SSL_CTX_check_private_key(sslContext.get())) {
|
||||||
msgbuf << "Error checking private key '" << privkey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error checking private key '" << privkey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("SSL_CTX_check_private_key")
|
<< boost::errinfo_api_function("SSL_CTX_check_private_key")
|
||||||
|
|
@ -110,7 +112,7 @@ shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& privkey,
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!SSL_CTX_load_verify_locations(sslContext.get(), cakey.CStr(), NULL)) {
|
if (!SSL_CTX_load_verify_locations(sslContext.get(), cakey.CStr(), NULL)) {
|
||||||
msgbuf << "Error loading and verifying locations in ca key file '" << cakey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error loading and verifying locations in ca key file '" << cakey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("SSL_CTX_load_verify_locations")
|
<< boost::errinfo_api_function("SSL_CTX_load_verify_locations")
|
||||||
|
|
@ -122,7 +124,7 @@ shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& privkey,
|
||||||
|
|
||||||
cert_names = SSL_load_client_CA_file(cakey.CStr());
|
cert_names = SSL_load_client_CA_file(cakey.CStr());
|
||||||
if (cert_names == NULL) {
|
if (cert_names == NULL) {
|
||||||
msgbuf << "Error loading client ca key file '" << cakey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error loading client ca key file '" << cakey << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("SSL_load_client_CA_file")
|
<< boost::errinfo_api_function("SSL_load_client_CA_file")
|
||||||
|
|
@ -144,13 +146,14 @@ shared_ptr<SSL_CTX> MakeSSLContext(const String& pubkey, const String& privkey,
|
||||||
void AddCRLToSSLContext(const shared_ptr<SSL_CTX>& context, const String& crlPath)
|
void AddCRLToSSLContext(const shared_ptr<SSL_CTX>& context, const String& crlPath)
|
||||||
{
|
{
|
||||||
std::ostringstream msgbuf;
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
X509_STORE *x509_store = SSL_CTX_get_cert_store(context.get());
|
X509_STORE *x509_store = SSL_CTX_get_cert_store(context.get());
|
||||||
|
|
||||||
X509_LOOKUP *lookup;
|
X509_LOOKUP *lookup;
|
||||||
lookup = X509_STORE_add_lookup(x509_store, X509_LOOKUP_file());
|
lookup = X509_STORE_add_lookup(x509_store, X509_LOOKUP_file());
|
||||||
|
|
||||||
if (!lookup) {
|
if (!lookup) {
|
||||||
msgbuf << "Error adding X509 store lookup: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error adding X509 store lookup: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("X509_STORE_add_lookup")
|
<< boost::errinfo_api_function("X509_STORE_add_lookup")
|
||||||
|
|
@ -158,7 +161,7 @@ void AddCRLToSSLContext(const shared_ptr<SSL_CTX>& context, const String& crlPat
|
||||||
}
|
}
|
||||||
|
|
||||||
if (X509_LOOKUP_load_file(lookup, crlPath.CStr(), X509_FILETYPE_PEM) != 0) {
|
if (X509_LOOKUP_load_file(lookup, crlPath.CStr(), X509_FILETYPE_PEM) != 0) {
|
||||||
msgbuf << "Error loading crl file '" << crlPath << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error loading crl file '" << crlPath << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("X509_LOOKUP_load_file")
|
<< boost::errinfo_api_function("X509_LOOKUP_load_file")
|
||||||
|
|
@ -181,13 +184,14 @@ void AddCRLToSSLContext(const shared_ptr<SSL_CTX>& context, const String& crlPat
|
||||||
String GetCertificateCN(const shared_ptr<X509>& certificate)
|
String GetCertificateCN(const shared_ptr<X509>& certificate)
|
||||||
{
|
{
|
||||||
std::ostringstream msgbuf;
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
char buffer[256];
|
char buffer[256];
|
||||||
|
|
||||||
int rc = X509_NAME_get_text_by_NID(X509_get_subject_name(certificate.get()),
|
int rc = X509_NAME_get_text_by_NID(X509_get_subject_name(certificate.get()),
|
||||||
NID_commonName, buffer, sizeof(buffer));
|
NID_commonName, buffer, sizeof(buffer));
|
||||||
|
|
||||||
if (rc == -1) {
|
if (rc == -1) {
|
||||||
msgbuf << "Error with x509 NAME getting text by NID: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error with x509 NAME getting text by NID: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("X509_NAME_get_text_by_NID")
|
<< boost::errinfo_api_function("X509_NAME_get_text_by_NID")
|
||||||
|
|
@ -206,11 +210,12 @@ String GetCertificateCN(const shared_ptr<X509>& certificate)
|
||||||
shared_ptr<X509> GetX509Certificate(const String& pemfile)
|
shared_ptr<X509> GetX509Certificate(const String& pemfile)
|
||||||
{
|
{
|
||||||
std::ostringstream msgbuf;
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
X509 *cert;
|
X509 *cert;
|
||||||
BIO *fpcert = BIO_new(BIO_s_file());
|
BIO *fpcert = BIO_new(BIO_s_file());
|
||||||
|
|
||||||
if (fpcert == NULL) {
|
if (fpcert == NULL) {
|
||||||
msgbuf << "Error creating new BIO: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error creating new BIO: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("BIO_new")
|
<< boost::errinfo_api_function("BIO_new")
|
||||||
|
|
@ -218,7 +223,7 @@ shared_ptr<X509> GetX509Certificate(const String& pemfile)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (BIO_read_filename(fpcert, pemfile.CStr()) < 0) {
|
if (BIO_read_filename(fpcert, pemfile.CStr()) < 0) {
|
||||||
msgbuf << "Error reading pem file '" << pemfile << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error reading pem file '" << pemfile << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("BIO_read_filename")
|
<< boost::errinfo_api_function("BIO_read_filename")
|
||||||
|
|
@ -228,7 +233,7 @@ shared_ptr<X509> GetX509Certificate(const String& pemfile)
|
||||||
|
|
||||||
cert = PEM_read_bio_X509_AUX(fpcert, NULL, NULL, NULL);
|
cert = PEM_read_bio_X509_AUX(fpcert, NULL, NULL, NULL);
|
||||||
if (cert == NULL) {
|
if (cert == NULL) {
|
||||||
msgbuf << "Error on bio X509 AUX reading pem file '" << pemfile << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error on bio X509 AUX reading pem file '" << pemfile << "': " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("PEM_read_bio_X509_AUX")
|
<< boost::errinfo_api_function("PEM_read_bio_X509_AUX")
|
||||||
|
|
@ -282,11 +287,12 @@ int MakeX509CSR(const char *cn, const char *keyfile, const char *csrfile)
|
||||||
String SHA256(const String& s)
|
String SHA256(const String& s)
|
||||||
{
|
{
|
||||||
std::ostringstream msgbuf;
|
std::ostringstream msgbuf;
|
||||||
|
char errbuf[120];
|
||||||
SHA256_CTX context;
|
SHA256_CTX context;
|
||||||
unsigned char digest[SHA256_DIGEST_LENGTH];
|
unsigned char digest[SHA256_DIGEST_LENGTH];
|
||||||
|
|
||||||
if (!SHA256_Init(&context)) {
|
if (!SHA256_Init(&context)) {
|
||||||
msgbuf << "Error on SHA256 Init: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error on SHA256 Init: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("SHA256_Init")
|
<< boost::errinfo_api_function("SHA256_Init")
|
||||||
|
|
@ -294,7 +300,7 @@ String SHA256(const String& s)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!SHA256_Update(&context, (unsigned char*)s.CStr(), s.GetLength())) {
|
if (!SHA256_Update(&context, (unsigned char*)s.CStr(), s.GetLength())) {
|
||||||
msgbuf << "Error on SHA256 Update: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error on SHA256 Update: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("SHA256_Update")
|
<< boost::errinfo_api_function("SHA256_Update")
|
||||||
|
|
@ -302,7 +308,7 @@ String SHA256(const String& s)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!SHA256_Final(digest, &context)) {
|
if (!SHA256_Final(digest, &context)) {
|
||||||
msgbuf << "Error on SHA256 Final: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), NULL) << "\"";
|
msgbuf << "Error on SHA256 Final: " << ERR_get_error() << ", \"" << ERR_error_string(ERR_get_error(), errbuf) << "\"";
|
||||||
Log(LogCritical, "SSL", msgbuf.str());
|
Log(LogCritical, "SSL", msgbuf.str());
|
||||||
BOOST_THROW_EXCEPTION(openssl_error()
|
BOOST_THROW_EXCEPTION(openssl_error()
|
||||||
<< boost::errinfo_api_function("SHA256_Final")
|
<< boost::errinfo_api_function("SHA256_Final")
|
||||||
|
|
|
||||||
|
|
@ -49,8 +49,9 @@ inline std::string to_string(const errinfo_openssl_error& e)
|
||||||
{
|
{
|
||||||
std::ostringstream tmp;
|
std::ostringstream tmp;
|
||||||
int code = e.value();
|
int code = e.value();
|
||||||
|
char errbuf[120];
|
||||||
|
|
||||||
const char *message = ERR_error_string(code, NULL);
|
const char *message = ERR_error_string(code, errbuf);
|
||||||
|
|
||||||
if (message == NULL)
|
if (message == NULL)
|
||||||
message = "Unknown error.";
|
message = "Unknown error.";
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue