Merge pull request #7220 from Icinga/bugfix/asio-error-handling

Improve error handling with network connections (Boost ASIO)

lib/remote/apilistener.cpp

@@ -395,7 +395,7 @@ bool ApiListener::AddListener(const String& node, const String& service)
 		}
 	} catch (const std::exception& ex) {
 		Log(LogCritical, "ApiListener")
-			<< "Cannot bind TCP socket for host '" << node << "' on port '" << service << "': " << DiagnosticInformation(ex, false);
+			<< "Cannot bind TCP socket for host '" << node << "' on port '" << service << "': " << ex.what();
 		return false;
 	}
 
@@ -428,7 +428,7 @@ void ApiListener::ListenerCoroutineProc(boost::asio::yield_context yc, const std
 			asio::spawn(io, [this, sslConn](asio::yield_context yc) { NewClientHandler(yc, sslConn, String(), RoleServer); });
 		} catch (const std::exception& ex) {
 			Log(LogCritical, "ApiListener")
-				<< "Cannot accept new connection: " << DiagnosticInformation(ex, false);
+				<< "Cannot accept new connection: " << ex.what();
 		}
 	}
 }
@@ -521,11 +521,21 @@ void ApiListener::NewClientHandlerInternal(boost::asio::yield_context yc, const
 
 	auto& sslConn (client->next_layer());
 
-	try {
+	boost::system::error_code ec;
-		sslConn.async_handshake(role == RoleClient ? sslConn.client : sslConn.server, yc);
+
-	} catch (const std::exception& ex) {
+	sslConn.async_handshake(role == RoleClient ? sslConn.client : sslConn.server, yc[ec]);
+
+	if (ec) {
+		// https://github.com/boostorg/beast/issues/915
+		// Google Chrome 73+ seems not close the connection properly, https://stackoverflow.com/questions/56272906/how-to-fix-certificate-unknown-error-from-chrome-v73
+		if (ec == asio::ssl::error::stream_truncated) {
+			Log(LogNotice, "ApiListener")
+				<< "TLS stream was truncated, ignoring connection from " << conninfo;
+			return;
+		}
+
 		Log(LogCritical, "ApiListener")
-			<< "Client TLS handshake failed (" << conninfo << "): " << DiagnosticInformation(ex, false);
+			<< "Client TLS handshake failed (" << conninfo << "): " << ec.message();
 		return;
 	}
 
@@ -605,11 +615,11 @@ void ApiListener::NewClientHandlerInternal(boost::asio::yield_context yc, const
 			if (client->async_fill(yc[ec]) == 0u) {
 				if (identity.IsEmpty()) {
 					Log(LogInformation, "ApiListener")
-						<< "No data received on new API connection. "
+						<< "No data received on new API connection " << conninfo << ". "
 						<< "Ensure that the remote endpoints are properly configured in a cluster setup.";
 				} else {
 					Log(LogWarning, "ApiListener")
-						<< "No data received on new API connection for identity '" << identity << "'. "
+						<< "No data received on new API connection " << conninfo << " for identity '" << identity << "'. "
 						<< "Ensure that the remote endpoints are properly configured in a cluster setup.";
 				}
 

lib/remote/httpserverconnection.cpp

@@ -530,7 +530,7 @@ void HttpServerConnection::ProcessMessages(boost::asio::yield_context yc)
 	} catch (const std::exception& ex) {
 		if (!m_ShuttingDown) {
 			Log(LogCritical, "HttpServerConnection")
-				<< "Unhandled exception while processing HTTP request: " << DiagnosticInformation(ex);
+				<< "Unhandled exception while processing HTTP request: " << ex.what();
 		}
 	}
 }