SSL/TLS: fix bogus 'socket closed' error message

When we get there then the ssl handshake has failed, or
we could not create a ssl context because ssl library
initialization failed on startup.

Reflect that in the log message.

diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c
index ae1646c5571fb13da78362837330d48b245cdae5..6a0404f9e052e6b5e463505d711d3a95f1f48f8e 100644 (file)
--- a/src/ngircd/conn-ssl.c
+++ b/src/ngircd/conn-ssl.c
@@ -383,9 +383,10 @@ ConnSSL_Init_SSL(CONNECTION *c)
        int ret;
        assert(c != NULL);
 #ifdef HAVE_LIBSSL
-       if (!ssl_ctx)   /* NULL when library initialization failed */
+       if (!ssl_ctx) {
+               Log(LOG_ERR, "Cannot init ssl_ctx: OpenSSL initialization failed at startup");
                return false;
-
+       }
        assert(c->ssl_state.ssl == NULL);
 
        c->ssl_state.ssl = SSL_new(ssl_ctx);

diff --git a/src/ngircd/conn.c b/src/ngircd/conn.c
index 4367754061ab7779423af62dcefcc66f25b9a649..6994c8be8d7fb3876bc88961c95cac258a16f5d3 100644 (file)
--- a/src/ngircd/conn.c
+++ b/src/ngircd/conn.c
@@ -342,7 +342,7 @@ cb_clientserver_ssl(int sock, short what)
        case 0:
                return; /* EAGAIN: callback will be invoked again by IO layer */
        default:
-               Conn_Close(idx, "Socket closed!", "SSL accept error", false);
+               Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false);
                return;
        }
        if (what & IO_WANTREAD)