aboutsummaryrefslogtreecommitdiffstats
path: root/socket.c
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2015-04-08 01:50:47 +0200
committerMatthias Andree <matthias.andree@gmx.de>2015-04-08 01:53:12 +0200
commitc3c106aceaf735c80d71b8bfc1c9927d39ed587e (patch)
tree26bfed39f09915d4eb18819ff757039d68aeb0dc /socket.c
parentc908f303231b2639f56ef75eecfb4260ac8b1dae (diff)
downloadfetchmail-c3c106aceaf735c80d71b8bfc1c9927d39ed587e.tar.gz
fetchmail-c3c106aceaf735c80d71b8bfc1c9927d39ed587e.tar.bz2
fetchmail-c3c106aceaf735c80d71b8bfc1c9927d39ed587e.zip
Detect/report server hang-up in SSL_connect().
This condition does not leave traces in the SSL error queue, and must be checked explicitly. Result from debugging Jerry Seibert's issue with outlook.com/pop3.live.com.
Diffstat (limited to 'socket.c')
-rw-r--r--socket.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/socket.c b/socket.c
index 5b25ac08..5ed62546 100644
--- a/socket.c
+++ b/socket.c
@@ -878,6 +878,7 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
int i;
int avoid_ssl_versions = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
long sslopts = SSL_OP_ALL;
+ int ssle_connect = 0;
SSL_load_error_strings();
SSL_library_init();
@@ -1019,8 +1020,18 @@ int SSLOpen(int sock, char *mycert, char *mykey, const char *myproto, int certck
}
if (SSL_set_fd(_ssl_context[sock], sock) == 0
- || SSL_connect(_ssl_context[sock]) < 1) {
+ || (ssle_connect = SSL_connect(_ssl_context[sock])) < 1) {
+ int e = errno;
+ unsigned long ssle_err_from_queue = ERR_peek_error();
+ unsigned long ssle_err_from_get_error = SSL_get_error(_ssl_context[sock], ssle_connect);
ERR_print_errors_fp(stderr);
+ if (SSL_ERROR_SYSCALL == ssle_err_from_get_error && 0 == ssle_err_from_queue) {
+ if (0 == ssle_connect) {
+ report(stderr, GT_("Server shut down connection prematurely during SSL_connect().\n"));
+ } else if (ssle_connect < 0) {
+ report(stderr, GT_("System error during SSL_connect(): %s\n"), strerror(e));
+ }
+ }
SSL_free( _ssl_context[sock] );
_ssl_context[sock] = NULL;
SSL_CTX_free(_ctx[sock]);