OpenSSL: emit actual version on "wrong version number" error for SSL_accept

author: Jeremy Harris <jgh146exb@wizmail.org> 2019-10-04 10:21:24 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2019-10-19 23:49:46 +0100
commit: fa9e4a1d04268f4a7e46166f70b6d5def10297f9 (patch)
tree: ad9fd07315b747468abdd5dde6466583e5b9451b
parent: 1352e600b833220c32b8b02b9b38e22885e0db6d (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 7a625a8ba..247da092f 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -2706,8 +2706,14 @@ if (rc <= 0)
 
     /* Handle genuine errors */
     case SSL_ERROR_SSL:
-      (void) tls_error(US"SSL_accept", NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
+      {
+      uschar * s = US"SSL_accept";
+      ulong e = ERR_peek_error();
+      if (ERR_GET_REASON(e) == SSL_R_WRONG_VERSION_NUMBER)
+	s = string_sprintf("%s (%s)", s, SSL_get_version(server_ssl));
+      (void) tls_error(s, NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
       return FAIL;
+      }
 
     default:
       DEBUG(D_tls) debug_printf("Got SSL error %d\n", error);
author	Jeremy Harris <jgh146exb@wizmail.org>	2019-10-04 10:21:24 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2019-10-19 23:49:46 +0100
commit	fa9e4a1d04268f4a7e46166f70b6d5def10297f9 (patch)
tree	ad9fd07315b747468abdd5dde6466583e5b9451b
parent	1352e600b833220c32b8b02b9b38e22885e0db6d (diff)