GnuTLS: more info on accept zero-error

[users/heiko/exim.git] / src / src / tls-gnu.c

diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index a351c34d671502076e2701c02f720b9b3b9addf4..eff9e8859bdd3a28e9252e4e7b15bc633e090aaf 100644 (file)
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -424,11 +424,14 @@ record_io_error(exim_gnutls_state_st *state, int rc, uschar *when, uschar *text)
 const uschar * msg;
 uschar * errstr;
 
-if (rc == GNUTLS_E_FATAL_ALERT_RECEIVED)
-  msg = string_sprintf("A TLS fatal alert has been received: %s",
-    US gnutls_alert_get_name(gnutls_alert_get(state->session)));
-else
-  msg = US gnutls_strerror(rc);
+msg = rc == GNUTLS_E_FATAL_ALERT_RECEIVED
+  ? string_sprintf("A TLS fatal alert has been received: %s",
+      US gnutls_alert_get_name(gnutls_alert_get(state->session)))
+  : rc == GNUTLS_E_PREMATURE_TERMINATION && errno
+  ? errno == ECONNRESET                /* Outlook does this to us right after sending us QUIT */
+  ? string_sprintf("syscall: %s", strerror(errno))
+  : string_sprintf("%s: syscall: %s", US gnutls_strerror(rc), strerror(errno))
+  : US gnutls_strerror(rc);
 
 (void) tls_error(when, msg, state->host, &errstr);
 
@@ -2603,9 +2606,9 @@ if (verify_check_given_host(CUSS &ob->tls_verify_cert_hostnames, host) == OK)
   {
   state->exp_tls_verify_cert_hostnames =
 #ifdef SUPPORT_I18N
-    string_domain_utf8_to_alabel(host->name, NULL);
+    string_domain_utf8_to_alabel(host->certname, NULL);
 #else
-    host->name;
+    host->certname;
 #endif
   DEBUG(D_tls)
     debug_printf("TLS: server cert verification includes hostname: \"%s\".\n",