From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Tue, 1 Oct 2019 13:01:00 +0000 (+0100)
Subject: OpenSSL: clearer log message for TCP conn close at SSL_accept
X-Git-Url: https://git.exim.org/users/jgh/exim.git/commitdiff_plain/c31e16a54f91476ce97ccd4d53a18c5bced1b320?ds=sidebyside

OpenSSL: clearer log message for TCP conn close at SSL_accept
---

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index d165eb2c0..e072406fa 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -2630,8 +2630,41 @@ ALARM_CLR(0);
 
 if (rc <= 0)
   {
-  (void) tls_error(US"SSL_accept", NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
-  return FAIL;
+  int error = SSL_get_error(server_ssl, rc);
+  switch(error)
+    {
+    case SSL_ERROR_NONE:
+      break;
+
+    case SSL_ERROR_ZERO_RETURN:
+      DEBUG(D_tls) debug_printf("Got SSL_ERROR_ZERO_RETURN\n");
+      (void) tls_error(US"SSL_accept", NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
+
+      if (SSL_get_shutdown(server_ssl) == SSL_RECEIVED_SHUTDOWN)
+	    SSL_shutdown(server_ssl);
+
+      tls_close(NULL, TLS_NO_SHUTDOWN);
+      return FAIL;
+
+    /* Handle genuine errors */
+    case SSL_ERROR_SSL:
+      (void) tls_error(US"SSL_accept", NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
+      return FAIL;
+
+    default:
+      DEBUG(D_tls) debug_printf("Got SSL error %d\n", error);
+      if (error == SSL_ERROR_SYSCALL)
+	{
+	if (!errno)
+	  {
+	  *errstr = US"SSL_accept: TCP connection closed by peer";
+	  return FAIL;
+	  }
+	DEBUG(D_tls) debug_printf(" - syscall %s\n", strerror(errno));
+	}
+      (void) tls_error(US"SSL_accept", NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
+      return FAIL;
+    }
   }
 
 DEBUG(D_tls) debug_printf("SSL_accept was successful\n");
diff --git a/test/log/2111 b/test/log/2111
index 280a02d3a..d642c0435 100644
--- a/test/log/2111
+++ b/test/log/2111
@@ -8,5 +8,5 @@
 
 ******** SERVER ********
 1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port PORT_D
-1999-03-02 09:44:33 TLS error on connection from the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] (SSL_accept): error: <<detail omitted>>
+1999-03-02 09:44:33 TLS error on connection from the.local.host.name (myhost.test.ex) [ip4.ip4.ip4.ip4] SSL_accept: TCP connection closed by peer
 1999-03-02 09:44:33 10HmaY-0005vi-00 <= CALLER@myhost.test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtps X=TLS1.x:AES256-SHA:256 CV=yes DN="/C=UK/O=The Exim Maintainers/OU=Test Suite/CN=Phil Pennock" S=sss id=E10HmaX-0005vi-00@myhost.test.ex