From 89b65cfd52a0e78255a149d8a6ee5d12936a32c7 Mon Sep 17 00:00:00 2001 From: Remi Tricot-Le Breton Date: Thu, 29 Jul 2021 09:45:50 +0200 Subject: [PATCH] MINOR: ssl: Enable error fetches in case of handshake error The ssl_c_err, ssl_c_ca_err and ssl_c_ca_err_depth sample fetches values were not recoverable when the connection failed because of the test "conn->flags & CO_FL_WAIT_XPRT" (which required the connection to be established). They could then not be used in a log-format since whenever they would have sent a non-null value, the value fetching was disabled. This patch ensures that all these values can be fetched in case of connection failure. --- src/ssl_sample.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/ssl_sample.c b/src/ssl_sample.c index 5509e1f22..d6315267f 100644 --- a/src/ssl_sample.c +++ b/src/ssl_sample.c @@ -1342,11 +1342,14 @@ smp_fetch_ssl_c_ca_err(const struct arg *args, struct sample *smp, const char *k return 0; ctx = conn->xprt_ctx; - if (conn->flags & CO_FL_WAIT_XPRT) { + if (conn->flags & CO_FL_WAIT_XPRT && !conn->err_code) { smp->flags = SMP_F_MAY_CHANGE; return 0; } + if (!ctx) + return 0; + smp->data.type = SMP_T_SINT; smp->data.u.sint = (unsigned long long int)SSL_SOCK_ST_TO_CA_ERROR(ctx->xprt_st); smp->flags = SMP_F_VOL_SESS; @@ -1365,12 +1368,15 @@ smp_fetch_ssl_c_ca_err_depth(const struct arg *args, struct sample *smp, const c if (!conn || conn->xprt != &ssl_sock) return 0; - if (conn->flags & CO_FL_WAIT_XPRT) { + if (conn->flags & CO_FL_WAIT_XPRT && !conn->err_code) { smp->flags = SMP_F_MAY_CHANGE; return 0; } ctx = conn->xprt_ctx; + if (!ctx) + return 0; + smp->data.type = SMP_T_SINT; smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CAEDEPTH(ctx->xprt_st); smp->flags = SMP_F_VOL_SESS; @@ -1389,13 +1395,16 @@ smp_fetch_ssl_c_err(const struct arg *args, struct sample *smp, const char *kw, if (!conn || conn->xprt != &ssl_sock) return 0; - if (conn->flags & CO_FL_WAIT_XPRT) { + if (conn->flags & CO_FL_WAIT_XPRT && !conn->err_code) { smp->flags = SMP_F_MAY_CHANGE; return 0; } ctx = conn->xprt_ctx; + if (!ctx) + return 0; + smp->data.type = SMP_T_SINT; smp->data.u.sint = (long long int)SSL_SOCK_ST_TO_CRTERROR(ctx->xprt_st); smp->flags = SMP_F_VOL_SESS;