New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
when there are errors loading certificates with OpenSSL, log the SSL error stack #1552
Conversation
…error stack Signed-off-by: Michael Richardson <[email protected]>
This is a great addition, thank you. |
Roger Light <[email protected]> wrote:
This is a great addition, thank you. `net__print_ssl_error()` already
exists to print out the openssl error stack so I'd prefer to use that
than duplicate the code. So please either use that instead, basing on
the `fixes` branch and calling it as `net__print_ssl_error(NULL)`, and
possibly putting in your stack depth count into the implementation in
lib/net_mosq.c. Alternatively, give me the nod and I'll make the
changes myself, it's up to you.
I won't cycle back to this code for about ten days, so please go ahead.
Close this PR if you do the code.
|
Covers when loading certificates fails, or there are ENGINE problems. Closes #1552. Thanks to Michael Richardson.
I've made the changes now on the fixes branch. Thanks again. |
commit f16d9e2 Author: Roger A. Light <[email protected]> Date: Thu Feb 6 21:05:52 2020 +0000 Add file missing from earlier commit. commit c4e41f3 Author: Roger A. Light <[email protected]> Date: Thu Feb 6 16:43:29 2020 +0000 Back port db_dump from develop. Closes eclipse#1519. Thanks to Christoph Krey. commit 2a8c1d0 Merge: 17e20de 4408339 Author: Roger A. Light <[email protected]> Date: Thu Feb 6 16:20:52 2020 +0000 Merge branch 'coverity-fixes' into fixes commit 17e20de Author: Roger A. Light <[email protected]> Date: Thu Feb 6 16:12:29 2020 +0000 Fix session-expiry-interval for v5 clients using -c. Default behaviour for v5 clients using `-c` is now to use infinite length sessions, as with v3 clients. Closes eclipse#1546. Thanks to Kiran Pradeep. commit 078ad75 Author: Gianfranco Costamagna <[email protected]> Date: Wed Jan 22 12:29:41 2020 +0100 cmake: add ADNS enable/disable dynamic support Signed-off-by: Gianfranco Costamagna <[email protected]> commit e9a7150 Author: Gianfranco Costamagna <[email protected]> Date: Wed Jan 22 12:31:01 2020 +0100 Bugfix: enabling DLT was overriding everything else on linker flags because of error in cmake set keyword Signed-off-by: Gianfranco Costamagna <[email protected]> commit 7a5c2d4 Author: Gianfranco Costamagna <[email protected]> Date: Wed Jan 22 12:30:25 2020 +0100 Bugfix: include "deps" directory only if BUNDLED_DEPS has been provided and set to true Signed-off-by: Gianfranco Costamagna <[email protected]> commit 56d0b95 Author: Roger A. Light <[email protected]> Date: Wed Feb 5 15:19:55 2020 +0000 Fix `--remove-retained` not obeying the `-T` option. This means `--remove-retained -t bbc/# -T bbc/one/#` would remove all retained messages in `bbc/#`, instead of leaving all of the topics in `bbc/one/#`. Closes eclipse#1585. Thanks to Simon Moser. commit 3a89059 Author: Roger A. Light <[email protected]> Date: Tue Feb 4 17:11:11 2020 +0000 Don't call SSL_shutdown() if SSL init hasn't completed. commit 07c5462 Author: Roger A. Light <[email protected]> Date: Tue Feb 4 16:59:29 2020 +0000 Print OpenSSL errors in more situations Covers when loading certificates fails, or there are ENGINE problems. Closes eclipse#1552. Thanks to Michael Richardson. commit 27b4518 Author: Roger A. Light <[email protected]> Date: Tue Feb 4 16:05:58 2020 +0000 Improve password file parsing in the broker and mosqitto_passwd. Closes eclipse#1584. Thanks to panava. commit 4408339 Author: Roger A. Light <[email protected]> Date: Thu Jan 23 12:51:47 2020 +0000 Make consts unsigned where they are compared against unsigned. commit 5528dde Author: Roger A. Light <[email protected]> Date: Thu Jan 23 12:51:12 2020 +0000 Fix possible null dereferences. commit 05ec02b Author: Roger A. Light <[email protected]> Date: Thu Jan 23 10:55:49 2020 +0000 Remove dead values. commit 18f0508 Author: Roger A. Light <[email protected]> Date: Thu Jan 23 10:07:56 2020 +0000 Fix dereference before null check. Coverity Scan 1405815. commit db62f98 Author: Roger A. Light <[email protected]> Date: Thu Jan 23 09:35:28 2020 +0000 Fix unused value being overwritten. Coverity Scan 1400727.
Errors from the SSL library need to be logged in order to determine why mosquitto will not load a certificate. (With libssl 1.1.x, certificates with SHA1 message digest are no longer accepted, which can be hard to determine otherwise)
Signed-off-by: Michael Richardson [email protected]
Signed-off-by: Michael Richardson [email protected]
make test
with your changes locally?[YES, but there does not seem to be any tests in this repo]