OpenSSL: More info on accept "unsupported protocol"
authorJeremy Harris <jgh146exb@wizmail.org>
Sun, 12 Apr 2020 15:48:10 +0000 (16:48 +0100)
committerJeremy Harris <jgh146exb@wizmail.org>
Sun, 12 Apr 2020 19:22:44 +0000 (20:22 +0100)
src/src/tls-openssl.c

index 146ed69..3f3fd8a 100644 (file)
@@ -2764,8 +2764,9 @@ if (rc <= 0)
     case SSL_ERROR_SSL:
       {
       uschar * s = US"SSL_accept";
-      unsigned long e = ERR_peek_error();
-      if (ERR_GET_REASON(e) == SSL_R_WRONG_VERSION_NUMBER)
+      int r = ERR_GET_REASON(ERR_peek_error());
+      if (  r == SSL_R_WRONG_VERSION_NUMBER
+         || r == SSL_R_UNKNOWN_PROTOCOL || r == SSL_R_UNSUPPORTED_PROTOCOL)
        s = string_sprintf("%s (%s)", s, SSL_get_version(server_ssl));
       (void) tls_error(s, NULL, sigalrm_seen ? US"timed out" : NULL, errstr);
       return FAIL;