Improve error message when the connection is terminated during handshake

If an openssl client v1.0.2m makes a connection to an SSL server, and if the server disconnects the connection without saying anything (zero bytes are sent), openssl doesn't explicitly declare this in the error message.

While in theory this is a handshake failure, there is no attempt to log why the handshake failed.

Would it be correct to add an additional line before

-> 177 SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);

to state that the remote server terminated the connection unexpectedly?

Or are there other types of handshake failures that could cause is to reach this line with n equal to zero?

(lldb) run Process 8811 launched: './apps/openssl' (i386) CONNECTED(00000003) Process 8811 stopped

thread #1, queue = 'com.apple.main-thread', stop reason = breakpoint 4.1 frame #0: 0x000ab0e3 openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:103 100 unsigned char *p; 101 int j; 102
-> 103 if (s->packet_length < (unsigned int)n) { 104 p = s->packet; 105
106 for (;;) { Target 0: (openssl) stopped. (lldb) next Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000ab0f2 openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:104 101 int j; 102
103 if (s->packet_length < (unsigned int)n) { -> 104 p = s->packet; 105
106 for (;;) { 107 s->rwstate = SSL_READING; Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000ab0fb openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:107 104 p = s->packet; 105
106 for (;;) { -> 107 s->rwstate = SSL_READING; 108 j = BIO_read(s->rbio, (char *)&(p[s->packet_length]), 109 n - s->packet_length); 110 if (j <= 0) Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000ab105 openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:108 105
106 for (;;) { 107 s->rwstate = SSL_READING; -> 108 j = BIO_read(s->rbio, (char *)&(p[s->packet_length]), 109 n - s->packet_length); 110 if (j <= 0) 111 return j; Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000ab114 openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:109 106 for (;;) { 107 s->rwstate = SSL_READING; 108 j = BIO_read(s->rbio, (char *)&(p[s->packet_length]), -> 109 n - s->packet_length); 110 if (j <= 0) 111 return j; 112 s->rwstate = SSL_NOTHING; Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000ab11d openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:108 105
106 for (;;) { 107 s->rwstate = SSL_READING; -> 108 j = BIO_read(s->rbio, (char *)&(p[s->packet_length]), 109 n - s->packet_length); 110 if (j <= 0) 111 return j; Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000ab130 openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:110 107 s->rwstate = SSL_READING; 108 j = BIO_read(s->rbio, (char *)&(p[s->packet_length]), 109 n - s->packet_length); -> 110 if (j <= 0) 111 return j; 112 s->rwstate = SSL_NOTHING; 113 s->packet_length += j; Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000ab13a openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:111 108 j = BIO_read(s->rbio, (char *)&(p[s->packet_length]), 109 n - s->packet_length); 110 if (j <= 0) -> 111 return j; 112 s->rwstate = SSL_NOTHING; 113 s->packet_length += j; 114 if (s->packet_length >= (unsigned int)n) Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000ab183 openssl`ssl23_read_bytes(s=0x01803c70, n=7) at s23_pkt.c:119 116 } 117 } 118 return (n); -> 119 } Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000aa181 openssl`ssl23_get_server_hello(s=0x01803c70) at s23_clnt.c:627 624 int i; 625 int n; 626
-> 627 n = ssl23_read_bytes(s, 7); 628
629 if (n != 7) 630 return (n); Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000aa184 openssl`ssl23_get_server_hello(s=0x01803c70) at s23_clnt.c:629 626
627 n = ssl23_read_bytes(s, 7); 628
-> 629 if (n != 7) 630 return (n); 631 p = s->packet; 632
Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000aa18e openssl`ssl23_get_server_hello(s=0x01803c70) at s23_clnt.c:630 627 n = ssl23_read_bytes(s, 7); 628
629 if (n != 7) -> 630 return (n); 631 p = s->packet; 632
633 memcpy(buf, p, n); Target 0: (openssl) stopped. (lldb) print n (int) $4 = 0 (lldb) next Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000aa8cc openssl`ssl23_get_server_hello(s=0x01803c70) at s23_clnt.c:833 830 return (SSL_connect(s)); 831 err: 832 return (-1); -> 833 } Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000a9179 openssl`ssl23_connect(s=0x01803c70) at s23_clnt.c:231 228
229 case SSL23_ST_CR_SRVR_HELLO_A: 230 case SSL23_ST_CR_SRVR_HELLO_B: -> 231 ret = ssl23_get_server_hello(s); 232 if (ret >= 0) 233 cb = NULL; 234 goto end; Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000a917c openssl`ssl23_connect(s=0x01803c70) at s23_clnt.c:232 229 case SSL23_ST_CR_SRVR_HELLO_A: 230 case SSL23_ST_CR_SRVR_HELLO_B: 231 ret = ssl23_get_server_hello(s); -> 232 if (ret >= 0) 233 cb = NULL; 234 goto end; 235 / break; / Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000a9186 openssl`ssl23_connect(s=0x01803c70) at s23_clnt.c:233 230 case SSL23_ST_CR_SRVR_HELLO_B: 231 ret = ssl23_get_server_hello(s); 232 if (ret >= 0) -> 233 cb = NULL; 234 goto end; 235 / break; / 236
Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000a918d openssl`ssl23_connect(s=0x01803c70) at s23_clnt.c:234 231 ret = ssl23_get_server_hello(s); 232 if (ret >= 0) 233 cb = NULL; -> 234 goto end; 235 / break; / 236
237 default: Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000a92a8 openssl`ssl23_connect(s=0x01803c70) at s23_clnt.c:256 253 } 254 } 255 end: -> 256 s->in_handshake--; 257 if (buf != NULL) 258 BUF_MEM_free(buf); 259 if (cb != NULL) Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000a92b4 openssl`ssl23_connect(s=0x01803c70) at s23_clnt.c:257 254 } 255 end: 256 s->in_handshake--; -> 257 if (buf != NULL) 258 BUF_MEM_free(buf); 259 if (cb != NULL) 260 cb(s, SSL_CB_CONNECT_EXIT, ret); Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000a92c9 openssl`ssl23_connect(s=0x01803c70) at s23_clnt.c:259 256 s->in_handshake--; 257 if (buf != NULL) 258 BUF_MEM_free(buf); -> 259 if (cb != NULL) 260 cb(s, SSL_CB_CONNECT_EXIT, ret); 261 return (ret); 262 } Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000a92f8 openssl`ssl23_connect(s=0x01803c70) at s23_clnt.c:261 258 BUF_MEM_free(buf); 259 if (cb != NULL) 260 cb(s, SSL_CB_CONNECT_EXIT, ret); -> 261 return (ret); 262 } 263
264 static int ssl23_no_ssl2_ciphers(SSL *s) Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000aaf33 openssl`ssl23_write(s=0x01803c70, buf=0x01004600, len=0) at s23_lib.c:173 170
171 clear_sys_error(); 172 if (SSL_in_init(s) && (!s->in_handshake)) { -> 173 n = s->handshake_func(s); 174 if (n < 0) 175 return (n); 176 if (n == 0) { Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000aaf36 openssl`ssl23_write(s=0x01803c70, buf=0x01004600, len=0) at s23_lib.c:174 171 clear_sys_error(); 172 if (SSL_in_init(s) && (!s->in_handshake)) { 173 n = s->handshake_func(s); -> 174 if (n < 0) 175 return (n); 176 if (n == 0) { 177 SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE); Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000aaf4b openssl`ssl23_write(s=0x01803c70, buf=0x01004600, len=0) at s23_lib.c:176 173 n = s->handshake_func(s); 174 if (n < 0) 175 return (n); -> 176 if (n == 0) { 177 SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE); 178 return (-1); 179 } Target 0: (openssl) stopped. (lldb) Process 8811 stopped
thread #1, queue = 'com.apple.main-thread', stop reason = step over frame #0: 0x000aaf72 openssl`ssl23_write(s=0x01803c70, buf=0x01004600, len=0) at s23_lib.c:177 174 if (n < 0) 175 return (n); 176 if (n == 0) { -> 177 SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE); 178 return (-1); 179 } 180 return (SSL_write(s, buf, len)); Target 0: (openssl) stopped. (lldb)

openssl / openssl

Improve error message when the connection is terminated during handshake #4706