Enhance TLS handshake error messages with connection information

fixes #12287
Icinga · Aug 2, 2016 · b7da28b · b7da28b
1 parent 7341727
commit b7da28b
Showing 1 changed file with 13 additions and 11 deletions.
diff --git a/lib/remote/apilistener.cpp b/lib/remote/apilistener.cpp
@@ -306,22 +306,33 @@ void ApiListener::NewClientHandlerInternal(const Socket::Ptr& client, const Stri
 {
 	CONTEXT("Handling new API client connection");
 
+	String conninfo;
+
+	if (role == RoleClient)
+		conninfo = "to";
+	else
+		conninfo = "from";
+
+	conninfo += " " + client->GetPeerAddress();
+
 	TlsStream::Ptr tlsStream;
 
 	{
 		ObjectLock olock(this);
 		try {
 			tlsStream = new TlsStream(client, hostname, role, m_SSLContext);
 		} catch (const std::exception&) {
-			Log(LogCritical, "ApiListener", "Cannot create TLS stream from client connection.");
+			Log(LogCritical, "ApiListener")
+			    << "Cannot create TLS stream from client connection (" << conninfo << ")";
 			return;
 		}
 	}
 
 	try {
 		tlsStream->Handshake();
 	} catch (const std::exception& ex) {
-		Log(LogCritical, "ApiListener", "Client TLS handshake failed");
+		Log(LogCritical, "ApiListener")
+		    << "Client TLS handshake failed (" << conninfo << ")";
 		return;
 	}
 
@@ -330,15 +341,6 @@ void ApiListener::NewClientHandlerInternal(const Socket::Ptr& client, const Stri
 	Endpoint::Ptr endpoint;
 	bool verify_ok = false;
 
-	String conninfo;
-
-	if (role == RoleClient)
-		conninfo = "to";
-	else
-		conninfo = "from";
-
-	conninfo += " " + client->GetPeerAddress();
-
 	if (cert) {
 		try {
 			identity = GetCertificateCN(cert);