Mosquitto_pub/_sub cryptic protocol error message on invalid server certificate

[axos88]

Repro:

0. Check out the develop branch
1. Create a server offering a certificate with CN foo.example.com
2. Open a connection via mosquitto_sub with another address pointing to the machine, such as:

./client/mosquitto_sub -t topic -i clientid -h bar.example.com -p 8883 --capath /etc/ssl/certs

Expectation:

• Some kind of error message specifying that the server provided an invalid certificate / a valid certificate with the incorrect CN.

Actual: Error: Protocol error

Super confusing, because I thought there was an actual mismatch of TLS versions, or the server not accepting TLS connections or the client not trying to start a TLS connection.

[axos88]

More info: turning on the debug mode with -d does provide the information, but I'd not expect to need that to be presented with a comprehensible error message:

client/mosquitto_sub  -t topid -i clientid -h bar.example.com -p 8883 --capath /etc/ssl/certs -d
Client bar sending CONNECT
Error: host name verification failed.
OpenSSL Error[0]: error:0A000086:SSL routines::certificate verify failed
Error: Protocol error

[ralight]

Thank you. This was a regression from a previous error that correctly mentioned a TLS problem. I have made the fix in the fixes branch, which will become 2.0.16, and then be merged to the develop branch.