kore

Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git
commit 77e0439225b9fa16a8d53308c10be59ccf387bc9
parent cffb7ec3798684c3a59326de9c1e1f286db34334
Author: Joris Vink <joris@coders.se>
Date:   Wed, 11 Jul 2018 09:52:05 +0200

better log messages for TLS configuration missing.

Diffstat:

src/connection.c | 4+++-


src/kore.c | 7+++++++


2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/connection.c b/src/connection.c
@@ -224,7 +224,9 @@ kore_connection_handle(struct connection *c)
 #if !defined(KORE_NO_TLS)
 	case CONN_STATE_TLS_SHAKE:
 		if (primary_dom->ssl_ctx == NULL) {
-			kore_log(LOG_NOTICE, "TLS setup not yet complete");
+			kore_log(LOG_NOTICE,
+			    "TLS configuration for %s not yet complete",
+			    primary_dom->domain);
 			return (KORE_RESULT_ERROR);
 		}
 
diff --git a/src/kore.c b/src/kore.c
@@ -244,6 +244,13 @@ kore_tls_sni_cb(SSL *ssl, int *ad, void *arg)
 	kore_debug("kore_tls_sni_cb(): received host %s", sname);
 
 	if (sname != NULL && (dom = kore_domain_lookup(sname)) != NULL) {
+		if (dom->ssl_ctx == NULL) {
+			kore_log(LOG_NOTICE,
+			    "TLS configuration for %s not complete",
+			    dom->domain);
+			return (SSL_TLSEXT_ERR_NOACK);
+		}
+
 		kore_debug("kore_ssl_sni_cb(): Using %s CTX", sname);
 		SSL_set_SSL_CTX(ssl, dom->ssl_ctx);