1 files changed, 12 insertions, 11 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index 89917ee..968ef8f 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -1,11 +1,11 @@
 /*
- * Copyright (c) 2010-2018 Isode Limited.
+ * Copyright (c) 2010-2019 Isode Limited.
  * All rights reserved.
  * See the COPYING file for more information.
  */
 
 #include <Swiften/Base/Platform.h>
 
 #ifdef SWIFTEN_PLATFORM_WINDOWS
 #include <windows.h>
 #include <wincrypt.h>
@@ -174,44 +174,45 @@ void OpenSSLContext::initAndSetBIOs() {
     writeBIO_ = BIO_new(BIO_s_mem());
     SSL_set_bio(handle_.get(), readBIO_, writeBIO_);
 }
 
 void OpenSSLContext::accept() {
     assert(mode_ == Mode::Server);
     handle_ = std::unique_ptr<SSL>(SSL_new(context_.get()));
     if (!handle_) {
         state_ = State::Error;
-        onError(std::make_shared<TLSError>());
+        onError(std::make_shared<TLSError>(TLSError::AcceptFailed, openSSLInternalErrorToString()));
         return;
     }
 
     initAndSetBIOs();
 
     state_ = State::Accepting;
     doAccept();
 }
 
 void OpenSSLContext::connect() {
     connect(std::string());
 }
 
 void OpenSSLContext::connect(const std::string& requestedServerName) {
     assert(mode_ == Mode::Client);
     handle_ = std::unique_ptr<SSL>(SSL_new(context_.get()));
     if (!handle_) {
         state_ = State::Error;
-        onError(std::make_shared<TLSError>());
+        onError(std::make_shared<TLSError>(TLSError::ConnectFailed, openSSLInternalErrorToString()));
         return;
     }
 
     if (!requestedServerName.empty()) {
         if (SSL_set_tlsext_host_name(handle_.get(), const_cast<char*>(requestedServerName.c_str())) != 1) {
-            SWIFT_LOG(error) << "Failed on SSL_set_tlsext_host_name()." << std::endl;
+            onError(std::make_shared<TLSError>(TLSError::ConnectFailed, "Failed to set Server Name Indication: " + openSSLInternalErrorToString()));\
+            return;
         }
     }
 
     // Ownership of BIOs is transferred to the SSL_CTX instance in handle_.
     initAndSetBIOs();
 
     state_ = State::Connecting;
     doConnect();
 }
@@ -231,21 +232,20 @@ void OpenSSLContext::doAccept() {
             break;
         }
         case SSL_ERROR_WANT_READ:
             sendPendingDataToNetwork();
             break;
         case SSL_ERROR_WANT_WRITE:
             sendPendingDataToNetwork();
             break;
         default:
-            SWIFT_LOG(warning) << openSSLInternalErrorToString() << std::endl;
             state_ = State::Error;
-            onError(std::make_shared<TLSError>());
+            onError(std::make_shared<TLSError>(TLSError::AcceptFailed, openSSLInternalErrorToString()));
             sendPendingDataToNetwork();
     }
 }
 
 void OpenSSLContext::doConnect() {
     int connectResult = SSL_connect(handle_.get());
     int error = SSL_get_error(handle_.get(), connectResult);
     switch (error) {
         case SSL_ERROR_NONE: {
@@ -254,21 +254,21 @@ void OpenSSLContext::doConnect() {
             //const char* comp = SSL_get_current_compression(handle_.get());
             //std::cout << "Compression: " << SSL_COMP_get_name(comp) << std::endl;
             onConnected();
             break;
         }
         case SSL_ERROR_WANT_READ:
             sendPendingDataToNetwork();
             break;
         default:
-            SWIFT_LOG(warning) << openSSLInternalErrorToString() << std::endl;
             state_ = State::Error;
             onError(std::make_shared<TLSError>());
+            onError(std::make_shared<TLSError>(TLSError::ConnectFailed, openSSLInternalErrorToString()));
     }
 }
 
 int OpenSSLContext::handleServerNameCallback(SSL* ssl, int*, void* arg) {
     if (ssl == nullptr)
         return SSL_TLSEXT_ERR_NOACK;
 
     const char* servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
     if (servername) {
@@ -306,40 +306,41 @@ void OpenSSLContext::handleDataFromNetwork(const SafeByteArray& data) {
         case State::Connected:
             sendPendingDataToApplication();
             break;
         case State::Start: assert(false); break;
         case State::Error: /*assert(false);*/ break;
     }
 }
 
 void OpenSSLContext::handleDataFromApplication(const SafeByteArray& data) {
-    if (SSL_write(handle_.get(), vecptr(data), data.size()) >= 0) {
-        sendPendingDataToNetwork();
+    auto ret = SSL_write(handle_.get(), vecptr(data), data.size());
+    if (ret > 0 || SSL_get_error(handle_.get(), ret) == SSL_ERROR_WANT_READ) {
+            sendPendingDataToNetwork();
     }
     else {
         state_ = State::Error;
-        onError(std::make_shared<TLSError>());
+        onError(std::make_shared<TLSError>(TLSError::UnknownError, openSSLInternalErrorToString()));
     }
 }
 
 void OpenSSLContext::sendPendingDataToApplication() {
     SafeByteArray data;
     data.resize(SSL_READ_BUFFERSIZE);
     int ret = SSL_read(handle_.get(), vecptr(data), data.size());
     while (ret > 0) {
         data.resize(ret);
         onDataForApplication(data);
         data.resize(SSL_READ_BUFFERSIZE);
         ret = SSL_read(handle_.get(), vecptr(data), data.size());
     }
     if (ret < 0 && SSL_get_error(handle_.get(), ret) != SSL_ERROR_WANT_READ) {
         state_ = State::Error;
-        onError(std::make_shared<TLSError>());
+        onError(std::make_shared<TLSError>(TLSError::UnknownError, openSSLInternalErrorToString()));
     }
 }
 
 bool OpenSSLContext::setCertificateChain(const std::vector<Certificate::ref>& certificateChain) {
     if (certificateChain.size() == 0) {
         SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
         return false;
     }