Add an error message and debugging if SSL_CTX_new() fails. (closes #3831)

Generate a mutt_error().  Add a debugging function
ssl_dprint_err_stack() to dprint the ssl error stack.

diff --git a/mutt_ssl.c b/mutt_ssl.c
index da5efa8baa26d841a73633289eea947180bf0d91..30da838e9a00e05d3722d4c8016628970d077089 100644 (file)
--- a/mutt_ssl.c
+++ b/mutt_ssl.c
@@ -82,6 +82,7 @@ static int ssl_socket_open (CONNECTION * conn);
 static int ssl_socket_close (CONNECTION * conn);
 static int tls_close (CONNECTION* conn);
 static void ssl_err (sslsockdata *data, int err);
+static void ssl_dprint_err_stack (void);
 static int ssl_cache_trusted_cert (X509 *cert);
 static int ssl_check_certificate (CONNECTION *conn, sslsockdata * data);
 static int interactive_check_cert (X509 *cert, int idx, int len);
@@ -336,6 +337,12 @@ static int ssl_socket_open (CONNECTION * conn)
 
   if (! (data->ctx = SSL_CTX_new (SSLv23_client_method ())))
   {
+    /* L10N: an SSL context is a data structure returned by the OpenSSL
+     *       function SSL_CTX_new().  In this case it returned NULL: an
+     *       error condition.
+     */
+    mutt_error (_("Unable to create SSL context"));
+    ssl_dprint_err_stack ();
     mutt_socket_close (conn);
     return -1;
   }
@@ -537,6 +544,22 @@ static void ssl_err (sslsockdata *data, int err)
   dprint (1, (debugfile, "SSL error: %s\n", errmsg));
 }
 
+static void ssl_dprint_err_stack (void)
+{
+#ifdef DEBUG
+  BIO *bio;
+  char *buf = NULL;
+
+  if (! (bio = BIO_new (BIO_s_mem ())))
+    return;
+  ERR_print_errors (bio);
+  if (BIO_get_mem_data (bio, &buf))
+    dprint (1, (debugfile, "SSL error stack: %s\n", buf));
+  BIO_free (bio);
+#endif
+}
+
+
 static char *x509_get_part (char *line, const char *ndx)
 {
   static char ret[SHORT_STRING];