lightway-core
lightway-core copied to clipboard
conn: add method to get detailed SSL errors
Description
Add additional method for wolfSSL errors
Motivation and Context
This allows us to get detailed SSL errors to ease debugging
How Has This Been Tested?
Has autotests, this was also used to help debug issues internally
Types of changes
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
Checklist:
- [ ] My code follows the code style of this project.
- [ ] My change requires a change to the documentation.
- [ ] I have updated the documentation accordingly.
- [ ] All active GitHub checks are passing
- [ ] The correct base branch is being used, if not
main
We want to avoid leaking any of the TLS implementation details outside of Lightway if we can. It is admittedly unlikely at this stage that the library would use anything but WolfSSL though 😊
We want to avoid leaking any of the TLS implementation details outside of Lightway if we can. It is admittedly unlikely at this stage that the library would use anything but WolfSSL though blush
I agree we should not leak these details if it can be helped but as it stands we have no clear way of being able to diagnose deeper issues.
IMO if for whatever reason we do move away. I would guess that those impls will also have a similar detailed ssl error function if not the change would likely be a major semver bump so we can remove the legacy functionality.
Also, TLS or Wolf might be good candidates to add in variable and function names, but SSL is a bit outdated, except in brand names such as WolfSSL.
I would suggest something in the lines of:
wolf_error
→ library_error
he_conn_get_ssl_error
→ he_conn_get_library_error
HE_ERR_SSL_ERROR
→ HE_ERR_LIBRARY_ERROR