From fcf198456fcd8e80c78b58c6616f7cf1266406cc Mon Sep 17 00:00:00 2001
From: Magnus Henoch <magnus@erlang-solutions.com>
Date: Wed, 28 Oct 2015 17:06:10 +0000
Subject: Report bad options for TLS distribution connections

If ssl:ssl_accept/2 returns an error related to options, it's most
likely something we want to log.  In particular, if the specified
certificate file doesn't exist, this is where the error ends up, so we
shouldn't just throw the error away.
---
 lib/ssl/src/ssl_tls_dist_proxy.erl | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'lib')

diff --git a/lib/ssl/src/ssl_tls_dist_proxy.erl b/lib/ssl/src/ssl_tls_dist_proxy.erl
index a22af6b960..e7f7fa96a1 100644
--- a/lib/ssl/src/ssl_tls_dist_proxy.erl
+++ b/lib/ssl/src/ssl_tls_dist_proxy.erl
@@ -157,6 +157,11 @@ accept_loop(Proxy, world = Type, Listen, Extra) ->
 				   end),
 		    ok = ssl:controlling_process(SslSocket, PairHandler),
 		    flush_old_controller(PairHandler, SslSocket);
+		{error, {options, _}} = Error ->
+		    %% Bad options: that's probably our fault.  Let's log that.
+		    error_logger:error_msg("Cannot accept TLS distribution connection: ~s~n",
+					   [ssl:format_error(Error)]),
+		    gen_tcp:close(Socket);
 		_ ->
 		    gen_tcp:close(Socket)
 	    end;
-- 
cgit v1.2.3