report more error messages when connection lost

panda/src/downloader/bioStreamBuf.cxx

@@ -17,9 +17,14 @@
 ////////////////////////////////////////////////////////////////////
 
 #include "bioStreamBuf.h"
+#include "config_downloader.h"
 
 #ifdef HAVE_SSL
 
+#ifdef REPORT_OPENSSL_ERRORS
+#include <openssl/err.h>
+#endif
+
 #ifndef HAVE_STREAMSIZE
 // Some compilers (notably SGI) don't define this for us
 typedef int streamsize;
@@ -159,6 +164,16 @@ underflow() {
       // Oops, we didn't read what we thought we would.
       if (read_count <= 0) {
         _is_closed = !BIO_should_retry(*_source);
+        if (_is_closed) {
+          downloader_cat.info()
+            << "Socket error detected on " 
+            << _source->get_server_name() << ":" 
+            << _source->get_port() << ", return code "
+            << read_count << ".\n";
+#ifdef REPORT_OPENSSL_ERRORS
+          ERR_print_errors_fp(stderr);
+#endif
+        }
         gbump(num_bytes);
         return EOF;
       }

panda/src/downloader/config_downloader.h

@@ -46,4 +46,9 @@ extern const string http_proxy;
 extern const string http_proxy_username;
 extern const double connect_timeout;
 
+// Later, we can make this conditional on NDEBUG or something along
+// those lines; for now, we define it always to be true so we get
+// error messages from OpenSSL wherever possible.
+#define REPORT_OPENSSL_ERRORS 1
+
 #endif

panda/src/downloader/httpChannel.cxx

@@ -26,6 +26,9 @@
 #include "buffer.h"  // for Ramfile
 
 #ifdef HAVE_SSL
+#ifdef REPORT_OPENSSL_ERRORS
+#include <openssl/err.h>
+#endif
 
 TypeHandle HTTPChannel::_type_handle;
 
@@ -622,7 +625,7 @@ run_connecting() {
     downloader_cat.info()
       << "Could not connect to " << _bio->get_server_name() << ":" 
       << _bio->get_port() << "\n";
-#ifdef REPORT_SSL_ERRORS
+#ifdef REPORT_OPENSSL_ERRORS
     ERR_print_errors_fp(stderr);
 #endif
     _state = S_failure;
@@ -875,7 +878,7 @@ run_ssl_handshake() {
     downloader_cat.info()
       << "Could not establish SSL handshake with " 
       << _url.get_server() << ":" << _url.get_port() << "\n";
-#ifdef REPORT_SSL_ERRORS
+#ifdef REPORT_OPENSSL_ERRORS
     ERR_print_errors_fp(stderr);
 #endif
     // It seems to be an error to free sbio at this point; perhaps

panda/src/downloader/httpClient.cxx

@@ -28,10 +28,8 @@
 
 #ifdef HAVE_SSL
 
-#define REPORT_SSL_ERRORS 1
-
 #include <openssl/rand.h>
-#ifdef REPORT_SSL_ERRORS
+#ifdef REPORT_OPENSSL_ERRORS
 #include <openssl/err.h>
 #endif
 
@@ -256,7 +254,7 @@ load_certificates(const Filename &filename) {
   if (result <= 0) {
     downloader_cat.info()
       << "Could not load certificates from " << filename << ".\n";
-#ifdef REPORT_SSL_ERRORS
+#ifdef REPORT_OPENSSL_ERRORS
     ERR_print_errors_fp(stderr);
 #endif
     return false;
@@ -671,7 +669,7 @@ generate_auth(const URLSpec &url, bool is_proxy, const string &challenge) {
 ////////////////////////////////////////////////////////////////////
 void HTTPClient::
 initialize_ssl() {
-#ifdef REPORT_SSL_ERRORS
+#ifdef REPORT_OPENSSL_ERRORS
   ERR_load_crypto_strings();
   ERR_load_SSL_strings();
 #endif
@@ -728,7 +726,7 @@ load_verify_locations(SSL_CTX *ctx, const Filename &ca_file) {
     // Could not scan certificates.
     downloader_cat.info()
       << "PEM_X509_INFO_read_bio() returned NULL.\n";
-#ifdef REPORT_SSL_ERRORS
+#ifdef REPORT_OPENSSL_ERRORS
     ERR_print_errors_fp(stderr);
 #endif
     return 0;