Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve error reporting for SSL implementation #695

Open
lopezca opened this issue Sep 19, 2023 · 2 comments
Open

Improve error reporting for SSL implementation #695

lopezca opened this issue Sep 19, 2023 · 2 comments

Comments

@lopezca
Copy link

lopezca commented Sep 19, 2023

Pharo windows fails to connect to a postgresql database hosted in azure. This is a managed instance, so there is no user setup required or even possible for some elements.

Pharo linux and Pharo mac connect without any issues via the P3 postgresql driver, but pharo windows returns an error: -5. After some searching, the error comes from the SqueakSSL.c library from the pharo VM.

The error corresponds to SQSSL_GENERIC_ERROR and this error is used in sqWin32SSL.c at 8 different locations, so it doesn't pinpoint the source of the error.

Using PharoConsole.exe --logLevel=5 (for trace) I was able todetermine that the error is from this part of the code:

[TRACE] 2023-09-16 16:24:55.000 sqConnectSSL (extracted/plugins/SqueakSSL/src/win/sqWin32SSL.c:574):InitializeSecurityContext returned: 90320
[TRACE] 2023-09-16 16:24:55.000 sqConnectSSL (extracted/plugins/SqueakSSL/src/win/sqWin32SSL.c:608):Unexpected return code 590624
Error: SSL Exception: connect failed [code:-5]

I propose (request) 2 changes to the SqueakSSL library:

  1. Increase the number of errors defined in SqueakSSL.h library and point a unique error to each section returning a different error number. This way the user can be better informed. Using the error numbers, the corresponding SSL object in pharo can return a better textual description of the error instead of returning a "-5."

  2. Instead of logging the errors at the trace level, change to error level so that it is more apparent that something is failing in the execution of the SSL connection.

This does not solve the connection problem, but it will help with debugging this and future SSL features.
@guillep
Copy link
Member

guillep commented Sep 19, 2023

Thanks for the report! Could you be more precise on the changes requested in (1)?

For 2 you mean changing logTrace by logError in lines 574 and 608 right?

It would be nice to try and see if that gives you the expected experience

@lopezca
Copy link
Author

lopezca commented Sep 20, 2023

sure! and thanks for looking into this issue!
for 1)
SQSSL_GENERIC_ERROR=-5 is defined in SqueakSSL.h and is used several times in sqWin32SSL.c

image

The idea is to add more error #defines in SqueakSSL.h (i.e -6, -7, -8, ...) and use a different error for the different sections in sqWin32SSL.c. ,Then these numbers can be translated to user readable errors in the #ZdcPluginSSLSession class in pharo.
With the current approach, errors belonging to different situations report the same generic (-5) error.

For 2)

logTrace in sqWin32SSL.c is being used for 2 objectives, tracing and error reporting.
I think in the following lines, there should be a logError : 208, 240, 266, 591, 594, 608, 706, 777, 870, 889, 975, 997, and 1018.

When doing a PR, does the CI create a VM that can be tested?

These changes will allow improving error messages in pharo but does not solve my connection issue; I need to get a VM that can be run under debugging in VS.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@guillep @lopezca