TLSServer: Add peer information to error log message

When a client with invalid TLS certificates is trying to connect, following logs will be outputted repeatedly, but it doesn't include peer information. It's hard to investigate which client has the problem. 2021-03-31 08:08:58 +0000 [warn]: #1 unexpected error before accepting TLS connection by OpenSSL error_class=OpenSSL::SSL::SSLError error="SSL_accept SYSCALL returned=5 errno=0 state=SSLv3/TLS write server done" 2021-03-31 08:08:58 +0000 [warn]: #1 unexpected error before accepting TLS connection by OpenSSL error_class=OpenSSL::SSL::SSLError error="SSL_accept returned=1 errno=0 state=error: sslv3 alert bad certificate" 2021-03-31 08:08:58 +0000 [warn]: #0 unexpected error before accepting TLS connection by OpenSSL error_class=OpenSSL::SSL::SSLError error="SSL_accept returned=1 errno=0 state=error: sslv3 alert bad certificate" Signed-off-by: Takuro Ashie <[email protected]>
fluent · Apr 14, 2021 · d8e5b0d · d8e5b0d
1 parent 2613fcb
commit d8e5b0d
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/lib/fluent/plugin_helper/server.rb b/lib/fluent/plugin_helper/server.rb
@@ -709,11 +709,11 @@ def try_tls_accept
                 return true
               end
             rescue Errno::EPIPE, Errno::ECONNRESET, Errno::ETIMEDOUT, Errno::ECONNREFUSED, Errno::EHOSTUNREACH => e
-              @log.trace "unexpected error before accepting TLS connection", error: e
+              @log.trace "unexpected error before accepting TLS connection", peer: @_handler_socket.io.peeraddr, error: e
               close rescue nil
             rescue OpenSSL::SSL::SSLError => e
               # Use same log level as on_readable
-              @log.warn "unexpected error before accepting TLS connection by OpenSSL", error: e
+              @log.warn "unexpected error before accepting TLS connection by OpenSSL", peer: @_handler_socket.io.peeraddr, error: e
               close rescue nil
             end