From 0fcdf4389b8fab4eab53f4e3ea14fc0e2a996d67 Mon Sep 17 00:00:00 2001 From: Miroslav Lichvar Date: Tue, 8 Sep 2020 09:41:12 +0200 Subject: [PATCH] nts: log early client NTS-KE socket errors Log an error message when SCK_OpenTcpSocket() fails in the NTS-KE client, e.g. when connect() fails due to the port not being allowed in the SELinux policy. --- nts_ke_client.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/nts_ke_client.c b/nts_ke_client.c index 604bbc5..fbde1dd 100644 --- a/nts_ke_client.c +++ b/nts_ke_client.c @@ -335,15 +335,17 @@ NKC_Start(NKC_Instance inst) local_addr.port = 0; iface = CNF_GetBindAcquisitionInterface(); - sock_fd = SCK_OpenTcpSocket(&inst->address, &local_addr, iface, 0); - if (sock_fd < 0) - return 0; - /* Make a label containing both the address and name of the server */ if (snprintf(label, sizeof (label), "%s (%s)", UTI_IPSockAddrToString(&inst->address), inst->name) >= sizeof (label)) ; + sock_fd = SCK_OpenTcpSocket(&inst->address, &local_addr, iface, 0); + if (sock_fd < 0) { + LOG(LOGS_ERR, "Could not connect to %s", label); + return 0; + } + /* Start an NTS-KE session */ if (!NKSN_StartSession(inst->session, sock_fd, label, client_credentials, CLIENT_TIMEOUT)) { SCK_CloseSocket(sock_fd);