tls: add tls_flush_error to dump openssl errors

Based on contributions from Lennart Grahl (#1) and Alfred Heggestad (#8)

src/tls/openssl/tls.c

@@ -730,3 +730,18 @@ int tls_set_servername(struct tls_conn *tc, const char *servername)
 
 	return 0;
 }
+
+
+static int print_error(const char *str, size_t len, void *unused)
+{
+	(void)unused;
+	DEBUG_WARNING("%b", str, len);
+
+	return 1;
+}
+
+
+void tls_flush_error(void)
+{
+	ERR_print_errors_cb(print_error, NULL);
+}

src/tls/openssl/tls.h

@@ -10,3 +10,6 @@ struct tls {
 	X509 *cert;
 	char *pass;  /* password for private key */
 };
+
+
+void tls_flush_error(void);

src/tls/openssl/tls_udp.c

@@ -243,7 +243,7 @@ static int tls_connect(struct tls_conn *tc)
 	if (r <= 0) {
 		const int ssl_err = SSL_get_error(tc->ssl, r);
 
-		ERR_clear_error();
+		tls_flush_error();
 
 		switch (ssl_err) {
 
@@ -272,7 +272,7 @@ static int tls_accept(struct tls_conn *tc)
 	if (r <= 0) {
 		const int ssl_err = SSL_get_error(tc->ssl, r);
 
-		ERR_clear_error();
+		tls_flush_error();
 
 		switch (ssl_err) {