From 75e9b2857a07fae38ac8f0686faa6785e35d9672 Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Sat, 26 Jun 2021 23:36:04 -0400
Subject: [PATCH] [core] better trace if TLS received on clear port

---
 src/connections.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/connections.c b/src/connections.c
index fb5b6e5a..b0b126b6 100644
--- a/src/connections.c
+++ b/src/connections.c
@@ -751,7 +751,9 @@ static int connection_handle_read_state(connection * const con)  {
              * or HTTP/2 pseudo-header beginning with ':' */
             /*(TLS handshake begins with SYN 0x16 (decimal 22))*/
             log_error(r->conf.errh, __FILE__, __LINE__, "%s",
-                      "invalid request-line -> sending Status 400");
+                      c->mem->ptr[c->offset] == 0x16
+                      ? "unexpected TLS ClientHello on clear port"
+                      : "invalid request-line -> sending Status 400");
             r->http_status = 400; /* Bad Request */
             r->keep_alive = 0;
             connection_set_state(r, CON_STATE_REQUEST_END);