How to debug a TLSv1.3 protocol problem?
Matt Caswell
matt at openssl.org
Wed May 20 08:52:05 UTC 2020
On 19/05/2020 15:56, Claus Assmann wrote:
> That's basically already in the code:
> while ((l = ERR_get_error_line_data((const char **) &file, &line,
> (const char **) &data, &flags)) != 0)
> log it ...
> but that does not generate any output. Even if I add
> the line you suggested there's no extra output
> (to make sure there would be something I also added
> an BIO_fprintf() and that output is shown, so it's not
> a problem with the BIO).
>
> I guess I have to figure out how to use wireshark for this.
>
I doubt wireshark will tell you much more than the SSL_trace output
(although it is possible that it could).
After you see this on the server side:
SSL_accept:TLSv1.3 early data
info_callback where=0x2002, ret=-1
SSL_accept:error in TLSv1.3 early data
What happens in the application code? What was the function being called
(SSL_accept?) and what return value do you get? What does
SSL_get_error() return at this point?
Matt
More information about the openssl-users
mailing list