[openssl-users] SSL_accept error code

Yan, Bob BYan at visa.com
Tue Mar 8 19:36:52 UTC 2016


Matt, thank you very much! It works after I use ERR_get_error() to get the error code.


-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Matt Caswell
Sent: Tuesday, March 08, 2016 1:29 AM
To: openssl-users at openssl.org
Subject: Re: [openssl-users] SSL_accept error code



On 08/03/16 01:04, Yan, Bob wrote:
> Hi All,
> 
> I have a SSL server application which use SSL_accept to accept the 
> connections from client, see the code below:
> 
> int retcode = SSL_accept(mSsl);
> unsigned long error =  SSL_get_error(mSsl, retcode); 
> ERR_error_string_n(error, errmsg, sizeof(errmsg));
> 
> When something went wrong, for example Client connect server with
> ssl3 protocol (disabled), I get the error like this 
> "error:00000001:lib(0):func(0):reason(1)". Could somebody tell me that 
> is there any way to have more detailed debug messages from openssl?

You're not doing it right.

SSL_get_error() will give a return code to tell you the type of error that was received, e.g. SSL_ERROR_WANT_READ, SSL_ERROR_SYSCALL, SSL_ERROR_SSL, etc.

If error == SSL_ERROR_SSL then you can inspect the OpenSSL error queue for more details. You *do not* pass SSL_ERROR_SSL to ERR_error_string_n!
Use a function such as ERR_print_errors(), ERR_print_errors_fp(),
ERR_get_error() etc See the man pages for those functions.

Matt
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



More information about the openssl-users mailing list