Once you receive SSL_ERROR_SSL, the next step is to use ERR_get_error(3ssl) to figure out what the specific SSL error was. Before you do this, you should call ERR_load_crypto_strings(3ssl) and SSL_load_error_strings(3ssl) so that you can get the full string; if you don't, you'll get a hexadecimal code, which you can feed to 'openssl errstr [code]' and it'll tell you what the code actually means. (errstr(1)).
It's *entirely* possible that the return of ERR_get_error() will be SSL_WANT_READ or SSL_WANT_WRITE. If this is the case, call SSL_Connect() again with *exactly the same parameters*. Preferably, don't even move them in memory, just call it with the same pointers and everything. (Really, SSL_WANT_{(read|write)} could have been consolidated, since from the application developer's view it's exactly the same diagnostic and required action: call the last SSL function you called, with exactly the same parameters. They were separated probably during the SSLeay days when Mr. Young wanted to know what, precisely, was really happening in the state machine at any given failure.) -Kyle H On Fri, Sep 18, 2009 at 6:56 AM, Anuradha Gupta <anuradha.gu...@aricent.com> wrote: > Hi > > > > I am using Linux provided SSL Library “OpenSSL 0.9.7a Feb 19 2003”. > > The problem is that SSL_Connect fails with error SSL_ERROR_SSL > > I am not able to trace the possible reason for error. > > Any help is valuable as I need to resolve the issue urgently. > > > > Regards > > > > Anuradha Gupta > > Technical Leader > > > > Ext : 5119 > > Mobile : 9811814731 > > > > ________________________________ > "DISCLAIMER: This message is proprietary to Aricent and is intended solely > for the use of the individual to whom it is addressed. It may contain > privileged or confidential information and should not be circulated or used > for any purpose other than for what it is intended. If you have received > this message in error,please notify the originator immediately. If you are > not the intended recipient, you are notified that you are strictly > prohibited from using, copying, altering, or disclosing the contents of this > message. Aricent accepts no responsibility for loss or damage arising from > the use of the information transmitted by this email including damage from > virus." > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org