Once you receive SSL_ERROR_SSL, the next step is to use
ERR_get_error(3ssl) to figure out what the specific SSL error was.
Before you do this, you should call ERR_load_crypto_strings(3ssl) and
SSL_load_error_strings(3ssl) so that you can get the full string; if
you don't, you'll get a hexadecimal code, which you can feed to
'openssl errstr [code]' and it'll tell you what the code actually
means. (errstr(1)).
It's *entirely* possible that the return of ERR_get_error() will be
SSL_WANT_READ or SSL_WANT_WRITE. If this is the case, call
SSL_Connect() again with *exactly the same parameters*. Preferably,
don't even move them in memory, just call it with the same pointers
and everything. (Really, SSL_WANT_{(read|write)} could have been
consolidated, since from the application developer's view it's exactly
the same diagnostic and required action: call the last SSL function
you called, with exactly the same parameters. They were separated
probably during the SSLeay days when Mr. Young wanted to know what,
precisely, was really happening in the state machine at any given
failure.)
-Kyle H
On Fri, Sep 18, 2009 at 6:56 AM, Anuradha Gupta
<anuradha.gu...@aricent.com> wrote:
> Hi
>
>
>
> I am using Linux provided SSL Library “OpenSSL 0.9.7a Feb 19 2003”.
>
> The problem is that SSL_Connect fails with error SSL_ERROR_SSL
>
> I am not able to trace the possible reason for error.
>
> Any help is valuable as I need to resolve the issue urgently.
>
>
>
> Regards
>
>
>
> Anuradha Gupta
>
> Technical Leader
>
>
>
> Ext : 5119
>
> Mobile : 9811814731
>
>
>
> ________________________________
> "DISCLAIMER: This message is proprietary to Aricent and is intended solely
> for the use of the individual to whom it is addressed. It may contain
> privileged or confidential information and should not be circulated or used
> for any purpose other than for what it is intended. If you have received
> this message in error,please notify the originator immediately. If you are
> not the intended recipient, you are notified that you are strictly
> prohibited from using, copying, altering, or disclosing the contents of this
> message. Aricent accepts no responsibility for loss or damage arising from
> the use of the information transmitted by this email including damage from
> virus."
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
