> From: owner-openssl-us...@openssl.org On Behalf Of tipo nac > Sent: Thursday, 31 March, 2011 13:22
> I getting error in a SSL_read call. > SSL_read return -1 Your code shows SSL_accept != 1, but the answer is the same for SSL_read/write < 0. > and > SSL_get_error( GetSSL(), -1 ) return after being passed to ERR_error_string > error:00000005:lib(0):func(0):DH lib The return value from SSL_get_error is not suitable for passing to ERR_error_string and friends. Instead, compare it to the SSL_ERROR_ values in ssl.h. 5 is SSL_ERROR_SYSCALL. You should look at errno on Unix or [WSA]GetLastError() on Windows (as your code does for socket-level accept() returning null). For 5 you may also, and for 1 SSL_ERROR_SSL you should only, get the error codes from ERR_get_error or related routines in err.h. Note ERR_get_error NOT SSL_get_error. *Those* values can and should be run through ERR_error_string or similar. And there may be more than one error code in the error stack, so you should loop: unsigned long err; while( (err = ERR_get_error()) != 0 ){ ERR_error_string (err, buf) and log/display buf } or just call ERR_print_errors[_fp] if you want the results on a BIO or FILE (typically stderr). ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org