Hi Marek, Thanks for the snippet. Its working in dev. But however its failing in one of our test regions with a compilation error as below.
Cannot assign extern "C" void(*)(ssl_st*,int,int) to extern "C" void(*)() at a line where we have "SSL_CTX_set_info_callback(ctx, ssl_connection_info_cb);" We are doing the same as mentioned in the below mail chain. Can you pleas help us in resolving this. Thanks in advance. Thanks Gogula Krishnan Rajaprabhu ----- Forwarded by Karthikeyan Thirumal/Chennai/iNautix on 05/17/2012 12:49 PM ----- marek.marc...@malkom.pl Sent by: owner-openssl-us...@openssl.org 05/16/2012 09:12 PM Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc openssl-...@openssl.org, openssl-users@openssl.org, owner-openssl-us...@openssl.org Subject Re: Question on enhancing OpenSSL logs Hello, You may trace connect/accept progres defining some callback function: /** * SSL connection info callback. * * @param ssl SSL connection socket * @param type connection type * @param val connection info * @return none */ static void ssl_connection_info_cb(const SSL * ssl, int type, int val) { if (type & SSL_CB_LOOP) { log_tra("ssl_state: %s: %s", type & SSL_ST_CONNECT ? "connect" : type & SSL_ST_ACCEPT ? "accept" : "undefined", SSL_state_string_long(ssl)); } if (type & SSL_CB_ALERT) { log_tra("ssl_alert: %s:%s: %s", type & SSL_CB_READ ? "read" : "write", SSL_alert_type_string_long(val), SSL_alert_desc_string_long(val)); } } and at library initialization set this callback: /* callback for connection information on SSL/TLS session negotiation */ SSL_CTX_set_info_callback(ctx, ssl_connection_info_cb); Best regards, -- Marek Marcola <marek.marc...@malkom.pl> owner-openssl-us...@openssl.org wrote on 05/16/2012 05:15:40 PM: > kthiru...@inautix.co.in > Sent by: owner-openssl-us...@openssl.org > > 05/16/2012 05:25 PM > > Please respond to > openssl-users@openssl.org > > To > > openssl-users@openssl.org, openssl-...@openssl.org > > cc > > Subject > > Question on enhancing OpenSSL logs > > Team > I have a query on enhancing the OpenSSL logs, > > As you know, "SSL_accept" is just one call using SSL library for an SSL handshake, but > there are couple of steps inside this process like Client Hello / Server Hello, etc. > What if i need to find the internal failures in SSL handshake ? Is there any openssl > debug option available where the SSL library is capable of logging additional info ? > > We already have a series of error cases handled for SSL handshake, but they are pre- > defined by OpenSSL and they do not speak on where they failed, > > err = SSL_accept((SSL *)SockObj->SSLCtx); > if(err<=0){ > err=SSL_get_error((SSL *)SockObj->SSLCtx,err); > switch(err){ > case SSL_ERROR_NONE: > case SSL_ERROR_ZERO_RETURN: > case SSL_ERROR_WANT_READ: > case SSL_ERROR_WANT_WRITE: > case SSL_ERROR_WANT_CONNECT: > case SSL_ERROR_SYSCALL: > case SSL_ERROR_SSL: > } > } > > Can you shed some lights here ? > > Thanks & Regards > ________________________ > Karthikeyan Thirumal > > ****************************************************** > This message and any files or attachments sent with this message contain confidential > information and is intended only for the individual named. If you are not the named > addressee, you should not disseminate, distribute, copy or use any part of this email. > If you have received this message in error, please delete it and all copies from your > system and notify the sender immediately by return Email. > > Email transmission cannot be guaranteed to be secure or error-free as information can be > intercepted, corrupted, lost, destroyed, late, incomplete or may contain viruses. The > sender, therefore, does not accept liability for any errors or omissions in the contents > of this message, which arise as a result of email transmission. > ****************************************************** ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org Information Classification: Public ****************************************************** This message and any files or attachments sent with this message contain confidential information and is intended only for the individual named. If you are not the named addressee, you should not disseminate, distribute, copy or use any part of this email. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return Email. Email transmission cannot be guaranteed to be secure or error-free as information can be intercepted, corrupted, lost, destroyed, late, incomplete or may contain viruses. The sender, therefore, does not accept liability for any errors or omissions in the contents of this message, which arise as a result of email transmission. ******************************************************