Hi Marek,
Thanks for the snippet. Its working in dev. But however its failing in one
of our test regions with a compilation error as below.
Cannot assign extern "C" void(*)(ssl_st*,int,int) to extern "C" void(*)()
at a line where we have "SSL_CTX_set_info_callback(ctx,
ssl_connection_info_cb);"
We are doing the same as mentioned in the below mail chain.
Can you pleas help us in resolving this. Thanks in advance.
Thanks
Gogula Krishnan Rajaprabhu
----- Forwarded by Karthikeyan Thirumal/Chennai/iNautix on 05/17/2012
12:49 PM -----
marek.marc...@malkom.pl
Sent by: owner-openssl-us...@openssl.org
05/16/2012 09:12 PM
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
openssl-...@openssl.org, openssl-users@openssl.org,
owner-openssl-us...@openssl.org
Subject
Re: Question on enhancing OpenSSL logs
Hello,
You may trace connect/accept progres defining some callback function:
/**
* SSL connection info callback.
*
* @param ssl SSL connection
socket
* @param type connection type
* @param val connection info
* @return none
*/
static void ssl_connection_info_cb(const SSL * ssl, int type, int val)
{
if (type & SSL_CB_LOOP) {
log_tra("ssl_state: %s: %s",
type &
SSL_ST_CONNECT ? "connect" :
type &
SSL_ST_ACCEPT ? "accept" :
"undefined", SSL_state_string_long(ssl));
}
if (type & SSL_CB_ALERT) {
log_tra("ssl_alert: %s:%s: %s",
type &
SSL_CB_READ ? "read" : "write",
SSL_alert_type_string_long(val), SSL_alert_desc_string_long(val));
}
}
and at library initialization set this callback:
/* callback for connection information on SSL/TLS session negotiation */
SSL_CTX_set_info_callback(ctx, ssl_connection_info_cb);
Best regards,
--
Marek Marcola <marek.marc...@malkom.pl>
owner-openssl-us...@openssl.org wrote on 05/16/2012 05:15:40 PM:
> kthiru...@inautix.co.in
> Sent by: owner-openssl-us...@openssl.org
>
> 05/16/2012 05:25 PM
>
> Please respond to
> openssl-users@openssl.org
>
> To
>
> openssl-users@openssl.org, openssl-...@openssl.org
>
> cc
>
> Subject
>
> Question on enhancing OpenSSL logs
>
> Team
> I have a query on enhancing the OpenSSL logs,
>
> As you know, "SSL_accept" is just one call using SSL library for an SSL
handshake, but
> there are couple of steps inside this process like Client Hello / Server
Hello, etc.
> What if i need to find the internal failures in SSL handshake ? Is there
any openssl
> debug option available where the SSL library is capable of logging
additional info ?
>
> We already have a series of error cases handled for SSL handshake, but
they are pre-
> defined by OpenSSL and they do not speak on where they failed,
>
> err = SSL_accept((SSL *)SockObj->SSLCtx);
> if(err<=0){
> err=SSL_get_error((SSL *)SockObj->SSLCtx,err);
> switch(err){
> case SSL_ERROR_NONE:
> case SSL_ERROR_ZERO_RETURN:
> case SSL_ERROR_WANT_READ:
> case SSL_ERROR_WANT_WRITE:
> case SSL_ERROR_WANT_CONNECT:
> case SSL_ERROR_SYSCALL:
> case SSL_ERROR_SSL:
> }
> }
>
> Can you shed some lights here ?
>
> Thanks & Regards
> ________________________
> Karthikeyan Thirumal
>
> ******************************************************
> This message and any files or attachments sent with this message contain
confidential
> information and is intended only for the individual named. If you are
not the named
> addressee, you should not disseminate, distribute, copy or use any part
of this email.
> If you have received this message in error, please delete it and all
copies from your
> system and notify the sender immediately by return Email.
>
> Email transmission cannot be guaranteed to be secure or error-free as
information can be
> intercepted, corrupted, lost, destroyed, late, incomplete or may contain
viruses. The
> sender, therefore, does not accept liability for any errors or omissions
in the contents
> of this message, which arise as a result of email transmission.
> ******************************************************
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
Information Classification: Public
******************************************************
This message and any files or attachments sent with this message contain
confidential information and is intended only for the individual named. If you
are not the named addressee, you should not disseminate, distribute, copy or
use any part of this email. If you have received this message in error, please
delete it and all copies from your system and notify the sender immediately by
return Email.
Email transmission cannot be guaranteed to be secure or error-free as
information can be intercepted, corrupted, lost, destroyed, late, incomplete or
may contain viruses. The sender, therefore, does not accept liability for any
errors or omissions in the contents of this message, which arise as a result of
email transmission.
******************************************************
