>From: [email protected] On Behalf Of Mithun Kumar
>Sent: Monday, 10 September, 2012 01:56
Answering -users only, this isn't a -dev question.
>I have a challenge befor me where i have to debug a SSL handshake
>failure. Client has OpenSSL libraries and Server is Microsoft
>SQL Server. I cant sniff the packets using WireShark nor can i
>enable server logs. All i can do i enable client logging. Any
>suggestions how to enable OpenSSL logging?
1. Are you not permitted to use WireShark, or just having
difficulty doing so? If the latter, maybe we can help.
WireShark's decoding is much easier than doing it by hand.
2. If it's a handshake failure, can you use commandline
s_client? That has logging builtin, use -msg and/or -debug .
3. Look at the code for s_client (and s_cb.c) and do in your
app what it does: write a message callback and attach it
to SSL and/or a BIO callback and attach it to the line BIO.
You can probably omit some of the decoding, but
you still need probably 20-50 lines or so.
>I have enabled API calls "err_error_string_n" and
>"err_peek_error_line_data" to get the error information. Any suggestions?
By "enabled" you mean you call them after an error occurs?
These routines begin with ERR_ (case matters in C). Many
errors have more than one entry in the error queue; to see
all of them you need to use _get_ not _peek_.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
