RE: Re:Re: How to retrieve error about private key loading.
> From: owner-openssl-us...@openssl.org On Behalf Of ikuzar > Sent: Friday, 25 February, 2011 09:57 > 2011/2/25 lzyzizi > You can use ERR_GET_FUNC(l) with the error code to get > the error function ID that is defined in the module's header(here is ssl.h). > You can also use const char *ERR_func_error_string(unsigned long e) > with the error code to get the string representation of the error function. That's just the function-name which is rarely sufficient. While you can fiddle the pieces yourself, ERR_error_string[_n](e,buf[,n]) gives you everything in one lump which is usually more convenient. Or just printf %lx, and lookup manually with commandline 'errstr'. > Every time you want to know the string information of the error code, > you need to call the void ERR_load_ERR_strings(void) first. > (or call ERR_load_(MODULE NAM)_strings(void) such as void ERR_load_SSL_strings(void)) Not 'every time'. You need to load error strings sometime before you use them, but it's common to do it once at startup. ERR_load_ERR_strings only loads some internal infrastructure stuff, which is nowhere near enough. If you want you can do each relevant module individually ERR_load_RSA_strings ERR_load_BN_strings ERR_load_SSL_strings etc., but it's almost always easier to just do SSL_load_error_strings which does everything. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Re:Re: How to retrieve error about private key loading.
I am confused. ERR_load_SSL_strings does not exist in the doc on openssl web site. Idem for *ERR_load_ERR_strings().* I do not know how to obtain string information when SSL_set_fd( ) fails. I do not know what to do. Why do I need to get error function ID ? Sorry, I am so confused. 2011/2/25 lzyzizi > Sorry,I didn't catch your meaning... > > You can use *ERR_GET_FUNC(l) *with the error code* *to get the error > function ID that is defined in the module's header(here is ssl.h).You can > also use *const char *ERR_func_error_string(unsigned long e) *with the > error code to get the string representation of the error function. > > Every time you want to know the string information of the error code,you > need to call the* void ERR_load_ERR_strings(void) first.*(or call > *ERR_load_(MODULE > NAM)_strings(void) such as void ERR_load_SSL_strings(void)) > * > > *ERR_get_error() *.It get the most recently occurred error code. > > > At 2011-02-25 22:10:45,lzyzizi wrote: > > > I think *ERR_load_RSA_strings(void) *should be called first. > > > At 2011-02-25 19:25:51,marek.marc...@malkom.pl wrote: > > >Hello, > > > >Maybe you may try something like this: > > > >int log_err(void) > >{ > > char buf[256]; > > u_long err; > > > > while ((err = ERR_get_error()) != 0) { > > ERR_error_string_n(err, buf, sizeof(buf)); > > printf("*** %s\n", buf); > > } > > > >Best regards, > >-- > >Marek Marcola > > > > > >owner-openssl-us...@openssl.org wrote on 02/25/2011 12:06:47 PM: > > > >> Aro RANAIVONDRAMBOLA > >> Sent by: owner-openssl-us...@openssl.org > >> > >> 02/25/2011 12:08 PM > >> > >> Please respond to > >> openssl-users@openssl.org > >> > >> To > >> > >> openssl-users@openssl.org > >> > >> cc > >> > >> Subject > >> > >> How to retrieve error about private key loading. > >> > >> Hello, > >> I realize that when my program calls SSL_CTX_use_certificate_file, it > >returns an error > >> because the certificate does not match the private key. I would to > >process this kind of > >> error. SSL_get_error( ) does not treat this case. I would like to know > >what is THE > >> function wich enable me to extract the errors type ( in my case I want > >to retrieve error > >> like SSL_ERROR_PVKEY_DOES_NOT_MATCH_WITH_CERT ) > >> Thanks for your help. > >> > > > >__ > >OpenSSL Project http://www.openssl.org > >User Support Mailing Listopenssl-users@openssl.org > >Automated List Manager majord...@openssl.org > > > > > >
Re: Re:Re: How to retrieve error about private key loading.
Ok. In fact, I develop a secure stack between TCP and an appli which will be developped by another developper. I do not want to display error on screen but now I 'd like to resend it to the appli above. I 'd like to make something wich matchs errors with integer. example : error number xxx -> PVKEY_DOES_NOT_MATCH_WITH_CERT error number yyy -> CANNOT_SET_SLL_WITH_FD So, someone who develops appli above make : if(PVKEY_DOES_NOT_MATCH_WITH_CERT) { // treat error here : prinf, etc ... } if(CANNOT_SET_SSL_WITH_FD){ //treat error here } etc... The problem is that I do not know how to retrieve xxx and yyy ... and how to match them with PVKEY_... and CANNOT_SET... etc... I am novice in C/C++ Thanks. 2011/2/25 lzyzizi > Sorry,I didn't catch your meaning... > > You can use *ERR_GET_FUNC(l) *with the error code* *to get the error > function ID that is defined in the module's header(here is ssl.h).You can > also use *const char *ERR_func_error_string(unsigned long e) *with the > error code to get the string representation of the error function. > > Every time you want to know the string information of the error code,you > need to call the* void ERR_load_ERR_strings(void) first.*(or call > *ERR_load_(MODULE > NAM)_strings(void) such as void ERR_load_SSL_strings(void)) > * > > *ERR_get_error() *.It get the most recently occurred error code. > > > At 2011-02-25 22:10:45,lzyzizi wrote: > > > I think *ERR_load_RSA_strings(void) *should be called first. > > > At 2011-02-25 19:25:51,marek.marc...@malkom.pl wrote: > > >Hello, > > > >Maybe you may try something like this: > > > >int log_err(void) > >{ > > char buf[256]; > > u_long err; > > > > while ((err = ERR_get_error()) != 0) { > > ERR_error_string_n(err, buf, sizeof(buf)); > > printf("*** %s\n", buf); > > } > > > >Best regards, > >-- > >Marek Marcola > > > > > >owner-openssl-us...@openssl.org wrote on 02/25/2011 12:06:47 PM: > > > >> Aro RANAIVONDRAMBOLA > >> Sent by: owner-openssl-us...@openssl.org > >> > >> 02/25/2011 12:08 PM > >> > >> Please respond to > >> openssl-users@openssl.org > >> > >> To > >> > >> openssl-users@openssl.org > >> > >> cc > >> > >> Subject > >> > >> How to retrieve error about private key loading. > >> > >> Hello, > >> I realize that when my program calls SSL_CTX_use_certificate_file, it > >returns an error > >> because the certificate does not match the private key. I would to > >process this kind of > >> error. SSL_get_error( ) does not treat this case. I would like to know > >what is THE > >> function wich enable me to extract the errors type ( in my case I want > >to retrieve error > >> like SSL_ERROR_PVKEY_DOES_NOT_MATCH_WITH_CERT ) > >> Thanks for your help. > >> > > > >__ > >OpenSSL Project http://www.openssl.org > >User Support Mailing Listopenssl-users@openssl.org > >Automated List Manager majord...@openssl.org > > > > > >