RE: Re:Re: How to retrieve error about private key loading.
> From: owner-openssl-us...@openssl.org On Behalf Of ikuzar > Sent: Friday, 25 February, 2011 09:57 > 2011/2/25 lzyzizi > You can use ERR_GET_FUNC(l) with the error code to get > the error function ID that is defined in the module's header(here is ssl.h). > You can also use const char *ERR_func_error_string(unsigned long e) > with the error code to get the string representation of the error function. That's just the function-name which is rarely sufficient. While you can fiddle the pieces yourself, ERR_error_string[_n](e,buf[,n]) gives you everything in one lump which is usually more convenient. Or just printf %lx, and lookup manually with commandline 'errstr'. > Every time you want to know the string information of the error code, > you need to call the void ERR_load_ERR_strings(void) first. > (or call ERR_load_(MODULE NAM)_strings(void) such as void ERR_load_SSL_strings(void)) Not 'every time'. You need to load error strings sometime before you use them, but it's common to do it once at startup. ERR_load_ERR_strings only loads some internal infrastructure stuff, which is nowhere near enough. If you want you can do each relevant module individually ERR_load_RSA_strings ERR_load_BN_strings ERR_load_SSL_strings etc., but it's almost always easier to just do SSL_load_error_strings which does everything. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Re:Re: How to retrieve error about private key loading.
I am confused.
ERR_load_SSL_strings does not exist in the doc on openssl web site. Idem for
*ERR_load_ERR_strings().*
I do not know how to obtain string information when SSL_set_fd( ) fails. I
do not know what to do.
Why do I need to get error function ID ?
Sorry, I am so confused.
2011/2/25 lzyzizi
> Sorry,I didn't catch your meaning...
>
> You can use *ERR_GET_FUNC(l) *with the error code* *to get the error
> function ID that is defined in the module's header(here is ssl.h).You can
> also use *const char *ERR_func_error_string(unsigned long e) *with the
> error code to get the string representation of the error function.
>
> Every time you want to know the string information of the error code,you
> need to call the* void ERR_load_ERR_strings(void) first.*(or call
> *ERR_load_(MODULE
> NAM)_strings(void) such as void ERR_load_SSL_strings(void))
> *
>
> *ERR_get_error() *.It get the most recently occurred error code.
>
>
> At 2011-02-25 22:10:45,lzyzizi wrote:
>
>
> I think *ERR_load_RSA_strings(void) *should be called first.
>
>
> At 2011-02-25 19:25:51,marek.marc...@malkom.pl wrote:
>
> >Hello,
> >
> >Maybe you may try something like this:
> >
> >int log_err(void)
> >{
> > char buf[256];
> > u_long err;
> >
> > while ((err = ERR_get_error()) != 0) {
> > ERR_error_string_n(err, buf, sizeof(buf));
> > printf("*** %s\n", buf);
> > }
> >
> >Best regards,
> >--
> >Marek Marcola
> >
> >
> >owner-openssl-us...@openssl.org wrote on 02/25/2011 12:06:47 PM:
> >
> >> Aro RANAIVONDRAMBOLA
> >> Sent by: owner-openssl-us...@openssl.org
> >>
> >> 02/25/2011 12:08 PM
> >>
> >> Please respond to
> >> openssl-users@openssl.org
> >>
> >> To
> >>
> >> openssl-users@openssl.org
> >>
> >> cc
> >>
> >> Subject
> >>
> >> How to retrieve error about private key loading.
> >>
> >> Hello,
> >> I realize that when my program calls SSL_CTX_use_certificate_file, it
> >returns an error
> >> because the certificate does not match the private key. I would to
> >process this kind of
> >> error. SSL_get_error( ) does not treat this case. I would like to know
> >what is THE
> >> function wich enable me to extract the errors type ( in my case I want
> >to retrieve error
> >> like SSL_ERROR_PVKEY_DOES_NOT_MATCH_WITH_CERT )
> >> Thanks for your help.
> >>
> >
> >__
> >OpenSSL Project http://www.openssl.org
> >User Support Mailing Listopenssl-users@openssl.org
> >Automated List Manager majord...@openssl.org
>
>
>
>
>
>
Re: Re:Re: How to retrieve error about private key loading.
Ok.
In fact, I develop a secure stack between TCP and an appli which will be
developped by another developper.
I do not want to display error on screen but now I 'd like to resend it to
the appli above. I 'd like to make something wich matchs errors with
integer. example :
error number xxx -> PVKEY_DOES_NOT_MATCH_WITH_CERT
error number yyy -> CANNOT_SET_SLL_WITH_FD
So, someone who develops appli above make :
if(PVKEY_DOES_NOT_MATCH_WITH_CERT) {
// treat error here : prinf, etc ...
}
if(CANNOT_SET_SSL_WITH_FD){
//treat error here
}
etc...
The problem is that I do not know how to retrieve xxx and yyy ... and how to
match them with PVKEY_... and CANNOT_SET... etc...
I am novice in C/C++
Thanks.
2011/2/25 lzyzizi
> Sorry,I didn't catch your meaning...
>
> You can use *ERR_GET_FUNC(l) *with the error code* *to get the error
> function ID that is defined in the module's header(here is ssl.h).You can
> also use *const char *ERR_func_error_string(unsigned long e) *with the
> error code to get the string representation of the error function.
>
> Every time you want to know the string information of the error code,you
> need to call the* void ERR_load_ERR_strings(void) first.*(or call
> *ERR_load_(MODULE
> NAM)_strings(void) such as void ERR_load_SSL_strings(void))
> *
>
> *ERR_get_error() *.It get the most recently occurred error code.
>
>
> At 2011-02-25 22:10:45,lzyzizi wrote:
>
>
> I think *ERR_load_RSA_strings(void) *should be called first.
>
>
> At 2011-02-25 19:25:51,marek.marc...@malkom.pl wrote:
>
> >Hello,
> >
> >Maybe you may try something like this:
> >
> >int log_err(void)
> >{
> > char buf[256];
> > u_long err;
> >
> > while ((err = ERR_get_error()) != 0) {
> > ERR_error_string_n(err, buf, sizeof(buf));
> > printf("*** %s\n", buf);
> > }
> >
> >Best regards,
> >--
> >Marek Marcola
> >
> >
> >owner-openssl-us...@openssl.org wrote on 02/25/2011 12:06:47 PM:
> >
> >> Aro RANAIVONDRAMBOLA
> >> Sent by: owner-openssl-us...@openssl.org
> >>
> >> 02/25/2011 12:08 PM
> >>
> >> Please respond to
> >> openssl-users@openssl.org
> >>
> >> To
> >>
> >> openssl-users@openssl.org
> >>
> >> cc
> >>
> >> Subject
> >>
> >> How to retrieve error about private key loading.
> >>
> >> Hello,
> >> I realize that when my program calls SSL_CTX_use_certificate_file, it
> >returns an error
> >> because the certificate does not match the private key. I would to
> >process this kind of
> >> error. SSL_get_error( ) does not treat this case. I would like to know
> >what is THE
> >> function wich enable me to extract the errors type ( in my case I want
> >to retrieve error
> >> like SSL_ERROR_PVKEY_DOES_NOT_MATCH_WITH_CERT )
> >> Thanks for your help.
> >>
> >
> >__
> >OpenSSL Project http://www.openssl.org
> >User Support Mailing Listopenssl-users@openssl.org
> >Automated List Manager majord...@openssl.org
>
>
>
>
>
>
