[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: RE: Error in Handshake
From: "Dave Thompson" <dthompson () prinpay ! com>
Date: 2013-08-20 21:32:50
Message-ID: 425CBBF9AA1A45EDA89EE01292F97D6C () prinpay ! com
[Download RAW message or body]
>From: owner-openssl-users@openssl.org On Behalf Of Harshvir Sidhu
>Sent: Monday, 19 August, 2013 12:03
>I have downloaded OpenSSL 1.0.1c.
>My application is a Server Application running on Windows XP
>compiled using VS2008.
>When i used SSL_Accept function then it fails.
>SSL_get_error gives an value of 5.
>ERR_get_error gives a string error:00000000:lib(0):func(0):reason(0)
>I have called SSL_load_error_string called after I initialize
SSL_libary_init.
When SSL_get_error is 5 (SSL_ERROR_SYSCALL) the error queue
(ERR_get_error() and friends) is often not used, and clearly
not in this case because ERR_get_error()==0 is 'no error'.
(Because 0 isn't an error, _error_strings doesn't decode it.)
You need to look at the OS error number, which for Windows
is a call to GetLastError() (for Unix it is errno).
>Similar Code use to work with 1.0.0a version of library,
>after update it started to fail. If i link the code to old
>library again it works, but with this new one it keeps on
>failing. So the application code seems correct.
Are you just re-linking or are you recompiling? I *think*
there were no binary incompatibilities between 1.0.0 and
1.0.1, but I wouldn't bet heavily on it. If you haven't
tried recompiling, do try that.
>Seems like i am missing some flag. Unfortunately, i have lost
>the old version during system update and i no longer have that
>available to compare.
>Here is a little more information incase it helps.
>I am using CAPI engine, loaded Private Key is saying it is
>Type 6 (not sure what it means), but thought like its failing
>in handshake so could related.
That's a thought. I usually see ERROR_SYSCALL with no error queue
(only OS error) on socket operations, but I don't use engines.
I would think error on an engine operation would set error queue,
but maybe not. Can your server software operate without the engine,
i.e. with OpenSSL built-in crypto, at least for a test case?
If so trying that might be a useful comparison.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic