RSA BSAFE Micro Edition Suite

Streamlined security for mobile and embedded devices
Search  Print

Error Functions

This section details the functions that support the error reporting for the SSL handshake.

Functions

int R_CDECL SSL_get_error (SSL *ssl, int ret_code)
 Returns the status of the last SSL I/O operation. More...

Function Documentation

int R_CDECL SSL_get_error SSL   ssl,
int    func_ret
;
 

Returns the status of the last SSL I/O operation. All SSL I/O functions (for example, SSL_read(), SSL_write(), SSL_do_handshake(), SSL_connect() and SSL_accept()) have a return code ret_code indicating the success (or status) of the operation.

Parameters:
ssl [In] The SSL which returned the error.
func_ret [In] The function return code from the previous SSL handshake. This code can be either read or write.
Returns:
SSL_ERROR_NONE indicates success.
See Error Codes for valid values.
See also:
SSL_do_handshake(), SSL_read() and SSL_write().
Example:

    int return_code;
    char buf[512];

    return_code = SSL_read(ssl, buf, sizeof(buf));

    switch(SSL_get_error(ssl, return_code))
    {
    case SSL_ERROR_NONE:
        /* perform operations */
        break;

    case SSL_ERROR_SSL:
        /* perform operations */
        break;

        /* The next four options are used with non-blocking semantics.
         * This may not be applicable, depending on the underlying
         * socket/BIO.
         */

    case SSL_ERROR_WANT_READ:

        /* Same as above for read. Because an SSL_write occurs does
         * not mean a WANT_READ error will not appear as the SSL
         * protocol involves message exchange.
         */
        break;

    case SSL_ERROR_WANT_WRITE:

        /* Same as above for write. Because an SSL_read occurs does not
         * mean a WANT_WRITE error will not appear as the SSL protocol
         * involves message  exchange.
         */
        break;

    case SSL_ERROR_WANT_CONNECT:

        /* If the application is using a connect BIO e.g.. BIO_new_connect(),
         * this error can be returned. Under WIN32, it is possible to
         * detect a completing connection. This is not as applicable
         * under Unix.
         */
        break;

    case SSL_ERROR_WANT_X509_LOOKUP:

        /* This option is only returned if an application callback (used to
         * retrieve a certificate) sets this condition for failure. The
         * application must recall SSL_read when the callback is able to
         * find a certificate.
         */
        break;

    case SSL_ERROR_SYSCALL:
        /* Call failed because an operating system dependent function failed.
         * This is normally fatal. Use SSL_get_error for further information.
         */
        break;

    case SSL_ERROR_ZERO_RETURN:
        /* Low-level operating system call to read/write data returned 0. For
         * most operating systems, when using sockets, this implies the other
         * end of the socket was closed.
         */
        break;
    }
Samples:
cache_server.c, p7ssl_client.c, p7ssl_server.c, simple.c, ssl_client.c, and ssl_server.c.

Copyright (c) 1999-2005 RSA Security Inc. All rights reserved. 072-001001-2100-001-000 - 2.1