RSA BSAFE SSL-C

Security protocol components for C

Search

Error Functions

This section details the functions that support the error reporting for the SSL handshake.

Functions

void SSL_load_error_strings (void)
 Loads all SSL and cryptographic library error strings. More...

int SSL_get_error (SSL *ssl, int ret_code)
 Returns the status of the last SSL I/O operation. More...

Function Documentation

int SSL_get_error SSL   ssl,
int    func_ret
;
 

Returns the status of the last SSL I/O operation. All SSL I/O functions (for example, SSL_read(), SSL_write(), SSL_do_handshake(), SSL_connect() and SSL_accept()) have a return code ret_code indicating the success (or status) of the operation.

Parameters:
ssl [In] The SSL which returned the error.
func_ret [In] The function return code from the previous SSL handshake. This code can be either read or write.
Returns:
SSL_ERROR_NONE indicates success.
See Error Codes for valid values.
See also:
SSL_do_handshake(), SSL_read() and SSL_write().
Example:

    int return_code;
    char buf[512];

    return_code = SSL_read(ssl, buf, sizeof(buf));

    switch(SSL_get_error(ssl, return_code))
    {
    case SSL_ERROR_NONE:
        /* perform operations */
        break;

    case SSL_ERROR_SSL:
        /* perform operations */
        break;

        /* The next four options are used with non-blocking semantics.
         * This may not be applicable, depending on the underlying
         * socket/BIO.
         */

    case SSL_ERROR_WANT_READ:

        /* Same as above for read. Because an SSL_write occurs does
         * not mean a WANT_READ error will not appear as the SSL
         * protocol involves message exchange.
         */
        break;

    case SSL_ERROR_WANT_WRITE:

        /* Same as above for write. Because an SSL_read occurs does not
         * mean a WANT_WRITE error will not appear as the SSL protocol
         * involves message  exchange.
         */
        break;

    case SSL_ERROR_WANT_CONNECT:

        /* If the application is using a connect BIO e.g.. BIO_new_connect(),
         * this error can be returned. Under WIN32, it is possible to
         * detect a completing connection. This is not as applicable
         * under Unix.
         */
        break;

    case SSL_ERROR_WANT_X509_LOOKUP:

        /* This option is only returned if an application callback (used to
         * retrieve a certificate) sets this condition for failure. The
         * application must recall SSL_read when the callback is able to
         * find a certificate.
         */
        break;

    case SSL_ERROR_SYSCALL:
        /* Call failed because an operating system dependent function failed.
         * This is normally fatal. Use SSL_get_error for further information.
         */
        break;

    case SSL_ERROR_ZERO_RETURN:
        /* Low-level operating system call to read/write data returned 0. For
         * most operating systems, when using sockets, this implies the other
         * end of the socket was closed.
         */
        break;
    }
Samples:
cache_server.c, fips_client.c, PKCS11Client.c, simple.c, ssl_client.c, and ssl_server.c.

void SSL_load_error_strings   ;
 

Loads all SSL and cryptographic library error strings. If the error strings are not loaded, only the error numbers will appear.

note.gif
Loading the error strings is optional. Not loading the strings will reduce memory consumption and the executable size.
Samples:
bio_client.c, bio_server.c, cache_server.c, fips_client.c, nbio_client.c, nbio_server.c, PKCS11Client.c, s_frombuf.c, sock_client.c, sock_server.c, ssl_client.c, and ssl_server.c.

Copyright (c) 1999-2004 RSA Security Inc. All rights reserved. 050-001001-2600-000-000 - 2.6