« Return to Thread: Fw: Question on enhancing OpenSSL logs
Re: Fw: Question on enhancing OpenSSL logs
by Marek.Marcola
::
Rate this Message:
Hello,
This looks like declaration mismatch, you should send more info (used
compilers, environment),
maybe simple test code.
Best regards,
--
Marek Marcola <Marek.Marcola@...>
owner-openssl-users@... wrote on 05/21/2012 02:52:15 PM:
> grajaprabhu@...
> Sent by: owner-openssl-users@...
>
> 05/21/2012 04:51 PM
>
> Please respond to
> openssl-users@...
>
> To
>
> Marek.Marcola@...
>
> cc
>
> openssl-users@..., openssl-dev@...
>
> Subject
>
> Fw: Question on enhancing OpenSSL logs
>
> Hi Marek,
>
> Thanks for the snippet. Its working in dev. But however its failing inone of our test
> regions with a compilation error as below.
>
> Cannot assign extern "C" void(*)(ssl_st*,int,int) to extern "C"
void(*)() at a line where we have
> "SSL_CTX_set_info_callback(ctx, ssl_connection_info_cb);"
>
> We are doing the same as mentioned in the below mail chain.
>
> Can you pleas help us in resolving this. Thanks in advance.
>
> Thanks
> Gogula Krishnan Rajaprabhu
>
> ----- Forwarded by Karthikeyan Thirumal/Chennai/iNautix on 05/17/201212:49 PM -----
>
> Marek.Marcola@...
> Sent by: owner-openssl-users@...
> 05/16/2012 09:12 PM
>
> Please respond to
> openssl-users@...
>
> To
>
> openssl-users@...
>
> cc
>
> openssl-dev@..., openssl-users@...,owner-openssl-users@...
>
> Subject
>
> Re: Question on enhancing OpenSSL logs
>
>
>
>
>
>
> Hello,
>
> You may trace connect/accept progres defining some callback function:
>
> /**
> * SSL connection info callback.
> *
> * @param ssl SSL connection
> socket
> * @param type connection type
> * @param val connection info
> * @return none
> */
> static void ssl_connection_info_cb(const SSL * ssl, int type, int val)
> {
> if (type & SSL_CB_LOOP) {
> log_tra("ssl_state: %s: %s",
> type &
> SSL_ST_CONNECT ? "connect" :
> type &
> SSL_ST_ACCEPT ? "accept" :
> "undefined", SSL_state_string_long(ssl));
> }
> if (type & SSL_CB_ALERT) {
> log_tra("ssl_alert: %s:%s: %s",
> type &
> SSL_CB_READ ? "read" : "write",
> SSL_alert_type_string_long(val), SSL_alert_desc_string_long(val));
> }
> }
>
> and at library initialization set this callback:
>
> /* callback for connection information on SSL/TLS session negotiation */
> SSL_CTX_set_info_callback(ctx, ssl_connection_info_cb);
>
> Best regards,
> --
> Marek Marcola <Marek.Marcola@...>
>
> owner-openssl-users@... wrote on 05/16/2012 05:15:40 PM:
>
> > KThirumal@...
> > Sent by: owner-openssl-users@...
> >
> > 05/16/2012 05:25 PM
> >
> > Please respond to
> > openssl-users@...
> >
> > To
> >
> > openssl-users@..., openssl-dev@...
> >
> > cc
> >
> > Subject
> >
> > Question on enhancing OpenSSL logs
> >
> > Team
> > I have a query on enhancing the OpenSSL logs,
> >
> > As you know, "SSL_accept" is just one call using SSL library for anSSL
> handshake, but
> > there are couple of steps inside this process like Client Hello /
Server
> Hello, etc.
> > What if i need to find the internal failures in SSL handshake ? Is
there
> any openssl
> > debug option available where the SSL library is capable of logging
> additional info ?
> >
> > We already have a series of error cases handled for SSL handshake, but
> they are pre-
> > defined by OpenSSL and they do not speak on where they failed,
> >
> > err = SSL_accept((SSL *)SockObj->SSLCtx);
> > if(err<=0){
> > err=SSL_get_error((SSL *)SockObj->SSLCtx,err);
> > switch(err){
> > case SSL_ERROR_NONE:
> > case SSL_ERROR_ZERO_RETURN:
> > case SSL_ERROR_WANT_READ:
> > case SSL_ERROR_WANT_WRITE:
> > case SSL_ERROR_WANT_CONNECT:
> > case SSL_ERROR_SYSCALL:
> > case SSL_ERROR_SSL:
> > }
> > }
> >
> > Can you shed some lights here ?
> >
> > Thanks & Regards
> > ________________________
> > Karthikeyan Thirumal
> >
> > ******************************************************
> > This message and any files or attachments sent with this messagecontain
> confidential
> > information and is intended only for the individual named. If you are
> not the named
> > addressee, you should not disseminate, distribute, copy or use any
part
> of this email.
> > If you have received this message in error, please delete it and all
> copies from your
> > system and notify the sender immediately by return Email.
> >
> > Email transmission cannot be guaranteed to be secure or error-free as
> information can be
> > intercepted, corrupted, lost, destroyed, late, incomplete or may
contain
> viruses. The
> > sender, therefore, does not accept liability for any errors or
omissions
> in the contents
> > of this message, which arise as a result of email transmission.
> > ******************************************************
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@...
> Automated List Manager majordomo@...
>
>
> Information Classification: Public
> ******************************************************
> This message and any files or attachments sent with this message containconfidential
> information and is intended only for the individual named. If you are
not the named
> addressee, you should not disseminate, distribute, copy or use any part
of this email.
> If you have received this message in error, please delete it and all
copies from your
> system and notify the sender immediately by return Email.
>
> Email transmission cannot be guaranteed to be secure or error-free as
information can be
> intercepted, corrupted, lost, destroyed, late, incomplete or may contain
viruses. The
> sender, therefore, does not accept liability for any errors or omissions
in the contents
> of this message, which arise as a result of email transmission.
> ******************************************************
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@...
Automated List Manager majordomo@...
This looks like declaration mismatch, you should send more info (used
compilers, environment),
maybe simple test code.
Best regards,
--
Marek Marcola <Marek.Marcola@...>
owner-openssl-users@... wrote on 05/21/2012 02:52:15 PM:
> grajaprabhu@...
> Sent by: owner-openssl-users@...
>
> 05/21/2012 04:51 PM
>
> Please respond to
> openssl-users@...
>
> To
>
> Marek.Marcola@...
>
> cc
>
> openssl-users@..., openssl-dev@...
>
> Subject
>
> Fw: Question on enhancing OpenSSL logs
>
> Hi Marek,
>
> Thanks for the snippet. Its working in dev. But however its failing in
> regions with a compilation error as below.
>
> Cannot assign extern "C" void(*)(ssl_st*,int,int) to extern "C"
void(*)() at a line where we have
> "SSL_CTX_set_info_callback(ctx, ssl_connection_info_cb);"
>
> We are doing the same as mentioned in the below mail chain.
>
> Can you pleas help us in resolving this. Thanks in advance.
>
> Thanks
> Gogula Krishnan Rajaprabhu
>
> ----- Forwarded by Karthikeyan Thirumal/Chennai/iNautix on 05/17/2012
>
> Marek.Marcola@...
> Sent by: owner-openssl-users@...
> 05/16/2012 09:12 PM
>
> Please respond to
> openssl-users@...
>
> To
>
> openssl-users@...
>
> cc
>
> openssl-dev@..., openssl-users@...,
>
> Subject
>
> Re: Question on enhancing OpenSSL logs
>
>
>
>
>
>
> Hello,
>
> You may trace connect/accept progres defining some callback function:
>
> /**
> * SSL connection info callback.
> *
> * @param ssl SSL connection
> socket
> * @param type connection type
> * @param val connection info
> * @return none
> */
> static void ssl_connection_info_cb(const SSL * ssl, int type, int val)
> {
> if (type & SSL_CB_LOOP) {
> log_tra("ssl_state: %s: %s",
> type &
> SSL_ST_CONNECT ? "connect" :
> type &
> SSL_ST_ACCEPT ? "accept" :
> "undefined", SSL_state_string_long(ssl));
> }
> if (type & SSL_CB_ALERT) {
> log_tra("ssl_alert: %s:%s: %s",
> type &
> SSL_CB_READ ? "read" : "write",
> SSL_alert_type_string_long(val), SSL_alert_desc_string_long(val));
> }
> }
>
> and at library initialization set this callback:
>
> /* callback for connection information on SSL/TLS session negotiation */
> SSL_CTX_set_info_callback(ctx, ssl_connection_info_cb);
>
> Best regards,
> --
> Marek Marcola <Marek.Marcola@...>
>
> owner-openssl-users@... wrote on 05/16/2012 05:15:40 PM:
>
> > KThirumal@...
> > Sent by: owner-openssl-users@...
> >
> > 05/16/2012 05:25 PM
> >
> > Please respond to
> > openssl-users@...
> >
> > To
> >
> > openssl-users@..., openssl-dev@...
> >
> > cc
> >
> > Subject
> >
> > Question on enhancing OpenSSL logs
> >
> > Team
> > I have a query on enhancing the OpenSSL logs,
> >
> > As you know, "SSL_accept" is just one call using SSL library for an
> handshake, but
> > there are couple of steps inside this process like Client Hello /
Server
> Hello, etc.
> > What if i need to find the internal failures in SSL handshake ? Is
there
> any openssl
> > debug option available where the SSL library is capable of logging
> additional info ?
> >
> > We already have a series of error cases handled for SSL handshake, but
> they are pre-
> > defined by OpenSSL and they do not speak on where they failed,
> >
> > err = SSL_accept((SSL *)SockObj->SSLCtx);
> > if(err<=0){
> > err=SSL_get_error((SSL *)SockObj->SSLCtx,err);
> > switch(err){
> > case SSL_ERROR_NONE:
> > case SSL_ERROR_ZERO_RETURN:
> > case SSL_ERROR_WANT_READ:
> > case SSL_ERROR_WANT_WRITE:
> > case SSL_ERROR_WANT_CONNECT:
> > case SSL_ERROR_SYSCALL:
> > case SSL_ERROR_SSL:
> > }
> > }
> >
> > Can you shed some lights here ?
> >
> > Thanks & Regards
> > ________________________
> > Karthikeyan Thirumal
> >
> > ******************************************************
> > This message and any files or attachments sent with this message
> confidential
> > information and is intended only for the individual named. If you are
> not the named
> > addressee, you should not disseminate, distribute, copy or use any
part
> of this email.
> > If you have received this message in error, please delete it and all
> copies from your
> > system and notify the sender immediately by return Email.
> >
> > Email transmission cannot be guaranteed to be secure or error-free as
> information can be
> > intercepted, corrupted, lost, destroyed, late, incomplete or may
contain
> viruses. The
> > sender, therefore, does not accept liability for any errors or
omissions
> in the contents
> > of this message, which arise as a result of email transmission.
> > ******************************************************
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@...
> Automated List Manager majordomo@...
>
>
> Information Classification: Public
> ******************************************************
> This message and any files or attachments sent with this message contain
> information and is intended only for the individual named. If you are
not the named
> addressee, you should not disseminate, distribute, copy or use any part
of this email.
> If you have received this message in error, please delete it and all
copies from your
> system and notify the sender immediately by return Email.
>
> Email transmission cannot be guaranteed to be secure or error-free as
information can be
> intercepted, corrupted, lost, destroyed, late, incomplete or may contain
viruses. The
> sender, therefore, does not accept liability for any errors or omissions
in the contents
> of this message, which arise as a result of email transmission.
> ******************************************************
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@...
Automated List Manager majordomo@...
« Return to Thread: Fw: Question on enhancing OpenSSL logs
| Free embeddable forum powered by Nabble | Forum Help |
