how to return SSL error stack #312
Comments
|
Shouldn't it just raise an error with a backtrace? |
|
Samuel Williams <[email protected]> wrote:
Shouldn't it just raise an error with a backtrace?
OpenSSL has a stack of errors which can be formatted as text.
a) this needs to be intelligently returned to the user, not just
fprintf(stderr,)'ed, so that errors can be intelligently displayed.
For instance, it's the only way to find out why a certificate with an
obsolete algorithm won't load. (i.e. SHA1 inside RSA signature)
b) users should ideally rescue on some aspects of the backtrace, but
each layer of the openssl system can return an error.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
A number of routines (I'm debugging ossl_x509extfactory_create_ext) need to log the entire SSL error call stack in order to provide better diagnostics.
I know how to get this out as a string, but I'm not sure what the best way to return the error is.
I think that we should return an array of strings (it's an error stack), and it's only really ever gonna be meaningful to humans.
Please advise.
The text was updated successfully, but these errors were encountered: