9 #include <openssl/err.h>
11 unsigned long ERR_get_error(void);
12 unsigned long ERR_peek_error(void);
13 unsigned long ERR_get_error_line(const char **file, int *line);
14 unsigned long ERR_peek_error_line(const char **file, int *line);
15 unsigned long ERR_get_error_line_data(const char **file, int *line,
16 const char **data, int *flags);
17 unsigned long ERR_peek_error_line_data(const char **file, int *line,
18 const char **data, int *flags);
20 int ERR_GET_LIB(unsigned long e);
21 int ERR_GET_FUNC(unsigned long e);
22 int ERR_GET_REASON(unsigned long e);
24 void ERR_clear_error(void);
26 char *ERR_error_string(unsigned long e, char *buf);
27 const char *ERR_lib_error_string(unsigned long e);
28 const char *ERR_func_error_string(unsigned long e);
29 const char *ERR_reason_error_string(unsigned long e);
31 void ERR_print_errors(BIO *bp);
32 void ERR_print_errors_fp(FILE *fp);
34 void ERR_load_crypto_strings(void);
35 void ERR_free_strings(void);
37 void ERR_remove_state(unsigned long pid);
39 void ERR_put_error(int lib, int func, int reason, const char *file,
41 void ERR_add_error_data(int num, ...);
43 void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
44 unsigned long ERR_PACK(int lib, int func, int reason);
45 int ERR_get_next_error_library(void);
49 When a call to the OpenSSL library fails, this is usually signalled
50 by the return value, and an error code is stored in an error queue
51 associated with the current thread. The B<err> library provides
52 functions to obtain these error codes and textual error messages.
54 The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
57 Error codes contain information about where the error occurred, and
58 what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
59 extract this information. A method to obtain human-readable error
60 messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
62 L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
65 Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
66 avoid memory leaks when threads are terminated.
68 =head1 ADDING NEW ERROR CODES TO OPENSSL
70 See L<ERR_put_error(3)> if you want to record error codes in the
71 OpenSSL error system from within your application.
73 The remainder of this section is of interest only if you want to add
74 new error codes to OpenSSL or add error codes from external libraries.
76 =head2 Reporting errors
78 Each sub-library has a specific macro XXXerr() that is used to report
79 errors. Its first argument is a function code B<XXX_F_...>, the second
80 argument is a reason code B<XXX_R_...>. Function codes are derived
81 from the function names; reason codes consist of textual error
82 descriptions. For example, the function ssl23_read() reports a
83 "handshake failure" as follows:
85 SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
87 Function and reason codes should consist of upper case characters,
88 numbers and underscores only. The error file generation script translates
89 function codes into function names by looking in the header files
90 for an appropriate function name, if none is found it just uses
91 the capitalized form such as "SSL23_READ" in the above example.
93 The trailing section of a reason code (after the "_R_") is translated
94 into lower case and underscores changed to spaces.
96 When you are using new function or reason codes, run B<make errors>.
97 The necessary B<#define>s will then automatically be added to the
98 sub-library's header file.
100 Although a library will normally report errors using its own specific
101 XXXerr macro, another library's macro can be used. This is normally
102 only done when a library wants to include ASN1 code which must use
105 =head2 Adding new libraries
107 When adding a new sub-library to OpenSSL, assign it a library number
108 B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
109 name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
110 C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
111 (in B<crypto/err/err_all.c>). Finally, add an entry
113 L XXX xxx.h xxx_err.c
115 to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
116 Running B<make errors> will then generate a file B<xxx_err.c>, and
117 add all error codes used in the library to B<xxx.h>.
119 Additionally the library include file must have a certain form.
120 Typically it will initially look like this:
131 #include <openssl/bio.h>
132 #include <openssl/x509.h>
134 /* Macros, structures and function prototypes */
137 /* BEGIN ERROR CODES */
139 The B<BEGIN ERROR CODES> sequence is used by the error code
140 generation script as the point to place new error codes, any text
141 after this point will be overwritten when B<make errors> is run.
142 The closing #endif etc will be automatically added by the script.
144 The generated C error code file B<xxx_err.c> will load the header
145 files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
146 header file must load any additional header files containing any
149 =head1 USING ERROR CODES IN EXTERNAL LIBRARIES
151 It is also possible to use OpenSSL's error code scheme in external
152 libraries. The library needs to load its own codes and call the OpenSSL
153 error code insertion script B<mkerr.pl> explicitly to add codes to
154 the header file and generate the C error code file. This will normally
155 be done if the external library needs to generate new ASN1 structures
156 but it can also be used to add more general purpose error code handling.
162 The error queues are stored in a hash table with one B<ERR_STATE>
163 entry for each pid. ERR_get_state() returns the current thread's
164 B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
165 codes. When more error codes are added, the old ones are overwritten,
166 on the assumption that the most recent errors are most important.
168 Error strings are also stored in hash table. The hash tables can
169 be obtained by calling ERR_get_err_state_table(void) and
170 ERR_get_string_table(void) respectively.
174 L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
175 L<ERR_get_error(3)|ERR_get_error(3)>,
176 L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
177 L<ERR_clear_error(3)|ERR_clear_error(3)>,
178 L<ERR_error_string(3)|ERR_error_string(3)>,
179 L<ERR_print_errors(3)|ERR_print_errors(3)>,
180 L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
181 L<ERR_remove_state(3)|ERR_remove_state(3)>,
182 L<ERR_put_error(3)|ERR_put_error(3)>,
183 L<ERR_load_strings(3)|ERR_load_strings(3)>,
184 L<SSL_get_error(3)|SSL_get_error(3)>