=head1 NAME
-err - Error codes
+err - error codes
=head1 SYNOPSIS
=head1 DESCRIPTION
-When a call to the OpenSSL library fails, this is usually signalled
+When a call to the OpenSSL library fails, this is usually signaled
by the return value, and an error code is stored in an error queue
associated with the current thread. The B<err> library provides
functions to obtain these error codes and textual error messages.
-The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
+The L<ERR_get_error(3)> manpage describes how to
access error codes.
Error codes contain information about where the error occurred, and
-what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
+what went wrong. L<ERR_GET_LIB(3)> describes how to
extract this information. A method to obtain human-readable error
-messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
+messages is described in L<ERR_error_string(3)>.
-L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
+L<ERR_clear_error(3)> can be used to clear the
error queue.
-Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
+Note that L<ERR_remove_state(3)> should be used to
avoid memory leaks when threads are terminated.
=head1 ADDING NEW ERROR CODES TO OPENSSL
OpenSSL error system from within your application.
The remainder of this section is of interest only if you want to add
-new functionality to OpenSSL.
+new error codes to OpenSSL or add error codes from external libraries.
=head2 Reporting errors
errors. Its first argument is a function code B<XXX_F_...>, the second
argument is a reason code B<XXX_R_...>. Function codes are derived
from the function names; reason codes consist of textual error
-descriptions. For example, the function ssl23_read() reports a
+descriptions. For example, the function ssl3_read_bytes() reports a
"handshake failure" as follows:
- SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
+
+Function and reason codes should consist of upper case characters,
+numbers and underscores only. The error file generation script translates
+function codes into function names by looking in the header files
+for an appropriate function name, if none is found it just uses
+the capitalized form such as "SSL3_READ_BYTES" in the above example.
+
+The trailing section of a reason code (after the "_R_") is translated
+into lower case and underscores changed to spaces.
When you are using new function or reason codes, run B<make errors>.
The necessary B<#define>s will then automatically be added to the
sub-library's header file.
+Although a library will normally report errors using its own specific
+XXXerr macro, another library's macro can be used. This is normally
+only done when a library wants to include ASN1 code which must use
+the ASN1err() macro.
+
=head2 Adding new libraries
When adding a new sub-library to OpenSSL, assign it a library number
Running B<make errors> will then generate a file B<xxx_err.c>, and
add all error codes used in the library to B<xxx.h>.
+Additionally the library include file must have a certain form.
+Typically it will initially look like this:
+
+ #ifndef HEADER_XXX_H
+ #define HEADER_XXX_H
+
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+
+ /* Include files */
+
+ #include <openssl/bio.h>
+ #include <openssl/x509.h>
+
+ /* Macros, structures and function prototypes */
+
+
+ /* BEGIN ERROR CODES */
+
+The B<BEGIN ERROR CODES> sequence is used by the error code
+generation script as the point to place new error codes, any text
+after this point will be overwritten when B<make errors> is run.
+The closing #endif etc will be automatically added by the script.
+
+The generated C error code file B<xxx_err.c> will load the header
+files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
+header file must load any additional header files containing any
+definitions it uses.
+
+=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
+
+It is also possible to use OpenSSL's error code scheme in external
+libraries. The library needs to load its own codes and call the OpenSSL
+error code insertion script B<mkerr.pl> explicitly to add codes to
+the header file and generate the C error code file. This will normally
+be done if the external library needs to generate new ASN1 structures
+but it can also be used to add more general purpose error code handling.
+
+TBA more details
+
=head1 INTERNALS
The error queues are stored in a hash table with one B<ERR_STATE>
=head1 SEE ALSO
-L<CRYPTO_set_id_callback(3)|CRYPTO_set_id_callback(3)>,
-L<CRYPTO_set_locking_callback(3)|<CRYPTO_set_locking_callback(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
-L<ERR_clear_error(3)|ERR_clear_error(3)>,
-L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_print_errors(3)|ERR_print_errors(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<ERR_remove_state(3)|ERR_remove_state(3)>,
-L<ERR_put_error(3)|ERR_put_error(3)>,
-L<ERR_load_strings(3)|ERR_load_strings(3)>,
-L<SSL_get_error(3)|SSL_get_error(3)>
+L<CRYPTO_set_locking_callback(3)>,
+L<ERR_get_error(3)>,
+L<ERR_GET_LIB(3)>,
+L<ERR_clear_error(3)>,
+L<ERR_error_string(3)>,
+L<ERR_print_errors(3)>,
+L<ERR_load_crypto_strings(3)>,
+L<ERR_remove_state(3)>,
+L<ERR_put_error(3)>,
+L<ERR_load_strings(3)>,
+L<SSL_get_error(3)>
=cut