I'm writing a daemon that talks to a server using HTTP/2 over TLS 1.2+ and
leveraging OpenSSL 1.1.1h to provide the TLS support.
At the moment I think that I have the whole TLS part figured, and I could
probably have the project running by now if I used SSL_set_fd to assign a
connected socket to the underlying BIO of an SSL object, but I want to simplify
the code as much as possible by using the highest level interfaces at my
disposal, which in the case of OpenSSL means using BIO objects.
Unfortunately I'm having a problem which is that I can't figure out how to
convert error codes returned by ERR_get_error and split by ERR_GET_LIB,
ERR_GET_FUNC, and ERR_GET_REASON into constants that I can use in a switch
statement to react to BIO errors. This is not a problem for SSL filter BIOs
since those have their own error reporting functions, but is a problem for
Internet socket source BIOs since BIO_do_connect in particular can fail due to
a system call error, a DNS error,, or even an error generated by lower level
OpenSSL functions and other BIOs in the chain, and I cannot find any manual
pages documenting these error constants, if they even exist.
Here's a small working example that illustrates the problem that I'm having:
#include <stdio.h>
#include <openssl/bio.h>
#include <openssl/err.h>
int main(void) {
ERR_load_ERR_strings();
BIO *bio = BIO_new_connect("wwx.google.com:80");
printf("Connected: %ld\n", BIO_do_connect(bio));
ERR_print_errors_fp(stderr);
return 0;
}
Running this code, which has a misspelled hostname on purpose so that it can
fail, results in the following printed out to the console:
Connected: -1
4667342272:error:2008F002:BIO routines:BIO_lookup_ex:system
lib:crypto/bio/b_addr.c:726:nodename nor servname provided, or not known
What could I do in that code to use a switch statement on the kind of
information printed by ERR_print_errors_fp? I know that, in this example, the
error is from getaddrinfo, since I recognize the error message, but assuming
that I want to handle that specific error, what can I match the library,
function, and reason error codes against?
Thanks in advance!
