最近我在连接特定服务器的测试中发生了类似的错误:
握手失败;返回-1,SSL错误代码1,net_error -103
我通过搜索铬源代码找到了一些有用的理由,这表明了ret代码的含义.也许它可以帮助你找到原因.
SSL错误代码5:
铬// SRC / THIRD_PARTY / boringssl / SRC /包含/ OpenSSL的/ ssl.h
/ *
SSL_ERROR_SYSCALL表示库外部的操作失败.
调用者应该参考特定于系统的错误机制.这是
通常|错误|但如果使用自定义| BIO |,可能是自定义的.它
如果运输返回EOF,也可以发出信号,在这种情况下
操作的返回值为零.
* /
define SSL_ERROR_SYSCALL 5
net_error -107
//发生了SSL协议错误.
NET_ERROR(SSL_PROTOCOL_ERROR, -107)
如果你想找到更多的细节,打印这个日志的主要功能如下:
铬// SRC / NET /插座/ ssl_server_socket_impl.cc
int SSLServerSocketImpl::DoHandshake() {
crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
int net_error = OK;
int rv = SSL_do_handshake(ssl_.get());
if (rv == 1) {
completed_handshake_ = true;
// The results of SSL_get_peer_certificate() must be explicitly freed.
bssl::UniquePtr cert(SSL_get_peer_certificate(ssl_.get()));
if (cert) {
// The caller does not take ownership of SSL_get_peer_cert_chain's
// results.
STACK_OF(X509)* chain = SSL_get_peer_cert_chain(ssl_.get());
client_cert_ = CreateX509Certificate(cert.get(), chain);
if (!client_cert_.get())
return ERR_SSL_CLIENT_AUTH_CERT_BAD_FORMAT;
}
} else {
int ssl_error = SSL_get_error(ssl_.get(), rv);
OpenSSLErrorInfo error_info;
net_error = MapOpenSSLErrorWithDetails(ssl_error, err_tracer,
&error_info);
// SSL_R_CERTIFICATE_VERIFY_FAILED's mapping is different between client and
// server.
if (ERR_GET_LIB(error_info.error_code) == ERR_LIB_SSL &&
ERR_GET_REASON(error_info.error_code) ==
SSL_R_CERTIFICATE_VERIFY_FAILED) {
net_error = ERR_BAD_SSL_CLIENT_AUTH_CERT;
}
// If not done, stay in this state
if (net_error == ERR_IO_PENDING) {
GotoState(STATE_HANDSHAKE);
} else {
LOG(ERROR) << "handshake failed; returned " << rv << ", SSL error code "
<< ssl_error << ", net_error " << net_error;
net_log_.AddEvent(
NetLogEventType::SSL_HANDSHAKE_ERROR,
CreateNetLogOpenSSLErrorCallback(net_error, ssl_error,
error_info));
}
}
return net_error;
}
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
