[Bulk] Re: [xmlsec] ErrorsCallback ???

Edward Shallow ed.shallow at rogers.com
Fri Jan 6 08:55:18 PST 2006

 Thanks for your patience,

   All I would like to do is trap the most informative message in whatever
way works, I am not fussy. In this simple password example it would be "The
specified network password is not correct" message. Neither of 1) setting
ErrorsCallback or 2) using xmlGetLastError is working for me. This is true
of both openssl and mscrypto. With the ErrorsCallback set, mscrypto returns
nothing in the msg argument, and openssl returns the offending p12 file
name. I think it makes sense to get back the more informative "The specified
network password is not correct" message.

   The best would be to get at this "most informative" msg which always goes
to stderr perfectly, but can't be trappped in any easy way programmatically.
The xmlGetLastError seemed very attractive and it does work perfectly for
all libxml2 calls and returns output which is identical to stderr. 

Hope this helps,

-----Original Message-----
From: xmlsec-bounces at aleksey.com [mailto:xmlsec-bounces at aleksey.com] On
Behalf Of Aleksey Sanin
Sent: January 6, 2006 12:01 AM
To: ed.shallow at rogers.com
Cc: xmlsec at aleksey.com
Subject: [Bulk] Re: [xmlsec] ErrorsCallback ???


I think I found the reason for your confusion. In the first email in this
thread you gave several example for MSCrypto error messages with and without
errors callback set. I'll pick one of them and will explain the problem:


epmErrorCallback xmlsec error follows:
file                                    ..\src\mscrypto\app.c
line                                    614
func                                    xmlSecMSCryptoAppPkcs12LoadMemory
errorObject                             None
errorSubject                            PFXVerifyPassword
reason                                  4

No ErrorsCallback set

bj=unknown:subj=PFXVerifyPassword:error=4:crypto library function failed:
;last error=86 (0x00000056);last error msg=The specified network password is
not correct.

The 'msg' you see in the first case (with epmErrorsCallback) is provided by
the xmlsec-mscrypto (or xmlsec-openssl) author. If you go to the
corresponding file, you'll see that there is *no* message provided in this
case thus you observe correct results.

The messages you see in the second case (no custom ErrorsCallback) are
created by xmlSecMSCryptoErrorsDefaultCallback() function which is *the*
default errors callback when xmlsec-mscrypto is used (yes, it is a little
bit confusing :( ). This function simply calls Windows
GetLastError() and FormatMessage() to generate the

   "last error=86 (0x00000056);last error msg=The specified network
    password is not correct."

message and append it to *all* error messages.

I agree, this is confusing but the system does what it was written to do.
May be a better approach would be to move this "extra"
xmlSecMSCryptoErrorsDefaultCallback() functionality into the generic
xmlSecErrorsDefaultCallback() and just ifdef it for Windows only.
Then the output will be consistent between different crypto libraries.


xmlsec mailing list
xmlsec at aleksey.com

More information about the xmlsec mailing list