This works towards removing OpenSSL-specific error printing code from
error.c. The crypto_msg() functions provide convenience wrappers, specific
to OpenSSL. Instead of passing the magical 'M_SSLERR' flag to msg(), a
developer now just calls crypto_msg() to get OpenSSL errors dumped to log.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1414269324-14102-5-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9199
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -195,6 +195,15 @@ crypto_clear_error (void) |
195 | 195 |
ERR_clear_error (); |
196 | 196 |
} |
197 | 197 |
|
198 |
+void |
|
199 |
+crypto_print_openssl_errors(const unsigned int flags) { |
|
200 |
+ size_t err = 0; |
|
201 |
+ |
|
202 |
+ while ((err = ERR_get_error ())) |
|
203 |
+ msg (flags, "OpenSSL: %s", ERR_error_string (err, NULL)); |
|
204 |
+} |
|
205 |
+ |
|
206 |
+ |
|
198 | 207 |
/* |
199 | 208 |
* |
200 | 209 |
* OpenSSL memory debugging. If dmalloc debugging is enabled, tell |
... | ... |
@@ -70,4 +70,29 @@ typedef HMAC_CTX hmac_ctx_t; |
70 | 70 |
#define DES_KEY_LENGTH 8 |
71 | 71 |
#define MD4_DIGEST_LENGTH 16 |
72 | 72 |
|
73 |
+/** |
|
74 |
+ * Retrieve any occurred OpenSSL errors and print those errors. |
|
75 |
+ * |
|
76 |
+ * Note that this function uses the not thread-safe OpenSSL error API. |
|
77 |
+ * |
|
78 |
+ * @param flags Flags to indicate error type and priority. |
|
79 |
+ */ |
|
80 |
+void crypto_print_openssl_errors(const unsigned int flags); |
|
81 |
+ |
|
82 |
+/** |
|
83 |
+ * Retrieve any OpenSSL errors, then print the supplied error message. |
|
84 |
+ * |
|
85 |
+ * This is just a convenience wrapper for often occurring situations. |
|
86 |
+ * |
|
87 |
+ * @param flags Flags to indicate error type and priority. |
|
88 |
+ * @param format Format string to print. |
|
89 |
+ * @param format args (optional) arguments for the format string. |
|
90 |
+ */ |
|
91 |
+# define crypto_msg(flags, ...) \ |
|
92 |
+do { \ |
|
93 |
+ crypto_print_openssl_errors(nonfatal(flags)); \ |
|
94 |
+ msg((flags), __VA_ARGS__); \ |
|
95 |
+} while (false) |
|
96 |
+ |
|
97 |
+ |
|
73 | 98 |
#endif /* CRYPTO_OPENSSL_H_ */ |
... | ... |
@@ -354,6 +354,12 @@ ignore_sys_error (const int err) |
354 | 354 |
return false; |
355 | 355 |
} |
356 | 356 |
|
357 |
+/** Convert fatal errors to nonfatal, don't touch other errors */ |
|
358 |
+static inline const unsigned int |
|
359 |
+nonfatal(const unsigned int err) { |
|
360 |
+ return err & M_FATAL ? (err ^ M_FATAL) | M_NONFATAL : err; |
|
361 |
+} |
|
362 |
+ |
|
357 | 363 |
#include "errlevel.h" |
358 | 364 |
|
359 | 365 |
#endif |