Browse code
openssl: add crypto_msg(), to easily log openssl errors
This works towards removing OpenSSL-specific error printing code from
error.c. The crypto_msg() functions provide convenience wrappers, specific
to OpenSSL. Instead of passing the magical 'M_SSLERR' flag to msg(), a
developer now just calls crypto_msg() to get OpenSSL errors dumped to log.
Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1414269324-14102-5-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9199
Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger authored on 2014/10/26 05:35:22Showing 3 changed files
| ... | ... |
@@ -195,6 +195,15 @@ crypto_clear_error (void) |
| 195 | 195 |
ERR_clear_error (); |
| 196 | 196 |
} |
| 197 | 197 |
|
| 198 |
+void |
|
| 199 |
+crypto_print_openssl_errors(const unsigned int flags) {
|
|
| 200 |
+ size_t err = 0; |
|
| 201 |
+ |
|
| 202 |
+ while ((err = ERR_get_error ())) |
|
| 203 |
+ msg (flags, "OpenSSL: %s", ERR_error_string (err, NULL)); |
|
| 204 |
+} |
|
| 205 |
+ |
|
| 206 |
+ |
|
| 198 | 207 |
/* |
| 199 | 208 |
* |
| 200 | 209 |
* OpenSSL memory debugging. If dmalloc debugging is enabled, tell |
| ... | ... |
@@ -70,4 +70,29 @@ typedef HMAC_CTX hmac_ctx_t; |
| 70 | 70 |
#define DES_KEY_LENGTH 8 |
| 71 | 71 |
#define MD4_DIGEST_LENGTH 16 |
| 72 | 72 |
|
| 73 |
+/** |
|
| 74 |
+ * Retrieve any occurred OpenSSL errors and print those errors. |
|
| 75 |
+ * |
|
| 76 |
+ * Note that this function uses the not thread-safe OpenSSL error API. |
|
| 77 |
+ * |
|
| 78 |
+ * @param flags Flags to indicate error type and priority. |
|
| 79 |
+ */ |
|
| 80 |
+void crypto_print_openssl_errors(const unsigned int flags); |
|
| 81 |
+ |
|
| 82 |
+/** |
|
| 83 |
+ * Retrieve any OpenSSL errors, then print the supplied error message. |
|
| 84 |
+ * |
|
| 85 |
+ * This is just a convenience wrapper for often occurring situations. |
|
| 86 |
+ * |
|
| 87 |
+ * @param flags Flags to indicate error type and priority. |
|
| 88 |
+ * @param format Format string to print. |
|
| 89 |
+ * @param format args (optional) arguments for the format string. |
|
| 90 |
+ */ |
|
| 91 |
+# define crypto_msg(flags, ...) \ |
|
| 92 |
+do { \
|
|
| 93 |
+ crypto_print_openssl_errors(nonfatal(flags)); \ |
|
| 94 |
+ msg((flags), __VA_ARGS__); \ |
|
| 95 |
+} while (false) |
|
| 96 |
+ |
|
| 97 |
+ |
|
| 73 | 98 |
#endif /* CRYPTO_OPENSSL_H_ */ |
| ... | ... |
@@ -354,6 +354,12 @@ ignore_sys_error (const int err) |
| 354 | 354 |
return false; |
| 355 | 355 |
} |
| 356 | 356 |
|
| 357 |
+/** Convert fatal errors to nonfatal, don't touch other errors */ |
|
| 358 |
+static inline const unsigned int |
|
| 359 |
+nonfatal(const unsigned int err) {
|
|
| 360 |
+ return err & M_FATAL ? (err ^ M_FATAL) | M_NONFATAL : err; |
|
| 361 |
+} |
|
| 362 |
+ |
|
| 357 | 363 |
#include "errlevel.h" |
| 358 | 364 |
|
| 359 | 365 |
#endif |