From: Andre Noll Date: Tue, 2 May 2023 19:16:29 +0000 (+0200) Subject: openssl: Introduce openssl_perror(). X-Git-Url: http://git.tue.mpg.de/?a=commitdiff_plain;h=6a5b7c55fc65303245e9e54c65ba409da1215343;p=paraslash.git openssl: Introduce openssl_perror(). Openssl has a decent error reporting framework, but we only employ it if get_random_bytes_or_die() fails. This patch abstracts out a new helper which prints the error string of the earliest error code from the thread's error queue. We make the helper return -E_OPENSSL unconditionally as this simplifies callers a bit. Only get_random_bytes_or_die() calls the new helper for now but additional callers will be added in subsequent commits. --- diff --git a/error.h b/error.h index 8805c9c7..899543ab 100644 --- a/error.h +++ b/error.h @@ -155,6 +155,7 @@ PARA_ERROR(OGG_PACKET_IN, "ogg_stream_packetin() failed"), \ PARA_ERROR(OGG_SYNC, "internal ogg storage overflow"), \ PARA_ERROR(OPENSSH_PARSE, "could not parse openssh private key"), \ + PARA_ERROR(OPENSSL, "openssl error"), \ PARA_ERROR(OPUS_COMMENT, "invalid or corrupted opus comment"), \ PARA_ERROR(OPUS_DECODE, "opus decode error"), \ PARA_ERROR(OPUS_HEADER, "invalid opus header"), \ diff --git a/openssl.c b/openssl.c index e3416949..6dba1b27 100644 --- a/openssl.c +++ b/openssl.c @@ -24,15 +24,21 @@ struct asymmetric_key { RSA *rsa; }; +static int openssl_perror(const char *pfx) +{ + unsigned long err = ERR_get_error(); + PARA_ERROR_LOG("%s: \"%s\"\n", pfx, ERR_reason_error_string(err)); + return -E_OPENSSL; +} + void get_random_bytes_or_die(unsigned char *buf, int num) { - unsigned long err; + int ret; - /* RAND_bytes() returns 1 on success, 0 otherwise. */ - if (RAND_bytes(buf, num) == 1) + if (RAND_bytes(buf, num) == 1) /* success */ return; - err = ERR_get_error(); - PARA_EMERG_LOG("%s\n", ERR_reason_error_string(err)); + ret = openssl_perror("RAND_bytes"); + PARA_EMERG_LOG("%s\n", strerror(-ret)); exit(EXIT_FAILURE); }