1
linux/scripts/ssl-common.h
Jan Stancek 467d60eddf sign-file,extract-cert: avoid using deprecated ERR_get_error_line()
ERR_get_error_line() is deprecated since OpenSSL 3.0.

Use ERR_peek_error_line() instead, and combine display_openssl_errors()
and drain_openssl_errors() to a single function where parameter decides
if it should consume errors silently.

Signed-off-by: Jan Stancek <jstancek@redhat.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: R Nageswara Sastry <rnsastry@linux.ibm.com>
Reviewed-by: Neal Gompa <neal@gompa.dev>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
2024-09-20 19:49:52 +03:00

33 lines
678 B
C

/* SPDX-License-Identifier: LGPL-2.1+ */
/*
* SSL helper functions shared by sign-file and extract-cert.
*/
static void drain_openssl_errors(int l, int silent)
{
const char *file;
char buf[120];
int e, line;
if (ERR_peek_error() == 0)
return;
if (!silent)
fprintf(stderr, "At main.c:%d:\n", l);
while ((e = ERR_peek_error_line(&file, &line))) {
ERR_error_string(e, buf);
if (!silent)
fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line);
ERR_get_error();
}
}
#define ERR(cond, fmt, ...) \
do { \
bool __cond = (cond); \
drain_openssl_errors(__LINE__, 0); \
if (__cond) { \
errx(1, fmt, ## __VA_ARGS__); \
} \
} while (0)