From: Richard Levitte Date: Wed, 24 Jul 2019 14:55:32 +0000 (+0200) Subject: Avoid using ERR_put_error() directly in OpenSSL code X-Git-Tag: openssl-3.0.0-alpha1~1699 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=c3612970465d0a13f2fc5b47bc28ca18516a699d;p=oweals%2Fopenssl.git Avoid using ERR_put_error() directly in OpenSSL code If compiled with 'no-deprecated', ERR_put_error() is undefined. We had one spot where we were using it directly, because the file and line information was passed from elsewhere. Fortunately, it's possible to use ERR_raise() for that situation, and call ERR_set_debug() immediately after and thereby override the information that ERR_raise() stored in the error record. util/mkerr.pl needed a small adjustment to not generate code that won't compile in a 'no-deprecated' configuration. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/9452) --- diff --git a/engines/e_afalg_err.c b/engines/e_afalg_err.c index c436f10a41..4db6d660c9 100644 --- a/engines/e_afalg_err.c +++ b/engines/e_afalg_err.c @@ -66,5 +66,6 @@ static void ERR_AFALG_error(int function, int reason, char *file, int line) { if (lib_code == 0) lib_code = ERR_get_next_error_library(); - ERR_PUT_error(lib_code, function, reason, file, line); + ERR_raise(lib_code, reason); + ERR_set_debug(file, line, NULL); } diff --git a/engines/e_capi_err.c b/engines/e_capi_err.c index acbec41d08..e2b1f7561f 100644 --- a/engines/e_capi_err.c +++ b/engines/e_capi_err.c @@ -89,5 +89,6 @@ static void ERR_CAPI_error(int function, int reason, char *file, int line) { if (lib_code == 0) lib_code = ERR_get_next_error_library(); - ERR_PUT_error(lib_code, function, reason, file, line); + ERR_raise(lib_code, reason); + ERR_set_debug(file, line, NULL); } diff --git a/engines/e_dasync_err.c b/engines/e_dasync_err.c index 0920690af6..a2e6c0dc86 100644 --- a/engines/e_dasync_err.c +++ b/engines/e_dasync_err.c @@ -51,5 +51,6 @@ static void ERR_DASYNC_error(int function, int reason, char *file, int line) { if (lib_code == 0) lib_code = ERR_get_next_error_library(); - ERR_PUT_error(lib_code, function, reason, file, line); + ERR_raise(lib_code, reason); + ERR_set_debug(file, line, NULL); } diff --git a/engines/e_ossltest_err.c b/engines/e_ossltest_err.c index b81e00b43c..d9ee80cb83 100644 --- a/engines/e_ossltest_err.c +++ b/engines/e_ossltest_err.c @@ -51,5 +51,6 @@ static void ERR_OSSLTEST_error(int function, int reason, char *file, int line) { if (lib_code == 0) lib_code = ERR_get_next_error_library(); - ERR_PUT_error(lib_code, function, reason, file, line); + ERR_raise(lib_code, reason); + ERR_set_debug(file, line, NULL); } diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c index a35573c935..bd9277b71e 100644 --- a/ssl/statem/statem.c +++ b/ssl/statem/statem.c @@ -118,7 +118,8 @@ void ossl_statem_set_renegotiate(SSL *s) void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file, int line) { - ERR_put_error(ERR_LIB_SSL, func, reason, file, line); + ERR_raise(ERR_LIB_SSL, reason); + ERR_set_debug(file, line, NULL); /* Override what ERR_raise set */ /* We shouldn't call SSLfatal() twice. Once is enough */ if (s->statem.in_init && s->statem.state == MSG_FLOW_ERROR) return; diff --git a/util/mkerr.pl b/util/mkerr.pl index 956b66179a..51e034703d 100755 --- a/util/mkerr.pl +++ b/util/mkerr.pl @@ -650,7 +650,8 @@ ${st}void ERR_${lib}_error(int function, int reason, char *file, int line) { if (lib_code == 0) lib_code = ERR_get_next_error_library(); - ERR_PUT_error(lib_code, function, reason, file, line); + ERR_raise(lib_code, reason); + ERR_set_debug(file, line, NULL); } EOF