Gisle made the code use ERR_error_string_n()
This commit is contained in:
		
							
								
								
									
										25
									
								
								lib/ssluse.c
									
									
									
									
									
								
							
							
						
						
									
										25
									
								
								lib/ssluse.c
									
									
									
									
									
								
							| @@ -75,6 +75,10 @@ | |||||||
| #undef HAVE_ENGINE_LOAD_FOUR_ARGS | #undef HAVE_ENGINE_LOAD_FOUR_ARGS | ||||||
| #endif | #endif | ||||||
|  |  | ||||||
|  | #if OPENSSL_VERSION_NUMBER >= 0x00906001L | ||||||
|  | #define HAVE_ERR_ERROR_STRING_N 1 | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  |  | ||||||
| #ifndef HAVE_USERDATA_IN_PWD_CALLBACK | #ifndef HAVE_USERDATA_IN_PWD_CALLBACK | ||||||
| static char global_passwd[64]; | static char global_passwd[64]; | ||||||
| @@ -383,21 +387,17 @@ int cert_verify_callback(int ok, X509_STORE_CTX *ctx) | |||||||
|   char buf[256]; |   char buf[256]; | ||||||
|  |  | ||||||
|   err_cert=X509_STORE_CTX_get_current_cert(ctx); |   err_cert=X509_STORE_CTX_get_current_cert(ctx); | ||||||
|   X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256); |   X509_NAME_oneline(X509_get_subject_name(err_cert), buf, sizeof(buf)); | ||||||
|  |  | ||||||
|   return ok; |   return ok; | ||||||
| } | } | ||||||
|  |  | ||||||
| #endif |  | ||||||
|  |  | ||||||
| #ifdef USE_SSLEAY |  | ||||||
| /* "global" init done? */ | /* "global" init done? */ | ||||||
| static int init_ssl=0; | static int init_ssl=0; | ||||||
|  |  | ||||||
| /* we have the "SSL is seeded" boolean global for the application to | /* we have the "SSL is seeded" boolean global for the application to | ||||||
|    prevent multiple time-consuming seedings in vain */ |    prevent multiple time-consuming seedings in vain */ | ||||||
| static bool ssl_seeded = FALSE; | static bool ssl_seeded = FALSE; | ||||||
| #endif | #endif /* USE_SSLEAY */ | ||||||
|  |  | ||||||
| /* Global init */ | /* Global init */ | ||||||
| void Curl_SSL_init(void) | void Curl_SSL_init(void) | ||||||
| @@ -1141,11 +1141,16 @@ Curl_SSLConnect(struct connectdata *conn, | |||||||
|           return CURLE_SSL_CACERT; |           return CURLE_SSL_CACERT; | ||||||
|         default: |         default: | ||||||
|           /* detail is already set to the SSL error above */ |           /* detail is already set to the SSL error above */ | ||||||
|           failf(data, "SSL: %s", ERR_error_string(errdetail, error_buffer)); | #ifdef HAVE_ERR_ERROR_STRING_N | ||||||
|           /* OpenSSL 0.9.6 and later has a function named |           /* OpenSSL 0.9.6 and later has a function named | ||||||
|              ERRO_error_string_n() that takes the size of the buffer as a third |              ERRO_error_string_n() that takes the size of the buffer as a | ||||||
|              argument, and we should possibly switch to using that one in the |              third argument */ | ||||||
|              future. */ |           ERR_error_string_n(errdetail, error_buffer, sizeof(error_buffer)); | ||||||
|  | #else | ||||||
|  |           ERR_error_string(errdetail, error_buffer); | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  |           failf(data, "SSL: %s", error_buffer); | ||||||
|           return CURLE_SSL_CONNECT_ERROR; |           return CURLE_SSL_CONNECT_ERROR; | ||||||
|         } |         } | ||||||
|       } |       } | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Daniel Stenberg
					Daniel Stenberg