aboutsummaryrefslogtreecommitdiffstats
path: root/lib/dns/openssl_link.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/dns/openssl_link.c')
-rw-r--r--lib/dns/openssl_link.c42
1 files changed, 41 insertions, 1 deletions
diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
index 83dd1fc666d3..dd930bdb64fe 100644
--- a/lib/dns/openssl_link.c
+++ b/lib/dns/openssl_link.c
@@ -45,6 +45,10 @@
#include <isc/thread.h>
#include <isc/util.h>
+#include <dns/log.h>
+
+#include <dst/result.h>
+
#include "dst_internal.h"
#include "dst_openssl.h"
@@ -166,6 +170,8 @@ dst__openssl_init() {
CRYPTO_set_locking_callback(lock_callback);
CRYPTO_set_id_callback(id_callback);
+ ERR_load_crypto_strings();
+
rm = mem_alloc(sizeof(RAND_METHOD));
if (rm == NULL) {
result = ISC_R_NOMEMORY;
@@ -317,7 +323,7 @@ dst__openssl_destroy() {
isc_result_t
dst__openssl_toresult(isc_result_t fallback) {
isc_result_t result = fallback;
- int err = ERR_get_error();
+ unsigned long err = ERR_get_error();
switch (ERR_GET_REASON(err)) {
case ERR_R_MALLOC_FAILURE:
@@ -330,6 +336,40 @@ dst__openssl_toresult(isc_result_t fallback) {
return (result);
}
+isc_result_t
+dst__openssl_toresult2(const char *funcname, isc_result_t fallback) {
+ isc_result_t result = fallback;
+ unsigned long err = ERR_peek_error();
+ const char *file, *data;
+ int line, flags;
+ char buf[256];
+
+ switch (ERR_GET_REASON(err)) {
+ case ERR_R_MALLOC_FAILURE:
+ result = ISC_R_NOMEMORY;
+ goto done;
+ default:
+ break;
+ }
+ isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
+ DNS_LOGMODULE_CRYPTO, ISC_LOG_WARNING,
+ "%s failed", funcname);
+ for (;;) {
+ err = ERR_get_error_line_data(&file, &line, &data, &flags);
+ if (err == 0U)
+ goto done;
+ ERR_error_string_n(err, buf, sizeof(buf));
+ isc_log_write(dns_lctx, DNS_LOGCATEGORY_GENERAL,
+ DNS_LOGMODULE_CRYPTO, ISC_LOG_INFO,
+ "%s:%s:%d:%s", buf, file, line,
+ (flags & ERR_TXT_STRING) ? data : "");
+ }
+
+ done:
+ ERR_clear_error();
+ return (result);
+}
+
#if defined(USE_ENGINE)
ENGINE *
dst__openssl_getengine(const char *name) {