mollyim/unbound
1
0
Fork 0
mirror of https://github.com/mollyim/unbound.git synced 2025-05-13 13:50:37 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #631 from mollyim/boringssl-compat

Browse source 
Replace OpenSSL's ERR_PACK with ERR_GET_REASON
This commit is contained in:
Wouter Wijngaards 2022-02-18 09:37:34 +01:00 committed by GitHub
commit fbbb42c9d4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
util/netevent.c
View file

@ -1209,23 +1209,22 @@ squelch_err_ssl_handshake(unsigned long err)
{ {
if(verbosity >= VERB_QUERY) if(verbosity >= VERB_QUERY)
return 0; /* only squelch on low verbosity */ return 0; /* only squelch on low verbosity */
/* this is very specific, we could filter on ERR_GET_REASON() if(ERR_GET_LIB(err) == ERR_LIB_SSL &&
* (the third element in ERR_PACK) */ (ERR_GET_REASON(err) == SSL_R_HTTPS_PROXY_REQUEST ||
if(err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_HTTPS_PROXY_REQUEST) || ERR_GET_REASON(err) == SSL_R_HTTP_REQUEST ||
err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_HTTP_REQUEST) || ERR_GET_REASON(err) == SSL_R_WRONG_VERSION_NUMBER ||
err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER) || ERR_GET_REASON(err) == SSL_R_SSLV3_ALERT_BAD_CERTIFICATE
err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_READ_BYTES, SSL_R_SSLV3_ALERT_BAD_CERTIFICATE)
#ifdef SSL_F_TLS_POST_PROCESS_CLIENT_HELLO #ifdef SSL_F_TLS_POST_PROCESS_CLIENT_HELLO
|| err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER) || ERR_GET_REASON(err) == SSL_R_NO_SHARED_CIPHER
#endif #endif
#ifdef SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO #ifdef SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO
|| err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL) || ERR_GET_REASON(err) == SSL_R_UNKNOWN_PROTOCOL
|| err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL) || ERR_GET_REASON(err) == SSL_R_UNSUPPORTED_PROTOCOL
# ifdef SSL_R_VERSION_TOO_LOW # ifdef SSL_R_VERSION_TOO_LOW
|| err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_VERSION_TOO_LOW) || ERR_GET_REASON(err) == SSL_R_VERSION_TOO_LOW
# endif # endif
#endif #endif
) ))
return 1; return 1;
return 0; return 0;
} }