pppd: add error message getter for openssl

And use this for digest functions in case of error. Signed-off-by: Frederic Martinsons <[email protected]>
ppp-project · Aug 20, 2024 · e6dda92 · e6dda92
1 parent 17f3240
commit e6dda92
Show file tree

Hide file tree

Showing 5 changed files with 47 additions and 0 deletions.
diff --git a/pppd/crypto.c b/pppd/crypto.c
@@ -40,6 +40,7 @@
 
 #ifdef PPP_WITH_OPENSSL
 #include <openssl/opensslv.h>
+#include <openssl/err.h>
 #endif
 
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
@@ -179,6 +180,22 @@ int PPP_crypto_deinit()
     return 1;
 }
 
+char *PPP_crypto_get_error()
+{
+    char* ret = NULL;
+#ifdef PPP_WITH_OPENSSL
+    BIO *bio = BIO_new (BIO_s_mem ());
+    ERR_print_errors (bio);
+    char *buf = NULL;
+    size_t len = BIO_get_mem_data (bio, &buf);
+    ret = (char *) calloc (1, 1 + len);
+    if (ret)
+        memcpy (ret, buf, len);
+    BIO_free (bio);
+#endif
+    return ret;
+}
+
 #ifdef UNIT_TEST
 #include <stdio.h>
 

diff --git a/pppd/crypto.h b/pppd/crypto.h
@@ -156,6 +156,13 @@ int PPP_crypto_init();
  */
 int PPP_crypto_deinit();
 
+/*
+ * Get possible human readable error message from crypto
+ * return string must be freed unless NULL (which is what
+ * is returned if compilation is done without openssl)
+ */
+char *PPP_crypto_get_error();
+
 #ifdef __cplusplus
 }
 #endif

diff --git a/pppd/ppp-md4.c b/pppd/ppp-md4.c
@@ -46,6 +46,7 @@
 #define EVP_MD_CTX_new EVP_MD_CTX_create
 #endif
 
+#include "pppd-private.h"
 
 static int md4_init(PPP_MD_CTX *ctx)
 {
@@ -55,6 +56,12 @@ static int md4_init(PPP_MD_CTX *ctx)
             if (EVP_DigestInit(mctx, EVP_md4())) {
                 ctx->priv = mctx;
                 return 1;
+            } else {
+                char* err = PPP_crypto_get_error();
+                if (err) {
+                    error("EVP_DigestInit failed: %s", err);
+                    free(err);
+                }
             }
             EVP_MD_CTX_free(mctx);
         }

diff --git a/pppd/ppp-md5.c b/pppd/ppp-md5.c
@@ -46,6 +46,8 @@
 #define EVP_MD_CTX_new EVP_MD_CTX_create
 #endif
 
+#include "pppd-private.h"
+
 static int md5_init(PPP_MD_CTX *ctx)
 {
     if (ctx) {
@@ -54,6 +56,12 @@ static int md5_init(PPP_MD_CTX *ctx)
             if (EVP_DigestInit((EVP_MD_CTX*) mctx, EVP_md5())) {
                 ctx->priv = mctx;
                 return 1;
+            } else {
+                char* err = PPP_crypto_get_error();
+                if (err) {
+                    error("EVP_DigestInit failed: %s", err);
+                    free(err);
+                }
             }
             EVP_MD_CTX_free(mctx);
         }

diff --git a/pppd/ppp-sha1.c b/pppd/ppp-sha1.c
@@ -48,6 +48,8 @@
 #define EVP_MD_CTX_new EVP_MD_CTX_create
 #endif
 
+#include "pppd-private.h"
+
 static int sha1_init(PPP_MD_CTX *ctx)
 {
     if (ctx) {
@@ -56,6 +58,12 @@ static int sha1_init(PPP_MD_CTX *ctx)
             if (EVP_DigestInit(mctx, EVP_sha1())) {
                 ctx->priv = mctx;
                 return 1;
+            } else {
+                char* err = PPP_crypto_get_error();
+                if (err) {
+                    error("EVP_DigestInit failed: %s", err);
+                    free(err);
+                }
             }
             EVP_MD_CTX_free(mctx);
         }