From 78aee89201cd40b4fe3973a135eb722a4cb1cc85 Mon Sep 17 00:00:00 2001 From: Oscar Mira Date: Sun, 6 Feb 2022 20:37:46 +0100 Subject: [PATCH] Replace OpenSSL's ERR_PACK with ERR_GET_REASON --- util/netevent.c | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/util/netevent.c b/util/netevent.c index b9b7230e4..f6fb8c242 100644 --- a/util/netevent.c +++ b/util/netevent.c @@ -1209,23 +1209,22 @@ squelch_err_ssl_handshake(unsigned long err) { if(verbosity >= VERB_QUERY) return 0; /* only squelch on low verbosity */ - /* this is very specific, we could filter on ERR_GET_REASON() - * (the third element in ERR_PACK) */ - if(err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_HTTPS_PROXY_REQUEST) || - err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_HTTP_REQUEST) || - err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER) || - err == ERR_PACK(ERR_LIB_SSL, SSL_F_SSL3_READ_BYTES, SSL_R_SSLV3_ALERT_BAD_CERTIFICATE) + if(ERR_GET_LIB(err) == ERR_LIB_SSL && + (ERR_GET_REASON(err) == SSL_R_HTTPS_PROXY_REQUEST || + ERR_GET_REASON(err) == SSL_R_HTTP_REQUEST || + ERR_GET_REASON(err) == SSL_R_WRONG_VERSION_NUMBER || + ERR_GET_REASON(err) == SSL_R_SSLV3_ALERT_BAD_CERTIFICATE #ifdef SSL_F_TLS_POST_PROCESS_CLIENT_HELLO - || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER) + || ERR_GET_REASON(err) == SSL_R_NO_SHARED_CIPHER #endif #ifdef SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO - || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL) - || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL) + || ERR_GET_REASON(err) == SSL_R_UNKNOWN_PROTOCOL + || ERR_GET_REASON(err) == SSL_R_UNSUPPORTED_PROTOCOL # ifdef SSL_R_VERSION_TOO_LOW - || err == ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO, SSL_R_VERSION_TOO_LOW) + || ERR_GET_REASON(err) == SSL_R_VERSION_TOO_LOW # endif #endif - ) + )) return 1; return 0; } -- 2.47.2