From 2563afb92099b1b2a5653dfbe10f4a3de36b0462 Mon Sep 17 00:00:00 2001
From: Aram Sargsyan <aram@isc.org>
Date: Sun, 5 Sep 2021 09:41:00 +0000
Subject: [PATCH] Use ERR_get_error_all() instead of deprecated
 ERR_get_error_line_data()

OpenSSL 3.0.0 deprecates the ERR_get_error_line_data() function.

Use ERR_get_error_all() instead of ERR_get_error_line_data() and create
a shim to use the old variant for the older OpenSSL versions which don't
have the newer ERR_get_error_all().
---
 configure.ac           |  1 +
 lib/dns/Makefile.am    |  2 ++
 lib/dns/openssl_link.c |  6 ++++--
 lib/dns/openssl_shim.c | 27 +++++++++++++++++++++++++++
 lib/dns/openssl_shim.h | 20 ++++++++++++++++++++
 util/copyrights        |  2 ++
 6 files changed, 56 insertions(+), 2 deletions(-)
 create mode 100644 lib/dns/openssl_shim.c
 create mode 100644 lib/dns/openssl_shim.h

diff --git a/configure.ac b/configure.ac
index 0a09220195..21d8774997 100644
--- a/configure.ac
+++ b/configure.ac
@@ -628,6 +628,7 @@ AC_CHECK_FUNCS([OPENSSL_init_ssl OPENSSL_init_crypto])
 AC_CHECK_FUNCS([CRYPTO_zalloc])
 AC_CHECK_FUNCS([EVP_CIPHER_CTX_new EVP_CIPHER_CTX_free])
 AC_CHECK_FUNCS([EVP_MD_CTX_new EVP_MD_CTX_free EVP_MD_CTX_reset EVP_MD_CTX_get0_md])
+AC_CHECK_FUNCS([ERR_get_error_all])
 AC_CHECK_FUNCS([HMAC_CTX_new HMAC_CTX_free HMAC_CTX_reset HMAC_CTX_get_md])
 AC_CHECK_FUNCS([SSL_read_ex SSL_peek_ex SSL_write_ex])
 AC_CHECK_FUNCS([BIO_read_ex BIO_write_ex])
diff --git a/lib/dns/Makefile.am b/lib/dns/Makefile.am
index 8fc70b5524..e4b397b6f3 100644
--- a/lib/dns/Makefile.am
+++ b/lib/dns/Makefile.am
@@ -198,6 +198,8 @@ libdns_la_SOURCES =			\
 	nsec3.c				\
 	nta.c				\
 	openssl_link.c			\
+	openssl_shim.c			\
+	openssl_shim.h			\
 	openssldh_link.c		\
 	opensslecdsa_link.c		\
 	openssleddsa_link.c		\
diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
index 0f32c75305..ff3c92b25f 100644
--- a/lib/dns/openssl_link.c
+++ b/lib/dns/openssl_link.c
@@ -41,6 +41,8 @@
 #include <openssl/engine.h>
 #endif /* if !defined(OPENSSL_NO_ENGINE) */
 
+#include "openssl_shim.h"
+
 #if !defined(OPENSSL_NO_ENGINE)
 static ENGINE *e = NULL;
 #endif /* if !defined(OPENSSL_NO_ENGINE) */
@@ -160,7 +162,7 @@ dst__openssl_toresult3(isc_logcategory_t *category, const char *funcname,
 		       isc_result_t fallback) {
 	isc_result_t result;
 	unsigned long err;
-	const char *file, *data;
+	const char *file, *func, *data;
 	int line, flags;
 	char buf[256];
 
@@ -174,7 +176,7 @@ dst__openssl_toresult3(isc_logcategory_t *category, const char *funcname,
 	}
 
 	for (;;) {
-		err = ERR_get_error_line_data(&file, &line, &data, &flags);
+		err = ERR_get_error_all(&file, &line, &func, &data, &flags);
 		if (err == 0U) {
 			goto done;
 		}
diff --git a/lib/dns/openssl_shim.c b/lib/dns/openssl_shim.c
new file mode 100644
index 0000000000..4fbb119a9a
--- /dev/null
+++ b/lib/dns/openssl_shim.c
@@ -0,0 +1,27 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+#include "openssl_shim.h"
+
+#include <openssl/err.h>
+
+#if !HAVE_ERR_GET_ERROR_ALL
+static const char err_empty_string = '\0';
+
+unsigned long
+ERR_get_error_all(const char **file, int *line, const char **func,
+		  const char **data, int *flags) {
+	if (func != NULL) {
+		*func = &err_empty_string;
+	}
+	return (ERR_get_error_line_data(file, line, data, flags));
+}
+#endif /* if !HAVE_ERR_GET_ERROR_ALL */
diff --git a/lib/dns/openssl_shim.h b/lib/dns/openssl_shim.h
new file mode 100644
index 0000000000..baf509c4a4
--- /dev/null
+++ b/lib/dns/openssl_shim.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+#pragma once
+
+#include <openssl/err.h>
+
+#if !HAVE_ERR_GET_ERROR_ALL
+unsigned long
+ERR_get_error_all(const char **file, int *line, const char **func,
+		  const char **data, int *flags);
+#endif /* if !HAVE_ERR_GET_ERROR_ALL */
diff --git a/util/copyrights b/util/copyrights
index ff99235844..ede8082947 100644
--- a/util/copyrights
+++ b/util/copyrights
@@ -1269,6 +1269,8 @@
 ./lib/dns/nsec3.c				C	2006,2008,2009,2010,2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021
 ./lib/dns/nta.c					C	2014,2015,2016,2017,2018,2019,2020,2021
 ./lib/dns/openssl_link.c			C.NAI	1999,2000,2001,2002,2003,2004,2005,2006,2007,2008,2009,2010,2011,2012,2014,2015,2016,2017,2018,2019,2020,2021
+./lib/dns/openssl_shim.c			C	2021
+./lib/dns/openssl_shim.h			C	2021
 ./lib/dns/openssldh_link.c			C.NAI	1999,2000,2001,2002,2004,2005,2006,2007,2008,2009,2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021
 ./lib/dns/opensslecdsa_link.c			C	2012,2013,2014,2015,2016,2017,2018,2019,2020,2021
 ./lib/dns/openssleddsa_link.c			C	2017,2018,2019,2020,2021