From e6dda929ddb98d81c32090d1b52db7ff61070f0f Mon Sep 17 00:00:00 2001
From: Frederic Martinsons <frederic.martinsons@unabiz.com>
Date: Tue, 20 Aug 2024 14:07:23 +0200
Subject: [PATCH] pppd: add error message getter for openssl

And use this for digest functions in case of error.

Signed-off-by: Frederic Martinsons <frederic.martinsons@unabiz.com>
---
 pppd/crypto.c   | 17 +++++++++++++++++
 pppd/crypto.h   |  7 +++++++
 pppd/ppp-md4.c  |  7 +++++++
 pppd/ppp-md5.c  |  8 ++++++++
 pppd/ppp-sha1.c |  8 ++++++++
 5 files changed, 47 insertions(+)

diff --git a/pppd/crypto.c b/pppd/crypto.c
index 905f11d9b..2dacf2c0c 100644
--- a/pppd/crypto.c
+++ b/pppd/crypto.c
@@ -40,6 +40,7 @@
 
 #ifdef PPP_WITH_OPENSSL
 #include <openssl/opensslv.h>
+#include <openssl/err.h>
 #endif
 
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
@@ -179,6 +180,22 @@ int PPP_crypto_deinit()
     return 1;
 }
 
+char *PPP_crypto_get_error()
+{
+    char* ret = NULL;
+#ifdef PPP_WITH_OPENSSL
+    BIO *bio = BIO_new (BIO_s_mem ());
+    ERR_print_errors (bio);
+    char *buf = NULL;
+    size_t len = BIO_get_mem_data (bio, &buf);
+    ret = (char *) calloc (1, 1 + len);
+    if (ret)
+        memcpy (ret, buf, len);
+    BIO_free (bio);
+#endif
+    return ret;
+}
+
 #ifdef UNIT_TEST
 #include <stdio.h>
 
diff --git a/pppd/crypto.h b/pppd/crypto.h
index c559d0c45..cea58e8b2 100644
--- a/pppd/crypto.h
+++ b/pppd/crypto.h
@@ -156,6 +156,13 @@ int PPP_crypto_init();
  */
 int PPP_crypto_deinit();
 
+/*
+ * Get possible human readable error message from crypto
+ * return string must be freed unless NULL (which is what
+ * is returned if compilation is done without openssl)
+ */
+char *PPP_crypto_get_error();
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/pppd/ppp-md4.c b/pppd/ppp-md4.c
index c5811107d..70eb57bc7 100644
--- a/pppd/ppp-md4.c
+++ b/pppd/ppp-md4.c
@@ -46,6 +46,7 @@
 #define EVP_MD_CTX_new EVP_MD_CTX_create
 #endif
 
+#include "pppd-private.h"
 
 static int md4_init(PPP_MD_CTX *ctx)
 {
@@ -55,6 +56,12 @@ static int md4_init(PPP_MD_CTX *ctx)
             if (EVP_DigestInit(mctx, EVP_md4())) {
                 ctx->priv = mctx;
                 return 1;
+            } else {
+                char* err = PPP_crypto_get_error();
+                if (err) {
+                    error("EVP_DigestInit failed: %s", err);
+                    free(err);
+                }
             }
             EVP_MD_CTX_free(mctx);
         }
diff --git a/pppd/ppp-md5.c b/pppd/ppp-md5.c
index ac39c016d..2e37289ca 100644
--- a/pppd/ppp-md5.c
+++ b/pppd/ppp-md5.c
@@ -46,6 +46,8 @@
 #define EVP_MD_CTX_new EVP_MD_CTX_create
 #endif
 
+#include "pppd-private.h"
+
 static int md5_init(PPP_MD_CTX *ctx)
 {
     if (ctx) {
@@ -54,6 +56,12 @@ static int md5_init(PPP_MD_CTX *ctx)
             if (EVP_DigestInit((EVP_MD_CTX*) mctx, EVP_md5())) {
                 ctx->priv = mctx;
                 return 1;
+            } else {
+                char* err = PPP_crypto_get_error();
+                if (err) {
+                    error("EVP_DigestInit failed: %s", err);
+                    free(err);
+                }
             }
             EVP_MD_CTX_free(mctx);
         }
diff --git a/pppd/ppp-sha1.c b/pppd/ppp-sha1.c
index 9ff3a2496..8ac3d108a 100644
--- a/pppd/ppp-sha1.c
+++ b/pppd/ppp-sha1.c
@@ -48,6 +48,8 @@
 #define EVP_MD_CTX_new EVP_MD_CTX_create
 #endif
 
+#include "pppd-private.h"
+
 static int sha1_init(PPP_MD_CTX *ctx)
 {
     if (ctx) {
@@ -56,6 +58,12 @@ static int sha1_init(PPP_MD_CTX *ctx)
             if (EVP_DigestInit(mctx, EVP_sha1())) {
                 ctx->priv = mctx;
                 return 1;
+            } else {
+                char* err = PPP_crypto_get_error();
+                if (err) {
+                    error("EVP_DigestInit failed: %s", err);
+                    free(err);
+                }
             }
             EVP_MD_CTX_free(mctx);
         }