fix: Add duplicatessl-common.h script for certs

Signed-off-by: Felicitas Pojtinger <[email protected]>
loopholelabs · Nov 27, 2024 · 40bfe37 · 40bfe37
1 parent 81fd5c6
commit 40bfe37
Showing 1 changed file with 38 additions and 0 deletions.
diff --git a/patches/fix-signing.patch b/patches/fix-signing.patch
@@ -192,6 +192,44 @@ index 70e9ec89d87d..7d6d468ed612 100644
  	} else {
  		BIO *b;
  		X509 *x509;
+diff --git a/certs/ssl-common.h b/certs/ssl-common.h
+new file mode 100644
+index 000000000000..2db0e181143c
+--- /dev/null
++++ b/certs/ssl-common.h
+@@ -0,0 +1,32 @@
++/* SPDX-License-Identifier: LGPL-2.1+ */
++/*
++ * SSL helper functions shared by sign-file and extract-cert.
++ */
++
++static void drain_openssl_errors(int l, int silent)
++{
++	const char *file;
++	char buf[120];
++	int e, line;
++
++	if (ERR_peek_error() == 0)
++		return;
++	if (!silent)
++		fprintf(stderr, "At main.c:%d:\n", l);
++
++	while ((e = ERR_peek_error_line(&file, &line))) {
++		ERR_error_string(e, buf);
++		if (!silent)
++			fprintf(stderr, "- SSL %s: %s:%d\n", buf, file, line);
++		ERR_get_error();
++	}
++}
++
++#define ERR(cond, fmt, ...)				\
++	do {						\
++		bool __cond = (cond);			\
++		drain_openssl_errors(__LINE__, 0);	\
++		if (__cond) {				\
++			errx(1, fmt, ## __VA_ARGS__);	\
++		}					\
++	} while (0)
 diff --git a/scripts/sign-file.c b/scripts/sign-file.c
 index 3edb156ae52c..7070245edfc1 100644
 --- a/scripts/sign-file.c