Branch: refs/heads/improve-openssl-error-logging Home: https://github.com/kronosnet/kronosnet Commit: 5d394724324ab9dd59d4ad408d12c73ee77876c2 https://github.com/kronosnet/kronosnet/commit/5d394724324ab9dd59d4ad408d12c7... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2026-04-24 (Fri, 24 Apr 2026)

Changed paths: M libknet/crypto_openssl.c

Log Message: ----------- libknet: improve OpenSSL error logging to print entire error stack

Fixes #456

The OpenSSL crypto module previously used ERR_error_string_n(ERR_get_error()) which only retrieved and logged the first error from OpenSSL's error queue. When multiple errors occur, they are all pushed onto the error stack, and only logging the first error can make debugging difficult.

This patch introduces a new helper function log_openssl_errors() that: - Iterates through the entire OpenSSL error stack using ERR_get_error() in a loop until it returns 0 - Formats each error using ERR_error_string_n() - Logs each error at the appropriate level (ERR or DEBUG) - Marks subsequent errors with "additional error:" prefix for clarity - Automatically clears the error stack after logging

All error reporting call sites have been updated to use this helper, eliminating local sslerr buffers that are no longer needed.

Benefits: - Complete error context: All errors in the stack are now visible - Better debugging: Easier to diagnose complex OpenSSL failures - Cleaner code: Removes repetitive error handling boilerplate

Reported-by: Dmitry Belyavskiy beldmit@gmail.com Signed-off-by: Fabio M. Di Nitto fabbione@kronosnet.org Co-Authored-By: Claude Sonnet 4.5 noreply@anthropic.com

To unsubscribe from these emails, change your notification settings at https://github.com/kronosnet/kronosnet/settings/notifications