From c8496a83d88998ede42f04ce16b1daf6c7d39477 Mon Sep 17 00:00:00 2001
From: Přemysl Janouch <p.janouch@gmail.com>
Date: Wed, 15 Jul 2015 23:11:12 +0200
Subject: Unfuck OpenSSL error messages

We still take just the first error message in the queue, though.
---
 degesch.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'degesch.c')

diff --git a/degesch.c b/degesch.c
index 1ff89c9..615ebb7 100644
--- a/degesch.c
+++ b/degesch.c
@@ -3980,7 +3980,7 @@ transport_tls_init_cert (struct server *s, SSL *ssl, struct error **e)
 	else if (!SSL_use_certificate_file (ssl, path, SSL_FILETYPE_PEM)
 		|| !SSL_use_PrivateKey_file (ssl, path, SSL_FILETYPE_PEM))
 		error_set (e, "%s: %s", "Setting the SSL client certificate failed",
-			ERR_error_string (ERR_get_error (), NULL));
+			ERR_reason_error_string (ERR_get_error ()));
 	else
 		result = true;
 	free (path);
@@ -4028,10 +4028,8 @@ error_ssl_3:
 error_ssl_2:
 	SSL_CTX_free (ssl_ctx);
 error_ssl_1:
-	// XXX: these error strings are really nasty; also there could be
-	//   multiple errors on the OpenSSL stack.
 	if (!error_info)
-		error_info = ERR_error_string (ERR_get_error (), NULL);
+		error_info = ERR_reason_error_string (ERR_get_error ());
 	error_set (e, "%s: %s", "could not initialize SSL/TLS", error_info);
 	return false;
 }
-- 
cgit v1.2.3-54-g00ecf