Removing function names from errors (PR 9058)

Viktor Dukhovni openssl-users at
Wed Jun 12 22:26:14 UTC 2019

On Wed, Jun 12, 2019 at 10:02:25AM +0100, Matt Caswell wrote:

> OTOH I do find them quite helpful from a debugging perspective, e.g. when people
> send in questions along the lines of "I got this error what does it mean/how do
> I fix it" - although what is actually useful is usually the function name rather
> than the function code itself.

Indeed what's needed is the function name.  The numeric code is far
less important.  On the error consumer side, the idiom I'm familiar
with is:

    while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
        ERR_error_string_n(err, buffer, sizeof(buffer));
        if (flags & ERR_TXT_STRING)
            printf("...: %s:%s:%d:%s", buffer, file, line, data);
            printf("...: %s:%s:%d", buffer, file, line);

this makes no explicit reference to function numbers, returning the
appropriate strings.  So any change is likely limited to error

On the producer side, my ssl_dane library (used in Exim for example),
does depend on the function ordinal API:

so that would need to change (or be longer supported) if the function
ordinals are replaced by strings, or otherwise change.


More information about the openssl-project mailing list