From 85cb68064f0dbda5b0f9fd114c7c3eb0e727fa17 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sun, 9 Mar 2025 15:12:18 +0000
Subject: Support OPENSSL_NO_FILENAMES

Some people are concerned that leaking a user name is a privacy issue.
Allow disabling the __FILE__ and __LINE__ argument in the error stack
to avoid this. This can be improved a bit in tree.

From Viktor Szakats in https://github.com/libressl/portable/issues/761

ok bcook jsing
---
 src/lib/libssl/d1_both.c        | 4 ++--
 src/lib/libssl/ssl_local.h      | 6 +++---
 src/lib/libssl/tls13_internal.h | 6 +++---
 3 files changed, 8 insertions(+), 8 deletions(-)

(limited to 'src/lib/libssl')

diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index b5c68a1735..e144d8f533 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.84 2022/12/26 07:31:44 jmc Exp $ */
+/* $OpenBSD: d1_both.c,v 1.85 2025/03/09 15:12:18 tb Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -868,7 +868,7 @@ dtls1_read_failed(SSL *s, int code)
 	if (code > 0) {
 #ifdef DEBUG
 		fprintf(stderr, "invalid state reached %s:%d",
-		    __FILE__, __LINE__);
+		    OPENSSL_FILE, OPENSSL_LINE);
 #endif
 		return 1;
 	}
diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h
index 06baedfd22..6095940388 100644
--- a/src/lib/libssl/ssl_local.h
+++ b/src/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_local.h,v 1.26 2025/01/18 12:20:37 tb Exp $ */
+/* $OpenBSD: ssl_local.h,v 1.27 2025/03/09 15:12:18 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1443,8 +1443,8 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
     unsigned int mac_secret_length);
 int SSL_state_func_code(int _state);
 
-#define SSLerror(s, r) SSL_error_internal(s, r, __FILE__, __LINE__)
-#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),__FILE__,__LINE__)
+#define SSLerror(s, r) SSL_error_internal(s, r, OPENSSL_FILE, OPENSSL_LINE)
+#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),OPENSSL_FILE,OPENSSL_LINE)
 void SSL_error_internal(const SSL *s, int r, char *f, int l);
 
 #ifndef OPENSSL_NO_SRTP
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 0819e93338..7a7f8abc63 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.104 2024/09/09 03:32:29 tb Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.105 2025/03/09 15:12:18 tb Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -425,10 +425,10 @@ int tls13_error_setx(struct tls13_error *error, int code, int subcode,
     const char *file, int line, const char *fmt, ...);
 
 #define tls13_set_error(ctx, code, subcode, fmt, ...) \
-	tls13_error_set(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \
+	tls13_error_set(&(ctx)->error, (code), (subcode), OPENSSL_FILE, OPENSSL_LINE, \
 	    (fmt), __VA_ARGS__)
 #define tls13_set_errorx(ctx, code, subcode, fmt, ...) \
-	tls13_error_setx(&(ctx)->error, (code), (subcode), __FILE__, __LINE__, \
+	tls13_error_setx(&(ctx)->error, (code), (subcode), OPENSSL_FILE, OPENSSL_LINE, \
 	    (fmt), __VA_ARGS__)
 
 int tls13_exporter(struct tls13_ctx *ctx, const uint8_t *label, size_t label_len,
-- 
cgit v1.2.3-55-g6feb