crypto: don't reach into OpenSSL internals for ThrowCryptoError
There is a perfectly serviceable ERR_get_error
function which avoids
having to sniff through the OpenSSL ring buffer like that. It does
return the errors in the opposite order, but that's easily fixed with
std::reverse
.
Note this behavior is slightly different in that an ERR_get_error
loop
will ultimately clear the error queue, but this is desireable. Leaving
the error queue uncleared means errors in subsequent operations may get
mixed up and cause issues.
PS: In future, I'm happy to look over changes to crypto stuff for you all, especially when they reach into internals like that. That's rarely actually necessary. :-)
Checklist
-
make -j4 test
(UNIX), orvcbuild test
(Windows) passes -
commit message follows commit guidelines
Affected core subsystem(s)
crypto