MINOR: ssl: Remove call to ERR_func_error_string with OpenSSLv3

ERR_func_error_string does not return anything anymore with OpenSSLv3,
it can be replaced by ERR_peek_error_func which did not exist on
previous versions.

include/haproxy/openssl-compat.h

@@ -314,6 +314,22 @@ static inline X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx)
 #if defined(SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB)
 #define SSL_CTX_set_tlsext_ticket_key_evp_cb SSL_CTX_set_tlsext_ticket_key_cb
 #endif
+
+/*
+ * Functions introduced in OpenSSL 3.0.0
+ */
+static inline unsigned long ERR_peek_error_func(const char **func)
+{
+	unsigned long ret = ERR_peek_error();
+	if (ret == 0)
+		return ret;
+
+	if (func)
+		*func = ERR_func_error_string(ret);
+
+	return ret;
+}
+
 #endif
 
 #if (HA_OPENSSL_VERSION_NUMBER >= 0x1010000fL) || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070200fL)

src/ssl_sock.c

@@ -608,12 +608,15 @@ static forceinline void ssl_sock_dump_errors(struct connection *conn)
 
 	if (unlikely(global.mode & MODE_DEBUG)) {
 		while(1) {
+			const char *func = NULL;
+			ERR_peek_error_func(&func);
+
 			ret = ERR_get_error();
 			if (ret == 0)
 				return;
 			fprintf(stderr, "fd[%#x] OpenSSL error[0x%lx] %s: %s\n",
 			        conn->handle.fd, ret,
-			        ERR_func_error_string(ret), ERR_reason_error_string(ret));
+			        func, ERR_reason_error_string(ret));
 		}
 	}
 }