GpgFrontend/vmime
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Clear OpenSSL error queue before calling a SSL_*() function, then SSL_get_error().

Browse Source
This commit is contained in:
Vincent Richard 2017-07-14 07:16:41 +02:00
parent 5ea19601d5
commit f61efd2f36
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/vmime/net/tls/openssl/TLSSession_OpenSSL.cpp
View File

@ -90,6 +90,8 @@ shared_ptr <security::cert::certificateVerifier> TLSSession_OpenSSL::getCertific
void TLSSession_OpenSSL::usePrivateKeyFile(const vmime::string& keyfile) void TLSSession_OpenSSL::usePrivateKeyFile(const vmime::string& keyfile)
{ {
ERR_clear_error();
if (SSL_CTX_use_PrivateKey_file(m_sslctx, keyfile.c_str(), SSL_FILETYPE_PEM) != 1) if (SSL_CTX_use_PrivateKey_file(m_sslctx, keyfile.c_str(), SSL_FILETYPE_PEM) != 1)
{ {
unsigned long errCode = ERR_get_error(); unsigned long errCode = ERR_get_error();
@ -106,6 +108,8 @@ void TLSSession_OpenSSL::usePrivateKeyFile(const vmime::string& keyfile)
void TLSSession_OpenSSL::useCertificateChainFile(const vmime::string& chainFile) void TLSSession_OpenSSL::useCertificateChainFile(const vmime::string& chainFile)
{ {
ERR_clear_error();
if (SSL_CTX_use_certificate_chain_file(m_sslctx, chainFile.c_str()) != 1) if (SSL_CTX_use_certificate_chain_file(m_sslctx, chainFile.c_str()) != 1)
{ {
unsigned long errCode = ERR_get_error(); unsigned long errCode = ERR_get_error();

7
src/vmime/net/tls/openssl/TLSSocket_OpenSSL.cpp
View File

@ -247,6 +247,7 @@ size_t TLSSocket_OpenSSL::receiveRaw(byte_t* buffer, const size_t count)
m_status &= ~(STATUS_WANT_WRITE | STATUS_WANT_READ); m_status &= ~(STATUS_WANT_WRITE | STATUS_WANT_READ);
ERR_clear_error();
int rc = SSL_read(m_ssl, buffer, static_cast <int>(count)); int rc = SSL_read(m_ssl, buffer, static_cast <int>(count));
if (m_ex.get()) if (m_ex.get())
@ -283,6 +284,7 @@ void TLSSocket_OpenSSL::sendRaw(const byte_t* buffer, const size_t count)
for (size_t size = count ; size > 0 ; ) for (size_t size = count ; size > 0 ; )
{ {
ERR_clear_error();
int rc = SSL_write(m_ssl, buffer, static_cast <int>(size)); int rc = SSL_write(m_ssl, buffer, static_cast <int>(size));
if (rc <= 0) if (rc <= 0)
@ -318,6 +320,7 @@ size_t TLSSocket_OpenSSL::sendRawNonBlocking(const byte_t* buffer, const size_t
m_status &= ~(STATUS_WANT_WRITE | STATUS_WANT_READ); m_status &= ~(STATUS_WANT_WRITE | STATUS_WANT_READ);
ERR_clear_error();
int rc = SSL_write(m_ssl, buffer, static_cast <int>(count)); int rc = SSL_write(m_ssl, buffer, static_cast <int>(count));
if (m_ex.get()) if (m_ex.get())
@ -363,6 +366,8 @@ void TLSSocket_OpenSSL::handshake()
{ {
int rc; int rc;
ERR_clear_error();
while ((rc = SSL_do_handshake(m_ssl)) <= 0) while ((rc = SSL_do_handshake(m_ssl)) <= 0)
{ {
const int err = SSL_get_error(m_ssl, rc); const int err = SSL_get_error(m_ssl, rc);
@ -382,6 +387,8 @@ void TLSSocket_OpenSSL::handshake()
toHandler->resetTimeOut(); toHandler->resetTimeOut();
} }
ERR_clear_error();
} }
} }
catch (...) catch (...)