首頁 探索 說明
登入
PSG
/
civetweb
镜像来自 https://github.com/civetweb/civetweb.git
5
0
複刻 0
Files 問題管理 0 Wiki
瀏覽代碼

Clear SSL error after reading it

SSL_get_error() returns error code for last SSL call but does not clear
it.  Before next call to SSL I/O operations and another SSL_get_error(),
the last error should be cleared.  According to OpenSSL v1.0.2
documentation:

"The current thread's error queue must be empty before the TLS/SSL I/O
operation is attempted, or SSL_get_error() will not work reliably."
Krzysztof Kozlowski 6 年之前
父節點
2b683b62bd
當前提交
9dfef15248
共有 1 個文件被更改,包括 8 次插入1 次删除
分割檢視 顯示文件統計
  1. 8 1
      src/civetweb.c

+ 8 - 1
src/civetweb.c
查看文件 

@@ -1934,6 +1934,7 @@ struct ssl_func {
 
 	(*(BIGNUM * (*)(const ASN1_INTEGER *ai, BIGNUM *bn)) crypto_sw[12].ptr)
 
 #define BN_free (*(void (*)(const BIGNUM *a))crypto_sw[13].ptr)
 
 #define CRYPTO_free (*(void (*)(void *addr))crypto_sw[14].ptr)
 
+#define ERR_clear_error (*(void (*)(void))crypto_sw[15].ptr)
 
 
 #define OPENSSL_free(a) CRYPTO_free(a)
 
 
@@ -2002,6 +2003,7 @@ static struct ssl_func crypto_sw[] = {{"ERR_get_error", NULL},
 
                                       {"ASN1_INTEGER_to_BN", NULL},
 
                                       {"BN_free", NULL},
 
                                       {"CRYPTO_free", NULL},
 
+                                      {"ERR_clear_error", NULL},
 
                                       {NULL, NULL}};
 
 #else
 
 
@@ -2120,6 +2122,7 @@ static struct ssl_func crypto_sw[] = {{"ERR_get_error", NULL},
 
 	(*(BIGNUM * (*)(const ASN1_INTEGER *ai, BIGNUM *bn)) crypto_sw[21].ptr)
 
 #define BN_free (*(void (*)(const BIGNUM *a))crypto_sw[22].ptr)
 
 #define CRYPTO_free (*(void (*)(void *addr))crypto_sw[23].ptr)
 
+#define ERR_clear_error (*(void (*)(void))crypto_sw[24].ptr)
 
 
 #define OPENSSL_free(a) CRYPTO_free(a)
 
 
@@ -2200,6 +2203,7 @@ static struct ssl_func crypto_sw[] = {{"CRYPTO_num_locks", NULL},
 
                                       {"ASN1_INTEGER_to_BN", NULL},
 
                                       {"BN_free", NULL},
 
                                       {"CRYPTO_free", NULL},
 
+                                      {"ERR_clear_error", NULL},
 
                                       {NULL, NULL}};
 
 #endif /* OPENSSL_API_1_1 */
 
 #endif /* NO_SSL_DL */
 
@@ -6385,6 +6389,8 @@ pull_inner(FILE *fp,
 
 				DEBUG_TRACE("SSL_read() failed, error %d", err);
 
 				return -1;
 
 			}
 
+
 
+			ERR_clear_error();
 
 		} else {
 
 			err = 0;
 
 		}
 
@@ -6419,7 +6425,7 @@ pull_inner(FILE *fp,
 
 			} else {
 
 				err = 0;
 
 			}
 
-
 
+			ERR_clear_error();
 
 		} else if (pollres < 0) {
 
 			/* Error */
 
 			return -2;
 
@@ -15227,6 +15233,7 @@ sslize(struct mg_connection *conn,
 
 				mg_cry_internal(conn, "sslize error: %s", ssl_error());
 
 				break;
 
 			}
 
+			ERR_clear_error();
 
 
 		} else {
 
 			/* success */