mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 13:38:26 +00:00
Code Issues Releases Wiki Activity

Do not remove errors from the OpenSSL error queue in toresult()

Browse Source 
dst__openssl_toresult3() first calls toresult() and subsequently uses
ERR_get_error_line_data() in a loop.  Given this, it is a mistake to use
ERR_get_error() in toresult() because it causes the retrieved error to
be removed from the OpenSSL error queue, thus preventing it from being
retrieved by the subsequent ERR_get_error_line_data() calls.  Fix by
using ERR_peek_error() instead of ERR_get_error() in toresult().
This commit is contained in:
Michał Kępień 2018-08-14 12:49:19 +02:00
parent 527614c750
commit fe20f8fe25
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/dns/openssl_link.c
View File

@ -270,7 +270,7 @@ dst__openssl_destroy(void) {
static isc_result_t
toresult(isc_result_t fallback) {
isc_result_t result = fallback;
unsigned long err = ERR_get_error();
unsigned long err = ERR_peek_error();
#if defined(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED)
int lib = ERR_GET_LIB(err);
#endif