Fix a cosmetic issue where OpenSSL 0.9.7 will dump the error stack

during pass phrase entry.

* ssl_engine_pphrase.c (ssl_pphrase_Handle): Clear the OpenSSL error
stack before reading the private key.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@101515 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/ssl_engine_pphrase.c b/ssl_engine_pphrase.c
index f83a9899b9d6909f06ac032c794526628a1d4312..35b7764124e830cc5105b31f819af515db32cd30 100644 (file)
--- a/ssl_engine_pphrase.c
+++ b/ssl_engine_pphrase.c
@@ -374,6 +374,10 @@ void ssl_pphrase_Handle(server_rec *s, apr_pool_t *p)
                 cpPassPhraseCur = NULL;
                 ssl_pphrase_server_rec = s; /* to make up for sslc flaw */
 
+                /* Ensure that the error stack is empty; otherwise the
+                 * OpenSSL UI code may dump it to stderr. */
+                ERR_clear_error();
+
                 bReadable = ((pPrivateKey = SSL_read_PrivateKey(szPath, NULL,
                             ssl_pphrase_Handle_CB, s)) != NULL ? TRUE : FALSE);