]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 527614c)
Do not remove errors from the OpenSSL error queue in toresult()
authorMichał Kępień <michal@isc.org>
Tue, 14 Aug 2018 10:49:19 +0000 (12:49 +0200)
committerMichał Kępień <michal@isc.org>
Tue, 14 Aug 2018 10:49:19 +0000 (12:49 +0200)
dst__openssl_toresult3() first calls toresult() and subsequently uses
ERR_get_error_line_data() in a loop.  Given this, it is a mistake to use
ERR_get_error() in toresult() because it causes the retrieved error to
be removed from the OpenSSL error queue, thus preventing it from being
retrieved by the subsequent ERR_get_error_line_data() calls.  Fix by
using ERR_peek_error() instead of ERR_get_error() in toresult().

lib/dns/openssl_link.c patch | blob | blame | history

diff --git a/lib/dns/openssl_link.c b/lib/dns/openssl_link.c
index 8d49899ef7e06b56f8c6f7632046bf21b6148c99..d24b4f438c2a4e5fe9773a7690daee0c0e068661 100644 (file)
--- a/lib/dns/openssl_link.c
+++ b/lib/dns/openssl_link.c
@@ -270,7 +270,7 @@ dst__openssl_destroy(void) {
 static isc_result_t
 toresult(isc_result_t fallback) {
        isc_result_t result = fallback;
-       unsigned long err = ERR_get_error();
+       unsigned long err = ERR_peek_error();
 #if defined(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED)
        int lib = ERR_GET_LIB(err);
 #endif
Mirror of https://gitlab.isc.org/isc-projects/bind9.git