Don't output bogus errors in PKCS12_parse

author Dr. Stephen Henson <steve@openssl.org>

Wed, 24 Jun 2015 11:28:50 +0000 (12:28 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Thu, 25 Jun 2015 03:55:05 +0000 (04:55 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Wed, 24 Jun 2015 11:28:50 +0000 (12:28 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Thu, 25 Jun 2015 03:55:05 +0000 (04:55 +0100)
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c

index a70fe72d09329a311dd2000022083e7acc89b847..fdddffbab41c5f39d9dec52aa2dcc30f8c2fdbe7 100644 (file)
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -135,10 +135,12 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
  
      while ((x = sk_X509_pop(ocerts))) {
          if (pkey && *pkey && cert && !*cert) {
+            ERR_set_mark();
              if (X509_check_private_key(x, *pkey)) {
                  *cert = x;
                  x = NULL;
              }
+            ERR_pop_to_mark();
          }
  
          if (ca && x) {
author	Dr. Stephen Henson <steve@openssl.org>
	Wed, 24 Jun 2015 11:28:50 +0000 (12:28 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Thu, 25 Jun 2015 03:55:05 +0000 (04:55 +0100)