From: Dr. Stephen Henson Date: Thu, 28 Jan 2010 17:50:23 +0000 (+0000) Subject: In engine_table_select() don't clear out entire error queue: just clear X-Git-Tag: OpenSSL_1_0_0~72 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=df21765a3e8aa22786070a17012f7e371218ab81;p=oweals%2Fopenssl.git In engine_table_select() don't clear out entire error queue: just clear out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise errors from other sources (e.g. SSL library) can be wiped. --- diff --git a/apps/s_server.c b/apps/s_server.c index 1a06d19bb1..85d060a410 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -2391,6 +2391,17 @@ static int www_body(char *hostname, int s, unsigned char *context) STACK_OF(SSL_CIPHER) *sk; static const char *space=" "; + if (www == 1 && strncmp("GET /reneg", buf, 10) == 0) + { + if (strncmp("GET /renegcert", buf, 14) == 0) + SSL_set_verify(con, + SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL); + SSL_renegotiate(con); + i=SSL_do_handshake(con); + BIO_puts(bio_s_out, "RENEGOTIATING\n"); + BIO_printf(bio_s_out, "SSL_do_handshake -> %d\n",i); + } + BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n"); BIO_puts(io,"\n"); BIO_puts(io,"

\n");
diff --git a/crypto/engine/eng_table.c b/crypto/engine/eng_table.c
index 954b4d7970..4fde948185 100644
--- a/crypto/engine/eng_table.c
+++ b/crypto/engine/eng_table.c
@@ -254,6 +254,7 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, in
 #endif
 		return NULL;
 		}
+	ERR_set_mark();
 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
 	/* Check again inside the lock otherwise we could race against cleanup
 	 * operations. But don't worry about a fprintf(stderr). */
@@ -327,7 +328,7 @@ end:
 	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
 	/* Whatever happened, any failed init()s are not failures in this
 	 * context, so clear our error state. */
-	ERR_clear_error();
+	ERR_pop_to_mark();
 	return ret;
 	}