From 0e9edc98d4ee365c6e1363c4a6c1e419b9f386fa Mon Sep 17 00:00:00 2001
From: =?utf8?q?Bodo=20M=C3=B6ller?= <bodo@openssl.org>
Date: Mon, 11 Aug 2003 18:56:19 +0000
Subject: [PATCH] make sure no error is left in the queue that is intentionally
 ignored

---
 ssl/ssl_rsa.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 03828b6632..330390519b 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -207,7 +207,7 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
 			 ok=1;
 		else
 #endif
-			if (!X509_check_private_key(c->pkeys[i].x509,pkey))
+		     if (!X509_check_private_key(c->pkeys[i].x509,pkey))
 			{
 			if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
 				{
@@ -241,6 +241,8 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
 		return(0);
 		}
 
+	ERR_clear_error(); /* make sure no error from X509_check_private_key()
+	                    * is left if we have chosen to ignore it */
 	if (c->pkeys[i].privatekey != NULL)
 		EVP_PKEY_free(c->pkeys[i].privatekey);
 	CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
-- 
2.25.1