提交 c2c2e7a4 编写于 作者: L Lutz Jänicke

Clear error queue when starting SSL_CTX_use_certificate_chain_file

PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>
上级 d18ef847
...@@ -686,6 +686,12 @@ ...@@ -686,6 +686,12 @@
Changes between 0.9.8g and 0.9.8h [xx XXX xxxx] Changes between 0.9.8g and 0.9.8h [xx XXX xxxx]
*) Clear error queue in SSL_CTX_use_certificate_chain_file()
Clear the error queue to ensure that error entries left from
older function calls do not interfere with the correct operation.
[Lutz Jaenicke, Erik de Castro Lopo]
*) Remove root CA certificates of commercial CAs: *) Remove root CA certificates of commercial CAs:
The OpenSSL project does not recommend any specific CA and does not The OpenSSL project does not recommend any specific CA and does not
......
...@@ -708,6 +708,12 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) ...@@ -708,6 +708,12 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
int ret=0; int ret=0;
X509 *x=NULL; X509 *x=NULL;
ERR_clear_error(); /* This function needs to check the error stack
even if the return code(s) of called functions
indicate success.
The error stack must therefore be cleared
before starting. */
in=BIO_new(BIO_s_file_internal()); in=BIO_new(BIO_s_file_internal());
if (in == NULL) if (in == NULL)
{ {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册