> diff -ru openssl-0.9.8e/ssl/ssl_rsa.c openssl-0.9.8e-hacked/ssl/ssl_rsa.c > --- openssl-0.9.8e/ssl/ssl_rsa.c 2005-04-09 08:52:41.000000000 +1000 > +++ openssl-0.9.8e-hacked/ssl/ssl_rsa.c 2007-03-19 > 09:03:15.000000000 +1100 > @@ -728,6 +728,9 @@ > goto end; > } > > + /* Must clear error before calling SSL_CTX_use_certificate. */ > + ERR_clear_error(); > + > ret=SSL_CTX_use_certificate(ctx,x); > if (ERR_peek_error() != 0) > ret = 0; /* Key/certificate mismatch doesn't imply > ret==0 ... */
Yep, this code is broken. That is not a particularly good fix though because errors can be lost. The simplest and probably best fix is a new function, ERR_get_count() that returns the number of entries on the error stack. Callers that need to do the kind of thing done above can check if the stack size changed. Uglier solutions include pushing a dummy error onto the stack, calling the function, and then popping until we pop the dummy error. If we get any errors before the dummy error, we know the intervening function generated one. I never liked the thread-based error stack design from the beginning. Passing an error stack to the API makes a lot more sense, IMO. That would have totally avoided problems like these. Anyway, if you're going to make it work, you have to choose some rules and stick to them. Functions that succeed should not put errors on the stack -- errors mean you didn't succeed. API functions should not make assumptions about the contents of the error stack. Code that can recover from errors should remove them from the stack. ERR_pop_to_mark() should have returned an indication of whether any errors were popped before the mark. That way, this function could just call ERR_set_mark and then detect a new error based on the return value of ERR_pop_to_mark. It's much easier to see the better ways *after* you've done it. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
