In engine_table_select() don't clear out entire error queue: just clear

out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise errors from other sources (e.g. SSL library) can be wiped.
2010-01-28 17:50:23 +00:00 · 2010-01-28 17:50:23 +00:00 · df21765a3e
commit df21765a3e
parent 5a6ae115f8
2 changed files with 13 additions and 1 deletions
--- a/apps/s_server.c
+++ b/apps/s_server.c
@ -2391,6 +2391,17 @@ static int www_body(char *hostname, int s, unsigned char *context)
 			STACK_OF(SSL_CIPHER) *sk;
 			static const char *space="                          ";

+		if (www == 1 && strncmp("GET /reneg", buf, 10) == 0)
+			{
+			if (strncmp("GET /renegcert", buf, 14) == 0)
+				SSL_set_verify(con,
+				SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL);
+			SSL_renegotiate(con);
+			i=SSL_do_handshake(con);
+			BIO_puts(bio_s_out, "RENEGOTIATING\n");
+			BIO_printf(bio_s_out, "SSL_do_handshake -> %d\n",i);
+			}
+
 			BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
 			BIO_puts(io,"<HTML><BODY BGCOLOR=\"#ffffff\">\n");
 			BIO_puts(io,"<pre>\n");
--- a/crypto/engine/eng_table.c
+++ b/crypto/engine/eng_table.c
@ -254,6 +254,7 @@ ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f, in
 #endif
 		return NULL;
 		}
+	ERR_set_mark();
 	CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
 	/* Check again inside the lock otherwise we could race against cleanup
 	 * operations. But don't worry about a fprintf(stderr). */
@ -327,7 +328,7 @@ end:
 	CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
 	/* Whatever happened, any failed init()s are not failures in this
 	 * context, so clear our error state. */
-	ERR_clear_error();
+	ERR_pop_to_mark();
 	return ret;
 	}