Mercurial > dovecot > core-2.2
changeset 19449:302c3c7e11f8
login, lib-ssl-iostream: Clear errors caused by manual EC key selection when there was no EC key.
EVP_PKEY_get1_EC_KEY() would return an error, which should be ignored
instead of being logged later on.
| author | Timo Sirainen <tss@iki.fi> |
|---|---|
| date | Thu, 03 Dec 2015 12:19:12 +0200 |
| parents | a0df8b106de1 |
| children | be47ca42cbc4 |
| files | src/lib-ssl-iostream/iostream-openssl-context.c src/login-common/ssl-proxy-openssl.c |
| diffstat | 2 files changed, 8 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-ssl-iostream/iostream-openssl-context.c Thu Dec 03 12:13:11 2015 +0200 +++ b/src/lib-ssl-iostream/iostream-openssl-context.c Thu Dec 03 12:19:12 2015 +0200 @@ -454,6 +454,10 @@ if ((eckey = EVP_PKEY_get1_EC_KEY(pkey)) != NULL && (ecgrp = EC_KEY_get0_group(eckey)) != NULL) nid = EC_GROUP_get_curve_name(ecgrp); + else { + /* clear errors added by the above calls */ + (void)openssl_iostream_error(); + } EVP_PKEY_free(pkey); }
--- a/src/login-common/ssl-proxy-openssl.c Thu Dec 03 12:13:11 2015 +0200 +++ b/src/login-common/ssl-proxy-openssl.c Thu Dec 03 12:19:12 2015 +0200 @@ -1129,6 +1129,10 @@ (eckey = EVP_PKEY_get1_EC_KEY(pkey)) != NULL && (ecgrp = EC_KEY_get0_group(eckey)) != NULL) nid = EC_GROUP_get_curve_name(ecgrp); + else { + /* clear errors added by the above calls */ + (void)openssl_iostream_error(); + } EVP_PKEY_free(pkey); return nid; }