diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2018-08-03 06:26:58 +0900 |
---|---|---|
committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2018-08-03 06:26:58 +0900 |
commit | 59c3fee2c760ebd4dacb3db2cddf7fea4220d506 (patch) | |
tree | f3e7c2c4a31adbc232409dfe890a62a19ece901b /src | |
parent | 27d4866ad8dcbe95cfc4d59357c65c559737c1ae (diff) | |
download | systemd-59c3fee2c760ebd4dacb3db2cddf7fea4220d506.tar.gz |
resolve: clear error queue before calling SSL_*()
Diffstat (limited to 'src')
-rw-r--r-- | src/resolve/resolved-dnstls-openssl.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/resolve/resolved-dnstls-openssl.c b/src/resolve/resolved-dnstls-openssl.c index 5dd7737337..92a171f565 100644 --- a/src/resolve/resolved-dnstls-openssl.c +++ b/src/resolve/resolved-dnstls-openssl.c @@ -73,6 +73,7 @@ int dnstls_stream_connect_tls(DnsStream *stream, DnsServer *server) { SSL_set_session(s, server->dnstls_data.session); SSL_set_bio(s, TAKE_PTR(rb), TAKE_PTR(wb)); + ERR_clear_error(); stream->dnstls_data.handshake = SSL_do_handshake(s); if (stream->dnstls_data.handshake <= 0) { error = SSL_get_error(s, stream->dnstls_data.handshake); @@ -120,6 +121,7 @@ int dnstls_stream_on_io(DnsStream *stream, uint32_t revents) { } if (stream->dnstls_data.shutdown) { + ERR_clear_error(); r = SSL_shutdown(stream->dnstls_data.ssl); if (r <= 0) { error = SSL_get_error(stream->dnstls_data.ssl, r); @@ -149,6 +151,7 @@ int dnstls_stream_on_io(DnsStream *stream, uint32_t revents) { dns_stream_unref(stream); return DNSTLS_STREAM_CLOSED; } else if (stream->dnstls_data.handshake <= 0) { + ERR_clear_error(); stream->dnstls_data.handshake = SSL_do_handshake(stream->dnstls_data.ssl); if (stream->dnstls_data.handshake <= 0) { error = SSL_get_error(stream->dnstls_data.ssl, stream->dnstls_data.handshake); @@ -197,6 +200,7 @@ int dnstls_stream_shutdown(DnsStream *stream, int error) { } if (error == ETIMEDOUT) { + ERR_clear_error(); r = SSL_shutdown(stream->dnstls_data.ssl); if (r == 0) { if (!stream->dnstls_data.shutdown) { @@ -249,6 +253,7 @@ ssize_t dnstls_stream_write(DnsStream *stream, const char *buf, size_t count) { assert(stream->dnstls_data.ssl); assert(buf); + ERR_clear_error(); ss = r = SSL_write(stream->dnstls_data.ssl, buf, count); if (r <= 0) { error = SSL_get_error(stream->dnstls_data.ssl, ss); @@ -286,6 +291,7 @@ ssize_t dnstls_stream_read(DnsStream *stream, void *buf, size_t count) { assert(stream->dnstls_data.ssl); assert(buf); + ERR_clear_error(); ss = r = SSL_read(stream->dnstls_data.ssl, buf, count); if (r <= 0) { error = SSL_get_error(stream->dnstls_data.ssl, ss); |