Commit c2c2e7a4 authored by Lutz Jänicke's avatar Lutz Jänicke
Browse files

Clear error queue when starting SSL_CTX_use_certificate_chain_file 

PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>
parent d18ef847

CHANGES

+6 −0
Original line number Diff line number Diff line
@@ -686,6 +686,12 @@ 


 Changes between 0.9.8g and 0.9.8h  [xx XXX xxxx]



  *) Clear error queue in SSL_CTX_use_certificate_chain_file()



     Clear the error queue to ensure that error entries left from

     older function calls do not interfere with the correct operation.

     [Lutz Jaenicke, Erik de Castro Lopo]



  *) Remove root CA certificates of commercial CAs:



     The OpenSSL project does not recommend any specific CA and does not

ssl/ssl_rsa.c

+6 −0
Original line number Diff line number Diff line
@@ -708,6 +708,12 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) 
	int ret=0;

	X509 *x=NULL;



	ERR_clear_error(); /* This function needs to check the error stack

			      even if the return code(s) of called functions

			      indicate success.

			      The error stack must therefore be cleared

			      before starting. */



	in=BIO_new(BIO_s_file_internal());

	if (in == NULL)

		{