curl/curl
1
1
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-09-18 18:12:49 +03:00
Code Issues Packages Projects Releases Wiki Activity

wolfssl: clean up wolfcrypt error queue

Browse Source 
If wolfSSL is built in certain ways (OPENSSL_EXTRA or Debug), the error
queue gets added on to for each session and never freed. Fix it by
calling ERR_clear_error() like in vtls/openssl when needed. This func is
a no-op in wolfcrypt if the error queue is not enabled.

Closes #7594
This commit is contained in:
Ehren Bendler 2021-08-19 13:45:55 -04:00 committed by Daniel Stenberg
parent 4e53b9430c
commit 797bacf9c5
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/vtls/wolfssl.c
View File

@ -525,6 +525,8 @@ wolfssl_connect_step2(struct Curl_easy *data, struct connectdata *conn,
const char * const dispname = SSL_HOST_DISPNAME(); const char * const dispname = SSL_HOST_DISPNAME();
const char * const pinnedpubkey = SSL_PINNED_PUB_KEY(); const char * const pinnedpubkey = SSL_PINNED_PUB_KEY();
ERR_clear_error();
conn->recv[sockindex] = wolfssl_recv; conn->recv[sockindex] = wolfssl_recv;
conn->send[sockindex] = wolfssl_send; conn->send[sockindex] = wolfssl_send;
@ -775,7 +777,11 @@ static ssize_t wolfssl_send(struct Curl_easy *data,
struct ssl_backend_data *backend = connssl->backend; struct ssl_backend_data *backend = connssl->backend;
char error_buffer[WOLFSSL_MAX_ERROR_SZ]; char error_buffer[WOLFSSL_MAX_ERROR_SZ];
int memlen = (len > (size_t)INT_MAX) ? INT_MAX : (int)len; int memlen = (len > (size_t)INT_MAX) ? INT_MAX : (int)len;
int rc = SSL_write(backend->handle, mem, memlen); int rc;
ERR_clear_error();
rc = SSL_write(backend->handle, mem, memlen);
if(rc <= 0) { if(rc <= 0) {
int err = SSL_get_error(backend->handle, rc); int err = SSL_get_error(backend->handle, rc);
@ -831,7 +837,11 @@ static ssize_t wolfssl_recv(struct Curl_easy *data,
struct ssl_backend_data *backend = connssl->backend; struct ssl_backend_data *backend = connssl->backend;
char error_buffer[WOLFSSL_MAX_ERROR_SZ]; char error_buffer[WOLFSSL_MAX_ERROR_SZ];
int buffsize = (buffersize > (size_t)INT_MAX) ? INT_MAX : (int)buffersize; int buffsize = (buffersize > (size_t)INT_MAX) ? INT_MAX : (int)buffersize;
int nread = SSL_read(backend->handle, buf, buffsize); int nread;
ERR_clear_error();
nread = SSL_read(backend->handle, buf, buffsize);
if(nread < 0) { if(nread < 0) {
int err = SSL_get_error(backend->handle, nread); int err = SSL_get_error(backend->handle, nread);
@ -916,6 +926,7 @@ static int wolfssl_shutdown(struct Curl_easy *data, struct connectdata *conn,
(void) data; (void) data;
if(backend->handle) { if(backend->handle) {
ERR_clear_error();
SSL_free(backend->handle); SSL_free(backend->handle);
backend->handle = NULL; backend->handle = NULL;
} }