Re: [openssl.org #359] Calling SSL_read and SSL_write with non-emptyerror stack may cause an error

Ben Laurie
Fri, 31 Jan 2003 11:08:37 -0800

Bodo Moeller via RT wrote:

On Tue, Nov 26, 2002 at 10:44:15PM +0200, Arne Ansper wrote:

I just checked. Seems that SSL_CTX_use_certificate_chain_file has a same
problem. Other uses of ERR_peek_error seem to be immune to the old entries
in error stack.


One theory is that applications should not call arbitrary OpenSSL
functions while there is stuff in the error queue.

A second theory is that OpenSSL should always clear the error queue by
calling ERR_clear_error() if stuff left in the error queue might cause
confusion later.

How can it cause confusion (I think I missed something here)? You should only look at the error stack if you got an error, surely?

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]

Reply via email to

openssl-dev

Re: [openssl.org #359] Calling SSL_read and SSL_write with non-emptyerror stack may cause an error