romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-06-09 02:24:20 +03:00
Code Issues Projects Releases Packages Wiki Activity

openssl: tidy-up the error queue in connect

Browse source
This commit is contained in:
Viktor Szakats 2025-08-09 00:45:34 +02:00
parent 87b0ee0687
commit cf18a0b54f
No known key found for this signature in database
GPG key ID: B5ABD165E2AEF201
1 changed files with 5 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

11
lib/vtls/openssl.c
View file

@ -3327,10 +3327,8 @@ static CURLcode import_windows_cert_store(struct Curl_easy *data,
continue;
x509 = d2i_X509(NULL, &encoded_cert, (long)pContext->cbCertEncoded);
if(!x509) {
ERR_clear_error();
if(!x509)
continue;
}
/* Try to import the certificate. This may fail for legitimate
reasons such as duplicate certificate, which is allowed by MS but
@ -4536,9 +4534,6 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
DEBUGASSERT(octx);
connssl->io_need = CURL_SSL_IO_NEED_NONE;
ERR_clear_error();
err = SSL_connect(octx->ssl);
if(!octx->x509_store_setup) {
/* After having send off the ClientHello, we prepare the x509
@ -4549,6 +4544,10 @@ static CURLcode ossl_connect_step2(struct Curl_cfilter *cf,
octx->x509_store_setup = TRUE;
}
ERR_clear_error();
err = SSL_connect(octx->ssl);
#ifndef HAVE_KEYLOG_CALLBACK
/* If key logging is enabled, wait for the handshake to complete and then
* proceed with logging secrets (for TLS 1.2 or older).