diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-09-04 16:17:23 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2016-10-27 16:16:00 +0900 |
commit | d5a62c2d9e92e980d98a75c92d3e102cd0711ed1 (patch) | |
tree | 7ef6ed3b5bfb157166ddabd44800e032adad3426 /ext/openssl | |
parent | 47c0ef65cd553864ff236b5e4cd37e4ac8188690 (diff) | |
download | ruby-openssl-d5a62c2d9e92e980d98a75c92d3e102cd0711ed1.tar.gz |
Avoid using ERR_get_error()
Use ERR_peek_error() which does not remove the fetched error from the
queue instead, then clear the queue explicitly with the dedicated
function ossl_clear_error(). OpenSSL may put multiple error items to the
queue in one function call.
Diffstat (limited to 'ext/openssl')
-rw-r--r-- | ext/openssl/ossl_pkcs7.c | 2 | ||||
-rw-r--r-- | ext/openssl/ossl_x509cert.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/ext/openssl/ossl_pkcs7.c b/ext/openssl/ossl_pkcs7.c index fd58b48b..4040355f 100644 --- a/ext/openssl/ossl_pkcs7.c +++ b/ext/openssl/ossl_pkcs7.c @@ -795,7 +795,7 @@ ossl_pkcs7_verify(int argc, VALUE *argv, VALUE self) BIO_free(in); sk_X509_pop_free(x509s, X509_free); if (ok < 0) ossl_raise(ePKCS7Error, "PKCS7_verify"); - msg = ERR_reason_error_string(ERR_get_error()); + msg = ERR_reason_error_string(ERR_peek_error()); ossl_pkcs7_set_err_string(self, msg ? rb_str_new2(msg) : Qnil); ossl_clear_error(); data = ossl_membio2str(out); diff --git a/ext/openssl/ossl_x509cert.c b/ext/openssl/ossl_x509cert.c index ad1126d4..cecc3ca0 100644 --- a/ext/openssl/ossl_x509cert.c +++ b/ext/openssl/ossl_x509cert.c @@ -624,7 +624,7 @@ ossl_x509_check_private_key(VALUE self, VALUE key) pkey = GetPrivPKeyPtr(key); /* NO NEED TO DUP */ GetX509(self, x509); if (!X509_check_private_key(x509, pkey)) { - OSSL_Warning("Check private key:%s", OSSL_ErrMsg()); + ossl_clear_error(); return Qfalse; } |