aboutsummaryrefslogtreecommitdiffstats
path: root/ext/openssl/ossl_x509store.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/openssl/ossl_x509store.c')
-rw-r--r--ext/openssl/ossl_x509store.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c
index eb81e0d473..4becc8e3cd 100644
--- a/ext/openssl/ossl_x509store.c
+++ b/ext/openssl/ossl_x509store.c
@@ -342,6 +342,15 @@ ossl_x509store_add_file(VALUE self, VALUE file)
if(X509_LOOKUP_load_file(lookup, path, X509_FILETYPE_PEM) != 1){
ossl_raise(eX509StoreError, NULL);
}
+#if OPENSSL_VERSION_NUMBER < 0x10101000 || defined(LIBRESSL_VERSION_NUMBER)
+ /*
+ * X509_load_cert_crl_file() which is called from X509_LOOKUP_load_file()
+ * did not check the return value of X509_STORE_add_{cert,crl}(), leaking
+ * "cert already in hash table" errors on the error queue, if duplicate
+ * certificates are found. This will be fixed by OpenSSL 1.1.1.
+ */
+ ossl_clear_error();
+#endif
return self;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-14 01:28:52 +0000