chicken-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Chicken-users] [PATCH 3/4] openssl: invoke ERR_clear_error()

From: Florian Zumbiehl
Subject: [Chicken-users] [PATCH 3/4] openssl: invoke ERR_clear_error()
Date: Tue, 2 Apr 2013 06:56:50 +0200
User-agent: Mutt/1.5.20 (2009-06-14) 
In order to make error checking reliable, invoke ERR_clear_error() before
attempting any OpenSSL operations that might fail.
---
 openssl.scm |   13 +++++++++++++
 1 files changed, 13 insertions(+), 0 deletions(-)

diff --git a/openssl.scm b/openssl.scm
index 6aafcc9..d43b228 100644
--- a/openssl.scm
+++ b/openssl.scm
@@ -141,9 +141,12 @@ EOF
        'status
        sym)))))
 
+(define ssl-clear-error (foreign-lambda void "ERR_clear_error"))
+
 (define ssl-ctx-free (foreign-lambda void "SSL_CTX_free" c-pointer))
 
 (define (ssl-ctx-new protocol server)
+  (ssl-clear-error)
   (let ((ctx
         ((foreign-lambda*
           c-pointer ((c-pointer method))
@@ -184,6 +187,7 @@ EOF
     ctx))
 
 (define (ssl-new ctx)
+  (ssl-clear-error)
   (cond
    (((foreign-lambda c-pointer "SSL_new" c-pointer) ctx)
     => values)
@@ -226,6 +230,7 @@ EOF
        (apply ssl-abort loc sym args)))))
 
 (define (ssl-set-fd! ssl fd)
+  (ssl-clear-error)
   (ssl-result-or-abort
    'ssl-set-fd! ssl
    ((foreign-lambda int "SSL_set_fd" c-pointer int) ssl fd) #f
@@ -233,6 +238,7 @@ EOF
   (void))
 
 (define (ssl-shutdown ssl)
+  (ssl-clear-error)
   (let ((ret
         ((foreign-lambda*
           scheme-object ((c-pointer ssl))
@@ -247,6 +253,7 @@ EOF
        ret)))
 
 (define (ssl-get-char ssl)
+  (ssl-clear-error)
   (let ((ret
         ((foreign-lambda*
           scheme-object ((c-pointer ssl))
@@ -264,6 +271,7 @@ EOF
        ret)))
 
 (define (ssl-write ssl buffer offset size)
+  (ssl-clear-error)
   (ssl-result-or-abort
    'ssl-write ssl
    ((foreign-lambda*
@@ -313,6 +321,7 @@ EOF
          'type)))))
 
 (define (ssl-do-handshake ssl)
+  (ssl-clear-error)
   (ssl-result-or-abort 'ssl-do-handshake ssl
                        ((foreign-lambda int "SSL_do_handshake" c-pointer) ssl) 
#t))
 
@@ -546,6 +555,7 @@ EOF
 ;; load identifying certificate chain into SSL context
 (define (ssl-load-certificate-chain! obj pathname)
   (##sys#check-string pathname)
+  (ssl-clear-error)
   (unless (eq?
           ((foreign-lambda
             int "SSL_CTX_use_certificate_chain_file" c-pointer c-string)
@@ -556,6 +566,7 @@ EOF
 ;; load the private key for the identifying certificate chain
 (define (ssl-load-private-key! obj pathname #!optional (rsa? #t) (asn1? #f))
   (##sys#check-string pathname)
+  (ssl-clear-error)
   (unless (eq?
           ((foreign-lambda*
             int ((c-pointer ctx) (c-string path) (bool rsa) (bool asn1))
@@ -586,6 +597,7 @@ EOF
 (define (ssl-load-verify-root-certificates! obj pathname #!optional (dirname 
#f))
   (if pathname (##sys#check-string pathname))
   (if dirname (##sys#check-string dirname))
+  (ssl-clear-error)
   (unless (eq?
           ((foreign-lambda
             int "SSL_CTX_load_verify_locations" c-pointer c-string c-string)
@@ -598,6 +610,7 @@ EOF
 ;; load suggested root certificates into SSL context
 (define (ssl-load-suggested-certificate-authorities! obj pathname)
   (##sys#check-string pathname)
+  (ssl-clear-error)
   (cond
    (((foreign-lambda c-pointer "SSL_load_client_CA_file" c-string)
      (##sys#expand-home-path pathname))
-- 
1.7.2.5
reply via email to
[Prev in Thread] Current Thread [Next in Thread]