lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

crypto: clear error stack 

Clear OpenSSL's error stack on return from Connection::HandleSSLError().
This stops stale errors from popping up later in the lifecycle of the
SSL connection where they would cause spurious failures.

This commit causes a 1-2% performance regression on `make bench-tls`.
We'll address that in follow-up commits if possible but let's ensure
correctness first.

Fixes #4771.
v0.9.11-release
Ben Noordhuis 12 years ago
parent
f054fec535
commit
c6e2db2f14
1 changed files with 10 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      src/node_crypto.cc

10
src/node_crypto.cc
View File

@ -901,6 +901,16 @@ int Connection::HandleBIOError(BIO *bio, const char* func, int rv) {
int Connection::HandleSSLError(const char* func, int rv, ZeroStatus zs) { int Connection::HandleSSLError(const char* func, int rv, ZeroStatus zs) {
// Forcibly clear OpenSSL's error stack on return. This stops stale errors
// from popping up later in the lifecycle of the SSL connection where they
// would cause spurious failures. It's a rather blunt method, though.
// ERR_clear_error() isn't necessarily cheap either.
struct ClearErrorOnReturn {
~ClearErrorOnReturn() { ERR_clear_error(); }
};
ClearErrorOnReturn clear_error_on_return;
(void) &clear_error_on_return; // Silence unused variable warning.
if (rv > 0) return rv; if (rv > 0) return rv;
if ((rv == 0) && (zs == kZeroIsNotAnError)) return rv; if ((rv == 0) && (zs == kZeroIsNotAnError)) return rv;

Write Preview
Loading…
Cancel
Save