Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 4dd145a888c7679812664bf2f246fa8199e94ab0
commit4dd145a888c7679812664bf2f246fa8199e94ab0[log] [tgz]
authorWilliam Lallemand <wlallemand@haproxy.com>Wed Feb 05 11:46:33 2020 +0100
committerWilliam Lallemand <wlallemand@haproxy.org>Wed Feb 05 15:32:24 2020 +0100
tree1836a03b0751609c9620f493f2d75b45f4f7ebdb
parentbe9b00f9927f59330e01954170c49bca967b00c5 [diff]
BUG/MINOR: ssl: clear the SSL errors on DH loading failure

In ssl_sock_load_dh_params(), if haproxy failed to apply the dhparam
with SSL_CTX_set_tmp_dh(), it will apply the DH with
SSL_CTX_set_dh_auto().

The problem is that we don't clean the OpenSSL errors when leaving this
function so it could fail to load the certificate, even if it's only a
warning.

Fixes bug #483.

Must be backported in 2.1.
1 file changed
tree: 1836a03b0751609c9620f493f2d75b45f4f7ebdb
  1. .github/
  2. contrib/
  3. doc/
  4. ebtree/
  5. examples/
  6. include/
  7. reg-tests/
  8. scripts/
  9. src/
  10. tests/
  11. .cirrus.yml
  12. .gitignore
  13. .travis.yml
  14. BRANCHES
  15. CHANGELOG
  16. CONTRIBUTING
  17. INSTALL
  18. LICENSE
  19. MAINTAINERS
  20. Makefile
  21. README
  22. ROADMAP
  23. SUBVERS
  24. VERDATE
  25. VERSION