BUG/MINOR: ssl: clear the SSL errors on DH loading failure
In ssl_sock_load_dh_params(), if haproxy failed to apply the dhparam
with SSL_CTX_set_tmp_dh(), it will apply the DH with
SSL_CTX_set_dh_auto().
The problem is that we don't clean the OpenSSL errors when leaving this
function so it could fail to load the certificate, even if it's only a
warning.
Fixes bug #483.
Must be backported in 2.1.
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e00dafa..7698eec 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3094,6 +3094,7 @@
}
end:
+ ERR_clear_error();
return ret;
}
#endif