Swiftdiff options
| -rw-r--r-- | Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp b/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp index fd94ec8..73058a5 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp @@ -1,18 +1,19 @@ /* * Copyright (c) 2018 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #include <Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.h> #include <openssl/pem.h> +#include <openssl/err.h> namespace Swift { OpenSSLCertificateFactory::OpenSSLCertificateFactory() { } OpenSSLCertificateFactory::~OpenSSLCertificateFactory() { } @@ -38,13 +39,18 @@ std::vector<std::shared_ptr<Certificate>> OpenSSLCertificateFactory::createCerti certificateChain.emplace_back(std::make_shared<OpenSSLCertificate>(x509Cert)); openSSLCert = nullptr; while ((x509certFromPEM = PEM_read_bio_X509(bio.get(), &openSSLCert, nullptr, nullptr)) != nullptr) { std::shared_ptr<X509> x509Cert(openSSLCert, X509_free); certificateChain.emplace_back(std::make_shared<OpenSSLCertificate>(x509Cert)); openSSLCert = nullptr; } } + // Clear any (expected) errors which resulted from PEM parsing + // If we don't do this, any existing TLS context will detect these + // spurious errors and fail to work + ERR_clear_error(); + return certificateChain; } } |