diff options
| author | Matt Caswell <matt@openssl.org> | 2020-11-04 12:34:15 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2020-11-06 11:34:48 +0100 |
| commit | b9b2135d22b93f949fd77f293925fc66158416ff (patch) | |
| tree | e82c316f4f3ef24d8ec2e77a9de085d583b1adc3 /engines/e_capi.c | |
| parent | Don't clear errors on failure in CONF_modules_load_file_ex() (diff) | |
| download | openssl-b9b2135d22b93f949fd77f293925fc66158416ff.tar.xz openssl-b9b2135d22b93f949fd77f293925fc66158416ff.zip | |
Don't clear the whole error stack when loading engines
Loading the various built-in engines was unconditionally clearing the
whole error stack. During config file processing processing a .include
directive which fails results in errors being added to the stack - but
we carry on anyway. These errors were then later being removed by the
engine loading code, meaning that problems with the .include directive
never get shown.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13311)
Diffstat (limited to 'engines/e_capi.c')
| -rw-r--r-- | engines/e_capi.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/engines/e_capi.c b/engines/e_capi.c index 8e5693d25e..dd66518d3f 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -600,9 +600,19 @@ void engine_load_capi_int(void) ENGINE *toadd = engine_capi(); if (!toadd) return; + ERR_set_mark(); ENGINE_add(toadd); + /* + * If the "add" worked, it gets a structural reference. So either way, we + * release our just-created reference. + */ ENGINE_free(toadd); - ERR_clear_error(); + /* + * If the "add" didn't work, it was probably a conflict because it was + * already added (eg. someone calling ENGINE_load_blah then calling + * ENGINE_load_builtin_engines() perhaps). + */ + ERR_pop_to_mark(); } # endif |