Don't clear the whole error stack when loading engines

Loading the various built-in engines was unconditionally clearing the whole error stack. During config file processing processing a .include directive which fails results in errors being added to the stack - but we carry on anyway. These errors were then later being removed by the engine loading code, meaning that problems with the .include directive never get shown. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13311)
author: Matt Caswell <matt@openssl.org> 2020-11-04 12:34:15 +0100
committer: Matt Caswell <matt@openssl.org> 2020-11-06 11:34:48 +0100
commit: b9b2135d22b93f949fd77f293925fc66158416ff (patch)
tree: e82c316f4f3ef24d8ec2e77a9de085d583b1adc3 /engines
parent: Don't clear errors on failure in CONF_modules_load_file_ex() (diff)
download: openssl-b9b2135d22b93f949fd77f293925fc66158416ff.tar.xz
openssl-b9b2135d22b93f949fd77f293925fc66158416ff.zip
5 files changed, 56 insertions, 5 deletions
diff --git a/engines/e_afalg.c b/engines/e_afalg.c
index 24a1aa900c..9480d7c24b 100644
--- a/engines/e_afalg.c
+++ b/engines/e_afalg.c
@@ -851,9 +851,19 @@ void engine_load_afalg_int(void)
     toadd = engine_afalg();
     if (toadd == NULL)
         return;
+    ERR_set_mark();
     ENGINE_add(toadd);
+    /*
+     * If the "add" worked, it gets a structural reference. So either way, we
+     * release our just-created reference.
+     */
     ENGINE_free(toadd);
-    ERR_clear_error();
+    /*
+     * If the "add" didn't work, it was probably a conflict because it was
+     * already added (eg. someone calling ENGINE_load_blah then calling
+     * ENGINE_load_builtin_engines() perhaps).
+     */
+    ERR_pop_to_mark();
 }
 # endif
 
diff --git a/engines/e_capi.c b/engines/e_capi.c
index 8e5693d25e..dd66518d3f 100644
--- a/engines/e_capi.c
+++ b/engines/e_capi.c
@@ -600,9 +600,19 @@ void engine_load_capi_int(void)
     ENGINE *toadd = engine_capi();
     if (!toadd)
         return;
+    ERR_set_mark();
     ENGINE_add(toadd);
+    /*
+     * If the "add" worked, it gets a structural reference. So either way, we
+     * release our just-created reference.
+     */
     ENGINE_free(toadd);
-    ERR_clear_error();
+    /*
+     * If the "add" didn't work, it was probably a conflict because it was
+     * already added (eg. someone calling ENGINE_load_blah then calling
+     * ENGINE_load_builtin_engines() perhaps).
+     */
+    ERR_pop_to_mark();
 }
 # endif
 
diff --git a/engines/e_dasync.c b/engines/e_dasync.c
index b817b2ba5f..4eb50d055c 100644
--- a/engines/e_dasync.c
+++ b/engines/e_dasync.c
@@ -348,9 +348,19 @@ void engine_load_dasync_int(void)
     ENGINE *toadd = engine_dasync();
     if (!toadd)
         return;
+    ERR_set_mark();
     ENGINE_add(toadd);
+    /*
+     * If the "add" worked, it gets a structural reference. So either way, we
+     * release our just-created reference.
+     */
     ENGINE_free(toadd);
-    ERR_clear_error();
+    /*
+     * If the "add" didn't work, it was probably a conflict because it was
+     * already added (eg. someone calling ENGINE_load_blah then calling
+     * ENGINE_load_builtin_engines() perhaps).
+     */
+    ERR_pop_to_mark();
 }
 
 static int dasync_init(ENGINE *e)
diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c
index 729bb1fe95..85815e2e5a 100644
--- a/engines/e_devcrypto.c
+++ b/engines/e_devcrypto.c
@@ -1287,9 +1287,20 @@ void engine_load_devcrypto_int(void)
         return;
     }
 
+    ERR_set_mark();
     ENGINE_add(e);
+    /*
+     * If the "add" worked, it gets a structural reference. So either way, we
+     * release our just-created reference.
+     */
     ENGINE_free(e);          /* Loose our local reference */
-    ERR_clear_error();
+    /*
+     * If the "add" didn't work, it was probably a conflict because it was
+     * already added (eg. someone calling ENGINE_load_blah then calling
+     * ENGINE_load_builtin_engines() perhaps).
+     */
+    ERR_pop_to_mark();
+}
 }
 
 #else
diff --git a/engines/e_padlock.c b/engines/e_padlock.c
index 713a79a368..572ff90935 100644
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -49,9 +49,19 @@ void engine_load_padlock_int(void)
     ENGINE *toadd = ENGINE_padlock();
     if (!toadd)
         return;
+    ERR_set_mark();
     ENGINE_add(toadd);
+    /*
+     * If the "add" worked, it gets a structural reference. So either way, we
+     * release our just-created reference.
+     */
     ENGINE_free(toadd);
-    ERR_clear_error();
+    /*
+     * If the "add" didn't work, it was probably a conflict because it was
+     * already added (eg. someone calling ENGINE_load_blah then calling
+     * ENGINE_load_builtin_engines() perhaps).
+     */
+    ERR_pop_to_mark();
 #  endif
 }
author	Matt Caswell <matt@openssl.org>	2020-11-04 12:34:15 +0100
committer	Matt Caswell <matt@openssl.org>	2020-11-06 11:34:48 +0100
commit	b9b2135d22b93f949fd77f293925fc66158416ff (patch)
tree	e82c316f4f3ef24d8ec2e77a9de085d583b1adc3 /engines
parent	Don't clear errors on failure in CONF_modules_load_file_ex() (diff)
download	openssl-b9b2135d22b93f949fd77f293925fc66158416ff.tar.xz openssl-b9b2135d22b93f949fd77f293925fc66158416ff.zip