diff options
author | Fedor Indutny <fedor@indutny.com> | 2016-01-02 23:05:40 -0500 |
---|---|---|
committer | Fedor Indutny <fedor@indutny.com> | 2016-01-04 09:30:34 -0500 |
commit | 4f875747645099a0127299cf38c149f85e764816 (patch) | |
tree | ab52ba3d92ca9bb36b62b6dac315328ba7ca7df0 /src/node_crypto.h | |
parent | 028194b576e178a5be35cfb77991f420201242bd (diff) | |
download | android-node-v8-4f875747645099a0127299cf38c149f85e764816.tar.gz android-node-v8-4f875747645099a0127299cf38c149f85e764816.tar.bz2 android-node-v8-4f875747645099a0127299cf38c149f85e764816.zip |
tls_wrap: clear errors on return
Adopt `MarkPopErrorOnReturn` from `node_crypto.cc`, and use it to
clear errors after `SSL_read`/`SSL_write`/`SSL_shutdown` functions.
See: https://github.com/nodejs/node/issues/4485
PR-URL: https://github.com/nodejs/node/pull/4515
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Diffstat (limited to 'src/node_crypto.h')
-rw-r--r-- | src/node_crypto.h | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/node_crypto.h b/src/node_crypto.h index d3d66e32dd..aaadc904dd 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -39,6 +39,21 @@ namespace node { namespace crypto { +// Forcibly clear OpenSSL's error stack on return. This stops stale errors +// from popping up later in the lifecycle of crypto operations where they +// would cause spurious failures. It's a rather blunt method, though. +// ERR_clear_error() isn't necessarily cheap either. +struct ClearErrorOnReturn { + ~ClearErrorOnReturn() { ERR_clear_error(); } +}; + +// Pop errors from OpenSSL's error stack that were added +// between when this was constructed and destructed. +struct MarkPopErrorOnReturn { + MarkPopErrorOnReturn() { ERR_set_mark(); } + ~MarkPopErrorOnReturn() { ERR_pop_to_mark(); } +}; + enum CheckResult { CHECK_CERT_REVOKED = 0, CHECK_OK = 1 |