Clear errors when reading pems

Summary: Clear/read OpenSSL errors after certain ops. Reviewed By: mingtaoy Differential Revision: D8277088 fbshipit-source-id: aa436657c3bca3a081cd56858e09da57a03cda05

Clear errors when reading pems
Summary: Clear/read OpenSSL errors after certain ops. Reviewed By: mingtaoy Differential Revision: D8277088 fbshipit-source-id: aa436657c3bca3a081cd56858e09da57a03cda05
f1e3312e · Neel Goyal · Facebook Github Bot · da72e6e9 · f1e3312e · f1e3312e
Commit f1e3312e authored Jun 05, 2018 by Neel Goyal Committed by Facebook Github Bot Jun 05, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

folly/io/async/SSLContext.cpp folly/io/async/SSLContext.cpp +1 -1

folly/ssl/OpenSSLCertUtils.cpp folly/ssl/OpenSSLCertUtils.cpp +1 -0

No files found.
--- a/folly/io/async/SSLContext.cpp
+++ b/folly/io/async/SSLContext.cpp
@@ -330,7 +330,7 @@ void SSLContext::loadTrustedCertificates(X509_STORE* store) {
 void SSLContext::loadClientCAList(const char* path) {
  auto clientCAs = SSL_load_client_CA_file(path);
  if (clientCAs == nullptr) {
-    LOG(ERROR) << "Unable to load ca file: " << path;
+    LOG(ERROR) << "Unable to load ca file: " << path << " " << getErrors();
    return;
  }
  SSL_CTX_set_client_CA_list(ctx_, clientCAs);

--- a/folly/ssl/OpenSSLCertUtils.cpp
+++ b/folly/ssl/OpenSSLCertUtils.cpp
@@ -209,6 +209,7 @@ std::vector<X509UniquePtr> OpenSSLCertUtils::readCertsFromBuffer(
  while (true) {
    X509UniquePtr x509(PEM_read_bio_X509(b.get(), nullptr, nullptr, nullptr));
    if (!x509) {
+      ERR_clear_error();
      break;
    }
    certs.push_back(std::move(x509));