[Privoxy-commits] [privoxy] 11/15: wolfssl ssl_(send|recv)_data(): Call wolfSSL_ERR_clear_error() before doing any work

User Git git at git.privoxy.org
Thu Oct 10 06:48:01 CEST 2024 

This is an automated email from the git hooks/post-receive script.

git pushed a commit to branch master
in repository privoxy.

commit 27d109a24ebab58edd9596872dfc7b14abcfc1bc
Author: Fabian Keil <fk at fabiankeil.de>
AuthorDate: Wed Jul 10 15:58:37 2024 +0200

    wolfssl ssl_(send|recv)_data(): Call wolfSSL_ERR_clear_error() before doing any work
    
    Prevents logging of bogus errors like:
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: ECC key too small
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: error state on socket
    15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: Peer closed underlying transport Error
    15:53:27.933 009 Error: Failed to send the modified content to the client over TLS
---
 wolfssl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/wolfssl.c b/wolfssl.c
index e0cbb237..9a4c794c 100644
--- a/wolfssl.c
+++ b/wolfssl.c
@@ -157,6 +157,8 @@ extern int ssl_send_data(struct ssl_attr *ssl_attr, const unsigned char *buf, si
       return 0;
    }
 
+   wolfSSL_ERR_clear_error();
+
    ssl = ssl_attr->wolfssl_attr.ssl;
    fd = wolfSSL_get_fd(ssl);
 
@@ -206,6 +208,7 @@ extern int ssl_recv_data(struct ssl_attr *ssl_attr, unsigned char *buf, size_t m
    int fd = -1;
 
    memset(buf, 0, max_length);
+   wolfSSL_ERR_clear_error();
 
    /*
     * Receiving data from SSL context into buffer

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.

More information about the Privoxy-commits mailing list