diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-06-30 16:11:17 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-07-02 15:33:34 +0200 |
commit | d82d1d11d4dafc97875969329a5100242441744d (patch) | |
tree | 9655385ff3d377ce4d9668128685261fc23dca60 | |
parent | e58087842cf74164809977872eb2f7a62490d8dd (diff) |
load_key_certs_crls: Avoid reporting any spurious errors
When there is other PEM data in between certs the OSSL_STORE_load
returns NULL and reports error. Avoid printing that error unless
there was nothing read at all.
Fixes #15945
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15949)
-rw-r--r-- | apps/lib/apps.c | 12 |
1 files changed, 3 insertions, 9 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c index dfbc3ec522..a767023197 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -871,9 +871,6 @@ int load_key_certs_crls_suppress(const char *uri, int format, int maybe_stdin, OSSL_PARAM itp[2]; const OSSL_PARAM *params = NULL; - if (suppress_decode_errors) - ERR_set_mark(); - if (ppkey != NULL) { *ppkey = NULL; cnt_expectations++; @@ -971,10 +968,6 @@ int load_key_certs_crls_suppress(const char *uri, int format, int maybe_stdin, * certificate in it. We just retry until eof. */ if (info == NULL) { - if (OSSL_STORE_error(ctx)) { - ERR_print_errors(bio_err); - ERR_clear_error(); - } continue; } @@ -1078,8 +1071,9 @@ int load_key_certs_crls_suppress(const char *uri, int format, int maybe_stdin, BIO_printf(bio_err, "\n"); ERR_print_errors(bio_err); } - if (suppress_decode_errors) - ERR_pop_to_mark(); + if (suppress_decode_errors || failed == NULL) + /* clear any spurious errors */ + ERR_clear_error(); return failed == NULL; } |