Ticket #957:
- Fixed SSL socket unit test issues (mostly on Linux platform): let OS manage the binding port (specify port to 0), use pj_sockaddr_get_len() instead of sizeof() for sockaddr size, DOS eol format for certificate and private key files.
- Temporary fix for SSL_CTX_use_certificate_chain_file() false error alarm (after previous OpenSSL handshake error), by clearing OpenSSL thread error queue in reset_ssl_sock_state()
git-svn-id: https://svn.pjsip.org/repos/pjproject/trunk@2971 74dad513-b988-da41-8d7b-12977e46ad98
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
index eca60d2..01dd1ce 100644
--- a/pjlib/src/pj/ssl_sock_ossl.c
+++ b/pjlib/src/pj/ssl_sock_ossl.c
@@ -479,6 +479,14 @@
pj_sock_close(ssock->sock);
ssock->sock = PJ_INVALID_SOCKET;
}
+
+ /* Upon error, OpenSSL may leave any error description in the thread
+ * error queue, which sometime may cause next call to SSL API returning
+ * false error alarm, e.g: in Linux, SSL_CTX_use_certificate_chain_file()
+ * returning false error after a handshake error (in different SSL_CTX!).
+ * For now, just clear thread error queue here.
+ */
+ ERR_clear_error();
}