SSL: SSL_get_error get the error of other coroutine.(ossrs#3497)

chundonglinlin · Apr 15, 2023 · 18a9939 · 18a9939
1 parent 26aabe4
commit 18a9939
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 0 deletions.
diff --git a/trunk/src/app/srs_app_conn.cpp b/trunk/src/app/srs_app_conn.cpp
@@ -800,6 +800,7 @@ srs_error_t SrsSslConnection::handshake(string key_file, string crt_file)
 
         r0 = SSL_do_handshake(ssl); r1 = SSL_get_error(ssl, r0);
         if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) {
+            ERR_clear_error();
             return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1);
         }
 
@@ -846,6 +847,7 @@ srs_error_t SrsSslConnection::handshake(string key_file, string crt_file)
         }
 
         if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) {
+            ERR_clear_error();
             return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1);
         }
 
@@ -943,6 +945,7 @@ srs_error_t SrsSslConnection::read(void* plaintext, size_t nn_plaintext, ssize_t
 
         // Fail for error.
         if (r0 <= 0) {
+            ERR_clear_error();
             return srs_error_new(ERROR_HTTPS_READ, "SSL_read r0=%d, r1=%d, r2=%d, r3=%d",
                 r0, r1, r2, r3);
         }
@@ -968,6 +971,7 @@ srs_error_t SrsSslConnection::write(void* plaintext, size_t nn_plaintext, ssize_
         int r0 = SSL_write(ssl, (const void*)p, left);
         int r1 = SSL_get_error(ssl, r0);
         if (r0 <= 0) {
+            ERR_clear_error();
             return srs_error_new(ERROR_HTTPS_WRITE, "https: write data=%p, size=%d, r0=%d, r1=%d", p, left, r0, r1);
         }
 

diff --git a/trunk/src/app/srs_app_conn.hpp b/trunk/src/app/srs_app_conn.hpp
@@ -14,6 +14,7 @@
 #include <map>
 
 #include <openssl/ssl.h>
+#include <openssl/err.h>
 
 #include <srs_app_st.hpp>
 #include <srs_protocol_kbps.hpp>

diff --git a/trunk/src/app/srs_app_rtc_dtls.cpp b/trunk/src/app/srs_app_rtc_dtls.cpp
@@ -581,6 +581,7 @@ srs_error_t SrsDtlsImpl::do_handshake()
 
     // Fatal SSL error, for example, no available suite when peer is DTLS 1.0 while we are DTLS 1.2.
     if (r0 < 0 && (r1 != SSL_ERROR_NONE && r1 != SSL_ERROR_WANT_READ && r1 != SSL_ERROR_WANT_WRITE)) {
+        ERR_clear_error();
         return srs_error_new(ERROR_RTC_DTLS, "handshake r0=%d, r1=%d", r0, r1);
     }
 
@@ -863,6 +864,7 @@ srs_error_t SrsDtlsClientImpl::cycle()
         // The timeout is 0, so there must be a ARQ packet to transmit in openssl.
         r0 = BIO_reset(bio_out); int r1 = SSL_get_error(dtls, r0);
         if (r0 != 1) {
+            ERR_clear_error();
             return srs_error_new(ERROR_OpenSslBIOReset, "BIO_reset r0=%d, r1=%d", r0, r1);
         }
 
@@ -875,6 +877,7 @@ srs_error_t SrsDtlsClientImpl::cycle()
             continue; // No timeout had expired.
         }
         if (r0 != 1) {
+            ERR_clear_error();
             return srs_error_new(ERROR_RTC_DTLS, "ARQ r0=%d, r1=%d", r0, r1);
         }
 

diff --git a/trunk/src/protocol/srs_protocol_http_client.cpp b/trunk/src/protocol/srs_protocol_http_client.cpp
@@ -92,6 +92,7 @@ srs_error_t SrsSslClient::handshake()
     // Send ClientHello.
     int r0 = SSL_do_handshake(ssl); int r1 = SSL_get_error(ssl, r0);
     if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) {
+        ERR_clear_error();
         return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1);
     }
 
@@ -122,6 +123,7 @@ srs_error_t SrsSslClient::handshake()
         }
 
         if ((r0 = SSL_do_handshake(ssl)) != -1 || (r1 = SSL_get_error(ssl, r0)) != SSL_ERROR_WANT_READ) {
+            ERR_clear_error();
             return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1);
         }
 
@@ -165,6 +167,7 @@ srs_error_t SrsSslClient::handshake()
         }
 
         if (r0 != -1 || r1 != SSL_ERROR_WANT_READ) {
+            ERR_clear_error();
             return srs_error_new(ERROR_HTTPS_HANDSHAKE, "handshake r0=%d, r1=%d", r0, r1);
         }
     }
@@ -215,6 +218,7 @@ srs_error_t SrsSslClient::read(void* plaintext, size_t nn_plaintext, ssize_t* nr
 
         // Fail for error.
         if (r0 <= 0) {
+            ERR_clear_error();
             return srs_error_new(ERROR_HTTPS_READ, "SSL_read r0=%d, r1=%d, r2=%d, r3=%d",
                 r0, r1, r2, r3);
         }
@@ -230,6 +234,7 @@ srs_error_t SrsSslClient::write(void* plaintext, size_t nn_plaintext, ssize_t* n
         int r0 = SSL_write(ssl, (const void*)p, left);
         int r1 = SSL_get_error(ssl, r0);
         if (r0 <= 0) {
+            ERR_clear_error();
             return srs_error_new(ERROR_HTTPS_WRITE, "https: write data=%p, size=%d, r0=%d, r1=%d", p, left, r0, r1);
         }
 

diff --git a/trunk/src/protocol/srs_protocol_http_client.hpp b/trunk/src/protocol/srs_protocol_http_client.hpp
@@ -13,6 +13,7 @@
 #include <map>
 
 #include <openssl/ssl.h>
+#include <openssl/err.h>
 
 #include <srs_protocol_st.hpp>
 #include <srs_protocol_http_stack.hpp>