From: Fabian Keil <fk@fabiankeil.de>
Date: Wed, 10 Jul 2024 13:58:37 +0000 (+0200)
Subject: wolfssl ssl_(send|recv)_data(): Call wolfSSL_ERR_clear_error() before doing any work
X-Git-Tag: v_4_0_0~60^2~10
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/static/@proxy-info-url@?a=commitdiff_plain;h=27d109a24ebab58edd9596872dfc7b14abcfc1bc;p=privoxy.git

wolfssl ssl_(send|recv)_data(): Call wolfSSL_ERR_clear_error() before doing any work

Prevents logging of bogus errors like:
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: RSA key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: ECC key too small
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: error state on socket
15:53:27.932 009 Error: Sending data on socket 12 over TLS failed: Peer closed underlying transport Error
15:53:27.933 009 Error: Failed to send the modified content to the client over TLS
---

diff --git a/wolfssl.c b/wolfssl.c
index e0cbb237..9a4c794c 100644
--- a/wolfssl.c
+++ b/wolfssl.c
@@ -157,6 +157,8 @@ extern int ssl_send_data(struct ssl_attr *ssl_attr, const unsigned char *buf, si
       return 0;
    }
 
+   wolfSSL_ERR_clear_error();
+
    ssl = ssl_attr->wolfssl_attr.ssl;
    fd = wolfSSL_get_fd(ssl);
 
@@ -206,6 +208,7 @@ extern int ssl_recv_data(struct ssl_attr *ssl_attr, unsigned char *buf, size_t m
    int fd = -1;
 
    memset(buf, 0, max_length);
+   wolfSSL_ERR_clear_error();
 
    /*
     * Receiving data from SSL context into buffer