From fe19dfb57495c54c16edbeb52eae64b01404364f Mon Sep 17 00:00:00 2001 From: william Date: Thu, 5 Mar 2015 14:28:50 -0800 Subject: throw error when SSL_CTX_set_alpn_protos fails (which pesently is always an allocation failure) --- src/openssl.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/openssl.c b/src/openssl.c index 2b0cb88..2dee037 100644 --- a/src/openssl.c +++ b/src/openssl.c @@ -33,7 +33,7 @@ #include /* INFINITY fabs(3) floor(3) frexp(3) fmod(3) round(3) isfinite(3) */ #include /* struct tm time_t strptime(3) time(2) */ #include /* tolower(3) */ -#include /* errno */ +#include /* ENOMEM errno */ #include /* ssize_t pid_t */ #if !defined __sun && !defined _AIX @@ -4554,9 +4554,15 @@ static int sx_setAlpnProtos(lua_State *L) { done: luaL_pushresult(&B); tmp = lua_tolstring(L, -1, &len); + + /* OpenSSL 1.0.2 doesn't update the error stack on failure. */ + ERR_clear_error(); if (0 != SSL_CTX_set_alpn_protos(ctx, (const unsigned char*)tmp, len)) { - lua_pushnil(L); - return 1; + if (!ERR_peek_error()) { + return luaL_error(L, "unable to set ALPN protocols: %s", xstrerror(ENOMEM)); + } else { + return throwssl(L, "ssl.context:setAlpnProtos"); + } } lua_pushboolean(L, 1); -- cgit v1.2.3-59-g8ed1b