From 6cb94b5da6ac409915cc0ca3f50c50214edee0ef Mon Sep 17 00:00:00 2001
From: Leorize <leorize+oss@disroot.org>
Date: Wed, 3 Jun 2020 15:11:10 -0500
Subject: asyncnet, net: clear openssl error queue before performing I/O

Per SSL_get_error(3):

  The current thread's error queue must be empty before the TLS/SSL I/O
  operation is attempted, or SSL_get_error() will not work reliably.

There has been records of not clearing the error queue causing weird SSL
errors when there shouldn't be any, see:

https://github.com/openssl/openssl/issues/11889
---
 lib/pure/asyncnet.nim | 1 +
 1 file changed, 1 insertion(+)

(limited to 'lib/pure/asyncnet.nim')

diff --git a/lib/pure/asyncnet.nim b/lib/pure/asyncnet.nim
index 8df839c14..bd9cd4312 100644
--- a/lib/pure/asyncnet.nim
+++ b/lib/pure/asyncnet.nim
@@ -718,6 +718,7 @@ proc close*(socket: AsyncSocket) =
         # established, see:
         # https://github.com/openssl/openssl/issues/710#issuecomment-253897666
         if SSL_in_init(socket.sslHandle) == 0:
+          ErrClearError()
           SSL_shutdown(socket.sslHandle)
         else:
           0
-- 
cgit 1.4.1-2-gfad0