commit 5fa3eba03d1912424decc885e72da20a6a08d8e7
author David Benjamin <davidben@chromium.org> Thu Jan 22 16:35:40 2015 -0500
committer Adam Langley <agl@google.com> Thu Jan 22 22:06:40 2015 +0000
tree 45263ac96ff7b9da1ec04fd74528cb4327d2fac9
parent 9a38e924aafa96b4f1d7495ce140ba06b956854f

Clear the error queue when dropping a bad DTLS packet.

This regressed in e95d20dcb80523bf9bc6a9c5682856c8371e0a96. EVP_AEAD will push
errors on the error queue (unlike the EVP_CIPHER codepath which checked
everything internally to ssl/ and didn't bother pushing anything). This meant
that a dropped packet would leave junk in the error queue.

Later, when SSL_read returns <= 0 (EOF or EWOULDBLOCK), the non-empty error
queue check in SSL_get_error kicks in and SSL_read looks to have failed.

BUG=https://code.google.com/p/webrtc/issues/detail?id=4214

Change-Id: I1e5e41c77a3e5b71e9eb0c72294abf0da677f840
Reviewed-on: https://boringssl-review.googlesource.com/2982
Reviewed-by: Adam Langley <agl@google.com>

ssl/d1_pkt.c

diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c
index 1d3236f..a77ad4e 100644
--- a/ssl/d1_pkt.c
+++ b/ssl/d1_pkt.c
@@ -357,7 +357,9 @@
   rr->data = rr->input;
 
   if (!s->enc_method->enc(s, 0)) {
-    /* For DTLS we simply ignore bad packets. */
+    /* Bad packets are silently dropped in DTLS. Clear the error queue of any
+     * errors decryption may have added. */
+    ERR_clear_error();
     rr->length = 0;
     s->packet_length = 0;
     goto err;