PR: 2543

[openssl.git] / ssl / ssl_rsa.c

diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index a7721d05e3dfff8210b60d87146a34d3efe43f4a..c0960b5712b8e596ec4ed057e915da804ec68bde 100644 (file)
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -708,11 +708,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
        int ret=0;
        X509 *x=NULL;
 
-       ERR_clear_error(); /* This function needs to check the error stack
-                             even if the return code(s) of called functions
-                             indicate success.
-                             The error stack must therefore be cleared
-                             before starting. */
+       ERR_clear_error(); /* clear error stack for SSL_CTX_use_certificate() */
 
        in=BIO_new(BIO_s_file_internal());
        if (in == NULL)
@@ -727,7 +723,7 @@ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
                goto end;
                }
 
-       x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
+       x=PEM_read_bio_X509_AUX(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata);
        if (x == NULL)
                {
                SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB);