diff --git a/src/XrdCl/XrdClXRootDTransport.cc b/src/XrdCl/XrdClXRootDTransport.cc index a7635529e17..fde6a4f7950 100644 --- a/src/XrdCl/XrdClXRootDTransport.cc +++ b/src/XrdCl/XrdClXRootDTransport.cc @@ -2241,13 +2241,11 @@ namespace XrdCl "[%s] Authenticated with %s.", hsData->streamName.c_str(), protocolName.c_str() ); - if( info->encrypted || ( info->serverFlags & kXR_gotoTLS ) || - ( info->serverFlags & kXR_tlsLogin ) ) - //-------------------------------------------------------------------- - // Clear the SSL error queue of the calling thread, as there might be - // some leftover from the authentication! - //-------------------------------------------------------------------- - Tls::ClearErrorQueue(); + //-------------------------------------------------------------------- + // Clear the SSL error queue of the calling thread, as there might be + // some leftover from the authentication! + //-------------------------------------------------------------------- + Tls::ClearErrorQueue(); return XRootDStatus(); } @@ -2311,13 +2309,11 @@ namespace XrdCl MarshallRequest( msg ); delete credentials; - if( info->encrypted || ( info->serverFlags & kXR_gotoTLS ) || - ( info->serverFlags & kXR_tlsLogin ) ) - //------------------------------------------------------------------------ - // Clear the SSL error queue of the calling thread, as there might be - // some leftover from the authentication! - //------------------------------------------------------------------------ - Tls::ClearErrorQueue(); + //------------------------------------------------------------------------ + // Clear the SSL error queue of the calling thread, as there might be + // some leftover from the authentication! + //------------------------------------------------------------------------ + Tls::ClearErrorQueue(); return XRootDStatus( stOK, suContinue ); } @@ -2425,6 +2421,7 @@ namespace XrdCl info->authProtocol = 0; info->authParams = 0; info->authEnv = 0; + Tls::ClearErrorQueue(); return Status(); } diff --git a/src/XrdTls/XrdTlsSocket.cc b/src/XrdTls/XrdTlsSocket.cc index 38a3a8acfa1..16497d76485 100644 --- a/src/XrdTls/XrdTlsSocket.cc +++ b/src/XrdTls/XrdTlsSocket.cc @@ -265,8 +265,7 @@ XrdTls::RC XrdTlsSocket::Connect(const char *thehost, std::string *eWhy) // Do the connect. // -do{if (pImpl->isClient) ERR_clear_error(); - int rc = SSL_connect( pImpl->ssl ); +do{int rc = SSL_connect( pImpl->ssl ); if (rc == 1) break; ssler = Diagnose("TLS_Connect", rc, XrdTls::dbgSOK); @@ -641,8 +640,7 @@ XrdTls::RC XrdTlsSocket::Read( char *buffer, size_t size, int &bytesRead ) // have to explicitly call SSL_connect or SSL_do_handshake. //------------------------------------------------------------------------ - do{if (pImpl->isClient) ERR_clear_error(); - int rc = SSL_read( pImpl->ssl, buffer, size ); + do{int rc = SSL_read( pImpl->ssl, buffer, size ); // Note that according to SSL whenever rc > 0 then SSL_ERROR_NONE can be // returned to the caller. So, we short-circuit all the error handling. @@ -787,8 +785,7 @@ XrdTls::RC XrdTlsSocket::Write( const char *buffer, size_t size, // have to explicitly call SSL_connect or SSL_do_handshake. //------------------------------------------------------------------------ - do{if (pImpl->isClient) ERR_clear_error(); - int rc = SSL_write( pImpl->ssl, buffer, size ); + do{int rc = SSL_write( pImpl->ssl, buffer, size ); // Note that according to SSL whenever rc > 0 then SSL_ERROR_NONE can be // returned to the caller. So, we short-circuit all the error handling.