Hoist ERR_clear_error() call into the derr: label

The only path that sets TLS1_TICKET_NOT_DECRPYTED is through this label
and the ERR_clear_error() is called conditionally on this. We clear the
errors to make decrypt errors non-fatal.  The free functions should not
set the errors and if they do, we don't want to hide that.

discussed with jsing

1 files changed, 2 insertions, 4 deletions

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 64e64bf902..8162259c66 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.172 2020/09/01 05:32:11 tb Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.173 2020/09/01 05:38:48 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1012,6 +1012,7 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert,
         goto done;
 
  derr:
+        ERR_clear_error();
         s->internal->tlsext_ticket_expected = 1;
         ret = TLS1_TICKET_NOT_DECRYPTED;
         goto done;
@@ -1027,8 +1028,5 @@ tls_decrypt_ticket(SSL *s, CBS *session_id, CBS *ticket, int *alert,
         HMAC_CTX_free(hctx);
         SSL_SESSION_free(sess);
 
-        if (ret == TLS1_TICKET_NOT_DECRYPTED)
-                ERR_clear_error();
-
         return ret;
 }