InvalidCertificateHandler onInvalidCertificate wrong exception

[micheleselea]

When we create a CLIENT_USE Poco::Net::Context giving a subclass of InvalidCertificateHandler with setInvalidCertificateHandler
if you end up in the onInvalidCertificate callback and you set
errorCert.setIgnoreError(false);
it will result in a strange exception that apparently is not related to a validation certificate issue but is something like this

SSL Exception: error:80000002:system library::No such file or directory

[micheleselea]

I think the problem is that OPENSSL keep a list of last errors and when we call
ERR_get_error
we just get the first error that is probably the oldest not the newest.
So in function
int SecureSocketImpl::handleError(int rc)
we just do

long lastError = ERR_get_error();
std::string msg;
if (lastError)
{
	char buffer[256];
	ERR_error_string_n(lastError, buffer, sizeof(buffer));
	msg = buffer;
}

if we have some errors pending we just dequeue the oldest one that is not the one you are running into
on external exception handler if I do

	do {
		long lastError = ERR_get_error();
		std::string msg;
		if (lastError)
		{
			char buffer[256];
			ERR_error_string_n(lastError, buffer, sizeof(buffer));
			msg = buffer;
		}
		else {
			break;
		}
	} while (1);

I can see 3 or 4 errors the latest is my certificate validate error.
I think there is not a simple solution for that

[micheleselea]

If I just call
ERR_clear_error();
before exit the onInvalidCertificate callback, I end up with the correct exception
SSL connection unexpectedly closed: error:0A000086:SSL routines::certificate verify failed