Some SSL_AD_* defines snuck into the TLSv1.3 code - replace them with

TLS13_ALERT_* defines. ok beck@ tb@
author: jsing <> 2020-09-11 15:03:36 +0000
committer: jsing <> 2020-09-11 15:03:36 +0000
commit: 54fa1d3a6727088bd1475d3822d8070cb9e734a9 (patch)
tree: fa44a091deea47cc7161bd3e43e0d0072fe34443
parent: 202546ef369f5ea223c1ddaac656af9dc7a41988 (diff)
download: openbsd-54fa1d3a6727088bd1475d3822d8070cb9e734a9.tar.gz
openbsd-54fa1d3a6727088bd1475d3822d8070cb9e734a9.tar.bz2
openbsd-54fa1d3a6727088bd1475d3822d8070cb9e734a9.zip
2 files changed, 10 insertions, 10 deletions
diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c
index 1f19bef997..590426ad8a 100644
--- a/src/lib/libssl/tls13_lib.c
+++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: tls13_lib.c,v 1.53 2020/07/30 16:23:17 tb Exp $ */
+/*      $OpenBSD: tls13_lib.c,v 1.54 2020/09/11 15:03:36 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -137,12 +137,12 @@ tls13_alert_sent_cb(uint8_t alert_desc, void *arg)
 {
        struct tls13_ctx *ctx = arg;
-        if (alert_desc == SSL_AD_CLOSE_NOTIFY) {
+        if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
                ctx->close_notify_sent = 1;
                return;
        }
-        if (alert_desc == SSL_AD_USER_CANCELLED) {
+        if (alert_desc == TLS13_ALERT_USER_CANCELED) {
                return;
        }
diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c
index 7093da48a7..1d75d9e5a4 100644
--- a/src/lib/libssl/tls13_record_layer.c
+++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.52 2020/08/11 19:25:40 jsing Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.53 2020/09/11 15:03:36 jsing Exp $ */
 /*
 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
 *
@@ -510,7 +510,7 @@ tls13_record_layer_open_record_plaintext(struct tls13_record_layer *rl)
                return 0;
        if (CBS_len(&cbs) > TLS13_RECORD_MAX_PLAINTEXT_LEN) {
-                rl->alert = SSL_AD_RECORD_OVERFLOW;
+                rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
                return 0;
        }
@@ -560,7 +560,7 @@ tls13_record_layer_open_record_protected(struct tls13_record_layer *rl)
                goto err;
        if (out_len > TLS13_RECORD_MAX_INNER_PLAINTEXT_LEN) {
-                rl->alert = SSL_AD_RECORD_OVERFLOW;
+                rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
                goto err;
        }
@@ -582,7 +582,7 @@ tls13_record_layer_open_record_protected(struct tls13_record_layer *rl)
                goto err;
        }
        if (inner_len > TLS13_RECORD_MAX_PLAINTEXT_LEN) {
-                rl->alert = SSL_AD_RECORD_OVERFLOW;
+                rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
                goto err;
        }
        content_type = content[inner_len];
@@ -802,16 +802,16 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
        if ((ret = tls13_record_recv(rl->rrec, rl->cb.wire_read, rl->cb_arg)) <= 0) {
                switch (ret) {
                case TLS13_IO_RECORD_VERSION:
-                        return tls13_send_alert(rl, SSL_AD_PROTOCOL_VERSION);
+                        return tls13_send_alert(rl, TLS13_ALERT_PROTOCOL_VERSION);
                case TLS13_IO_RECORD_OVERFLOW:
-                        return tls13_send_alert(rl, SSL_AD_RECORD_OVERFLOW);
+                        return tls13_send_alert(rl, TLS13_ALERT_RECORD_OVERFLOW);
                }
                return ret;
        }
 
        if (rl->legacy_version == TLS1_2_VERSION &&
            tls13_record_version(rl->rrec) != TLS1_2_VERSION)
-                return tls13_send_alert(rl, SSL_AD_PROTOCOL_VERSION);
+                return tls13_send_alert(rl, TLS13_ALERT_PROTOCOL_VERSION);
 
        content_type = tls13_record_content_type(rl->rrec);
author	jsing <>	2020-09-11 15:03:36 +0000
committer	jsing <>	2020-09-11 15:03:36 +0000
commit	54fa1d3a6727088bd1475d3822d8070cb9e734a9 (patch)
tree	fa44a091deea47cc7161bd3e43e0d0072fe34443
parent	202546ef369f5ea223c1ddaac656af9dc7a41988 (diff)
download	openbsd-54fa1d3a6727088bd1475d3822d8070cb9e734a9.tar.gz openbsd-54fa1d3a6727088bd1475d3822d8070cb9e734a9.tar.bz2 openbsd-54fa1d3a6727088bd1475d3822d8070cb9e734a9.zip

diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index 1f19bef997..590426ad8a 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_lib.c,v 1.53 2020/07/30 16:23:17 tb Exp $ */	1	/* $OpenBSD: tls13_lib.c,v 1.54 2020/09/11 15:03:36 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	* Copyright (c) 2019 Bob Beck <beck@openbsd.org>	4	* Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -137,12 +137,12 @@ tls13_alert_sent_cb(uint8_t alert_desc, void *arg)
137	{	137	{
138	struct tls13_ctx *ctx = arg;	138	struct tls13_ctx *ctx = arg;
139		139
140	if (alert_desc == SSL_AD_CLOSE_NOTIFY) {	140	if (alert_desc == TLS13_ALERT_CLOSE_NOTIFY) {
141	ctx->close_notify_sent = 1;	141	ctx->close_notify_sent = 1;
142	return;	142	return;
143	}	143	}
144		144
145	if (alert_desc == SSL_AD_USER_CANCELLED) {	145	if (alert_desc == TLS13_ALERT_USER_CANCELED) {
146	return;	146	return;
147	}	147	}
148		148


diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c index 7093da48a7..1d75d9e5a4 100644 --- a/src/lib/libssl/tls13_record_layer.c +++ b/src/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls13_record_layer.c,v 1.52 2020/08/11 19:25:40 jsing Exp $ */	1	/* $OpenBSD: tls13_record_layer.c,v 1.53 2020/09/11 15:03:36 jsing Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4	*	4	*
@@ -510,7 +510,7 @@ tls13_record_layer_open_record_plaintext(struct tls13_record_layer *rl)
510	return 0;	510	return 0;
511		511
512	if (CBS_len(&cbs) > TLS13_RECORD_MAX_PLAINTEXT_LEN) {	512	if (CBS_len(&cbs) > TLS13_RECORD_MAX_PLAINTEXT_LEN) {
513	rl->alert = SSL_AD_RECORD_OVERFLOW;	513	rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
514	return 0;	514	return 0;
515	}	515	}
516		516
@@ -560,7 +560,7 @@ tls13_record_layer_open_record_protected(struct tls13_record_layer *rl)
560	goto err;	560	goto err;
561		561
562	if (out_len > TLS13_RECORD_MAX_INNER_PLAINTEXT_LEN) {	562	if (out_len > TLS13_RECORD_MAX_INNER_PLAINTEXT_LEN) {
563	rl->alert = SSL_AD_RECORD_OVERFLOW;	563	rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
564	goto err;	564	goto err;
565	}	565	}
566		566
@@ -582,7 +582,7 @@ tls13_record_layer_open_record_protected(struct tls13_record_layer *rl)
582	goto err;	582	goto err;
583	}	583	}
584	if (inner_len > TLS13_RECORD_MAX_PLAINTEXT_LEN) {	584	if (inner_len > TLS13_RECORD_MAX_PLAINTEXT_LEN) {
585	rl->alert = SSL_AD_RECORD_OVERFLOW;	585	rl->alert = TLS13_ALERT_RECORD_OVERFLOW;
586	goto err;	586	goto err;
587	}	587	}
588	content_type = content[inner_len];	588	content_type = content[inner_len];
@@ -802,16 +802,16 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl)
802	if ((ret = tls13_record_recv(rl->rrec, rl->cb.wire_read, rl->cb_arg)) <= 0) {	802	if ((ret = tls13_record_recv(rl->rrec, rl->cb.wire_read, rl->cb_arg)) <= 0) {
803	switch (ret) {	803	switch (ret) {
804	case TLS13_IO_RECORD_VERSION:	804	case TLS13_IO_RECORD_VERSION:
805	return tls13_send_alert(rl, SSL_AD_PROTOCOL_VERSION);	805	return tls13_send_alert(rl, TLS13_ALERT_PROTOCOL_VERSION);
806	case TLS13_IO_RECORD_OVERFLOW:	806	case TLS13_IO_RECORD_OVERFLOW:
807	return tls13_send_alert(rl, SSL_AD_RECORD_OVERFLOW);	807	return tls13_send_alert(rl, TLS13_ALERT_RECORD_OVERFLOW);
808	}	808	}
809	return ret;	809	return ret;
810	}	810	}
811		811
812	if (rl->legacy_version == TLS1_2_VERSION &&	812	if (rl->legacy_version == TLS1_2_VERSION &&
813	tls13_record_version(rl->rrec) != TLS1_2_VERSION)	813	tls13_record_version(rl->rrec) != TLS1_2_VERSION)
814	return tls13_send_alert(rl, SSL_AD_PROTOCOL_VERSION);	814	return tls13_send_alert(rl, TLS13_ALERT_PROTOCOL_VERSION);
815		815
816	content_type = tls13_record_content_type(rl->rrec);	816	content_type = tls13_record_content_type(rl->rrec);
817		817