summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbeck <>2017-02-07 02:08:38 +0000
committerbeck <>2017-02-07 02:08:38 +0000
commit91c389f89015a024212e73f5ec6e24166955ab6e (patch)
treea4e6a6d2d23329b576b63c8698e62a87e7388b69
parent8a1ec4c748b269fba0669ee71234ec9a0f128613 (diff)
downloadopenbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.gz
openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.bz2
openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.zip
Change SSLerror() back to taking two args, with the first one being an SSL *.
Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
Diffstat
-rw-r--r--src/lib/libssl/bio_ssl.c4
-rw-r--r--src/lib/libssl/d1_both.c18
-rw-r--r--src/lib/libssl/d1_clnt.c8
-rw-r--r--src/lib/libssl/d1_lib.c4
-rw-r--r--src/lib/libssl/d1_pkt.c42
-rw-r--r--src/lib/libssl/d1_srtp.c32
-rw-r--r--src/lib/libssl/d1_srvr.c12
-rw-r--r--src/lib/libssl/s3_lib.c48
-rw-r--r--src/lib/libssl/ssl_asn1.c4
-rw-r--r--src/lib/libssl/ssl_both.c26
-rw-r--r--src/lib/libssl/ssl_cert.c32
-rw-r--r--src/lib/libssl/ssl_ciph.c12
-rw-r--r--src/lib/libssl/ssl_clnt.c262
-rw-r--r--src/lib/libssl/ssl_err.c269
-rw-r--r--src/lib/libssl/ssl_lib.c98
-rw-r--r--src/lib/libssl/ssl_locl.h7
-rw-r--r--src/lib/libssl/ssl_packet.c18
-rw-r--r--src/lib/libssl/ssl_pkt.c74
-rw-r--r--src/lib/libssl/ssl_rsa.c104
-rw-r--r--src/lib/libssl/ssl_sess.c30
-rw-r--r--src/lib/libssl/ssl_srvr.c212
-rw-r--r--src/lib/libssl/ssl_txt.c4
-rw-r--r--src/lib/libssl/t1_enc.c44
-rw-r--r--src/lib/libssl/t1_lib.c26
-rw-r--r--src/lib/libssl/t1_reneg.c24
25 files changed, 841 insertions, 573 deletions
diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c
index ababa8cf17..344ca21786 100644
--- a/src/lib/libssl/bio_ssl.c
+++ b/src/lib/libssl/bio_ssl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bio_ssl.c,v 1.26 2017/01/29 17:49:23 beck Exp $ */ 1/* $OpenBSD: bio_ssl.c,v 1.27 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -110,7 +110,7 @@ ssl_new(BIO *bi)
110 110
111 bs = calloc(1, sizeof(BIO_SSL)); 111 bs = calloc(1, sizeof(BIO_SSL));
112 if (bs == NULL) { 112 if (bs == NULL) {
113 SSLerror(ERR_R_MALLOC_FAILURE); 113 SSLerrorx(ERR_R_MALLOC_FAILURE);
114 return (0); 114 return (0);
115 } 115 }
116 bi->init = 0; 116 bi->init = 0;
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 0e4317653d..9aba4b85f8 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_both.c,v 1.48 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: d1_both.c,v 1.49 2017/02/07 02:08:38 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -410,7 +410,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
410 S3I(s)->tmp.reuse_message = 0; 410 S3I(s)->tmp.reuse_message = 0;
411 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) { 411 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) {
412 al = SSL_AD_UNEXPECTED_MESSAGE; 412 al = SSL_AD_UNEXPECTED_MESSAGE;
413 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 413 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
414 goto f_err; 414 goto f_err;
415 } 415 }
416 *ok = 1; 416 *ok = 1;
@@ -475,12 +475,12 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
475 475
476 /* sanity checking */ 476 /* sanity checking */
477 if ((frag_off + frag_len) > msg_len) { 477 if ((frag_off + frag_len) > msg_len) {
478 SSLerror(SSL_R_EXCESSIVE_MESSAGE_SIZE); 478 SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE);
479 return SSL_AD_ILLEGAL_PARAMETER; 479 return SSL_AD_ILLEGAL_PARAMETER;
480 } 480 }
481 481
482 if ((frag_off + frag_len) > (unsigned long)max) { 482 if ((frag_off + frag_len) > (unsigned long)max) {
483 SSLerror(SSL_R_EXCESSIVE_MESSAGE_SIZE); 483 SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE);
484 return SSL_AD_ILLEGAL_PARAMETER; 484 return SSL_AD_ILLEGAL_PARAMETER;
485 } 485 }
486 486
@@ -492,7 +492,7 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
492 */ 492 */
493 if (!BUF_MEM_grow_clean(s->internal->init_buf, 493 if (!BUF_MEM_grow_clean(s->internal->init_buf,
494 msg_len + DTLS1_HM_HEADER_LENGTH)) { 494 msg_len + DTLS1_HM_HEADER_LENGTH)) {
495 SSLerror(ERR_R_BUF_LIB); 495 SSLerror(s, ERR_R_BUF_LIB);
496 return SSL_AD_INTERNAL_ERROR; 496 return SSL_AD_INTERNAL_ERROR;
497 } 497 }
498 498
@@ -506,7 +506,7 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
506 * They must be playing with us! BTW, failure to enforce 506 * They must be playing with us! BTW, failure to enforce
507 * upper limit would open possibility for buffer overrun. 507 * upper limit would open possibility for buffer overrun.
508 */ 508 */
509 SSLerror(SSL_R_EXCESSIVE_MESSAGE_SIZE); 509 SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE);
510 return SSL_AD_ILLEGAL_PARAMETER; 510 return SSL_AD_ILLEGAL_PARAMETER;
511 } 511 }
512 512
@@ -799,7 +799,7 @@ again:
799 /* parse the message fragment header */ 799 /* parse the message fragment header */
800 dtls1_get_message_header(wire, &msg_hdr) == 0) { 800 dtls1_get_message_header(wire, &msg_hdr) == 0) {
801 al = SSL_AD_UNEXPECTED_MESSAGE; 801 al = SSL_AD_UNEXPECTED_MESSAGE;
802 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 802 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
803 goto f_err; 803 goto f_err;
804 } 804 }
805 805
@@ -841,7 +841,7 @@ again:
841 else /* Incorrectly formated Hello request */ 841 else /* Incorrectly formated Hello request */
842 { 842 {
843 al = SSL_AD_UNEXPECTED_MESSAGE; 843 al = SSL_AD_UNEXPECTED_MESSAGE;
844 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 844 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
845 goto f_err; 845 goto f_err;
846 } 846 }
847 } 847 }
@@ -872,7 +872,7 @@ again:
872 */ 872 */
873 if (i != (int)frag_len) { 873 if (i != (int)frag_len) {
874 al = SSL3_AD_ILLEGAL_PARAMETER; 874 al = SSL3_AD_ILLEGAL_PARAMETER;
875 SSLerror(SSL3_AD_ILLEGAL_PARAMETER); 875 SSLerror(s, SSL3_AD_ILLEGAL_PARAMETER);
876 goto f_err; 876 goto f_err;
877 } 877 }
878 878
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 6e124c7a85..8e4c2586a3 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_clnt.c,v 1.73 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: d1_clnt.c,v 1.74 2017/02/07 02:08:38 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -216,7 +216,7 @@ dtls1_connect(SSL *s)
216 cb(s, SSL_CB_HANDSHAKE_START, 1); 216 cb(s, SSL_CB_HANDSHAKE_START, 1);
217 217
218 if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00)) { 218 if ((s->version & 0xff00 ) != (DTLS1_VERSION & 0xff00)) {
219 SSLerror(ERR_R_INTERNAL_ERROR); 219 SSLerror(s, ERR_R_INTERNAL_ERROR);
220 ret = -1; 220 ret = -1;
221 goto end; 221 goto end;
222 } 222 }
@@ -570,7 +570,7 @@ dtls1_connect(SSL *s)
570 /* break; */ 570 /* break; */
571 571
572 default: 572 default:
573 SSLerror(SSL_R_UNKNOWN_STATE); 573 SSLerror(s, SSL_R_UNKNOWN_STATE);
574 ret = -1; 574 ret = -1;
575 goto end; 575 goto end;
576 /* break; */ 576 /* break; */
@@ -631,7 +631,7 @@ dtls1_get_hello_verify(SSL *s)
631 goto truncated; 631 goto truncated;
632 632
633 if (ssl_version != s->version) { 633 if (ssl_version != s->version) {
634 SSLerror(SSL_R_WRONG_SSL_VERSION); 634 SSLerror(s, SSL_R_WRONG_SSL_VERSION);
635 s->version = (s->version & 0xff00) | (ssl_version & 0xff); 635 s->version = (s->version & 0xff00) | (ssl_version & 0xff);
636 al = SSL_AD_PROTOCOL_VERSION; 636 al = SSL_AD_PROTOCOL_VERSION;
637 goto f_err; 637 goto f_err;
diff --git a/src/lib/libssl/d1_lib.c b/src/lib/libssl/d1_lib.c
index bd78494e66..8092d56a4c 100644
--- a/src/lib/libssl/d1_lib.c
+++ b/src/lib/libssl/d1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_lib.c,v 1.40 2017/01/26 10:40:21 beck Exp $ */ 1/* $OpenBSD: d1_lib.c,v 1.41 2017/02/07 02:08:38 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -406,7 +406,7 @@ dtls1_check_timeout_num(SSL *s)
406 406
407 if (D1I(s)->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) { 407 if (D1I(s)->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {
408 /* fail the connection, enough alerts have been sent */ 408 /* fail the connection, enough alerts have been sent */
409 SSLerror(SSL_R_READ_TIMEOUT_EXPIRED); 409 SSLerror(s, SSL_R_READ_TIMEOUT_EXPIRED);
410 return -1; 410 return -1;
411 } 411 }
412 412
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 5e33a966de..5fdd176800 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_pkt.c,v 1.61 2017/01/26 10:40:21 beck Exp $ */ 1/* $OpenBSD: d1_pkt.c,v 1.62 2017/02/07 02:08:38 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -255,7 +255,7 @@ err:
255 free(rdata->rbuf.buf); 255 free(rdata->rbuf.buf);
256 256
257init_err: 257init_err:
258 SSLerror(ERR_R_INTERNAL_ERROR); 258 SSLerror(s, ERR_R_INTERNAL_ERROR);
259 free(rdata); 259 free(rdata);
260 pitem_free(item); 260 pitem_free(item);
261 return (-1); 261 return (-1);
@@ -354,7 +354,7 @@ dtls1_process_record(SSL *s)
354 /* check is not needed I believe */ 354 /* check is not needed I believe */
355 if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) { 355 if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
356 al = SSL_AD_RECORD_OVERFLOW; 356 al = SSL_AD_RECORD_OVERFLOW;
357 SSLerror(SSL_R_ENCRYPTED_LENGTH_TOO_LONG); 357 SSLerror(s, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
358 goto f_err; 358 goto f_err;
359 } 359 }
360 360
@@ -396,7 +396,7 @@ dtls1_process_record(SSL *s)
396 (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE && 396 (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
397 orig_len < mac_size + 1)) { 397 orig_len < mac_size + 1)) {
398 al = SSL_AD_DECODE_ERROR; 398 al = SSL_AD_DECODE_ERROR;
399 SSLerror(SSL_R_LENGTH_TOO_SHORT); 399 SSLerror(s, SSL_R_LENGTH_TOO_SHORT);
400 goto f_err; 400 goto f_err;
401 } 401 }
402 402
@@ -433,7 +433,7 @@ dtls1_process_record(SSL *s)
433 433
434 if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) { 434 if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
435 al = SSL_AD_RECORD_OVERFLOW; 435 al = SSL_AD_RECORD_OVERFLOW;
436 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 436 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
437 goto f_err; 437 goto f_err;
438 } 438 }
439 439
@@ -650,7 +650,7 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
650 if ((type && 650 if ((type &&
651 type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_HANDSHAKE) || 651 type != SSL3_RT_APPLICATION_DATA && type != SSL3_RT_HANDSHAKE) ||
652 (peek && (type != SSL3_RT_APPLICATION_DATA))) { 652 (peek && (type != SSL3_RT_APPLICATION_DATA))) {
653 SSLerror(ERR_R_INTERNAL_ERROR); 653 SSLerror(s, ERR_R_INTERNAL_ERROR);
654 return -1; 654 return -1;
655 } 655 }
656 656
@@ -667,7 +667,7 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
667 if (i < 0) 667 if (i < 0)
668 return (i); 668 return (i);
669 if (i == 0) { 669 if (i == 0) {
670 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 670 SSLerror(s, SSL_R_SSL_HANDSHAKE_FAILURE);
671 return (-1); 671 return (-1);
672 } 672 }
673 } 673 }
@@ -731,7 +731,7 @@ start:
731 */ 731 */
732 if (dtls1_buffer_record(s, &(D1I(s)->buffered_app_data), 732 if (dtls1_buffer_record(s, &(D1I(s)->buffered_app_data),
733 rr->seq_num) < 0) { 733 rr->seq_num) < 0) {
734 SSLerror(ERR_R_INTERNAL_ERROR); 734 SSLerror(s, ERR_R_INTERNAL_ERROR);
735 return (-1); 735 return (-1);
736 } 736 }
737 rr->length = 0; 737 rr->length = 0;
@@ -754,7 +754,7 @@ start:
754 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && 754 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
755 (s->enc_read_ctx == NULL)) { 755 (s->enc_read_ctx == NULL)) {
756 al = SSL_AD_UNEXPECTED_MESSAGE; 756 al = SSL_AD_UNEXPECTED_MESSAGE;
757 SSLerror(SSL_R_APP_DATA_IN_HANDSHAKE); 757 SSLerror(s, SSL_R_APP_DATA_IN_HANDSHAKE);
758 goto f_err; 758 goto f_err;
759 } 759 }
760 760
@@ -817,7 +817,7 @@ start:
817 817
818 /* Not certain if this is the right error handling */ 818 /* Not certain if this is the right error handling */
819 al = SSL_AD_UNEXPECTED_MESSAGE; 819 al = SSL_AD_UNEXPECTED_MESSAGE;
820 SSLerror(SSL_R_UNEXPECTED_RECORD); 820 SSLerror(s, SSL_R_UNEXPECTED_RECORD);
821 goto f_err; 821 goto f_err;
822 } 822 }
823 823
@@ -862,7 +862,7 @@ start:
862 (D1I(s)->handshake_fragment[2] != 0) || 862 (D1I(s)->handshake_fragment[2] != 0) ||
863 (D1I(s)->handshake_fragment[3] != 0)) { 863 (D1I(s)->handshake_fragment[3] != 0)) {
864 al = SSL_AD_DECODE_ERROR; 864 al = SSL_AD_DECODE_ERROR;
865 SSLerror(SSL_R_BAD_HELLO_REQUEST); 865 SSLerror(s, SSL_R_BAD_HELLO_REQUEST);
866 goto err; 866 goto err;
867 } 867 }
868 868
@@ -883,7 +883,7 @@ start:
883 if (i < 0) 883 if (i < 0)
884 return (i); 884 return (i);
885 if (i == 0) { 885 if (i == 0) {
886 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 886 SSLerror(s, SSL_R_SSL_HANDSHAKE_FAILURE);
887 return (-1); 887 return (-1);
888 } 888 }
889 889
@@ -940,7 +940,7 @@ start:
940 { 940 {
941 s->internal->rwstate = SSL_NOTHING; 941 s->internal->rwstate = SSL_NOTHING;
942 S3I(s)->fatal_alert = alert_descr; 942 S3I(s)->fatal_alert = alert_descr;
943 SSLerror(SSL_AD_REASON_OFFSET + alert_descr); 943 SSLerror(s, SSL_AD_REASON_OFFSET + alert_descr);
944 ERR_asprintf_error_data("SSL alert number %d", 944 ERR_asprintf_error_data("SSL alert number %d",
945 alert_descr); 945 alert_descr);
946 s->internal->shutdown|=SSL_RECEIVED_SHUTDOWN; 946 s->internal->shutdown|=SSL_RECEIVED_SHUTDOWN;
@@ -948,7 +948,7 @@ start:
948 return (0); 948 return (0);
949 } else { 949 } else {
950 al = SSL_AD_ILLEGAL_PARAMETER; 950 al = SSL_AD_ILLEGAL_PARAMETER;
951 SSLerror(SSL_R_UNKNOWN_ALERT_TYPE); 951 SSLerror(s, SSL_R_UNKNOWN_ALERT_TYPE);
952 goto f_err; 952 goto f_err;
953 } 953 }
954 954
@@ -974,7 +974,7 @@ start:
974 if ((rr->length != ccs_hdr_len) || 974 if ((rr->length != ccs_hdr_len) ||
975 (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) { 975 (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
976 i = SSL_AD_ILLEGAL_PARAMETER; 976 i = SSL_AD_ILLEGAL_PARAMETER;
977 SSLerror(SSL_R_BAD_CHANGE_CIPHER_SPEC); 977 SSLerror(s, SSL_R_BAD_CHANGE_CIPHER_SPEC);
978 goto err; 978 goto err;
979 } 979 }
980 980
@@ -1038,7 +1038,7 @@ start:
1038 if (i < 0) 1038 if (i < 0)
1039 return (i); 1039 return (i);
1040 if (i == 0) { 1040 if (i == 0) {
1041 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 1041 SSLerror(s, SSL_R_SSL_HANDSHAKE_FAILURE);
1042 return (-1); 1042 return (-1);
1043 } 1043 }
1044 1044
@@ -1068,7 +1068,7 @@ start:
1068 goto start; 1068 goto start;
1069 } 1069 }
1070 al = SSL_AD_UNEXPECTED_MESSAGE; 1070 al = SSL_AD_UNEXPECTED_MESSAGE;
1071 SSLerror(SSL_R_UNEXPECTED_RECORD); 1071 SSLerror(s, SSL_R_UNEXPECTED_RECORD);
1072 goto f_err; 1072 goto f_err;
1073 case SSL3_RT_CHANGE_CIPHER_SPEC: 1073 case SSL3_RT_CHANGE_CIPHER_SPEC:
1074 case SSL3_RT_ALERT: 1074 case SSL3_RT_ALERT:
@@ -1077,7 +1077,7 @@ start:
1077 * of SSL3_RT_HANDSHAKE when s->internal->in_handshake is set, but that 1077 * of SSL3_RT_HANDSHAKE when s->internal->in_handshake is set, but that
1078 * should not happen when type != rr->type */ 1078 * should not happen when type != rr->type */
1079 al = SSL_AD_UNEXPECTED_MESSAGE; 1079 al = SSL_AD_UNEXPECTED_MESSAGE;
1080 SSLerror(ERR_R_INTERNAL_ERROR); 1080 SSLerror(s, ERR_R_INTERNAL_ERROR);
1081 goto f_err; 1081 goto f_err;
1082 case SSL3_RT_APPLICATION_DATA: 1082 case SSL3_RT_APPLICATION_DATA:
1083 /* At this point, we were expecting handshake data, 1083 /* At this point, we were expecting handshake data,
@@ -1099,7 +1099,7 @@ start:
1099 return (-1); 1099 return (-1);
1100 } else { 1100 } else {
1101 al = SSL_AD_UNEXPECTED_MESSAGE; 1101 al = SSL_AD_UNEXPECTED_MESSAGE;
1102 SSLerror(SSL_R_UNEXPECTED_RECORD); 1102 SSLerror(s, SSL_R_UNEXPECTED_RECORD);
1103 goto f_err; 1103 goto f_err;
1104 } 1104 }
1105 } 1105 }
@@ -1122,13 +1122,13 @@ dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
1122 if (i < 0) 1122 if (i < 0)
1123 return (i); 1123 return (i);
1124 if (i == 0) { 1124 if (i == 0) {
1125 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 1125 SSLerror(s, SSL_R_SSL_HANDSHAKE_FAILURE);
1126 return -1; 1126 return -1;
1127 } 1127 }
1128 } 1128 }
1129 1129
1130 if (len > SSL3_RT_MAX_PLAIN_LENGTH) { 1130 if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
1131 SSLerror(SSL_R_DTLS_MESSAGE_TOO_BIG); 1131 SSLerror(s, SSL_R_DTLS_MESSAGE_TOO_BIG);
1132 return -1; 1132 return -1;
1133 } 1133 }
1134 1134
diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c
index 82dc8bfdef..26c14543fc 100644
--- a/src/lib/libssl/d1_srtp.c
+++ b/src/lib/libssl/d1_srtp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_srtp.c,v 1.20 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: d1_srtp.c,v 1.21 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -187,7 +187,7 @@ ssl_ctx_make_profiles(const char *profiles_string,
187 SRTP_PROTECTION_PROFILE *p; 187 SRTP_PROTECTION_PROFILE *p;
188 188
189 if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) { 189 if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) {
190 SSLerror(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); 190 SSLerrorx(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
191 return 1; 191 return 1;
192 } 192 }
193 193
@@ -198,7 +198,7 @@ ssl_ctx_make_profiles(const char *profiles_string,
198 col ? col - ptr : (int)strlen(ptr))) { 198 col ? col - ptr : (int)strlen(ptr))) {
199 sk_SRTP_PROTECTION_PROFILE_push(profiles, p); 199 sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
200 } else { 200 } else {
201 SSLerror(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); 201 SSLerrorx(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
202 sk_SRTP_PROTECTION_PROFILE_free(profiles); 202 sk_SRTP_PROTECTION_PROFILE_free(profiles);
203 return 1; 203 return 1;
204 } 204 }
@@ -262,12 +262,12 @@ ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen)
262 262
263 if (p) { 263 if (p) {
264 if (ct == 0) { 264 if (ct == 0) {
265 SSLerror(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST); 265 SSLerror(s, SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
266 return 1; 266 return 1;
267 } 267 }
268 268
269 if ((2 + ct * 2 + 1) > maxlen) { 269 if ((2 + ct * 2 + 1) > maxlen) {
270 SSLerror(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); 270 SSLerror(s, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
271 return 1; 271 return 1;
272 } 272 }
273 273
@@ -300,7 +300,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
300 CBS cbs, ciphers, mki; 300 CBS cbs, ciphers, mki;
301 301
302 if (len < 0) { 302 if (len < 0) {
303 SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 303 SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
304 *al = SSL_AD_DECODE_ERROR; 304 *al = SSL_AD_DECODE_ERROR;
305 goto done; 305 goto done;
306 } 306 }
@@ -309,7 +309,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
309 /* Pull off the cipher suite list */ 309 /* Pull off the cipher suite list */
310 if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) || 310 if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) ||
311 CBS_len(&ciphers) % 2) { 311 CBS_len(&ciphers) % 2) {
312 SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 312 SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
313 *al = SSL_AD_DECODE_ERROR; 313 *al = SSL_AD_DECODE_ERROR;
314 goto done; 314 goto done;
315 } 315 }
@@ -318,7 +318,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
318 318
319 while (CBS_len(&ciphers) > 0) { 319 while (CBS_len(&ciphers) > 0) {
320 if (!CBS_get_u16(&ciphers, &id)) { 320 if (!CBS_get_u16(&ciphers, &id)) {
321 SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 321 SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
322 *al = SSL_AD_DECODE_ERROR; 322 *al = SSL_AD_DECODE_ERROR;
323 goto done; 323 goto done;
324 } 324 }
@@ -332,7 +332,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len,
332 /* Extract the MKI value as a sanity check, but discard it for now. */ 332 /* Extract the MKI value as a sanity check, but discard it for now. */
333 if (!CBS_get_u8_length_prefixed(&cbs, &mki) || 333 if (!CBS_get_u8_length_prefixed(&cbs, &mki) ||
334 CBS_len(&cbs) != 0) { 334 CBS_len(&cbs) != 0) {
335 SSLerror(SSL_R_BAD_SRTP_MKI_VALUE); 335 SSLerror(s, SSL_R_BAD_SRTP_MKI_VALUE);
336 *al = SSL_AD_DECODE_ERROR; 336 *al = SSL_AD_DECODE_ERROR;
337 goto done; 337 goto done;
338 } 338 }
@@ -373,12 +373,12 @@ ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen)
373{ 373{
374 if (p) { 374 if (p) {
375 if (maxlen < 5) { 375 if (maxlen < 5) {
376 SSLerror(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); 376 SSLerror(s, SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
377 return 1; 377 return 1;
378 } 378 }
379 379
380 if (s->internal->srtp_profile == 0) { 380 if (s->internal->srtp_profile == 0) {
381 SSLerror(SSL_R_USE_SRTP_NOT_NEGOTIATED); 381 SSLerror(s, SSL_R_USE_SRTP_NOT_NEGOTIATED);
382 return 1; 382 return 1;
383 } 383 }
384 s2n(2, p); 384 s2n(2, p);
@@ -401,7 +401,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int
401 CBS cbs, profile_ids, mki; 401 CBS cbs, profile_ids, mki;
402 402
403 if (len < 0) { 403 if (len < 0) {
404 SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 404 SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
405 *al = SSL_AD_DECODE_ERROR; 405 *al = SSL_AD_DECODE_ERROR;
406 return 1; 406 return 1;
407 } 407 }
@@ -414,14 +414,14 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int
414 */ 414 */
415 if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) || 415 if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) ||
416 !CBS_get_u16(&profile_ids, &id) || CBS_len(&profile_ids) != 0) { 416 !CBS_get_u16(&profile_ids, &id) || CBS_len(&profile_ids) != 0) {
417 SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 417 SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
418 *al = SSL_AD_DECODE_ERROR; 418 *al = SSL_AD_DECODE_ERROR;
419 return 1; 419 return 1;
420 } 420 }
421 421
422 /* Must be no MKI, since we never offer one. */ 422 /* Must be no MKI, since we never offer one. */
423 if (!CBS_get_u8_length_prefixed(&cbs, &mki) || CBS_len(&mki) != 0) { 423 if (!CBS_get_u8_length_prefixed(&cbs, &mki) || CBS_len(&mki) != 0) {
424 SSLerror(SSL_R_BAD_SRTP_MKI_VALUE); 424 SSLerror(s, SSL_R_BAD_SRTP_MKI_VALUE);
425 *al = SSL_AD_ILLEGAL_PARAMETER; 425 *al = SSL_AD_ILLEGAL_PARAMETER;
426 return 1; 426 return 1;
427 } 427 }
@@ -430,7 +430,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int
430 430
431 /* Throw an error if the server gave us an unsolicited extension. */ 431 /* Throw an error if the server gave us an unsolicited extension. */
432 if (clnt == NULL) { 432 if (clnt == NULL) {
433 SSLerror(SSL_R_NO_SRTP_PROFILES); 433 SSLerror(s, SSL_R_NO_SRTP_PROFILES);
434 *al = SSL_AD_DECODE_ERROR; 434 *al = SSL_AD_DECODE_ERROR;
435 return 1; 435 return 1;
436 } 436 }
@@ -449,7 +449,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int
449 } 449 }
450 } 450 }
451 451
452 SSLerror(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); 452 SSLerror(s, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
453 *al = SSL_AD_DECODE_ERROR; 453 *al = SSL_AD_DECODE_ERROR;
454 return 1; 454 return 1;
455} 455}
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index fa860b8d5a..860a5fc4e3 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_srvr.c,v 1.83 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: d1_srvr.c,v 1.84 2017/02/07 02:08:38 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -202,7 +202,7 @@ dtls1_accept(SSL *s)
202 D1I(s)->listen = listen; 202 D1I(s)->listen = listen;
203 203
204 if (s->cert == NULL) { 204 if (s->cert == NULL) {
205 SSLerror(SSL_R_NO_CERTIFICATE_SET); 205 SSLerror(s, SSL_R_NO_CERTIFICATE_SET);
206 ret = -1; 206 ret = -1;
207 goto end; 207 goto end;
208 } 208 }
@@ -225,7 +225,7 @@ dtls1_accept(SSL *s)
225 cb(s, SSL_CB_HANDSHAKE_START, 1); 225 cb(s, SSL_CB_HANDSHAKE_START, 1);
226 226
227 if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) { 227 if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {
228 SSLerror(ERR_R_INTERNAL_ERROR); 228 SSLerror(s, ERR_R_INTERNAL_ERROR);
229 ret = -1; 229 ret = -1;
230 goto end; 230 goto end;
231 } 231 }
@@ -506,7 +506,7 @@ dtls1_accept(SSL *s)
506 * at this point and digest cached records. 506 * at this point and digest cached records.
507 */ 507 */
508 if (!S3I(s)->handshake_buffer) { 508 if (!S3I(s)->handshake_buffer) {
509 SSLerror(ERR_R_INTERNAL_ERROR); 509 SSLerror(s, ERR_R_INTERNAL_ERROR);
510 ret = -1; 510 ret = -1;
511 goto end; 511 goto end;
512 } 512 }
@@ -658,7 +658,7 @@ dtls1_accept(SSL *s)
658 /* break; */ 658 /* break; */
659 659
660 default: 660 default:
661 SSLerror(SSL_R_UNKNOWN_STATE); 661 SSLerror(s, SSL_R_UNKNOWN_STATE);
662 ret = -1; 662 ret = -1;
663 goto end; 663 goto end;
664 /* break; */ 664 /* break; */
@@ -705,7 +705,7 @@ dtls1_send_hello_verify_request(SSL *s)
705 if (s->ctx->internal->app_gen_cookie_cb == NULL || 705 if (s->ctx->internal->app_gen_cookie_cb == NULL ||
706 s->ctx->internal->app_gen_cookie_cb(s, 706 s->ctx->internal->app_gen_cookie_cb(s,
707 D1I(s)->cookie, &(D1I(s)->cookie_len)) == 0) { 707 D1I(s)->cookie, &(D1I(s)->cookie_len)) == 0) {
708 SSLerror(ERR_R_INTERNAL_ERROR); 708 SSLerror(s, ERR_R_INTERNAL_ERROR);
709 return 0; 709 return 0;
710 } 710 }
711 711
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index fbc2d511d3..d18a2388c3 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.134 2017/02/05 15:06:05 jsing Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.135 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1980,7 +1980,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
1980 1980
1981 if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) { 1981 if (cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
1982 if (!ssl_cert_inst(&s->cert)) { 1982 if (!ssl_cert_inst(&s->cert)) {
1983 SSLerror(ERR_R_MALLOC_FAILURE); 1983 SSLerror(s, ERR_R_MALLOC_FAILURE);
1984 return (0); 1984 return (0);
1985 } 1985 }
1986 } 1986 }
@@ -2009,17 +2009,17 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2009 break; 2009 break;
2010 case SSL_CTRL_SET_TMP_RSA: 2010 case SSL_CTRL_SET_TMP_RSA:
2011 case SSL_CTRL_SET_TMP_RSA_CB: 2011 case SSL_CTRL_SET_TMP_RSA_CB:
2012 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2012 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2013 break; 2013 break;
2014 case SSL_CTRL_SET_TMP_DH: 2014 case SSL_CTRL_SET_TMP_DH:
2015 { 2015 {
2016 DH *dh = (DH *)parg; 2016 DH *dh = (DH *)parg;
2017 if (dh == NULL) { 2017 if (dh == NULL) {
2018 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 2018 SSLerror(s, ERR_R_PASSED_NULL_PARAMETER);
2019 return (ret); 2019 return (ret);
2020 } 2020 }
2021 if ((dh = DHparams_dup(dh)) == NULL) { 2021 if ((dh = DHparams_dup(dh)) == NULL) {
2022 SSLerror(ERR_R_DH_LIB); 2022 SSLerror(s, ERR_R_DH_LIB);
2023 return (ret); 2023 return (ret);
2024 } 2024 }
2025 DH_free(s->cert->dh_tmp); 2025 DH_free(s->cert->dh_tmp);
@@ -2029,7 +2029,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2029 break; 2029 break;
2030 2030
2031 case SSL_CTRL_SET_TMP_DH_CB: 2031 case SSL_CTRL_SET_TMP_DH_CB:
2032 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2032 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2033 return (ret); 2033 return (ret);
2034 2034
2035 case SSL_CTRL_SET_DH_AUTO: 2035 case SSL_CTRL_SET_DH_AUTO:
@@ -2041,18 +2041,18 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2041 EC_KEY *ecdh = NULL; 2041 EC_KEY *ecdh = NULL;
2042 2042
2043 if (parg == NULL) { 2043 if (parg == NULL) {
2044 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 2044 SSLerror(s, ERR_R_PASSED_NULL_PARAMETER);
2045 return (ret); 2045 return (ret);
2046 } 2046 }
2047 if (!EC_KEY_up_ref((EC_KEY *)parg)) { 2047 if (!EC_KEY_up_ref((EC_KEY *)parg)) {
2048 SSLerror(ERR_R_ECDH_LIB); 2048 SSLerror(s, ERR_R_ECDH_LIB);
2049 return (ret); 2049 return (ret);
2050 } 2050 }
2051 ecdh = (EC_KEY *)parg; 2051 ecdh = (EC_KEY *)parg;
2052 if (!(s->internal->options & SSL_OP_SINGLE_ECDH_USE)) { 2052 if (!(s->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
2053 if (!EC_KEY_generate_key(ecdh)) { 2053 if (!EC_KEY_generate_key(ecdh)) {
2054 EC_KEY_free(ecdh); 2054 EC_KEY_free(ecdh);
2055 SSLerror(ERR_R_ECDH_LIB); 2055 SSLerror(s, ERR_R_ECDH_LIB);
2056 return (ret); 2056 return (ret);
2057 } 2057 }
2058 } 2058 }
@@ -2063,7 +2063,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2063 break; 2063 break;
2064 case SSL_CTRL_SET_TMP_ECDH_CB: 2064 case SSL_CTRL_SET_TMP_ECDH_CB:
2065 { 2065 {
2066 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2066 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2067 return (ret); 2067 return (ret);
2068 } 2068 }
2069 break; 2069 break;
@@ -2076,16 +2076,16 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
2076 if (parg == NULL) 2076 if (parg == NULL)
2077 break; 2077 break;
2078 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) { 2078 if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
2079 SSLerror(SSL_R_SSL3_EXT_INVALID_SERVERNAME); 2079 SSLerror(s, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
2080 return 0; 2080 return 0;
2081 } 2081 }
2082 if ((s->tlsext_hostname = strdup((char *)parg)) 2082 if ((s->tlsext_hostname = strdup((char *)parg))
2083 == NULL) { 2083 == NULL) {
2084 SSLerror(ERR_R_INTERNAL_ERROR); 2084 SSLerror(s, ERR_R_INTERNAL_ERROR);
2085 return 0; 2085 return 0;
2086 } 2086 }
2087 } else { 2087 } else {
2088 SSLerror(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE); 2088 SSLerror(s, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
2089 return 0; 2089 return 0;
2090 } 2090 }
2091 break; 2091 break;
@@ -2173,14 +2173,14 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
2173 2173
2174 if (cmd == SSL_CTRL_SET_TMP_DH_CB) { 2174 if (cmd == SSL_CTRL_SET_TMP_DH_CB) {
2175 if (!ssl_cert_inst(&s->cert)) { 2175 if (!ssl_cert_inst(&s->cert)) {
2176 SSLerror(ERR_R_MALLOC_FAILURE); 2176 SSLerror(s, ERR_R_MALLOC_FAILURE);
2177 return (0); 2177 return (0);
2178 } 2178 }
2179 } 2179 }
2180 2180
2181 switch (cmd) { 2181 switch (cmd) {
2182 case SSL_CTRL_SET_TMP_RSA_CB: 2182 case SSL_CTRL_SET_TMP_RSA_CB:
2183 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2183 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2184 break; 2184 break;
2185 case SSL_CTRL_SET_TMP_DH_CB: 2185 case SSL_CTRL_SET_TMP_DH_CB:
2186 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 2186 s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
@@ -2210,7 +2210,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2210 return (0); 2210 return (0);
2211 case SSL_CTRL_SET_TMP_RSA: 2211 case SSL_CTRL_SET_TMP_RSA:
2212 case SSL_CTRL_SET_TMP_RSA_CB: 2212 case SSL_CTRL_SET_TMP_RSA_CB:
2213 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2213 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2214 return (0); 2214 return (0);
2215 case SSL_CTRL_SET_TMP_DH: 2215 case SSL_CTRL_SET_TMP_DH:
2216 { 2216 {
@@ -2218,7 +2218,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2218 2218
2219 dh = (DH *)parg; 2219 dh = (DH *)parg;
2220 if ((new = DHparams_dup(dh)) == NULL) { 2220 if ((new = DHparams_dup(dh)) == NULL) {
2221 SSLerror(ERR_R_DH_LIB); 2221 SSLerrorx(ERR_R_DH_LIB);
2222 return 0; 2222 return 0;
2223 } 2223 }
2224 DH_free(cert->dh_tmp); 2224 DH_free(cert->dh_tmp);
@@ -2228,7 +2228,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2228 /*break; */ 2228 /*break; */
2229 2229
2230 case SSL_CTRL_SET_TMP_DH_CB: 2230 case SSL_CTRL_SET_TMP_DH_CB:
2231 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2231 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2232 return (0); 2232 return (0);
2233 2233
2234 case SSL_CTRL_SET_DH_AUTO: 2234 case SSL_CTRL_SET_DH_AUTO:
@@ -2240,18 +2240,18 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2240 EC_KEY *ecdh = NULL; 2240 EC_KEY *ecdh = NULL;
2241 2241
2242 if (parg == NULL) { 2242 if (parg == NULL) {
2243 SSLerror(ERR_R_ECDH_LIB); 2243 SSLerrorx(ERR_R_ECDH_LIB);
2244 return 0; 2244 return 0;
2245 } 2245 }
2246 ecdh = EC_KEY_dup((EC_KEY *)parg); 2246 ecdh = EC_KEY_dup((EC_KEY *)parg);
2247 if (ecdh == NULL) { 2247 if (ecdh == NULL) {
2248 SSLerror(ERR_R_EC_LIB); 2248 SSLerrorx(ERR_R_EC_LIB);
2249 return 0; 2249 return 0;
2250 } 2250 }
2251 if (!(ctx->internal->options & SSL_OP_SINGLE_ECDH_USE)) { 2251 if (!(ctx->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
2252 if (!EC_KEY_generate_key(ecdh)) { 2252 if (!EC_KEY_generate_key(ecdh)) {
2253 EC_KEY_free(ecdh); 2253 EC_KEY_free(ecdh);
2254 SSLerror(ERR_R_ECDH_LIB); 2254 SSLerrorx(ERR_R_ECDH_LIB);
2255 return 0; 2255 return 0;
2256 } 2256 }
2257 } 2257 }
@@ -2263,7 +2263,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2263 /* break; */ 2263 /* break; */
2264 case SSL_CTRL_SET_TMP_ECDH_CB: 2264 case SSL_CTRL_SET_TMP_ECDH_CB:
2265 { 2265 {
2266 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2266 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2267 return (0); 2267 return (0);
2268 } 2268 }
2269 break; 2269 break;
@@ -2277,7 +2277,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2277 if (!keys) 2277 if (!keys)
2278 return 48; 2278 return 48;
2279 if (larg != 48) { 2279 if (larg != 48) {
2280 SSLerror(SSL_R_INVALID_TICKET_KEYS_LENGTH); 2280 SSLerrorx(SSL_R_INVALID_TICKET_KEYS_LENGTH);
2281 return 0; 2281 return 0;
2282 } 2282 }
2283 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) { 2283 if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
@@ -2356,7 +2356,7 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
2356 2356
2357 switch (cmd) { 2357 switch (cmd) {
2358 case SSL_CTRL_SET_TMP_RSA_CB: 2358 case SSL_CTRL_SET_TMP_RSA_CB:
2359 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2359 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2360 return (0); 2360 return (0);
2361 case SSL_CTRL_SET_TMP_DH_CB: 2361 case SSL_CTRL_SET_TMP_DH_CB:
2362 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; 2362 cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index bcd1ddf83c..4014bf6fe6 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_asn1.c,v 1.48 2017/01/26 10:40:21 beck Exp $ */ 1/* $OpenBSD: ssl_asn1.c,v 1.49 2017/02/07 02:08:38 beck Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2016 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2016 Joel Sing <jsing@openbsd.org>
@@ -232,7 +232,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
232 232
233 if (s == NULL) { 233 if (s == NULL) {
234 if ((s = SSL_SESSION_new()) == NULL) { 234 if ((s = SSL_SESSION_new()) == NULL) {
235 SSLerror(ERR_R_MALLOC_FAILURE); 235 SSLerrorx(ERR_R_MALLOC_FAILURE);
236 return (NULL); 236 return (NULL);
237 } 237 }
238 } 238 }
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index 2d79c24c86..14fd121d53 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_both.c,v 1.5 2017/01/29 15:20:18 jsing Exp $ */ 1/* $OpenBSD: ssl_both.c,v 1.6 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -244,7 +244,7 @@ ssl3_get_finished(SSL *s, int a, int b)
244 /* If this occurs, we have missed a message */ 244 /* If this occurs, we have missed a message */
245 if (!S3I(s)->change_cipher_spec) { 245 if (!S3I(s)->change_cipher_spec) {
246 al = SSL_AD_UNEXPECTED_MESSAGE; 246 al = SSL_AD_UNEXPECTED_MESSAGE;
247 SSLerror(SSL_R_GOT_A_FIN_BEFORE_A_CCS); 247 SSLerror(s, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
248 goto f_err; 248 goto f_err;
249 } 249 }
250 S3I(s)->change_cipher_spec = 0; 250 S3I(s)->change_cipher_spec = 0;
@@ -253,7 +253,7 @@ ssl3_get_finished(SSL *s, int a, int b)
253 253
254 if (n < 0) { 254 if (n < 0) {
255 al = SSL_AD_DECODE_ERROR; 255 al = SSL_AD_DECODE_ERROR;
256 SSLerror(SSL_R_BAD_DIGEST_LENGTH); 256 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH);
257 goto f_err; 257 goto f_err;
258 } 258 }
259 259
@@ -262,13 +262,13 @@ ssl3_get_finished(SSL *s, int a, int b)
262 if (S3I(s)->tmp.peer_finish_md_len != md_len || 262 if (S3I(s)->tmp.peer_finish_md_len != md_len ||
263 CBS_len(&cbs) != md_len) { 263 CBS_len(&cbs) != md_len) {
264 al = SSL_AD_DECODE_ERROR; 264 al = SSL_AD_DECODE_ERROR;
265 SSLerror(SSL_R_BAD_DIGEST_LENGTH); 265 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH);
266 goto f_err; 266 goto f_err;
267 } 267 }
268 268
269 if (!CBS_mem_equal(&cbs, S3I(s)->tmp.peer_finish_md, CBS_len(&cbs))) { 269 if (!CBS_mem_equal(&cbs, S3I(s)->tmp.peer_finish_md, CBS_len(&cbs))) {
270 al = SSL_AD_DECRYPT_ERROR; 270 al = SSL_AD_DECRYPT_ERROR;
271 SSLerror(SSL_R_DIGEST_CHECK_FAILED); 271 SSLerror(s, SSL_R_DIGEST_CHECK_FAILED);
272 goto f_err; 272 goto f_err;
273 } 273 }
274 274
@@ -365,7 +365,7 @@ ssl3_output_cert_chain(SSL *s, CBB *cbb, X509 *x)
365 365
366 if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store, 366 if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store,
367 x, NULL)) { 367 x, NULL)) {
368 SSLerror(ERR_R_X509_LIB); 368 SSLerror(s, ERR_R_X509_LIB);
369 goto err; 369 goto err;
370 } 370 }
371 X509_verify_cert(&xs_ctx); 371 X509_verify_cert(&xs_ctx);
@@ -419,7 +419,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
419 S3I(s)->tmp.reuse_message = 0; 419 S3I(s)->tmp.reuse_message = 0;
420 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) { 420 if ((mt >= 0) && (S3I(s)->tmp.message_type != mt)) {
421 al = SSL_AD_UNEXPECTED_MESSAGE; 421 al = SSL_AD_UNEXPECTED_MESSAGE;
422 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 422 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
423 goto f_err; 423 goto f_err;
424 } 424 }
425 *ok = 1; 425 *ok = 1;
@@ -471,25 +471,25 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
471 471
472 if ((mt >= 0) && (*p != mt)) { 472 if ((mt >= 0) && (*p != mt)) {
473 al = SSL_AD_UNEXPECTED_MESSAGE; 473 al = SSL_AD_UNEXPECTED_MESSAGE;
474 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 474 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
475 goto f_err; 475 goto f_err;
476 } 476 }
477 477
478 CBS_init(&cbs, p, 4); 478 CBS_init(&cbs, p, 4);
479 if (!CBS_get_u8(&cbs, &u8) || 479 if (!CBS_get_u8(&cbs, &u8) ||
480 !CBS_get_u24(&cbs, &l)) { 480 !CBS_get_u24(&cbs, &l)) {
481 SSLerror(ERR_R_BUF_LIB); 481 SSLerror(s, ERR_R_BUF_LIB);
482 goto err; 482 goto err;
483 } 483 }
484 S3I(s)->tmp.message_type = u8; 484 S3I(s)->tmp.message_type = u8;
485 485
486 if (l > (unsigned long)max) { 486 if (l > (unsigned long)max) {
487 al = SSL_AD_ILLEGAL_PARAMETER; 487 al = SSL_AD_ILLEGAL_PARAMETER;
488 SSLerror(SSL_R_EXCESSIVE_MESSAGE_SIZE); 488 SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE);
489 goto f_err; 489 goto f_err;
490 } 490 }
491 if (l && !BUF_MEM_grow_clean(s->internal->init_buf, l + 4)) { 491 if (l && !BUF_MEM_grow_clean(s->internal->init_buf, l + 4)) {
492 SSLerror(ERR_R_BUF_LIB); 492 SSLerror(s, ERR_R_BUF_LIB);
493 goto err; 493 goto err;
494 } 494 }
495 S3I(s)->tmp.message_size = l; 495 S3I(s)->tmp.message_size = l;
@@ -679,7 +679,7 @@ ssl3_setup_read_buffer(SSL *s)
679 return 1; 679 return 1;
680 680
681err: 681err:
682 SSLerror(ERR_R_MALLOC_FAILURE); 682 SSLerror(s, ERR_R_MALLOC_FAILURE);
683 return 0; 683 return 0;
684} 684}
685 685
@@ -712,7 +712,7 @@ ssl3_setup_write_buffer(SSL *s)
712 return 1; 712 return 1;
713 713
714err: 714err:
715 SSLerror(ERR_R_MALLOC_FAILURE); 715 SSLerror(s, ERR_R_MALLOC_FAILURE);
716 return 0; 716 return 0;
717} 717}
718 718
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index 73683d4099..83a9f2e92d 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_cert.c,v 1.63 2017/01/29 17:49:23 beck Exp $ */ 1/* $OpenBSD: ssl_cert.c,v 1.64 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -178,7 +178,7 @@ ssl_cert_new(void)
178 178
179 ret = calloc(1, sizeof(CERT)); 179 ret = calloc(1, sizeof(CERT));
180 if (ret == NULL) { 180 if (ret == NULL) {
181 SSLerror(ERR_R_MALLOC_FAILURE); 181 SSLerrorx(ERR_R_MALLOC_FAILURE);
182 return (NULL); 182 return (NULL);
183 } 183 }
184 ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]); 184 ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
@@ -195,7 +195,7 @@ ssl_cert_dup(CERT *cert)
195 195
196 ret = calloc(1, sizeof(CERT)); 196 ret = calloc(1, sizeof(CERT));
197 if (ret == NULL) { 197 if (ret == NULL) {
198 SSLerror(ERR_R_MALLOC_FAILURE); 198 SSLerrorx(ERR_R_MALLOC_FAILURE);
199 return (NULL); 199 return (NULL);
200 } 200 }
201 201
@@ -212,13 +212,13 @@ ssl_cert_dup(CERT *cert)
212 if (cert->dh_tmp != NULL) { 212 if (cert->dh_tmp != NULL) {
213 ret->dh_tmp = DHparams_dup(cert->dh_tmp); 213 ret->dh_tmp = DHparams_dup(cert->dh_tmp);
214 if (ret->dh_tmp == NULL) { 214 if (ret->dh_tmp == NULL) {
215 SSLerror(ERR_R_DH_LIB); 215 SSLerrorx(ERR_R_DH_LIB);
216 goto err; 216 goto err;
217 } 217 }
218 if (cert->dh_tmp->priv_key) { 218 if (cert->dh_tmp->priv_key) {
219 BIGNUM *b = BN_dup(cert->dh_tmp->priv_key); 219 BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
220 if (!b) { 220 if (!b) {
221 SSLerror(ERR_R_BN_LIB); 221 SSLerrorx(ERR_R_BN_LIB);
222 goto err; 222 goto err;
223 } 223 }
224 ret->dh_tmp->priv_key = b; 224 ret->dh_tmp->priv_key = b;
@@ -226,7 +226,7 @@ ssl_cert_dup(CERT *cert)
226 if (cert->dh_tmp->pub_key) { 226 if (cert->dh_tmp->pub_key) {
227 BIGNUM *b = BN_dup(cert->dh_tmp->pub_key); 227 BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
228 if (!b) { 228 if (!b) {
229 SSLerror(ERR_R_BN_LIB); 229 SSLerrorx(ERR_R_BN_LIB);
230 goto err; 230 goto err;
231 } 231 }
232 ret->dh_tmp->pub_key = b; 232 ret->dh_tmp->pub_key = b;
@@ -238,7 +238,7 @@ ssl_cert_dup(CERT *cert)
238 if (cert->ecdh_tmp) { 238 if (cert->ecdh_tmp) {
239 ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp); 239 ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
240 if (ret->ecdh_tmp == NULL) { 240 if (ret->ecdh_tmp == NULL) {
241 SSLerror(ERR_R_EC_LIB); 241 SSLerrorx(ERR_R_EC_LIB);
242 goto err; 242 goto err;
243 } 243 }
244 } 244 }
@@ -284,7 +284,7 @@ ssl_cert_dup(CERT *cert)
284 284
285 default: 285 default:
286 /* Can't happen. */ 286 /* Can't happen. */
287 SSLerror(SSL_R_LIBRARY_BUG); 287 SSLerrorx(SSL_R_LIBRARY_BUG);
288 } 288 }
289 } 289 }
290 } 290 }
@@ -354,12 +354,12 @@ ssl_cert_inst(CERT **o)
354 */ 354 */
355 355
356 if (o == NULL) { 356 if (o == NULL) {
357 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 357 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER);
358 return (0); 358 return (0);
359 } 359 }
360 if (*o == NULL) { 360 if (*o == NULL) {
361 if ((*o = ssl_cert_new()) == NULL) { 361 if ((*o = ssl_cert_new()) == NULL) {
362 SSLerror(ERR_R_MALLOC_FAILURE); 362 SSLerrorx(ERR_R_MALLOC_FAILURE);
363 return (0); 363 return (0);
364 } 364 }
365 } 365 }
@@ -374,7 +374,7 @@ ssl_sess_cert_new(void)
374 374
375 ret = calloc(1, sizeof *ret); 375 ret = calloc(1, sizeof *ret);
376 if (ret == NULL) { 376 if (ret == NULL) {
377 SSLerror(ERR_R_MALLOC_FAILURE); 377 SSLerrorx(ERR_R_MALLOC_FAILURE);
378 return NULL; 378 return NULL;
379 } 379 }
380 ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); 380 ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
@@ -418,7 +418,7 @@ ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
418 418
419 x = sk_X509_value(sk, 0); 419 x = sk_X509_value(sk, 0);
420 if (!X509_STORE_CTX_init(&ctx, s->ctx->cert_store, x, sk)) { 420 if (!X509_STORE_CTX_init(&ctx, s->ctx->cert_store, x, sk)) {
421 SSLerror(ERR_R_X509_LIB); 421 SSLerror(s, ERR_R_X509_LIB);
422 return (0); 422 return (0);
423 } 423 }
424 X509_STORE_CTX_set_ex_data(&ctx, 424 X509_STORE_CTX_set_ex_data(&ctx,
@@ -574,7 +574,7 @@ SSL_load_client_CA_file(const char *file)
574 in = BIO_new(BIO_s_file_internal()); 574 in = BIO_new(BIO_s_file_internal());
575 575
576 if ((sk == NULL) || (in == NULL)) { 576 if ((sk == NULL) || (in == NULL)) {
577 SSLerror(ERR_R_MALLOC_FAILURE); 577 SSLerrorx(ERR_R_MALLOC_FAILURE);
578 goto err; 578 goto err;
579 } 579 }
580 580
@@ -587,7 +587,7 @@ SSL_load_client_CA_file(const char *file)
587 if (ret == NULL) { 587 if (ret == NULL) {
588 ret = sk_X509_NAME_new_null(); 588 ret = sk_X509_NAME_new_null();
589 if (ret == NULL) { 589 if (ret == NULL) {
590 SSLerror(ERR_R_MALLOC_FAILURE); 590 SSLerrorx(ERR_R_MALLOC_FAILURE);
591 goto err; 591 goto err;
592 } 592 }
593 } 593 }
@@ -642,7 +642,7 @@ SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
642 in = BIO_new(BIO_s_file_internal()); 642 in = BIO_new(BIO_s_file_internal());
643 643
644 if (in == NULL) { 644 if (in == NULL) {
645 SSLerror(ERR_R_MALLOC_FAILURE); 645 SSLerrorx(ERR_R_MALLOC_FAILURE);
646 goto err; 646 goto err;
647 } 647 }
648 648
@@ -711,7 +711,7 @@ SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, const char *dir)
711 if (!ret) { 711 if (!ret) {
712 SYSerror(errno); 712 SYSerror(errno);
713 ERR_asprintf_error_data("opendir ('%s')", dir); 713 ERR_asprintf_error_data("opendir ('%s')", dir);
714 SSLerror(ERR_R_SYS_LIB); 714 SSLerrorx(ERR_R_SYS_LIB);
715 } 715 }
716 return ret; 716 return ret;
717} 717}
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index f167244eb4..9808c7c37f 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_ciph.c,v 1.92 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: ssl_ciph.c,v 1.93 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1072,7 +1072,7 @@ ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
1072 1072
1073 number_uses = calloc((max_strength_bits + 1), sizeof(int)); 1073 number_uses = calloc((max_strength_bits + 1), sizeof(int));
1074 if (!number_uses) { 1074 if (!number_uses) {
1075 SSLerror(ERR_R_MALLOC_FAILURE); 1075 SSLerrorx(ERR_R_MALLOC_FAILURE);
1076 return (0); 1076 return (0);
1077 } 1077 }
1078 1078
@@ -1162,7 +1162,7 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,
1162 * it is no command or separator nor 1162 * it is no command or separator nor
1163 * alphanumeric, so we call this an error. 1163 * alphanumeric, so we call this an error.
1164 */ 1164 */
1165 SSLerror(SSL_R_INVALID_COMMAND); 1165 SSLerrorx(SSL_R_INVALID_COMMAND);
1166 retval = found = 0; 1166 retval = found = 0;
1167 l++; 1167 l++;
1168 break; 1168 break;
@@ -1308,7 +1308,7 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,
1308 if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8)) 1308 if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
1309 ok = ssl_cipher_strength_sort(head_p, tail_p); 1309 ok = ssl_cipher_strength_sort(head_p, tail_p);
1310 else 1310 else
1311 SSLerror(SSL_R_INVALID_COMMAND); 1311 SSLerrorx(SSL_R_INVALID_COMMAND);
1312 if (ok == 0) 1312 if (ok == 0)
1313 retval = 0; 1313 retval = 0;
1314 /* 1314 /*
@@ -1377,7 +1377,7 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1377 num_of_ciphers = ssl_method->num_ciphers(); 1377 num_of_ciphers = ssl_method->num_ciphers();
1378 co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER)); 1378 co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER));
1379 if (co_list == NULL) { 1379 if (co_list == NULL) {
1380 SSLerror(ERR_R_MALLOC_FAILURE); 1380 SSLerrorx(ERR_R_MALLOC_FAILURE);
1381 return(NULL); /* Failure */ 1381 return(NULL); /* Failure */
1382 } 1382 }
1383 1383
@@ -1457,7 +1457,7 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1457 ca_list = reallocarray(NULL, num_of_alias_max, sizeof(SSL_CIPHER *)); 1457 ca_list = reallocarray(NULL, num_of_alias_max, sizeof(SSL_CIPHER *));
1458 if (ca_list == NULL) { 1458 if (ca_list == NULL) {
1459 free(co_list); 1459 free(co_list);
1460 SSLerror(ERR_R_MALLOC_FAILURE); 1460 SSLerrorx(ERR_R_MALLOC_FAILURE);
1461 return(NULL); /* Failure */ 1461 return(NULL); /* Failure */
1462 } 1462 }
1463 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, 1463 ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 6f2edf5d90..7f4d6582da 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.4 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.5 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -211,7 +211,7 @@ ssl3_connect(SSL *s)
211 cb(s, SSL_CB_HANDSHAKE_START, 1); 211 cb(s, SSL_CB_HANDSHAKE_START, 1);
212 212
213 if ((s->version & 0xff00 ) != 0x0300) { 213 if ((s->version & 0xff00 ) != 0x0300) {
214 SSLerror(ERR_R_INTERNAL_ERROR); 214 SSLerror(s, ERR_R_INTERNAL_ERROR);
215 ret = -1; 215 ret = -1;
216 goto end; 216 goto end;
217 } 217 }
@@ -550,7 +550,7 @@ ssl3_connect(SSL *s)
550 /* break; */ 550 /* break; */
551 551
552 default: 552 default:
553 SSLerror(SSL_R_UNKNOWN_STATE); 553 SSLerror(s, SSL_R_UNKNOWN_STATE);
554 ret = -1; 554 ret = -1;
555 goto end; 555 goto end;
556 /* break; */ 556 /* break; */
@@ -595,7 +595,7 @@ ssl3_client_hello(SSL *s)
595 SSL_SESSION *sess = s->session; 595 SSL_SESSION *sess = s->session;
596 596
597 if (ssl_supported_version_range(s, NULL, &max_version) != 1) { 597 if (ssl_supported_version_range(s, NULL, &max_version) != 1) {
598 SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE); 598 SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
599 return (-1); 599 return (-1);
600 } 600 }
601 s->client_version = s->version = max_version; 601 s->client_version = s->version = max_version;
@@ -665,7 +665,7 @@ ssl3_client_hello(SSL *s)
665 *(p++) = i; 665 *(p++) = i;
666 if (i != 0) { 666 if (i != 0) {
667 if (i > (int)sizeof(s->session->session_id)) { 667 if (i > (int)sizeof(s->session->session_id)) {
668 SSLerror(ERR_R_INTERNAL_ERROR); 668 SSLerror(s, ERR_R_INTERNAL_ERROR);
669 goto err; 669 goto err;
670 } 670 }
671 memcpy(p, s->session->session_id, i); 671 memcpy(p, s->session->session_id, i);
@@ -675,7 +675,7 @@ ssl3_client_hello(SSL *s)
675 /* DTLS Cookie. */ 675 /* DTLS Cookie. */
676 if (SSL_IS_DTLS(s)) { 676 if (SSL_IS_DTLS(s)) {
677 if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) { 677 if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) {
678 SSLerror(ERR_R_INTERNAL_ERROR); 678 SSLerror(s, ERR_R_INTERNAL_ERROR);
679 goto err; 679 goto err;
680 } 680 }
681 *(p++) = D1I(s)->cookie_len; 681 *(p++) = D1I(s)->cookie_len;
@@ -688,7 +688,7 @@ ssl3_client_hello(SSL *s)
688 bufend - &p[2], &outlen)) 688 bufend - &p[2], &outlen))
689 goto err; 689 goto err;
690 if (outlen == 0) { 690 if (outlen == 0) {
691 SSLerror(SSL_R_NO_CIPHERS_AVAILABLE); 691 SSLerror(s, SSL_R_NO_CIPHERS_AVAILABLE);
692 goto err; 692 goto err;
693 } 693 }
694 s2n(outlen, p); 694 s2n(outlen, p);
@@ -700,7 +700,7 @@ ssl3_client_hello(SSL *s)
700 700
701 /* TLS extensions*/ 701 /* TLS extensions*/
702 if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) { 702 if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
703 SSLerror(ERR_R_INTERNAL_ERROR); 703 SSLerror(s, ERR_R_INTERNAL_ERROR);
704 goto err; 704 goto err;
705 } 705 }
706 706
@@ -752,7 +752,7 @@ ssl3_get_server_hello(SSL *s)
752 } else { 752 } else {
753 /* Already sent a cookie. */ 753 /* Already sent a cookie. */
754 al = SSL_AD_UNEXPECTED_MESSAGE; 754 al = SSL_AD_UNEXPECTED_MESSAGE;
755 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 755 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
756 goto f_err; 756 goto f_err;
757 } 757 }
758 } 758 }
@@ -760,7 +760,7 @@ ssl3_get_server_hello(SSL *s)
760 760
761 if (S3I(s)->tmp.message_type != SSL3_MT_SERVER_HELLO) { 761 if (S3I(s)->tmp.message_type != SSL3_MT_SERVER_HELLO) {
762 al = SSL_AD_UNEXPECTED_MESSAGE; 762 al = SSL_AD_UNEXPECTED_MESSAGE;
763 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 763 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
764 goto f_err; 764 goto f_err;
765 } 765 }
766 766
@@ -768,12 +768,12 @@ ssl3_get_server_hello(SSL *s)
768 goto truncated; 768 goto truncated;
769 769
770 if (ssl_supported_version_range(s, &min_version, &max_version) != 1) { 770 if (ssl_supported_version_range(s, &min_version, &max_version) != 1) {
771 SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE); 771 SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
772 goto err; 772 goto err;
773 } 773 }
774 774
775 if (server_version < min_version || server_version > max_version) { 775 if (server_version < min_version || server_version > max_version) {
776 SSLerror(SSL_R_WRONG_SSL_VERSION); 776 SSLerror(s, SSL_R_WRONG_SSL_VERSION);
777 s->version = (s->version & 0xff00) | (server_version & 0xff); 777 s->version = (s->version & 0xff00) | (server_version & 0xff);
778 al = SSL_AD_PROTOCOL_VERSION; 778 al = SSL_AD_PROTOCOL_VERSION;
779 goto f_err; 779 goto f_err;
@@ -783,7 +783,7 @@ ssl3_get_server_hello(SSL *s)
783 if ((method = tls1_get_client_method(server_version)) == NULL) 783 if ((method = tls1_get_client_method(server_version)) == NULL)
784 method = dtls1_get_client_method(server_version); 784 method = dtls1_get_client_method(server_version);
785 if (method == NULL) { 785 if (method == NULL) {
786 SSLerror(ERR_R_INTERNAL_ERROR); 786 SSLerror(s, ERR_R_INTERNAL_ERROR);
787 goto err; 787 goto err;
788 } 788 }
789 s->method = method; 789 s->method = method;
@@ -802,7 +802,7 @@ ssl3_get_server_hello(SSL *s)
802 if ((CBS_len(&session_id) > sizeof(s->session->session_id)) || 802 if ((CBS_len(&session_id) > sizeof(s->session->session_id)) ||
803 (CBS_len(&session_id) > SSL3_SESSION_ID_SIZE)) { 803 (CBS_len(&session_id) > SSL3_SESSION_ID_SIZE)) {
804 al = SSL_AD_ILLEGAL_PARAMETER; 804 al = SSL_AD_ILLEGAL_PARAMETER;
805 SSLerror(SSL_R_SSL3_SESSION_ID_TOO_LONG); 805 SSLerror(s, SSL_R_SSL3_SESSION_ID_TOO_LONG);
806 goto f_err; 806 goto f_err;
807 } 807 }
808 808
@@ -834,7 +834,7 @@ ssl3_get_server_hello(SSL *s)
834 s->sid_ctx, s->sid_ctx_length) != 0) { 834 s->sid_ctx, s->sid_ctx_length) != 0) {
835 /* actually a client application bug */ 835 /* actually a client application bug */
836 al = SSL_AD_ILLEGAL_PARAMETER; 836 al = SSL_AD_ILLEGAL_PARAMETER;
837 SSLerror(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); 837 SSLerror(s, SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
838 goto f_err; 838 goto f_err;
839 } 839 }
840 s->s3->flags |= SSL3_FLAGS_CCS_OK; 840 s->s3->flags |= SSL3_FLAGS_CCS_OK;
@@ -866,7 +866,7 @@ ssl3_get_server_hello(SSL *s)
866 866
867 if ((cipher = ssl3_get_cipher_by_value(cipher_suite)) == NULL) { 867 if ((cipher = ssl3_get_cipher_by_value(cipher_suite)) == NULL) {
868 al = SSL_AD_ILLEGAL_PARAMETER; 868 al = SSL_AD_ILLEGAL_PARAMETER;
869 SSLerror(SSL_R_UNKNOWN_CIPHER_RETURNED); 869 SSLerror(s, SSL_R_UNKNOWN_CIPHER_RETURNED);
870 goto f_err; 870 goto f_err;
871 } 871 }
872 872
@@ -874,7 +874,7 @@ ssl3_get_server_hello(SSL *s)
874 if ((cipher->algorithm_ssl & SSL_TLSV1_2) && 874 if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
875 (TLS1_get_version(s) < TLS1_2_VERSION)) { 875 (TLS1_get_version(s) < TLS1_2_VERSION)) {
876 al = SSL_AD_ILLEGAL_PARAMETER; 876 al = SSL_AD_ILLEGAL_PARAMETER;
877 SSLerror(SSL_R_WRONG_CIPHER_RETURNED); 877 SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
878 goto f_err; 878 goto f_err;
879 } 879 }
880 880
@@ -883,7 +883,7 @@ ssl3_get_server_hello(SSL *s)
883 if (i < 0) { 883 if (i < 0) {
884 /* we did not say we would use this cipher */ 884 /* we did not say we would use this cipher */
885 al = SSL_AD_ILLEGAL_PARAMETER; 885 al = SSL_AD_ILLEGAL_PARAMETER;
886 SSLerror(SSL_R_WRONG_CIPHER_RETURNED); 886 SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
887 goto f_err; 887 goto f_err;
888 } 888 }
889 889
@@ -896,7 +896,7 @@ ssl3_get_server_hello(SSL *s)
896 s->session->cipher_id = s->session->cipher->id; 896 s->session->cipher_id = s->session->cipher->id;
897 if (s->internal->hit && (s->session->cipher_id != cipher->id)) { 897 if (s->internal->hit && (s->session->cipher_id != cipher->id)) {
898 al = SSL_AD_ILLEGAL_PARAMETER; 898 al = SSL_AD_ILLEGAL_PARAMETER;
899 SSLerror(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); 899 SSLerror(s, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
900 goto f_err; 900 goto f_err;
901 } 901 }
902 S3I(s)->tmp.new_cipher = cipher; 902 S3I(s)->tmp.new_cipher = cipher;
@@ -917,7 +917,7 @@ ssl3_get_server_hello(SSL *s)
917 917
918 if (compression_method != 0) { 918 if (compression_method != 0) {
919 al = SSL_AD_ILLEGAL_PARAMETER; 919 al = SSL_AD_ILLEGAL_PARAMETER;
920 SSLerror(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); 920 SSLerror(s, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
921 goto f_err; 921 goto f_err;
922 } 922 }
923 923
@@ -925,11 +925,11 @@ ssl3_get_server_hello(SSL *s)
925 p = (unsigned char *)CBS_data(&cbs); 925 p = (unsigned char *)CBS_data(&cbs);
926 if (!ssl_parse_serverhello_tlsext(s, &p, CBS_len(&cbs), &al)) { 926 if (!ssl_parse_serverhello_tlsext(s, &p, CBS_len(&cbs), &al)) {
927 /* 'al' set by ssl_parse_serverhello_tlsext */ 927 /* 'al' set by ssl_parse_serverhello_tlsext */
928 SSLerror(SSL_R_PARSE_TLSEXT); 928 SSLerror(s, SSL_R_PARSE_TLSEXT);
929 goto f_err; 929 goto f_err;
930 } 930 }
931 if (ssl_check_serverhello_tlsext(s) <= 0) { 931 if (ssl_check_serverhello_tlsext(s) <= 0) {
932 SSLerror(SSL_R_SERVERHELLO_TLSEXT); 932 SSLerror(s, SSL_R_SERVERHELLO_TLSEXT);
933 goto err; 933 goto err;
934 } 934 }
935 935
@@ -942,7 +942,7 @@ ssl3_get_server_hello(SSL *s)
942truncated: 942truncated:
943 /* wrong packet length */ 943 /* wrong packet length */
944 al = SSL_AD_DECODE_ERROR; 944 al = SSL_AD_DECODE_ERROR;
945 SSLerror(SSL_R_BAD_PACKET_LENGTH); 945 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
946f_err: 946f_err:
947 ssl3_send_alert(s, SSL3_AL_FATAL, al); 947 ssl3_send_alert(s, SSL3_AL_FATAL, al);
948err: 948err:
@@ -974,13 +974,13 @@ ssl3_get_server_certificate(SSL *s)
974 974
975 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { 975 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) {
976 al = SSL_AD_UNEXPECTED_MESSAGE; 976 al = SSL_AD_UNEXPECTED_MESSAGE;
977 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 977 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
978 goto f_err; 978 goto f_err;
979 } 979 }
980 980
981 981
982 if ((sk = sk_X509_new_null()) == NULL) { 982 if ((sk = sk_X509_new_null()) == NULL) {
983 SSLerror(ERR_R_MALLOC_FAILURE); 983 SSLerror(s, ERR_R_MALLOC_FAILURE);
984 goto err; 984 goto err;
985 } 985 }
986 986
@@ -994,7 +994,7 @@ ssl3_get_server_certificate(SSL *s)
994 if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) || 994 if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) ||
995 CBS_len(&cbs) != 0) { 995 CBS_len(&cbs) != 0) {
996 al = SSL_AD_DECODE_ERROR; 996 al = SSL_AD_DECODE_ERROR;
997 SSLerror(SSL_R_LENGTH_MISMATCH); 997 SSLerror(s, SSL_R_LENGTH_MISMATCH);
998 goto f_err; 998 goto f_err;
999 } 999 }
1000 1000
@@ -1005,7 +1005,7 @@ ssl3_get_server_certificate(SSL *s)
1005 goto truncated; 1005 goto truncated;
1006 if (!CBS_get_u24_length_prefixed(&cert_list, &cert)) { 1006 if (!CBS_get_u24_length_prefixed(&cert_list, &cert)) {
1007 al = SSL_AD_DECODE_ERROR; 1007 al = SSL_AD_DECODE_ERROR;
1008 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 1008 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
1009 goto f_err; 1009 goto f_err;
1010 } 1010 }
1011 1011
@@ -1013,16 +1013,16 @@ ssl3_get_server_certificate(SSL *s)
1013 x = d2i_X509(NULL, &q, CBS_len(&cert)); 1013 x = d2i_X509(NULL, &q, CBS_len(&cert));
1014 if (x == NULL) { 1014 if (x == NULL) {
1015 al = SSL_AD_BAD_CERTIFICATE; 1015 al = SSL_AD_BAD_CERTIFICATE;
1016 SSLerror(ERR_R_ASN1_LIB); 1016 SSLerror(s, ERR_R_ASN1_LIB);
1017 goto f_err; 1017 goto f_err;
1018 } 1018 }
1019 if (q != CBS_data(&cert) + CBS_len(&cert)) { 1019 if (q != CBS_data(&cert) + CBS_len(&cert)) {
1020 al = SSL_AD_DECODE_ERROR; 1020 al = SSL_AD_DECODE_ERROR;
1021 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 1021 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
1022 goto f_err; 1022 goto f_err;
1023 } 1023 }
1024 if (!sk_X509_push(sk, x)) { 1024 if (!sk_X509_push(sk, x)) {
1025 SSLerror(ERR_R_MALLOC_FAILURE); 1025 SSLerror(s, ERR_R_MALLOC_FAILURE);
1026 goto err; 1026 goto err;
1027 } 1027 }
1028 x = NULL; 1028 x = NULL;
@@ -1031,7 +1031,7 @@ ssl3_get_server_certificate(SSL *s)
1031 i = ssl_verify_cert_chain(s, sk); 1031 i = ssl_verify_cert_chain(s, sk);
1032 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) { 1032 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1033 al = ssl_verify_alarm_type(s->verify_result); 1033 al = ssl_verify_alarm_type(s->verify_result);
1034 SSLerror(SSL_R_CERTIFICATE_VERIFY_FAILED); 1034 SSLerror(s, SSL_R_CERTIFICATE_VERIFY_FAILED);
1035 goto f_err; 1035 goto f_err;
1036 1036
1037 } 1037 }
@@ -1057,7 +1057,7 @@ ssl3_get_server_certificate(SSL *s)
1057 if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) { 1057 if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) {
1058 x = NULL; 1058 x = NULL;
1059 al = SSL3_AL_FATAL; 1059 al = SSL3_AL_FATAL;
1060 SSLerror(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); 1060 SSLerror(s, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
1061 goto f_err; 1061 goto f_err;
1062 } 1062 }
1063 1063
@@ -1065,7 +1065,7 @@ ssl3_get_server_certificate(SSL *s)
1065 if (i < 0) { 1065 if (i < 0) {
1066 x = NULL; 1066 x = NULL;
1067 al = SSL3_AL_FATAL; 1067 al = SSL3_AL_FATAL;
1068 SSLerror(SSL_R_UNKNOWN_CERTIFICATE_TYPE); 1068 SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
1069 goto f_err; 1069 goto f_err;
1070 } 1070 }
1071 1071
@@ -1091,7 +1091,7 @@ ssl3_get_server_certificate(SSL *s)
1091truncated: 1091truncated:
1092 /* wrong packet length */ 1092 /* wrong packet length */
1093 al = SSL_AD_DECODE_ERROR; 1093 al = SSL_AD_DECODE_ERROR;
1094 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1094 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1095f_err: 1095f_err:
1096 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1096 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1097 } 1097 }
@@ -1122,21 +1122,21 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1122 CBS_init(&cbs, *pp, *nn); 1122 CBS_init(&cbs, *pp, *nn);
1123 1123
1124 if ((dh = DH_new()) == NULL) { 1124 if ((dh = DH_new()) == NULL) {
1125 SSLerror(ERR_R_DH_LIB); 1125 SSLerror(s, ERR_R_DH_LIB);
1126 goto err; 1126 goto err;
1127 } 1127 }
1128 1128
1129 if (!CBS_get_u16_length_prefixed(&cbs, &dhp)) 1129 if (!CBS_get_u16_length_prefixed(&cbs, &dhp))
1130 goto truncated; 1130 goto truncated;
1131 if ((dh->p = BN_bin2bn(CBS_data(&dhp), CBS_len(&dhp), NULL)) == NULL) { 1131 if ((dh->p = BN_bin2bn(CBS_data(&dhp), CBS_len(&dhp), NULL)) == NULL) {
1132 SSLerror(ERR_R_BN_LIB); 1132 SSLerror(s, ERR_R_BN_LIB);
1133 goto err; 1133 goto err;
1134 } 1134 }
1135 1135
1136 if (!CBS_get_u16_length_prefixed(&cbs, &dhg)) 1136 if (!CBS_get_u16_length_prefixed(&cbs, &dhg))
1137 goto truncated; 1137 goto truncated;
1138 if ((dh->g = BN_bin2bn(CBS_data(&dhg), CBS_len(&dhg), NULL)) == NULL) { 1138 if ((dh->g = BN_bin2bn(CBS_data(&dhg), CBS_len(&dhg), NULL)) == NULL) {
1139 SSLerror(ERR_R_BN_LIB); 1139 SSLerror(s, ERR_R_BN_LIB);
1140 goto err; 1140 goto err;
1141 } 1141 }
1142 1142
@@ -1144,7 +1144,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1144 goto truncated; 1144 goto truncated;
1145 if ((dh->pub_key = BN_bin2bn(CBS_data(&dhpk), CBS_len(&dhpk), 1145 if ((dh->pub_key = BN_bin2bn(CBS_data(&dhpk), CBS_len(&dhpk),
1146 NULL)) == NULL) { 1146 NULL)) == NULL) {
1147 SSLerror(ERR_R_BN_LIB); 1147 SSLerror(s, ERR_R_BN_LIB);
1148 goto err; 1148 goto err;
1149 } 1149 }
1150 1150
@@ -1153,7 +1153,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1153 * Discard keys weaker than 1024 bits. 1153 * Discard keys weaker than 1024 bits.
1154 */ 1154 */
1155 if (DH_size(dh) < 1024 / 8) { 1155 if (DH_size(dh) < 1024 / 8) {
1156 SSLerror(SSL_R_BAD_DH_P_LENGTH); 1156 SSLerror(s, SSL_R_BAD_DH_P_LENGTH);
1157 goto err; 1157 goto err;
1158 } 1158 }
1159 1159
@@ -1174,7 +1174,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1174 1174
1175 truncated: 1175 truncated:
1176 al = SSL_AD_DECODE_ERROR; 1176 al = SSL_AD_DECODE_ERROR;
1177 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1177 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1178 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1178 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1179 1179
1180 err: 1180 err:
@@ -1199,16 +1199,16 @@ ssl3_get_server_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1199 */ 1199 */
1200 1200
1201 if ((ecdh = EC_KEY_new()) == NULL) { 1201 if ((ecdh = EC_KEY_new()) == NULL) {
1202 SSLerror(ERR_R_MALLOC_FAILURE); 1202 SSLerror(s, ERR_R_MALLOC_FAILURE);
1203 goto err; 1203 goto err;
1204 } 1204 }
1205 1205
1206 if ((ngroup = EC_GROUP_new_by_curve_name(nid)) == NULL) { 1206 if ((ngroup = EC_GROUP_new_by_curve_name(nid)) == NULL) {
1207 SSLerror(ERR_R_EC_LIB); 1207 SSLerror(s, ERR_R_EC_LIB);
1208 goto err; 1208 goto err;
1209 } 1209 }
1210 if (EC_KEY_set_group(ecdh, ngroup) == 0) { 1210 if (EC_KEY_set_group(ecdh, ngroup) == 0) {
1211 SSLerror(ERR_R_EC_LIB); 1211 SSLerror(s, ERR_R_EC_LIB);
1212 goto err; 1212 goto err;
1213 } 1213 }
1214 1214
@@ -1216,13 +1216,13 @@ ssl3_get_server_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1216 1216
1217 if ((point = EC_POINT_new(group)) == NULL || 1217 if ((point = EC_POINT_new(group)) == NULL ||
1218 (bn_ctx = BN_CTX_new()) == NULL) { 1218 (bn_ctx = BN_CTX_new()) == NULL) {
1219 SSLerror(ERR_R_MALLOC_FAILURE); 1219 SSLerror(s, ERR_R_MALLOC_FAILURE);
1220 goto err; 1220 goto err;
1221 } 1221 }
1222 1222
1223 if (EC_POINT_oct2point(group, point, CBS_data(public), 1223 if (EC_POINT_oct2point(group, point, CBS_data(public),
1224 CBS_len(public), bn_ctx) == 0) { 1224 CBS_len(public), bn_ctx) == 0) {
1225 SSLerror(SSL_R_BAD_ECPOINT); 1225 SSLerror(s, SSL_R_BAD_ECPOINT);
1226 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1226 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1227 goto err; 1227 goto err;
1228 } 1228 }
@@ -1248,18 +1248,18 @@ ssl3_get_server_kex_ecdhe_ecx(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1248 size_t outlen; 1248 size_t outlen;
1249 1249
1250 if (nid != NID_X25519) { 1250 if (nid != NID_X25519) {
1251 SSLerror(ERR_R_INTERNAL_ERROR); 1251 SSLerror(s, ERR_R_INTERNAL_ERROR);
1252 goto err; 1252 goto err;
1253 } 1253 }
1254 1254
1255 if (CBS_len(public) != X25519_KEY_LENGTH) { 1255 if (CBS_len(public) != X25519_KEY_LENGTH) {
1256 SSLerror(SSL_R_BAD_ECPOINT); 1256 SSLerror(s, SSL_R_BAD_ECPOINT);
1257 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1257 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1258 goto err; 1258 goto err;
1259 } 1259 }
1260 1260
1261 if (!CBS_stow(public, &sc->peer_x25519_tmp, &outlen)) { 1261 if (!CBS_stow(public, &sc->peer_x25519_tmp, &outlen)) {
1262 SSLerror(ERR_R_MALLOC_FAILURE); 1262 SSLerror(s, ERR_R_MALLOC_FAILURE);
1263 goto err; 1263 goto err;
1264 } 1264 }
1265 1265
@@ -1293,7 +1293,7 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1293 curve_type != NAMED_CURVE_TYPE || 1293 curve_type != NAMED_CURVE_TYPE ||
1294 !CBS_get_u16(&cbs, &curve_id)) { 1294 !CBS_get_u16(&cbs, &curve_id)) {
1295 al = SSL_AD_DECODE_ERROR; 1295 al = SSL_AD_DECODE_ERROR;
1296 SSLerror(SSL_R_LENGTH_TOO_SHORT); 1296 SSLerror(s, SSL_R_LENGTH_TOO_SHORT);
1297 goto f_err; 1297 goto f_err;
1298 } 1298 }
1299 1299
@@ -1303,13 +1303,13 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1303 */ 1303 */
1304 if (tls1_check_curve(s, curve_id) != 1) { 1304 if (tls1_check_curve(s, curve_id) != 1) {
1305 al = SSL_AD_DECODE_ERROR; 1305 al = SSL_AD_DECODE_ERROR;
1306 SSLerror(SSL_R_WRONG_CURVE); 1306 SSLerror(s, SSL_R_WRONG_CURVE);
1307 goto f_err; 1307 goto f_err;
1308 } 1308 }
1309 1309
1310 if ((nid = tls1_ec_curve_id2nid(curve_id)) == 0) { 1310 if ((nid = tls1_ec_curve_id2nid(curve_id)) == 0) {
1311 al = SSL_AD_INTERNAL_ERROR; 1311 al = SSL_AD_INTERNAL_ERROR;
1312 SSLerror(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); 1312 SSLerror(s, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
1313 goto f_err; 1313 goto f_err;
1314 } 1314 }
1315 1315
@@ -1344,7 +1344,7 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1344 1344
1345 truncated: 1345 truncated:
1346 al = SSL_AD_DECODE_ERROR; 1346 al = SSL_AD_DECODE_ERROR;
1347 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1347 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1348 1348
1349 f_err: 1349 f_err:
1350 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1350 ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1385,7 +1385,7 @@ ssl3_get_server_key_exchange(SSL *s)
1385 * ephemeral keys. 1385 * ephemeral keys.
1386 */ 1386 */
1387 if (alg_k & (SSL_kDHE|SSL_kECDHE)) { 1387 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
1388 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 1388 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
1389 al = SSL_AD_UNEXPECTED_MESSAGE; 1389 al = SSL_AD_UNEXPECTED_MESSAGE;
1390 goto f_err; 1390 goto f_err;
1391 } 1391 }
@@ -1421,7 +1421,7 @@ ssl3_get_server_key_exchange(SSL *s)
1421 goto err; 1421 goto err;
1422 } else if (alg_k != 0) { 1422 } else if (alg_k != 0) {
1423 al = SSL_AD_UNEXPECTED_MESSAGE; 1423 al = SSL_AD_UNEXPECTED_MESSAGE;
1424 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 1424 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
1425 goto f_err; 1425 goto f_err;
1426 } 1426 }
1427 1427
@@ -1433,7 +1433,7 @@ ssl3_get_server_key_exchange(SSL *s)
1433 int sigalg = tls12_get_sigid(pkey); 1433 int sigalg = tls12_get_sigid(pkey);
1434 /* Should never happen */ 1434 /* Should never happen */
1435 if (sigalg == -1) { 1435 if (sigalg == -1) {
1436 SSLerror(ERR_R_INTERNAL_ERROR); 1436 SSLerror(s, ERR_R_INTERNAL_ERROR);
1437 goto err; 1437 goto err;
1438 } 1438 }
1439 /* 1439 /*
@@ -1443,13 +1443,13 @@ ssl3_get_server_key_exchange(SSL *s)
1443 if (2 > n) 1443 if (2 > n)
1444 goto truncated; 1444 goto truncated;
1445 if (sigalg != (int)p[1]) { 1445 if (sigalg != (int)p[1]) {
1446 SSLerror(SSL_R_WRONG_SIGNATURE_TYPE); 1446 SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
1447 al = SSL_AD_DECODE_ERROR; 1447 al = SSL_AD_DECODE_ERROR;
1448 goto f_err; 1448 goto f_err;
1449 } 1449 }
1450 md = tls12_get_hash(p[0]); 1450 md = tls12_get_hash(p[0]);
1451 if (md == NULL) { 1451 if (md == NULL) {
1452 SSLerror(SSL_R_UNKNOWN_DIGEST); 1452 SSLerror(s, SSL_R_UNKNOWN_DIGEST);
1453 al = SSL_AD_DECODE_ERROR; 1453 al = SSL_AD_DECODE_ERROR;
1454 goto f_err; 1454 goto f_err;
1455 } 1455 }
@@ -1467,7 +1467,7 @@ ssl3_get_server_key_exchange(SSL *s)
1467 if (i != n || n > j) { 1467 if (i != n || n > j) {
1468 /* wrong packet length */ 1468 /* wrong packet length */
1469 al = SSL_AD_DECODE_ERROR; 1469 al = SSL_AD_DECODE_ERROR;
1470 SSLerror(SSL_R_WRONG_SIGNATURE_LENGTH); 1470 SSLerror(s, SSL_R_WRONG_SIGNATURE_LENGTH);
1471 goto f_err; 1471 goto f_err;
1472 } 1472 }
1473 1473
@@ -1499,13 +1499,13 @@ ssl3_get_server_key_exchange(SSL *s)
1499 p, n, pkey->pkey.rsa); 1499 p, n, pkey->pkey.rsa);
1500 if (i < 0) { 1500 if (i < 0) {
1501 al = SSL_AD_DECRYPT_ERROR; 1501 al = SSL_AD_DECRYPT_ERROR;
1502 SSLerror(SSL_R_BAD_RSA_DECRYPT); 1502 SSLerror(s, SSL_R_BAD_RSA_DECRYPT);
1503 goto f_err; 1503 goto f_err;
1504 } 1504 }
1505 if (i == 0) { 1505 if (i == 0) {
1506 /* bad signature */ 1506 /* bad signature */
1507 al = SSL_AD_DECRYPT_ERROR; 1507 al = SSL_AD_DECRYPT_ERROR;
1508 SSLerror(SSL_R_BAD_SIGNATURE); 1508 SSLerror(s, SSL_R_BAD_SIGNATURE);
1509 goto f_err; 1509 goto f_err;
1510 } 1510 }
1511 } else { 1511 } else {
@@ -1518,20 +1518,20 @@ ssl3_get_server_key_exchange(SSL *s)
1518 if (EVP_VerifyFinal(&md_ctx, p,(int)n, pkey) <= 0) { 1518 if (EVP_VerifyFinal(&md_ctx, p,(int)n, pkey) <= 0) {
1519 /* bad signature */ 1519 /* bad signature */
1520 al = SSL_AD_DECRYPT_ERROR; 1520 al = SSL_AD_DECRYPT_ERROR;
1521 SSLerror(SSL_R_BAD_SIGNATURE); 1521 SSLerror(s, SSL_R_BAD_SIGNATURE);
1522 goto f_err; 1522 goto f_err;
1523 } 1523 }
1524 } 1524 }
1525 } else { 1525 } else {
1526 /* aNULL does not need public keys. */ 1526 /* aNULL does not need public keys. */
1527 if (!(alg_a & SSL_aNULL)) { 1527 if (!(alg_a & SSL_aNULL)) {
1528 SSLerror(ERR_R_INTERNAL_ERROR); 1528 SSLerror(s, ERR_R_INTERNAL_ERROR);
1529 goto err; 1529 goto err;
1530 } 1530 }
1531 /* still data left over */ 1531 /* still data left over */
1532 if (n != 0) { 1532 if (n != 0) {
1533 al = SSL_AD_DECODE_ERROR; 1533 al = SSL_AD_DECODE_ERROR;
1534 SSLerror(SSL_R_EXTRA_DATA_IN_MESSAGE); 1534 SSLerror(s, SSL_R_EXTRA_DATA_IN_MESSAGE);
1535 goto f_err; 1535 goto f_err;
1536 } 1536 }
1537 } 1537 }
@@ -1544,7 +1544,7 @@ ssl3_get_server_key_exchange(SSL *s)
1544 truncated: 1544 truncated:
1545 /* wrong packet length */ 1545 /* wrong packet length */
1546 al = SSL_AD_DECODE_ERROR; 1546 al = SSL_AD_DECODE_ERROR;
1547 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1547 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1548 1548
1549 f_err: 1549 f_err:
1550 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1550 ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1591,14 +1591,14 @@ ssl3_get_certificate_request(SSL *s)
1591 1591
1592 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) { 1592 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
1593 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); 1593 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1594 SSLerror(SSL_R_WRONG_MESSAGE_TYPE); 1594 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE);
1595 goto err; 1595 goto err;
1596 } 1596 }
1597 1597
1598 /* TLS does not like anon-DH with client cert */ 1598 /* TLS does not like anon-DH with client cert */
1599 if (S3I(s)->tmp.new_cipher->algorithm_auth & SSL_aNULL) { 1599 if (S3I(s)->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
1600 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); 1600 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1601 SSLerror(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); 1601 SSLerror(s, SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
1602 goto err; 1602 goto err;
1603 } 1603 }
1604 1604
@@ -1607,7 +1607,7 @@ ssl3_get_certificate_request(SSL *s)
1607 CBS_init(&cert_request, s->internal->init_msg, n); 1607 CBS_init(&cert_request, s->internal->init_msg, n);
1608 1608
1609 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) { 1609 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
1610 SSLerror(ERR_R_MALLOC_FAILURE); 1610 SSLerror(s, ERR_R_MALLOC_FAILURE);
1611 goto err; 1611 goto err;
1612 } 1612 }
1613 1613
@@ -1620,7 +1620,7 @@ ssl3_get_certificate_request(SSL *s)
1620 if (!CBS_get_bytes(&cert_request, &ctypes, ctype_num) || 1620 if (!CBS_get_bytes(&cert_request, &ctypes, ctype_num) ||
1621 !CBS_write_bytes(&ctypes, (uint8_t *)S3I(s)->tmp.ctype, 1621 !CBS_write_bytes(&ctypes, (uint8_t *)S3I(s)->tmp.ctype,
1622 sizeof(S3I(s)->tmp.ctype), NULL)) { 1622 sizeof(S3I(s)->tmp.ctype), NULL)) {
1623 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1623 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1624 goto err; 1624 goto err;
1625 } 1625 }
1626 1626
@@ -1628,7 +1628,7 @@ ssl3_get_certificate_request(SSL *s)
1628 CBS sigalgs; 1628 CBS sigalgs;
1629 1629
1630 if (CBS_len(&cert_request) < 2) { 1630 if (CBS_len(&cert_request) < 2) {
1631 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1631 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1632 goto err; 1632 goto err;
1633 } 1633 }
1634 1634
@@ -1637,28 +1637,28 @@ ssl3_get_certificate_request(SSL *s)
1637 */ 1637 */
1638 if (!CBS_get_u16_length_prefixed(&cert_request, &sigalgs)) { 1638 if (!CBS_get_u16_length_prefixed(&cert_request, &sigalgs)) {
1639 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1639 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1640 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1640 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1641 goto err; 1641 goto err;
1642 } 1642 }
1643 if ((CBS_len(&sigalgs) & 1) || 1643 if ((CBS_len(&sigalgs) & 1) ||
1644 !tls1_process_sigalgs(s, CBS_data(&sigalgs), 1644 !tls1_process_sigalgs(s, CBS_data(&sigalgs),
1645 CBS_len(&sigalgs))) { 1645 CBS_len(&sigalgs))) {
1646 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1646 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1647 SSLerror(SSL_R_SIGNATURE_ALGORITHMS_ERROR); 1647 SSLerror(s, SSL_R_SIGNATURE_ALGORITHMS_ERROR);
1648 goto err; 1648 goto err;
1649 } 1649 }
1650 } 1650 }
1651 1651
1652 /* get the CA RDNs */ 1652 /* get the CA RDNs */
1653 if (CBS_len(&cert_request) < 2) { 1653 if (CBS_len(&cert_request) < 2) {
1654 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1654 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1655 goto err; 1655 goto err;
1656 } 1656 }
1657 1657
1658 if (!CBS_get_u16_length_prefixed(&cert_request, &rdn_list) || 1658 if (!CBS_get_u16_length_prefixed(&cert_request, &rdn_list) ||
1659 CBS_len(&cert_request) != 0) { 1659 CBS_len(&cert_request) != 0) {
1660 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1660 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1661 SSLerror(SSL_R_LENGTH_MISMATCH); 1661 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1662 goto err; 1662 goto err;
1663 } 1663 }
1664 1664
@@ -1666,13 +1666,13 @@ ssl3_get_certificate_request(SSL *s)
1666 CBS rdn; 1666 CBS rdn;
1667 1667
1668 if (CBS_len(&rdn_list) < 2) { 1668 if (CBS_len(&rdn_list) < 2) {
1669 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1669 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1670 goto err; 1670 goto err;
1671 } 1671 }
1672 1672
1673 if (!CBS_get_u16_length_prefixed(&rdn_list, &rdn)) { 1673 if (!CBS_get_u16_length_prefixed(&rdn_list, &rdn)) {
1674 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1674 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1675 SSLerror(SSL_R_CA_DN_TOO_LONG); 1675 SSLerror(s, SSL_R_CA_DN_TOO_LONG);
1676 goto err; 1676 goto err;
1677 } 1677 }
1678 1678
@@ -1680,17 +1680,17 @@ ssl3_get_certificate_request(SSL *s)
1680 if ((xn = d2i_X509_NAME(NULL, &q, CBS_len(&rdn))) == NULL) { 1680 if ((xn = d2i_X509_NAME(NULL, &q, CBS_len(&rdn))) == NULL) {
1681 ssl3_send_alert(s, SSL3_AL_FATAL, 1681 ssl3_send_alert(s, SSL3_AL_FATAL,
1682 SSL_AD_DECODE_ERROR); 1682 SSL_AD_DECODE_ERROR);
1683 SSLerror(ERR_R_ASN1_LIB); 1683 SSLerror(s, ERR_R_ASN1_LIB);
1684 goto err; 1684 goto err;
1685 } 1685 }
1686 1686
1687 if (q != CBS_data(&rdn) + CBS_len(&rdn)) { 1687 if (q != CBS_data(&rdn) + CBS_len(&rdn)) {
1688 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1688 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1689 SSLerror(SSL_R_CA_DN_LENGTH_MISMATCH); 1689 SSLerror(s, SSL_R_CA_DN_LENGTH_MISMATCH);
1690 goto err; 1690 goto err;
1691 } 1691 }
1692 if (!sk_X509_NAME_push(ca_sk, xn)) { 1692 if (!sk_X509_NAME_push(ca_sk, xn)) {
1693 SSLerror(ERR_R_MALLOC_FAILURE); 1693 SSLerror(s, ERR_R_MALLOC_FAILURE);
1694 goto err; 1694 goto err;
1695 } 1695 }
1696 xn = NULL; /* avoid free in err block */ 1696 xn = NULL; /* avoid free in err block */
@@ -1706,7 +1706,7 @@ ssl3_get_certificate_request(SSL *s)
1706 ret = 1; 1706 ret = 1;
1707 if (0) { 1707 if (0) {
1708truncated: 1708truncated:
1709 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1709 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1710 } 1710 }
1711err: 1711err:
1712 X509_NAME_free(xn); 1712 X509_NAME_free(xn);
@@ -1739,13 +1739,13 @@ ssl3_get_new_session_ticket(SSL *s)
1739 } 1739 }
1740 if (S3I(s)->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) { 1740 if (S3I(s)->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) {
1741 al = SSL_AD_UNEXPECTED_MESSAGE; 1741 al = SSL_AD_UNEXPECTED_MESSAGE;
1742 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 1742 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
1743 goto f_err; 1743 goto f_err;
1744 } 1744 }
1745 1745
1746 if (n < 0) { 1746 if (n < 0) {
1747 al = SSL_AD_DECODE_ERROR; 1747 al = SSL_AD_DECODE_ERROR;
1748 SSLerror(SSL_R_LENGTH_MISMATCH); 1748 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1749 goto f_err; 1749 goto f_err;
1750 } 1750 }
1751 1751
@@ -1757,14 +1757,14 @@ ssl3_get_new_session_ticket(SSL *s)
1757 !CBS_get_u16_length_prefixed(&cbs, &session_ticket) || 1757 !CBS_get_u16_length_prefixed(&cbs, &session_ticket) ||
1758 CBS_len(&cbs) != 0) { 1758 CBS_len(&cbs) != 0) {
1759 al = SSL_AD_DECODE_ERROR; 1759 al = SSL_AD_DECODE_ERROR;
1760 SSLerror(SSL_R_LENGTH_MISMATCH); 1760 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1761 goto f_err; 1761 goto f_err;
1762 } 1762 }
1763 s->session->tlsext_tick_lifetime_hint = (long)lifetime_hint; 1763 s->session->tlsext_tick_lifetime_hint = (long)lifetime_hint;
1764 1764
1765 if (!CBS_stow(&session_ticket, &s->session->tlsext_tick, 1765 if (!CBS_stow(&session_ticket, &s->session->tlsext_tick,
1766 &s->session->tlsext_ticklen)) { 1766 &s->session->tlsext_ticklen)) {
1767 SSLerror(ERR_R_MALLOC_FAILURE); 1767 SSLerror(s, ERR_R_MALLOC_FAILURE);
1768 goto err; 1768 goto err;
1769 } 1769 }
1770 1770
@@ -1814,7 +1814,7 @@ ssl3_get_cert_status(SSL *s)
1814 if (n < 0) { 1814 if (n < 0) {
1815 /* need at least status type + length */ 1815 /* need at least status type + length */
1816 al = SSL_AD_DECODE_ERROR; 1816 al = SSL_AD_DECODE_ERROR;
1817 SSLerror(SSL_R_LENGTH_MISMATCH); 1817 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1818 goto f_err; 1818 goto f_err;
1819 } 1819 }
1820 1820
@@ -1823,20 +1823,20 @@ ssl3_get_cert_status(SSL *s)
1823 CBS_len(&cert_status) < 3) { 1823 CBS_len(&cert_status) < 3) {
1824 /* need at least status type + length */ 1824 /* need at least status type + length */
1825 al = SSL_AD_DECODE_ERROR; 1825 al = SSL_AD_DECODE_ERROR;
1826 SSLerror(SSL_R_LENGTH_MISMATCH); 1826 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1827 goto f_err; 1827 goto f_err;
1828 } 1828 }
1829 1829
1830 if (status_type != TLSEXT_STATUSTYPE_ocsp) { 1830 if (status_type != TLSEXT_STATUSTYPE_ocsp) {
1831 al = SSL_AD_DECODE_ERROR; 1831 al = SSL_AD_DECODE_ERROR;
1832 SSLerror(SSL_R_UNSUPPORTED_STATUS_TYPE); 1832 SSLerror(s, SSL_R_UNSUPPORTED_STATUS_TYPE);
1833 goto f_err; 1833 goto f_err;
1834 } 1834 }
1835 1835
1836 if (!CBS_get_u24_length_prefixed(&cert_status, &response) || 1836 if (!CBS_get_u24_length_prefixed(&cert_status, &response) ||
1837 CBS_len(&cert_status) != 0) { 1837 CBS_len(&cert_status) != 0) {
1838 al = SSL_AD_DECODE_ERROR; 1838 al = SSL_AD_DECODE_ERROR;
1839 SSLerror(SSL_R_LENGTH_MISMATCH); 1839 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1840 goto f_err; 1840 goto f_err;
1841 } 1841 }
1842 1842
@@ -1844,7 +1844,7 @@ ssl3_get_cert_status(SSL *s)
1844 &stow_len) || stow_len > INT_MAX) { 1844 &stow_len) || stow_len > INT_MAX) {
1845 s->internal->tlsext_ocsp_resplen = 0; 1845 s->internal->tlsext_ocsp_resplen = 0;
1846 al = SSL_AD_INTERNAL_ERROR; 1846 al = SSL_AD_INTERNAL_ERROR;
1847 SSLerror(ERR_R_MALLOC_FAILURE); 1847 SSLerror(s, ERR_R_MALLOC_FAILURE);
1848 goto f_err; 1848 goto f_err;
1849 } 1849 }
1850 s->internal->tlsext_ocsp_resplen = (int)stow_len; 1850 s->internal->tlsext_ocsp_resplen = (int)stow_len;
@@ -1855,12 +1855,12 @@ ssl3_get_cert_status(SSL *s)
1855 s->ctx->internal->tlsext_status_arg); 1855 s->ctx->internal->tlsext_status_arg);
1856 if (ret == 0) { 1856 if (ret == 0) {
1857 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; 1857 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
1858 SSLerror(SSL_R_INVALID_STATUS_RESPONSE); 1858 SSLerror(s, SSL_R_INVALID_STATUS_RESPONSE);
1859 goto f_err; 1859 goto f_err;
1860 } 1860 }
1861 if (ret < 0) { 1861 if (ret < 0) {
1862 al = SSL_AD_INTERNAL_ERROR; 1862 al = SSL_AD_INTERNAL_ERROR;
1863 SSLerror(ERR_R_MALLOC_FAILURE); 1863 SSLerror(s, ERR_R_MALLOC_FAILURE);
1864 goto f_err; 1864 goto f_err;
1865 } 1865 }
1866 } 1866 }
@@ -1885,7 +1885,7 @@ ssl3_get_server_done(SSL *s)
1885 if (n > 0) { 1885 if (n > 0) {
1886 /* should contain no data */ 1886 /* should contain no data */
1887 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1887 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1888 SSLerror(SSL_R_LENGTH_MISMATCH); 1888 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1889 return (-1); 1889 return (-1);
1890 } 1890 }
1891 ret = 1; 1891 ret = 1;
@@ -1909,7 +1909,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1909 pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); 1909 pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1910 if (pkey == NULL || pkey->type != EVP_PKEY_RSA || 1910 if (pkey == NULL || pkey->type != EVP_PKEY_RSA ||
1911 pkey->pkey.rsa == NULL) { 1911 pkey->pkey.rsa == NULL) {
1912 SSLerror(ERR_R_INTERNAL_ERROR); 1912 SSLerror(s, ERR_R_INTERNAL_ERROR);
1913 goto err; 1913 goto err;
1914 } 1914 }
1915 1915
@@ -1918,14 +1918,14 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1918 arc4random_buf(&pms[2], sizeof(pms) - 2); 1918 arc4random_buf(&pms[2], sizeof(pms) - 2);
1919 1919
1920 if ((enc_pms = malloc(RSA_size(pkey->pkey.rsa))) == NULL) { 1920 if ((enc_pms = malloc(RSA_size(pkey->pkey.rsa))) == NULL) {
1921 SSLerror(ERR_R_MALLOC_FAILURE); 1921 SSLerror(s, ERR_R_MALLOC_FAILURE);
1922 goto err; 1922 goto err;
1923 } 1923 }
1924 1924
1925 enc_len = RSA_public_encrypt(sizeof(pms), pms, enc_pms, pkey->pkey.rsa, 1925 enc_len = RSA_public_encrypt(sizeof(pms), pms, enc_pms, pkey->pkey.rsa,
1926 RSA_PKCS1_PADDING); 1926 RSA_PKCS1_PADDING);
1927 if (enc_len <= 0) { 1927 if (enc_len <= 0) {
1928 SSLerror(SSL_R_BAD_RSA_ENCRYPT); 1928 SSLerror(s, SSL_R_BAD_RSA_ENCRYPT);
1929 goto err; 1929 goto err;
1930 } 1930 }
1931 1931
@@ -1963,28 +1963,28 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1963 /* Ensure that we have an ephemeral key for DHE. */ 1963 /* Ensure that we have an ephemeral key for DHE. */
1964 if (sess_cert->peer_dh_tmp == NULL) { 1964 if (sess_cert->peer_dh_tmp == NULL) {
1965 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); 1965 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1966 SSLerror(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS); 1966 SSLerror(s, SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
1967 goto err; 1967 goto err;
1968 } 1968 }
1969 dh_srvr = sess_cert->peer_dh_tmp; 1969 dh_srvr = sess_cert->peer_dh_tmp;
1970 1970
1971 /* Generate a new random key. */ 1971 /* Generate a new random key. */
1972 if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) { 1972 if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
1973 SSLerror(ERR_R_DH_LIB); 1973 SSLerror(s, ERR_R_DH_LIB);
1974 goto err; 1974 goto err;
1975 } 1975 }
1976 if (!DH_generate_key(dh_clnt)) { 1976 if (!DH_generate_key(dh_clnt)) {
1977 SSLerror(ERR_R_DH_LIB); 1977 SSLerror(s, ERR_R_DH_LIB);
1978 goto err; 1978 goto err;
1979 } 1979 }
1980 key_size = DH_size(dh_clnt); 1980 key_size = DH_size(dh_clnt);
1981 if ((key = malloc(key_size)) == NULL) { 1981 if ((key = malloc(key_size)) == NULL) {
1982 SSLerror(ERR_R_MALLOC_FAILURE); 1982 SSLerror(s, ERR_R_MALLOC_FAILURE);
1983 goto err; 1983 goto err;
1984 } 1984 }
1985 key_len = DH_compute_key(key, dh_srvr->pub_key, dh_clnt); 1985 key_len = DH_compute_key(key, dh_srvr->pub_key, dh_clnt);
1986 if (key_len <= 0) { 1986 if (key_len <= 0) {
1987 SSLerror(ERR_R_DH_LIB); 1987 SSLerror(s, ERR_R_DH_LIB);
1988 goto err; 1988 goto err;
1989 } 1989 }
1990 1990
@@ -2028,35 +2028,35 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
2028 2028
2029 if ((group = EC_KEY_get0_group(sc->peer_ecdh_tmp)) == NULL || 2029 if ((group = EC_KEY_get0_group(sc->peer_ecdh_tmp)) == NULL ||
2030 (point = EC_KEY_get0_public_key(sc->peer_ecdh_tmp)) == NULL) { 2030 (point = EC_KEY_get0_public_key(sc->peer_ecdh_tmp)) == NULL) {
2031 SSLerror(ERR_R_INTERNAL_ERROR); 2031 SSLerror(s, ERR_R_INTERNAL_ERROR);
2032 goto err; 2032 goto err;
2033 } 2033 }
2034 2034
2035 if ((ecdh = EC_KEY_new()) == NULL) { 2035 if ((ecdh = EC_KEY_new()) == NULL) {
2036 SSLerror(ERR_R_MALLOC_FAILURE); 2036 SSLerror(s, ERR_R_MALLOC_FAILURE);
2037 goto err; 2037 goto err;
2038 } 2038 }
2039 2039
2040 if (!EC_KEY_set_group(ecdh, group)) { 2040 if (!EC_KEY_set_group(ecdh, group)) {
2041 SSLerror(ERR_R_EC_LIB); 2041 SSLerror(s, ERR_R_EC_LIB);
2042 goto err; 2042 goto err;
2043 } 2043 }
2044 2044
2045 /* Generate a new ECDH key pair. */ 2045 /* Generate a new ECDH key pair. */
2046 if (!(EC_KEY_generate_key(ecdh))) { 2046 if (!(EC_KEY_generate_key(ecdh))) {
2047 SSLerror(ERR_R_ECDH_LIB); 2047 SSLerror(s, ERR_R_ECDH_LIB);
2048 goto err; 2048 goto err;
2049 } 2049 }
2050 if ((key_size = ECDH_size(ecdh)) <= 0) { 2050 if ((key_size = ECDH_size(ecdh)) <= 0) {
2051 SSLerror(ERR_R_ECDH_LIB); 2051 SSLerror(s, ERR_R_ECDH_LIB);
2052 goto err; 2052 goto err;
2053 } 2053 }
2054 if ((key = malloc(key_size)) == NULL) { 2054 if ((key = malloc(key_size)) == NULL) {
2055 SSLerror(ERR_R_MALLOC_FAILURE); 2055 SSLerror(s, ERR_R_MALLOC_FAILURE);
2056 } 2056 }
2057 key_len = ECDH_compute_key(key, key_size, point, ecdh, NULL); 2057 key_len = ECDH_compute_key(key, key_size, point, ecdh, NULL);
2058 if (key_len <= 0) { 2058 if (key_len <= 0) {
2059 SSLerror(ERR_R_ECDH_LIB); 2059 SSLerror(s, ERR_R_ECDH_LIB);
2060 goto err; 2060 goto err;
2061 } 2061 }
2062 2062
@@ -2068,12 +2068,12 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
2068 encoded_len = EC_POINT_point2oct(group, EC_KEY_get0_public_key(ecdh), 2068 encoded_len = EC_POINT_point2oct(group, EC_KEY_get0_public_key(ecdh),
2069 POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); 2069 POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
2070 if (encoded_len == 0) { 2070 if (encoded_len == 0) {
2071 SSLerror(ERR_R_ECDH_LIB); 2071 SSLerror(s, ERR_R_ECDH_LIB);
2072 goto err; 2072 goto err;
2073 } 2073 }
2074 2074
2075 if ((bn_ctx = BN_CTX_new()) == NULL) { 2075 if ((bn_ctx = BN_CTX_new()) == NULL) {
2076 SSLerror(ERR_R_MALLOC_FAILURE); 2076 SSLerror(s, ERR_R_MALLOC_FAILURE);
2077 goto err; 2077 goto err;
2078 } 2078 }
2079 2079
@@ -2159,7 +2159,7 @@ ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb)
2159 goto err; 2159 goto err;
2160 } else { 2160 } else {
2161 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); 2161 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
2162 SSLerror(ERR_R_INTERNAL_ERROR); 2162 SSLerror(s, ERR_R_INTERNAL_ERROR);
2163 goto err; 2163 goto err;
2164 } 2164 }
2165 2165
@@ -2186,7 +2186,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2186 /* Get server sertificate PKEY and create ctx from it */ 2186 /* Get server sertificate PKEY and create ctx from it */
2187 peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509; 2187 peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509;
2188 if (peer_cert == NULL) { 2188 if (peer_cert == NULL) {
2189 SSLerror(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); 2189 SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
2190 goto err; 2190 goto err;
2191 } 2191 }
2192 2192
@@ -2222,7 +2222,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2222 */ 2222 */
2223 ukm_hash = EVP_MD_CTX_create(); 2223 ukm_hash = EVP_MD_CTX_create();
2224 if (ukm_hash == NULL) { 2224 if (ukm_hash == NULL) {
2225 SSLerror(ERR_R_MALLOC_FAILURE); 2225 SSLerror(s, ERR_R_MALLOC_FAILURE);
2226 goto err; 2226 goto err;
2227 } 2227 }
2228 2228
@@ -2238,7 +2238,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2238 EVP_MD_CTX_destroy(ukm_hash); 2238 EVP_MD_CTX_destroy(ukm_hash);
2239 if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, 2239 if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT,
2240 EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) { 2240 EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) {
2241 SSLerror(SSL_R_LIBRARY_BUG); 2241 SSLerror(s, SSL_R_LIBRARY_BUG);
2242 goto err; 2242 goto err;
2243 } 2243 }
2244 2244
@@ -2248,7 +2248,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2248 msglen = 255; 2248 msglen = 255;
2249 if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 2249 if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret,
2250 32) < 0) { 2250 32) < 0) {
2251 SSLerror(SSL_R_LIBRARY_BUG); 2251 SSLerror(s, SSL_R_LIBRARY_BUG);
2252 goto err; 2252 goto err;
2253 } 2253 }
2254 2254
@@ -2294,7 +2294,7 @@ ssl3_send_client_key_exchange(SSL *s)
2294 if ((sess_cert = SSI(s)->sess_cert) == NULL) { 2294 if ((sess_cert = SSI(s)->sess_cert) == NULL) {
2295 ssl3_send_alert(s, SSL3_AL_FATAL, 2295 ssl3_send_alert(s, SSL3_AL_FATAL,
2296 SSL_AD_UNEXPECTED_MESSAGE); 2296 SSL_AD_UNEXPECTED_MESSAGE);
2297 SSLerror(ERR_R_INTERNAL_ERROR); 2297 SSLerror(s, ERR_R_INTERNAL_ERROR);
2298 goto err; 2298 goto err;
2299 } 2299 }
2300 2300
@@ -2317,7 +2317,7 @@ ssl3_send_client_key_exchange(SSL *s)
2317 } else { 2317 } else {
2318 ssl3_send_alert(s, SSL3_AL_FATAL, 2318 ssl3_send_alert(s, SSL3_AL_FATAL,
2319 SSL_AD_HANDSHAKE_FAILURE); 2319 SSL_AD_HANDSHAKE_FAILURE);
2320 SSLerror(ERR_R_INTERNAL_ERROR); 2320 SSLerror(s, ERR_R_INTERNAL_ERROR);
2321 goto err; 2321 goto err;
2322 } 2322 }
2323 2323
@@ -2379,14 +2379,14 @@ ssl3_send_client_verify(SSL *s)
2379 &hdata); 2379 &hdata);
2380 if (hdatalen <= 0 || 2380 if (hdatalen <= 0 ||
2381 !tls12_get_sigandhash(p, pkey, md)) { 2381 !tls12_get_sigandhash(p, pkey, md)) {
2382 SSLerror(ERR_R_INTERNAL_ERROR); 2382 SSLerror(s, ERR_R_INTERNAL_ERROR);
2383 goto err; 2383 goto err;
2384 } 2384 }
2385 p += 2; 2385 p += 2;
2386 if (!EVP_SignInit_ex(&mctx, md, NULL) || 2386 if (!EVP_SignInit_ex(&mctx, md, NULL) ||
2387 !EVP_SignUpdate(&mctx, hdata, hdatalen) || 2387 !EVP_SignUpdate(&mctx, hdata, hdatalen) ||
2388 !EVP_SignFinal(&mctx, p + 2, &u, pkey)) { 2388 !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
2389 SSLerror(ERR_R_EVP_LIB); 2389 SSLerror(s, ERR_R_EVP_LIB);
2390 goto err; 2390 goto err;
2391 } 2391 }
2392 s2n(u, p); 2392 s2n(u, p);
@@ -2399,7 +2399,7 @@ ssl3_send_client_verify(SSL *s)
2399 if (RSA_sign(NID_md5_sha1, data, 2399 if (RSA_sign(NID_md5_sha1, data,
2400 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]), 2400 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]),
2401 &u, pkey->pkey.rsa) <= 0 ) { 2401 &u, pkey->pkey.rsa) <= 0 ) {
2402 SSLerror(ERR_R_RSA_LIB); 2402 SSLerror(s, ERR_R_RSA_LIB);
2403 goto err; 2403 goto err;
2404 } 2404 }
2405 s2n(u, p); 2405 s2n(u, p);
@@ -2409,7 +2409,7 @@ ssl3_send_client_verify(SSL *s)
2409 &(data[MD5_DIGEST_LENGTH]), 2409 &(data[MD5_DIGEST_LENGTH]),
2410 SHA_DIGEST_LENGTH, &(p[2]), 2410 SHA_DIGEST_LENGTH, &(p[2]),
2411 (unsigned int *)&j, pkey->pkey.dsa)) { 2411 (unsigned int *)&j, pkey->pkey.dsa)) {
2412 SSLerror(ERR_R_DSA_LIB); 2412 SSLerror(s, ERR_R_DSA_LIB);
2413 goto err; 2413 goto err;
2414 } 2414 }
2415 s2n(j, p); 2415 s2n(j, p);
@@ -2419,7 +2419,7 @@ ssl3_send_client_verify(SSL *s)
2419 &(data[MD5_DIGEST_LENGTH]), 2419 &(data[MD5_DIGEST_LENGTH]),
2420 SHA_DIGEST_LENGTH, &(p[2]), 2420 SHA_DIGEST_LENGTH, &(p[2]),
2421 (unsigned int *)&j, pkey->pkey.ec)) { 2421 (unsigned int *)&j, pkey->pkey.ec)) {
2422 SSLerror(ERR_R_ECDSA_LIB); 2422 SSLerror(s, ERR_R_ECDSA_LIB);
2423 goto err; 2423 goto err;
2424 } 2424 }
2425 s2n(j, p); 2425 s2n(j, p);
@@ -2436,12 +2436,12 @@ ssl3_send_client_verify(SSL *s)
2436 2436
2437 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2437 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2438 if (hdatalen <= 0) { 2438 if (hdatalen <= 0) {
2439 SSLerror(ERR_R_INTERNAL_ERROR); 2439 SSLerror(s, ERR_R_INTERNAL_ERROR);
2440 goto err; 2440 goto err;
2441 } 2441 }
2442 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || 2442 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) ||
2443 !(md = EVP_get_digestbynid(nid))) { 2443 !(md = EVP_get_digestbynid(nid))) {
2444 SSLerror(ERR_R_EVP_LIB); 2444 SSLerror(s, ERR_R_EVP_LIB);
2445 goto err; 2445 goto err;
2446 } 2446 }
2447 if (!EVP_DigestInit_ex(&mctx, md, NULL) || 2447 if (!EVP_DigestInit_ex(&mctx, md, NULL) ||
@@ -2454,7 +2454,7 @@ ssl3_send_client_verify(SSL *s)
2454 NULL) <= 0) || 2454 NULL) <= 0) ||
2455 (EVP_PKEY_sign(pctx, &(p[2]), &sigsize, 2455 (EVP_PKEY_sign(pctx, &(p[2]), &sigsize,
2456 signbuf, u) <= 0)) { 2456 signbuf, u) <= 0)) {
2457 SSLerror(ERR_R_EVP_LIB); 2457 SSLerror(s, ERR_R_EVP_LIB);
2458 goto err; 2458 goto err;
2459 } 2459 }
2460 if (!tls1_digest_cached_records(s)) 2460 if (!tls1_digest_cached_records(s))
@@ -2464,7 +2464,7 @@ ssl3_send_client_verify(SSL *s)
2464 n = j + 2; 2464 n = j + 2;
2465#endif 2465#endif
2466 } else { 2466 } else {
2467 SSLerror(ERR_R_INTERNAL_ERROR); 2467 SSLerror(s, ERR_R_INTERNAL_ERROR);
2468 goto err; 2468 goto err;
2469 } 2469 }
2470 2470
@@ -2522,7 +2522,7 @@ ssl3_send_client_certificate(SSL *s)
2522 i = 0; 2522 i = 0;
2523 } else if (i == 1) { 2523 } else if (i == 1) {
2524 i = 0; 2524 i = 0;
2525 SSLerror(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); 2525 SSLerror(s, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
2526 } 2526 }
2527 2527
2528 X509_free(x509); 2528 X509_free(x509);
@@ -2576,7 +2576,7 @@ ssl3_check_cert_and_algorithm(SSL *s)
2576 2576
2577 sc = SSI(s)->sess_cert; 2577 sc = SSI(s)->sess_cert;
2578 if (sc == NULL) { 2578 if (sc == NULL) {
2579 SSLerror(ERR_R_INTERNAL_ERROR); 2579 SSLerror(s, ERR_R_INTERNAL_ERROR);
2580 goto err; 2580 goto err;
2581 } 2581 }
2582 dh = SSI(s)->sess_cert->peer_dh_tmp; 2582 dh = SSI(s)->sess_cert->peer_dh_tmp;
@@ -2588,7 +2588,7 @@ ssl3_check_cert_and_algorithm(SSL *s)
2588 if (ssl_check_srvr_ecc_cert_and_alg( 2588 if (ssl_check_srvr_ecc_cert_and_alg(
2589 sc->peer_pkeys[idx].x509, s) == 0) { 2589 sc->peer_pkeys[idx].x509, s) == 0) {
2590 /* check failed */ 2590 /* check failed */
2591 SSLerror(SSL_R_BAD_ECC_CERT); 2591 SSLerror(s, SSL_R_BAD_ECC_CERT);
2592 goto f_err; 2592 goto f_err;
2593 } else { 2593 } else {
2594 return (1); 2594 return (1);
@@ -2600,21 +2600,21 @@ ssl3_check_cert_and_algorithm(SSL *s)
2600 2600
2601 /* Check that we have a certificate if we require one. */ 2601 /* Check that we have a certificate if we require one. */
2602 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) { 2602 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) {
2603 SSLerror(SSL_R_MISSING_RSA_SIGNING_CERT); 2603 SSLerror(s, SSL_R_MISSING_RSA_SIGNING_CERT);
2604 goto f_err; 2604 goto f_err;
2605 } else if ((alg_a & SSL_aDSS) && 2605 } else if ((alg_a & SSL_aDSS) &&
2606 !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) { 2606 !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) {
2607 SSLerror(SSL_R_MISSING_DSA_SIGNING_CERT); 2607 SSLerror(s, SSL_R_MISSING_DSA_SIGNING_CERT);
2608 goto f_err; 2608 goto f_err;
2609 } 2609 }
2610 if ((alg_k & SSL_kRSA) && 2610 if ((alg_k & SSL_kRSA) &&
2611 !has_bits(i, EVP_PK_RSA|EVP_PKT_ENC)) { 2611 !has_bits(i, EVP_PK_RSA|EVP_PKT_ENC)) {
2612 SSLerror(SSL_R_MISSING_RSA_ENCRYPTING_CERT); 2612 SSLerror(s, SSL_R_MISSING_RSA_ENCRYPTING_CERT);
2613 goto f_err; 2613 goto f_err;
2614 } 2614 }
2615 if ((alg_k & SSL_kDHE) && 2615 if ((alg_k & SSL_kDHE) &&
2616 !(has_bits(i, EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) { 2616 !(has_bits(i, EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) {
2617 SSLerror(SSL_R_MISSING_DH_KEY); 2617 SSLerror(s, SSL_R_MISSING_DH_KEY);
2618 goto f_err; 2618 goto f_err;
2619 } 2619 }
2620 2620
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
index 525ba2146b..f9e450125b 100644
--- a/src/lib/libssl/ssl_err.c
+++ b/src/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_err.c,v 1.32 2017/01/26 10:40:21 beck Exp $ */ 1/* $OpenBSD: ssl_err.c,v 1.33 2017/02/07 02:08:38 beck Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -69,8 +69,94 @@
69#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0) 69#define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
70#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason) 70#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
71 71
72/* See SSL_state_func_code below */
72static ERR_STRING_DATA SSL_str_functs[]= { 73static ERR_STRING_DATA SSL_str_functs[]= {
73 {ERR_FUNC(0xfff), "SSL_internal"}, 74 {ERR_FUNC(1), "CONNECT_CW_FLUSH"},
75 {ERR_FUNC(2), "CONNECT_CW_CLNT_HELLO"},
76 {ERR_FUNC(3), "CONNECT_CW_CLNT_HELLO"},
77 {ERR_FUNC(4), "CONNECT_CR_SRVR_HELLO"},
78 {ERR_FUNC(5), "CONNECT_CR_SRVR_HELLO"},
79 {ERR_FUNC(6), "CONNECT_CR_CERT"},
80 {ERR_FUNC(7), "CONNECT_CR_CERT"},
81 {ERR_FUNC(8), "CONNECT_CR_KEY_EXCH"},
82 {ERR_FUNC(9), "CONNECT_CR_KEY_EXCH"},
83 {ERR_FUNC(10), "CONNECT_CR_CERT_REQ"},
84 {ERR_FUNC(11), "CONNECT_CR_CERT_REQ"},
85 {ERR_FUNC(12), "CONNECT_CR_SRVR_DONE"},
86 {ERR_FUNC(13), "CONNECT_CR_SRVR_DONE"},
87 {ERR_FUNC(14), "CONNECT_CW_CERT"},
88 {ERR_FUNC(15), "CONNECT_CW_CERT"},
89 {ERR_FUNC(16), "CONNECT_CW_CERT_C"},
90 {ERR_FUNC(17), "CONNECT_CW_CERT_D"},
91 {ERR_FUNC(18), "CONNECT_CW_KEY_EXCH"},
92 {ERR_FUNC(19), "CONNECT_CW_KEY_EXCH"},
93 {ERR_FUNC(20), "CONNECT_CW_CERT_VRFY"},
94 {ERR_FUNC(21), "CONNECT_CW_CERT_VRFY"},
95 {ERR_FUNC(22), "CONNECT_CW_CHANGE"},
96 {ERR_FUNC(23), "CONNECT_CW_CHANGE"},
97 {ERR_FUNC(24), "CONNECT_CW_NEXT_PROTO"},
98 {ERR_FUNC(25), "CONNECT_CW_NEXT_PROTO"},
99 {ERR_FUNC(26), "CONNECT_CW_FINISHED"},
100 {ERR_FUNC(27), "CONNECT_CW_FINISHED"},
101 {ERR_FUNC(28), "CONNECT_CR_CHANGE"},
102 {ERR_FUNC(29), "CONNECT_CR_CHANGE"},
103 {ERR_FUNC(30), "CONNECT_CR_FINISHED"},
104 {ERR_FUNC(31), "CONNECT_CR_FINISHED"},
105 {ERR_FUNC(32), "CONNECT_CR_SESSION_TICKET"},
106 {ERR_FUNC(33), "CONNECT_CR_SESSION_TICKET"},
107 {ERR_FUNC(34), "CONNECT_CR_CERT_STATUS"},
108 {ERR_FUNC(35), "CONNECT_CR_CERT_STATUS"},
109 {ERR_FUNC(36), "ACCEPT_SW_FLUSH"},
110 {ERR_FUNC(37), "ACCEPT_SR_CLNT_HELLO"},
111 {ERR_FUNC(38), "ACCEPT_SR_CLNT_HELLO"},
112 {ERR_FUNC(39), "ACCEPT_SR_CLNT_HELLO_C"},
113 {ERR_FUNC(40), "ACCEPT_SW_HELLO_REQ"},
114 {ERR_FUNC(41), "ACCEPT_SW_HELLO_REQ"},
115 {ERR_FUNC(42), "ACCEPT_SW_HELLO_REQ_C"},
116 {ERR_FUNC(43), "ACCEPT_SW_SRVR_HELLO"},
117 {ERR_FUNC(44), "ACCEPT_SW_SRVR_HELLO"},
118 {ERR_FUNC(45), "ACCEPT_SW_CERT"},
119 {ERR_FUNC(46), "ACCEPT_SW_CERT"},
120 {ERR_FUNC(47), "ACCEPT_SW_KEY_EXCH"},
121 {ERR_FUNC(48), "ACCEPT_SW_KEY_EXCH"},
122 {ERR_FUNC(49), "ACCEPT_SW_CERT_REQ"},
123 {ERR_FUNC(50), "ACCEPT_SW_CERT_REQ"},
124 {ERR_FUNC(51), "ACCEPT_SW_SRVR_DONE"},
125 {ERR_FUNC(52), "ACCEPT_SW_SRVR_DONE"},
126 {ERR_FUNC(53), "ACCEPT_SR_CERT"},
127 {ERR_FUNC(54), "ACCEPT_SR_CERT"},
128 {ERR_FUNC(55), "ACCEPT_SR_KEY_EXCH"},
129 {ERR_FUNC(56), "ACCEPT_SR_KEY_EXCH"},
130 {ERR_FUNC(57), "ACCEPT_SR_CERT_VRFY"},
131 {ERR_FUNC(58), "ACCEPT_SR_CERT_VRFY"},
132 {ERR_FUNC(59), "ACCEPT_SR_CHANGE"},
133 {ERR_FUNC(60), "ACCEPT_SR_CHANGE"},
134 {ERR_FUNC(61), "ACCEPT_SR_NEXT_PROTO"},
135 {ERR_FUNC(62), "ACCEPT_SR_NEXT_PROTO"},
136 {ERR_FUNC(63), "ACCEPT_SR_FINISHED"},
137 {ERR_FUNC(64), "ACCEPT_SR_FINISHED"},
138 {ERR_FUNC(65), "ACCEPT_SW_CHANGE"},
139 {ERR_FUNC(66), "ACCEPT_SW_CHANGE"},
140 {ERR_FUNC(67), "ACCEPT_SW_FINISHED"},
141 {ERR_FUNC(68), "ACCEPT_SW_FINISHED"},
142 {ERR_FUNC(69), "ACCEPT_SW_SESSION_TICKET"},
143 {ERR_FUNC(70), "ACCEPT_SW_SESSION_TICKET"},
144 {ERR_FUNC(71), "ACCEPT_SW_CERT_STATUS"},
145 {ERR_FUNC(72), "ACCEPT_SW_CERT_STATUS"},
146 {ERR_FUNC(73), "ST_BEFORE"},
147 {ERR_FUNC(74), "ST_ACCEPT"},
148 {ERR_FUNC(75), "ST_CONNECT"},
149 {ERR_FUNC(76), "ST_OK"},
150 {ERR_FUNC(77), "ST_RENEGOTIATE"},
151 {ERR_FUNC(78), "ST_BEFORE_CONNECT"},
152 {ERR_FUNC(79), "ST_OK_CONNECT"},
153 {ERR_FUNC(80), "ST_BEFORE_ACCEPT"},
154 {ERR_FUNC(81), "ST_OK_ACCEPT"},
155 {ERR_FUNC(83), "DTLS1_ST_CR_HELLO_VERIFY_REQUEST"},
156 {ERR_FUNC(84), "DTLS1_ST_CR_HELLO_VERIFY_REQUEST"},
157 {ERR_FUNC(85), "DTLS1_ST_SW_HELLO_VERIFY_REQUEST"},
158 {ERR_FUNC(86), "DTLS1_ST_SW_HELLO_VERIFY_REQUEST"},
159 {ERR_FUNC(0xfff), "(UNKNOWN)SSL_internal"},
74 {0, NULL} 160 {0, NULL}
75}; 161};
76 162
@@ -402,3 +488,182 @@ SSL_load_error_strings(void)
402 ERR_load_SSL_strings(); 488 ERR_load_SSL_strings();
403#endif 489#endif
404} 490}
491
492int
493SSL_state_func_code(int state) {
494 switch (state) {
495 case SSL3_ST_CW_FLUSH:
496 return 1;
497 case SSL3_ST_CW_CLNT_HELLO_A:
498 return 2;
499 case SSL3_ST_CW_CLNT_HELLO_B:
500 return 3;
501 case SSL3_ST_CR_SRVR_HELLO_A:
502 return 4;
503 case SSL3_ST_CR_SRVR_HELLO_B:
504 return 5;
505 case SSL3_ST_CR_CERT_A:
506 return 6;
507 case SSL3_ST_CR_CERT_B:
508 return 7;
509 case SSL3_ST_CR_KEY_EXCH_A:
510 return 8;
511 case SSL3_ST_CR_KEY_EXCH_B:
512 return 9;
513 case SSL3_ST_CR_CERT_REQ_A:
514 return 10;
515 case SSL3_ST_CR_CERT_REQ_B:
516 return 11;
517 case SSL3_ST_CR_SRVR_DONE_A:
518 return 12;
519 case SSL3_ST_CR_SRVR_DONE_B:
520 return 13;
521 case SSL3_ST_CW_CERT_A:
522 return 14;
523 case SSL3_ST_CW_CERT_B:
524 return 15;
525 case SSL3_ST_CW_CERT_C:
526 return 16;
527 case SSL3_ST_CW_CERT_D:
528 return 17;
529 case SSL3_ST_CW_KEY_EXCH_A:
530 return 18;
531 case SSL3_ST_CW_KEY_EXCH_B:
532 return 19;
533 case SSL3_ST_CW_CERT_VRFY_A:
534 return 20;
535 case SSL3_ST_CW_CERT_VRFY_B:
536 return 21;
537 case SSL3_ST_CW_CHANGE_A:
538 return 22;
539 case SSL3_ST_CW_CHANGE_B:
540 return 23;
541 case SSL3_ST_CW_NEXT_PROTO_A:
542 return 24;
543 case SSL3_ST_CW_NEXT_PROTO_B:
544 return 25;
545 case SSL3_ST_CW_FINISHED_A:
546 return 26;
547 case SSL3_ST_CW_FINISHED_B:
548 return 27;
549 case SSL3_ST_CR_CHANGE_A:
550 return 28;
551 case SSL3_ST_CR_CHANGE_B:
552 return 29;
553 case SSL3_ST_CR_FINISHED_A:
554 return 30;
555 case SSL3_ST_CR_FINISHED_B:
556 return 31;
557 case SSL3_ST_CR_SESSION_TICKET_A:
558 return 32;
559 case SSL3_ST_CR_SESSION_TICKET_B:
560 return 33;
561 case SSL3_ST_CR_CERT_STATUS_A:
562 return 34;
563 case SSL3_ST_CR_CERT_STATUS_B:
564 return 35;
565 case SSL3_ST_SW_FLUSH:
566 return 36;
567 case SSL3_ST_SR_CLNT_HELLO_A:
568 return 37;
569 case SSL3_ST_SR_CLNT_HELLO_B:
570 return 38;
571 case SSL3_ST_SR_CLNT_HELLO_C:
572 return 39;
573 case SSL3_ST_SW_HELLO_REQ_A:
574 return 40;
575 case SSL3_ST_SW_HELLO_REQ_B:
576 return 41;
577 case SSL3_ST_SW_HELLO_REQ_C:
578 return 42;
579 case SSL3_ST_SW_SRVR_HELLO_A:
580 return 43;
581 case SSL3_ST_SW_SRVR_HELLO_B:
582 return 44;
583 case SSL3_ST_SW_CERT_A:
584 return 45;
585 case SSL3_ST_SW_CERT_B:
586 return 46;
587 case SSL3_ST_SW_KEY_EXCH_A:
588 return 47;
589 case SSL3_ST_SW_KEY_EXCH_B:
590 return 48;
591 case SSL3_ST_SW_CERT_REQ_A:
592 return 49;
593 case SSL3_ST_SW_CERT_REQ_B:
594 return 50;
595 case SSL3_ST_SW_SRVR_DONE_A:
596 return 51;
597 case SSL3_ST_SW_SRVR_DONE_B:
598 return 52;
599 case SSL3_ST_SR_CERT_A:
600 return 53;
601 case SSL3_ST_SR_CERT_B:
602 return 54;
603 case SSL3_ST_SR_KEY_EXCH_A:
604 return 55;
605 case SSL3_ST_SR_KEY_EXCH_B:
606 return 56;
607 case SSL3_ST_SR_CERT_VRFY_A:
608 return 57;
609 case SSL3_ST_SR_CERT_VRFY_B:
610 return 58;
611 case SSL3_ST_SR_CHANGE_A:
612 return 59;
613 case SSL3_ST_SR_CHANGE_B:
614 return 60;
615 case SSL3_ST_SR_NEXT_PROTO_A:
616 return 61;
617 case SSL3_ST_SR_NEXT_PROTO_B:
618 return 62;
619 case SSL3_ST_SR_FINISHED_A:
620 return 63;
621 case SSL3_ST_SR_FINISHED_B:
622 return 64;
623 case SSL3_ST_SW_CHANGE_A:
624 return 65;
625 case SSL3_ST_SW_CHANGE_B:
626 return 66;
627 case SSL3_ST_SW_FINISHED_A:
628 return 67;
629 case SSL3_ST_SW_FINISHED_B:
630 return 68;
631 case SSL3_ST_SW_SESSION_TICKET_A:
632 return 69;
633 case SSL3_ST_SW_SESSION_TICKET_B:
634 return 70;
635 case SSL3_ST_SW_CERT_STATUS_A:
636 return 71;
637 case SSL3_ST_SW_CERT_STATUS_B:
638 return 72;
639 case SSL_ST_BEFORE:
640 return 73;
641 case SSL_ST_ACCEPT:
642 return 74;
643 case SSL_ST_CONNECT:
644 return 75;
645 case SSL_ST_OK:
646 return 76;
647 case SSL_ST_RENEGOTIATE:
648 return 77;
649 case SSL_ST_BEFORE|SSL_ST_CONNECT:
650 return 78;
651 case SSL_ST_OK|SSL_ST_CONNECT:
652 return 79;
653 case SSL_ST_BEFORE|SSL_ST_ACCEPT:
654 return 80;
655 case SSL_ST_OK|SSL_ST_ACCEPT:
656 return 81;
657 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
658 return 83;
659 case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
660 return 84;
661 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
662 return 85;
663 case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
664 return 86;
665 default:
666 break;
667 }
668 return 0xfff;
669}
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 898fdbc479..7e752ae0d0 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.155 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.156 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -163,7 +163,7 @@ int
163SSL_clear(SSL *s) 163SSL_clear(SSL *s)
164{ 164{
165 if (s->method == NULL) { 165 if (s->method == NULL) {
166 SSLerror(SSL_R_NO_METHOD_SPECIFIED); 166 SSLerror(s, SSL_R_NO_METHOD_SPECIFIED);
167 return (0); 167 return (0);
168 } 168 }
169 169
@@ -177,7 +177,7 @@ SSL_clear(SSL *s)
177 s->internal->shutdown = 0; 177 s->internal->shutdown = 0;
178 178
179 if (s->internal->renegotiate) { 179 if (s->internal->renegotiate) {
180 SSLerror(ERR_R_INTERNAL_ERROR); 180 SSLerror(s, ERR_R_INTERNAL_ERROR);
181 return (0); 181 return (0);
182 } 182 }
183 183
@@ -226,7 +226,7 @@ SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
226 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list), 226 sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
227 &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST); 227 &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST);
228 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { 228 if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
229 SSLerror(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); 229 SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
230 return (0); 230 return (0);
231 } 231 }
232 return (1); 232 return (1);
@@ -238,21 +238,21 @@ SSL_new(SSL_CTX *ctx)
238 SSL *s; 238 SSL *s;
239 239
240 if (ctx == NULL) { 240 if (ctx == NULL) {
241 SSLerror(SSL_R_NULL_SSL_CTX); 241 SSLerrorx(SSL_R_NULL_SSL_CTX);
242 return (NULL); 242 return (NULL);
243 } 243 }
244 if (ctx->method == NULL) { 244 if (ctx->method == NULL) {
245 SSLerror(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); 245 SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
246 return (NULL); 246 return (NULL);
247 } 247 }
248 248
249 if ((s = calloc(1, sizeof(*s))) == NULL) { 249 if ((s = calloc(1, sizeof(*s))) == NULL) {
250 SSLerror(ERR_R_MALLOC_FAILURE); 250 SSLerrorx(ERR_R_MALLOC_FAILURE);
251 return (NULL); 251 return (NULL);
252 } 252 }
253 if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) { 253 if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) {
254 free(s); 254 free(s);
255 SSLerror(ERR_R_MALLOC_FAILURE); 255 SSLerrorx(ERR_R_MALLOC_FAILURE);
256 return (NULL); 256 return (NULL);
257 } 257 }
258 258
@@ -371,7 +371,7 @@ SSL_new(SSL_CTX *ctx)
371 371
372 err: 372 err:
373 SSL_free(s); 373 SSL_free(s);
374 SSLerror(ERR_R_MALLOC_FAILURE); 374 SSLerrorx(ERR_R_MALLOC_FAILURE);
375 return (NULL); 375 return (NULL);
376} 376}
377 377
@@ -380,7 +380,7 @@ SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
380 unsigned int sid_ctx_len) 380 unsigned int sid_ctx_len)
381{ 381{
382 if (sid_ctx_len > sizeof ctx->sid_ctx) { 382 if (sid_ctx_len > sizeof ctx->sid_ctx) {
383 SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 383 SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
384 return (0); 384 return (0);
385 } 385 }
386 ctx->sid_ctx_length = sid_ctx_len; 386 ctx->sid_ctx_length = sid_ctx_len;
@@ -394,7 +394,7 @@ SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
394 unsigned int sid_ctx_len) 394 unsigned int sid_ctx_len)
395{ 395{
396 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { 396 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
397 SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 397 SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
398 return (0); 398 return (0);
399 } 399 }
400 ssl->sid_ctx_length = sid_ctx_len; 400 ssl->sid_ctx_length = sid_ctx_len;
@@ -631,7 +631,7 @@ SSL_set_fd(SSL *s, int fd)
631 bio = BIO_new(BIO_s_socket()); 631 bio = BIO_new(BIO_s_socket());
632 632
633 if (bio == NULL) { 633 if (bio == NULL) {
634 SSLerror(ERR_R_BUF_LIB); 634 SSLerror(s, ERR_R_BUF_LIB);
635 goto err; 635 goto err;
636 } 636 }
637 BIO_set_fd(bio, fd, BIO_NOCLOSE); 637 BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -652,7 +652,7 @@ SSL_set_wfd(SSL *s, int fd)
652 bio = BIO_new(BIO_s_socket()); 652 bio = BIO_new(BIO_s_socket());
653 653
654 if (bio == NULL) { 654 if (bio == NULL) {
655 SSLerror(ERR_R_BUF_LIB); 655 SSLerror(s, ERR_R_BUF_LIB);
656 goto err; 656 goto err;
657 } 657 }
658 BIO_set_fd(bio, fd, BIO_NOCLOSE); 658 BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -675,7 +675,7 @@ SSL_set_rfd(SSL *s, int fd)
675 bio = BIO_new(BIO_s_socket()); 675 bio = BIO_new(BIO_s_socket());
676 676
677 if (bio == NULL) { 677 if (bio == NULL) {
678 SSLerror(ERR_R_BUF_LIB); 678 SSLerror(s, ERR_R_BUF_LIB);
679 goto err; 679 goto err;
680 } 680 }
681 BIO_set_fd(bio, fd, BIO_NOCLOSE); 681 BIO_set_fd(bio, fd, BIO_NOCLOSE);
@@ -870,11 +870,11 @@ SSL_CTX_check_private_key(const SSL_CTX *ctx)
870{ 870{
871 if ((ctx == NULL) || (ctx->internal->cert == NULL) || 871 if ((ctx == NULL) || (ctx->internal->cert == NULL) ||
872 (ctx->internal->cert->key->x509 == NULL)) { 872 (ctx->internal->cert->key->x509 == NULL)) {
873 SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED); 873 SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED);
874 return (0); 874 return (0);
875 } 875 }
876 if (ctx->internal->cert->key->privatekey == NULL) { 876 if (ctx->internal->cert->key->privatekey == NULL) {
877 SSLerror(SSL_R_NO_PRIVATE_KEY_ASSIGNED); 877 SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED);
878 return (0); 878 return (0);
879 } 879 }
880 return (X509_check_private_key(ctx->internal->cert->key->x509, 880 return (X509_check_private_key(ctx->internal->cert->key->x509,
@@ -886,19 +886,19 @@ int
886SSL_check_private_key(const SSL *ssl) 886SSL_check_private_key(const SSL *ssl)
887{ 887{
888 if (ssl == NULL) { 888 if (ssl == NULL) {
889 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 889 SSLerror(ssl, ERR_R_PASSED_NULL_PARAMETER);
890 return (0); 890 return (0);
891 } 891 }
892 if (ssl->cert == NULL) { 892 if (ssl->cert == NULL) {
893 SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED); 893 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
894 return (0); 894 return (0);
895 } 895 }
896 if (ssl->cert->key->x509 == NULL) { 896 if (ssl->cert->key->x509 == NULL) {
897 SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED); 897 SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED);
898 return (0); 898 return (0);
899 } 899 }
900 if (ssl->cert->key->privatekey == NULL) { 900 if (ssl->cert->key->privatekey == NULL) {
901 SSLerror(SSL_R_NO_PRIVATE_KEY_ASSIGNED); 901 SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
902 return (0); 902 return (0);
903 } 903 }
904 return (X509_check_private_key(ssl->cert->key->x509, 904 return (X509_check_private_key(ssl->cert->key->x509,
@@ -933,7 +933,7 @@ int
933SSL_read(SSL *s, void *buf, int num) 933SSL_read(SSL *s, void *buf, int num)
934{ 934{
935 if (s->internal->handshake_func == NULL) { 935 if (s->internal->handshake_func == NULL) {
936 SSLerror(SSL_R_UNINITIALIZED); 936 SSLerror(s, SSL_R_UNINITIALIZED);
937 return (-1); 937 return (-1);
938 } 938 }
939 939
@@ -948,7 +948,7 @@ int
948SSL_peek(SSL *s, void *buf, int num) 948SSL_peek(SSL *s, void *buf, int num)
949{ 949{
950 if (s->internal->handshake_func == NULL) { 950 if (s->internal->handshake_func == NULL) {
951 SSLerror(SSL_R_UNINITIALIZED); 951 SSLerror(s, SSL_R_UNINITIALIZED);
952 return (-1); 952 return (-1);
953 } 953 }
954 954
@@ -962,13 +962,13 @@ int
962SSL_write(SSL *s, const void *buf, int num) 962SSL_write(SSL *s, const void *buf, int num)
963{ 963{
964 if (s->internal->handshake_func == NULL) { 964 if (s->internal->handshake_func == NULL) {
965 SSLerror(SSL_R_UNINITIALIZED); 965 SSLerror(s, SSL_R_UNINITIALIZED);
966 return (-1); 966 return (-1);
967 } 967 }
968 968
969 if (s->internal->shutdown & SSL_SENT_SHUTDOWN) { 969 if (s->internal->shutdown & SSL_SENT_SHUTDOWN) {
970 s->internal->rwstate = SSL_NOTHING; 970 s->internal->rwstate = SSL_NOTHING;
971 SSLerror(SSL_R_PROTOCOL_IS_SHUTDOWN); 971 SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN);
972 return (-1); 972 return (-1);
973 } 973 }
974 return (s->method->internal->ssl_write(s, buf, num)); 974 return (s->method->internal->ssl_write(s, buf, num));
@@ -985,7 +985,7 @@ SSL_shutdown(SSL *s)
985 */ 985 */
986 986
987 if (s->internal->handshake_func == NULL) { 987 if (s->internal->handshake_func == NULL) {
988 SSLerror(SSL_R_UNINITIALIZED); 988 SSLerror(s, SSL_R_UNINITIALIZED);
989 return (-1); 989 return (-1);
990 } 990 }
991 991
@@ -1297,7 +1297,7 @@ SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
1297 if (sk == NULL) 1297 if (sk == NULL)
1298 return (0); 1298 return (0);
1299 else if (sk_SSL_CIPHER_num(sk) == 0) { 1299 else if (sk_SSL_CIPHER_num(sk) == 0) {
1300 SSLerror(SSL_R_NO_CIPHER_MATCH); 1300 SSLerrorx(SSL_R_NO_CIPHER_MATCH);
1301 return (0); 1301 return (0);
1302 } 1302 }
1303 return (1); 1303 return (1);
@@ -1315,7 +1315,7 @@ SSL_set_cipher_list(SSL *s, const char *str)
1315 if (sk == NULL) 1315 if (sk == NULL)
1316 return (0); 1316 return (0);
1317 else if (sk_SSL_CIPHER_num(sk) == 0) { 1317 else if (sk_SSL_CIPHER_num(sk) == 0) {
1318 SSLerror(SSL_R_NO_CIPHER_MATCH); 1318 SSLerror(s, SSL_R_NO_CIPHER_MATCH);
1319 return (0); 1319 return (0);
1320 } 1320 }
1321 return (1); 1321 return (1);
@@ -1419,19 +1419,19 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
1419 * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2]. 1419 * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2].
1420 */ 1420 */
1421 if (num < 2 || num > 0x10000 - 2) { 1421 if (num < 2 || num > 0x10000 - 2) {
1422 SSLerror(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); 1422 SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1423 return (NULL); 1423 return (NULL);
1424 } 1424 }
1425 1425
1426 if ((sk = sk_SSL_CIPHER_new_null()) == NULL) { 1426 if ((sk = sk_SSL_CIPHER_new_null()) == NULL) {
1427 SSLerror(ERR_R_MALLOC_FAILURE); 1427 SSLerror(s, ERR_R_MALLOC_FAILURE);
1428 goto err; 1428 goto err;
1429 } 1429 }
1430 1430
1431 CBS_init(&cbs, p, num); 1431 CBS_init(&cbs, p, num);
1432 while (CBS_len(&cbs) > 0) { 1432 while (CBS_len(&cbs) > 0) {
1433 if (!CBS_get_u16(&cbs, &cipher_value)) { 1433 if (!CBS_get_u16(&cbs, &cipher_value)) {
1434 SSLerror(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); 1434 SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
1435 goto err; 1435 goto err;
1436 } 1436 }
1437 1437
@@ -1443,7 +1443,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
1443 * renegotiating. 1443 * renegotiating.
1444 */ 1444 */
1445 if (s->internal->renegotiate) { 1445 if (s->internal->renegotiate) {
1446 SSLerror(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); 1446 SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
1447 ssl3_send_alert(s, SSL3_AL_FATAL, 1447 ssl3_send_alert(s, SSL3_AL_FATAL,
1448 SSL_AD_HANDSHAKE_FAILURE); 1448 SSL_AD_HANDSHAKE_FAILURE);
1449 1449
@@ -1462,7 +1462,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
1462 */ 1462 */
1463 max_version = ssl_max_server_version(s); 1463 max_version = ssl_max_server_version(s);
1464 if (max_version == 0 || s->version < max_version) { 1464 if (max_version == 0 || s->version < max_version) {
1465 SSLerror(SSL_R_INAPPROPRIATE_FALLBACK); 1465 SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
1466 if (s->s3 != NULL) 1466 if (s->s3 != NULL)
1467 ssl3_send_alert(s, SSL3_AL_FATAL, 1467 ssl3_send_alert(s, SSL3_AL_FATAL,
1468 SSL_AD_INAPPROPRIATE_FALLBACK); 1468 SSL_AD_INAPPROPRIATE_FALLBACK);
@@ -1473,7 +1473,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num)
1473 1473
1474 if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) { 1474 if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) {
1475 if (!sk_SSL_CIPHER_push(sk, c)) { 1475 if (!sk_SSL_CIPHER_push(sk, c)) {
1476 SSLerror(ERR_R_MALLOC_FAILURE); 1476 SSLerror(s, ERR_R_MALLOC_FAILURE);
1477 goto err; 1477 goto err;
1478 } 1478 }
1479 } 1479 }
@@ -1783,22 +1783,22 @@ SSL_CTX_new(const SSL_METHOD *meth)
1783 SSL_CTX *ret; 1783 SSL_CTX *ret;
1784 1784
1785 if (meth == NULL) { 1785 if (meth == NULL) {
1786 SSLerror(SSL_R_NULL_SSL_METHOD_PASSED); 1786 SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED);
1787 return (NULL); 1787 return (NULL);
1788 } 1788 }
1789 1789
1790 if ((ret = calloc(1, sizeof(*ret))) == NULL) { 1790 if ((ret = calloc(1, sizeof(*ret))) == NULL) {
1791 SSLerror(ERR_R_MALLOC_FAILURE); 1791 SSLerrorx(ERR_R_MALLOC_FAILURE);
1792 return (NULL); 1792 return (NULL);
1793 } 1793 }
1794 if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) { 1794 if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) {
1795 free(ret); 1795 free(ret);
1796 SSLerror(ERR_R_MALLOC_FAILURE); 1796 SSLerrorx(ERR_R_MALLOC_FAILURE);
1797 return (NULL); 1797 return (NULL);
1798 } 1798 }
1799 1799
1800 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { 1800 if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
1801 SSLerror(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); 1801 SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
1802 goto err; 1802 goto err;
1803 } 1803 }
1804 1804
@@ -1857,7 +1857,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
1857 &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST); 1857 &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST);
1858 if (ret->cipher_list == NULL || 1858 if (ret->cipher_list == NULL ||
1859 sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { 1859 sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
1860 SSLerror(SSL_R_LIBRARY_HAS_NO_CIPHERS); 1860 SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS);
1861 goto err2; 1861 goto err2;
1862 } 1862 }
1863 1863
@@ -1866,11 +1866,11 @@ SSL_CTX_new(const SSL_METHOD *meth)
1866 goto err; 1866 goto err;
1867 1867
1868 if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { 1868 if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
1869 SSLerror(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); 1869 SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
1870 goto err2; 1870 goto err2;
1871 } 1871 }
1872 if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { 1872 if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
1873 SSLerror(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); 1873 SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
1874 goto err2; 1874 goto err2;
1875 } 1875 }
1876 1876
@@ -1925,7 +1925,7 @@ SSL_CTX_new(const SSL_METHOD *meth)
1925 1925
1926 return (ret); 1926 return (ret);
1927err: 1927err:
1928 SSLerror(ERR_R_MALLOC_FAILURE); 1928 SSLerrorx(ERR_R_MALLOC_FAILURE);
1929err2: 1929err2:
1930 SSL_CTX_free(ret); 1930 SSL_CTX_free(ret);
1931 return (NULL); 1931 return (NULL);
@@ -2109,7 +2109,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
2109 /* Key usage, if present, must allow signing. */ 2109 /* Key usage, if present, must allow signing. */
2110 if ((x->ex_flags & EXFLAG_KUSAGE) && 2110 if ((x->ex_flags & EXFLAG_KUSAGE) &&
2111 ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) { 2111 ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) {
2112 SSLerror(SSL_R_ECC_CERT_NOT_FOR_SIGNING); 2112 SSLerror(s, SSL_R_ECC_CERT_NOT_FOR_SIGNING);
2113 return (0); 2113 return (0);
2114 } 2114 }
2115 } 2115 }
@@ -2141,7 +2141,7 @@ ssl_get_server_send_pkey(const SSL *s)
2141 } else if (alg_a & SSL_aGOST01) { 2141 } else if (alg_a & SSL_aGOST01) {
2142 i = SSL_PKEY_GOST01; 2142 i = SSL_PKEY_GOST01;
2143 } else { /* if (alg_a & SSL_aNULL) */ 2143 } else { /* if (alg_a & SSL_aNULL) */
2144 SSLerror(ERR_R_INTERNAL_ERROR); 2144 SSLerror(s, ERR_R_INTERNAL_ERROR);
2145 return (NULL); 2145 return (NULL);
2146 } 2146 }
2147 2147
@@ -2181,7 +2181,7 @@ ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd)
2181 (c->pkeys[SSL_PKEY_ECC].privatekey != NULL)) 2181 (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
2182 idx = SSL_PKEY_ECC; 2182 idx = SSL_PKEY_ECC;
2183 if (idx == -1) { 2183 if (idx == -1) {
2184 SSLerror(ERR_R_INTERNAL_ERROR); 2184 SSLerror(s, ERR_R_INTERNAL_ERROR);
2185 return (NULL); 2185 return (NULL);
2186 } 2186 }
2187 if (pmd) 2187 if (pmd)
@@ -2385,7 +2385,7 @@ SSL_do_handshake(SSL *s)
2385 int ret = 1; 2385 int ret = 1;
2386 2386
2387 if (s->internal->handshake_func == NULL) { 2387 if (s->internal->handshake_func == NULL) {
2388 SSLerror(SSL_R_CONNECTION_TYPE_NOT_SET); 2388 SSLerror(s, SSL_R_CONNECTION_TYPE_NOT_SET);
2389 return (-1); 2389 return (-1);
2390 } 2390 }
2391 2391
@@ -2430,21 +2430,21 @@ SSL_set_connect_state(SSL *s)
2430int 2430int
2431ssl_undefined_function(SSL *s) 2431ssl_undefined_function(SSL *s)
2432{ 2432{
2433 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2433 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2434 return (0); 2434 return (0);
2435} 2435}
2436 2436
2437int 2437int
2438ssl_undefined_void_function(void) 2438ssl_undefined_void_function(void)
2439{ 2439{
2440 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2440 SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2441 return (0); 2441 return (0);
2442} 2442}
2443 2443
2444int 2444int
2445ssl_undefined_const_function(const SSL *s) 2445ssl_undefined_const_function(const SSL *s)
2446{ 2446{
2447 SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 2447 SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
2448 return (0); 2448 return (0);
2449} 2449}
2450 2450
@@ -2679,7 +2679,7 @@ ssl_init_wbio_buffer(SSL *s, int push)
2679 (void)BIO_reset(bbio); 2679 (void)BIO_reset(bbio);
2680/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */ 2680/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
2681 if (!BIO_set_read_buffer_size(bbio, 1)) { 2681 if (!BIO_set_read_buffer_size(bbio, 1)) {
2682 SSLerror(ERR_R_BUF_LIB); 2682 SSLerror(s, ERR_R_BUF_LIB);
2683 return (0); 2683 return (0);
2684 } 2684 }
2685 if (push) { 2685 if (push) {
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 1ce9350ba6..a64edd2c18 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.172 2017/01/26 10:40:21 beck Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.173 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1367,8 +1367,11 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
1367 const unsigned char *data, size_t data_plus_mac_size, 1367 const unsigned char *data, size_t data_plus_mac_size,
1368 size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret, 1368 size_t data_plus_mac_plus_padding_size, const unsigned char *mac_secret,
1369 unsigned mac_secret_length); 1369 unsigned mac_secret_length);
1370int SSL_state_func_code(int _state);
1370 1371
1371#define SSLerror(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),__FILE__,__LINE__) 1372#define SSLerror(s, r) ERR_PUT_error(ERR_LIB_SSL, \
1373 (SSL_state_func_code(s->internal->state)),(r),__FILE__,__LINE__)
1374#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),__FILE__,__LINE__)
1372 1375
1373__END_HIDDEN_DECLS 1376__END_HIDDEN_DECLS
1374 1377
diff --git a/src/lib/libssl/ssl_packet.c b/src/lib/libssl/ssl_packet.c
index 9ffc27e9a7..d5d5996735 100644
--- a/src/lib/libssl/ssl_packet.c
+++ b/src/lib/libssl/ssl_packet.c
@@ -106,11 +106,11 @@ ssl_convert_sslv2_client_hello(SSL *s)
106 return -1; 106 return -1;
107 107
108 if (record_length < 9) { 108 if (record_length < 9) {
109 SSLerror(SSL_R_RECORD_LENGTH_MISMATCH); 109 SSLerror(s, SSL_R_RECORD_LENGTH_MISMATCH);
110 return -1; 110 return -1;
111 } 111 }
112 if (record_length > 4096) { 112 if (record_length > 4096) {
113 SSLerror(SSL_R_RECORD_TOO_LARGE); 113 SSLerror(s, SSL_R_RECORD_TOO_LARGE);
114 return -1; 114 return -1;
115 } 115 }
116 116
@@ -149,7 +149,7 @@ ssl_convert_sslv2_client_hello(SSL *s)
149 if (!CBS_get_bytes(&cbs, &challenge, challenge_length)) 149 if (!CBS_get_bytes(&cbs, &challenge, challenge_length))
150 return -1; 150 return -1;
151 if (CBS_len(&cbs) != 0) { 151 if (CBS_len(&cbs) != 0) {
152 SSLerror(SSL_R_RECORD_LENGTH_MISMATCH); 152 SSLerror(s, SSL_R_RECORD_LENGTH_MISMATCH);
153 return -1; 153 return -1;
154 } 154 }
155 155
@@ -234,14 +234,14 @@ ssl_server_legacy_first_packet(SSL *s)
234 if (ssl_is_sslv2_client_hello(&header) == 1) { 234 if (ssl_is_sslv2_client_hello(&header) == 1) {
235 /* Only permit SSLv2 client hellos if TLSv1.0 is enabled. */ 235 /* Only permit SSLv2 client hellos if TLSv1.0 is enabled. */
236 if (ssl_enabled_version_range(s, &min_version, NULL) != 1) { 236 if (ssl_enabled_version_range(s, &min_version, NULL) != 1) {
237 SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE); 237 SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
238 return -1; 238 return -1;
239 } 239 }
240 if (min_version > TLS1_VERSION) 240 if (min_version > TLS1_VERSION)
241 return 1; 241 return 1;
242 242
243 if (ssl_convert_sslv2_client_hello(s) != 1) { 243 if (ssl_convert_sslv2_client_hello(s) != 1) {
244 SSLerror(SSL_R_BAD_PACKET_LENGTH); 244 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
245 return -1; 245 return -1;
246 } 246 }
247 247
@@ -250,7 +250,7 @@ ssl_server_legacy_first_packet(SSL *s)
250 250
251 /* Ensure that we have SSL3_RT_HEADER_LENGTH (5 bytes) of the packet. */ 251 /* Ensure that we have SSL3_RT_HEADER_LENGTH (5 bytes) of the packet. */
252 if (CBS_len(&header) != SSL3_RT_HEADER_LENGTH) { 252 if (CBS_len(&header) != SSL3_RT_HEADER_LENGTH) {
253 SSLerror(ERR_R_INTERNAL_ERROR); 253 SSLerror(s, ERR_R_INTERNAL_ERROR);
254 return -1; 254 return -1;
255 } 255 }
256 data = (const char *)CBS_data(&header); 256 data = (const char *)CBS_data(&header);
@@ -260,15 +260,15 @@ ssl_server_legacy_first_packet(SSL *s)
260 strncmp("POST ", data, 5) == 0 || 260 strncmp("POST ", data, 5) == 0 ||
261 strncmp("HEAD ", data, 5) == 0 || 261 strncmp("HEAD ", data, 5) == 0 ||
262 strncmp("PUT ", data, 4) == 0) { 262 strncmp("PUT ", data, 4) == 0) {
263 SSLerror(SSL_R_HTTP_REQUEST); 263 SSLerror(s, SSL_R_HTTP_REQUEST);
264 return -1; 264 return -1;
265 } 265 }
266 if (strncmp("CONNE", data, 5) == 0) { 266 if (strncmp("CONNE", data, 5) == 0) {
267 SSLerror(SSL_R_HTTPS_PROXY_REQUEST); 267 SSLerror(s, SSL_R_HTTPS_PROXY_REQUEST);
268 return -1; 268 return -1;
269 } 269 }
270 270
271 SSLerror(SSL_R_UNKNOWN_PROTOCOL); 271 SSLerror(s, SSL_R_UNKNOWN_PROTOCOL);
272 272
273 return -1; 273 return -1;
274} 274}
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index c57eacd770..f49cc45efd 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_pkt.c,v 1.9 2017/01/31 15:35:46 jsing Exp $ */ 1/* $OpenBSD: ssl_pkt.c,v 1.10 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -224,7 +224,7 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
224 224
225 if (n > (int)(rb->len - rb->offset)) { 225 if (n > (int)(rb->len - rb->offset)) {
226 /* does not happen */ 226 /* does not happen */
227 SSLerror(ERR_R_INTERNAL_ERROR); 227 SSLerror(s, ERR_R_INTERNAL_ERROR);
228 return -1; 228 return -1;
229 } 229 }
230 230
@@ -248,7 +248,7 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
248 s->internal->rwstate = SSL_READING; 248 s->internal->rwstate = SSL_READING;
249 i = BIO_read(s->rbio, pkt + len + left, max - left); 249 i = BIO_read(s->rbio, pkt + len + left, max - left);
250 } else { 250 } else {
251 SSLerror(SSL_R_READ_BIO_NOT_SET); 251 SSLerror(s, SSL_R_READ_BIO_NOT_SET);
252 i = -1; 252 i = -1;
253 } 253 }
254 254
@@ -364,7 +364,7 @@ ssl3_get_record(SSL *s)
364 if (!CBS_get_u8(&header, &type) || 364 if (!CBS_get_u8(&header, &type) ||
365 !CBS_get_u16(&header, &ssl_version) || 365 !CBS_get_u16(&header, &ssl_version) ||
366 !CBS_get_u16(&header, &len)) { 366 !CBS_get_u16(&header, &len)) {
367 SSLerror(SSL_R_BAD_PACKET_LENGTH); 367 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
368 goto err; 368 goto err;
369 } 369 }
370 370
@@ -373,7 +373,7 @@ ssl3_get_record(SSL *s)
373 373
374 /* Lets check version */ 374 /* Lets check version */
375 if (!s->internal->first_packet && ssl_version != s->version) { 375 if (!s->internal->first_packet && ssl_version != s->version) {
376 SSLerror(SSL_R_WRONG_VERSION_NUMBER); 376 SSLerror(s, SSL_R_WRONG_VERSION_NUMBER);
377 if ((s->version & 0xFF00) == (ssl_version & 0xFF00) && 377 if ((s->version & 0xFF00) == (ssl_version & 0xFF00) &&
378 !s->internal->enc_write_ctx && !s->internal->write_hash) 378 !s->internal->enc_write_ctx && !s->internal->write_hash)
379 /* Send back error using their minor version number :-) */ 379 /* Send back error using their minor version number :-) */
@@ -383,13 +383,13 @@ ssl3_get_record(SSL *s)
383 } 383 }
384 384
385 if ((ssl_version >> 8) != SSL3_VERSION_MAJOR) { 385 if ((ssl_version >> 8) != SSL3_VERSION_MAJOR) {
386 SSLerror(SSL_R_WRONG_VERSION_NUMBER); 386 SSLerror(s, SSL_R_WRONG_VERSION_NUMBER);
387 goto err; 387 goto err;
388 } 388 }
389 389
390 if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) { 390 if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) {
391 al = SSL_AD_RECORD_OVERFLOW; 391 al = SSL_AD_RECORD_OVERFLOW;
392 SSLerror(SSL_R_PACKET_LENGTH_TOO_LONG); 392 SSLerror(s, SSL_R_PACKET_LENGTH_TOO_LONG);
393 goto f_err; 393 goto f_err;
394 } 394 }
395 395
@@ -424,7 +424,7 @@ ssl3_get_record(SSL *s)
424 /* check is not needed I believe */ 424 /* check is not needed I believe */
425 if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) { 425 if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
426 al = SSL_AD_RECORD_OVERFLOW; 426 al = SSL_AD_RECORD_OVERFLOW;
427 SSLerror(SSL_R_ENCRYPTED_LENGTH_TOO_LONG); 427 SSLerror(s, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
428 goto f_err; 428 goto f_err;
429 } 429 }
430 430
@@ -438,7 +438,7 @@ ssl3_get_record(SSL *s)
438 * -1: if the padding is invalid */ 438 * -1: if the padding is invalid */
439 if (enc_err == 0) { 439 if (enc_err == 0) {
440 al = SSL_AD_DECRYPTION_FAILED; 440 al = SSL_AD_DECRYPTION_FAILED;
441 SSLerror(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); 441 SSLerror(s, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
442 goto f_err; 442 goto f_err;
443 } 443 }
444 444
@@ -466,7 +466,7 @@ ssl3_get_record(SSL *s)
466 (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE && 466 (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
467 orig_len < mac_size + 1)) { 467 orig_len < mac_size + 1)) {
468 al = SSL_AD_DECODE_ERROR; 468 al = SSL_AD_DECODE_ERROR;
469 SSLerror(SSL_R_LENGTH_TOO_SHORT); 469 SSLerror(s, SSL_R_LENGTH_TOO_SHORT);
470 goto f_err; 470 goto f_err;
471 } 471 }
472 472
@@ -506,13 +506,13 @@ ssl3_get_record(SSL *s)
506 * (e.g. via a logfile) 506 * (e.g. via a logfile)
507 */ 507 */
508 al = SSL_AD_BAD_RECORD_MAC; 508 al = SSL_AD_BAD_RECORD_MAC;
509 SSLerror(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); 509 SSLerror(s, SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
510 goto f_err; 510 goto f_err;
511 } 511 }
512 512
513 if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) { 513 if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
514 al = SSL_AD_RECORD_OVERFLOW; 514 al = SSL_AD_RECORD_OVERFLOW;
515 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 515 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
516 goto f_err; 516 goto f_err;
517 } 517 }
518 518
@@ -538,7 +538,7 @@ ssl3_get_record(SSL *s)
538 * empty record without forcing want_read. 538 * empty record without forcing want_read.
539 */ 539 */
540 if (s->internal->empty_record_count++ > SSL_MAX_EMPTY_RECORDS) { 540 if (s->internal->empty_record_count++ > SSL_MAX_EMPTY_RECORDS) {
541 SSLerror(SSL_R_PEER_BEHAVING_BADLY); 541 SSLerror(s, SSL_R_PEER_BEHAVING_BADLY);
542 return -1; 542 return -1;
543 } 543 }
544 if (s->internal->empty_record_count > 1) { 544 if (s->internal->empty_record_count > 1) {
@@ -569,7 +569,7 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
569 int i; 569 int i;
570 570
571 if (len < 0) { 571 if (len < 0) {
572 SSLerror(ERR_R_INTERNAL_ERROR); 572 SSLerror(s, ERR_R_INTERNAL_ERROR);
573 return -1; 573 return -1;
574 } 574 }
575 575
@@ -582,7 +582,7 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
582 if (i < 0) 582 if (i < 0)
583 return (i); 583 return (i);
584 if (i == 0) { 584 if (i == 0) {
585 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 585 SSLerror(s, SSL_R_SSL_HANDSHAKE_FAILURE);
586 return -1; 586 return -1;
587 } 587 }
588 } 588 }
@@ -691,7 +691,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
691 if (prefix_len > 691 if (prefix_len >
692 (SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD)) { 692 (SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD)) {
693 /* insufficient space */ 693 /* insufficient space */
694 SSLerror(ERR_R_INTERNAL_ERROR); 694 SSLerror(s, ERR_R_INTERNAL_ERROR);
695 goto err; 695 goto err;
696 } 696 }
697 } 697 }
@@ -834,7 +834,7 @@ ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len)
834 if ((S3I(s)->wpend_tot > (int)len) || ((S3I(s)->wpend_buf != buf) && 834 if ((S3I(s)->wpend_tot > (int)len) || ((S3I(s)->wpend_buf != buf) &&
835 !(s->internal->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) || 835 !(s->internal->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) ||
836 (S3I(s)->wpend_type != type)) { 836 (S3I(s)->wpend_type != type)) {
837 SSLerror(SSL_R_BAD_WRITE_RETRY); 837 SSLerror(s, SSL_R_BAD_WRITE_RETRY);
838 return (-1); 838 return (-1);
839 } 839 }
840 840
@@ -846,7 +846,7 @@ ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len)
846 (char *)&(wb->buf[wb->offset]), 846 (char *)&(wb->buf[wb->offset]),
847 (unsigned int)wb->left); 847 (unsigned int)wb->left);
848 } else { 848 } else {
849 SSLerror(SSL_R_BIO_NOT_SET); 849 SSLerror(s, SSL_R_BIO_NOT_SET);
850 i = -1; 850 i = -1;
851 } 851 }
852 if (i == wb->left) { 852 if (i == wb->left) {
@@ -911,14 +911,14 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
911 return (-1); 911 return (-1);
912 912
913 if (len < 0) { 913 if (len < 0) {
914 SSLerror(ERR_R_INTERNAL_ERROR); 914 SSLerror(s, ERR_R_INTERNAL_ERROR);
915 return -1; 915 return -1;
916 } 916 }
917 917
918 if ((type && type != SSL3_RT_APPLICATION_DATA && 918 if ((type && type != SSL3_RT_APPLICATION_DATA &&
919 type != SSL3_RT_HANDSHAKE) || 919 type != SSL3_RT_HANDSHAKE) ||
920 (peek && (type != SSL3_RT_APPLICATION_DATA))) { 920 (peek && (type != SSL3_RT_APPLICATION_DATA))) {
921 SSLerror(ERR_R_INTERNAL_ERROR); 921 SSLerror(s, ERR_R_INTERNAL_ERROR);
922 return -1; 922 return -1;
923 } 923 }
924 924
@@ -953,7 +953,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
953 if (i < 0) 953 if (i < 0)
954 return (i); 954 return (i);
955 if (i == 0) { 955 if (i == 0) {
956 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 956 SSLerror(s, SSL_R_SSL_HANDSHAKE_FAILURE);
957 return (-1); 957 return (-1);
958 } 958 }
959 } 959 }
@@ -995,7 +995,7 @@ start:
995 * reset by ssl3_get_finished */ 995 * reset by ssl3_get_finished */
996 && (rr->type != SSL3_RT_HANDSHAKE)) { 996 && (rr->type != SSL3_RT_HANDSHAKE)) {
997 al = SSL_AD_UNEXPECTED_MESSAGE; 997 al = SSL_AD_UNEXPECTED_MESSAGE;
998 SSLerror(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); 998 SSLerror(s, SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
999 goto f_err; 999 goto f_err;
1000 } 1000 }
1001 1001
@@ -1015,7 +1015,7 @@ start:
1015 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && 1015 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
1016 (s->enc_read_ctx == NULL)) { 1016 (s->enc_read_ctx == NULL)) {
1017 al = SSL_AD_UNEXPECTED_MESSAGE; 1017 al = SSL_AD_UNEXPECTED_MESSAGE;
1018 SSLerror(SSL_R_APP_DATA_IN_HANDSHAKE); 1018 SSLerror(s, SSL_R_APP_DATA_IN_HANDSHAKE);
1019 goto f_err; 1019 goto f_err;
1020 } 1020 }
1021 1021
@@ -1097,7 +1097,7 @@ start:
1097 (S3I(s)->handshake_fragment[2] != 0) || 1097 (S3I(s)->handshake_fragment[2] != 0) ||
1098 (S3I(s)->handshake_fragment[3] != 0)) { 1098 (S3I(s)->handshake_fragment[3] != 0)) {
1099 al = SSL_AD_DECODE_ERROR; 1099 al = SSL_AD_DECODE_ERROR;
1100 SSLerror(SSL_R_BAD_HELLO_REQUEST); 1100 SSLerror(s, SSL_R_BAD_HELLO_REQUEST);
1101 goto f_err; 1101 goto f_err;
1102 } 1102 }
1103 1103
@@ -1115,7 +1115,7 @@ start:
1115 if (i < 0) 1115 if (i < 0)
1116 return (i); 1116 return (i);
1117 if (i == 0) { 1117 if (i == 0) {
1118 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 1118 SSLerror(s, SSL_R_SSL_HANDSHAKE_FAILURE);
1119 return (-1); 1119 return (-1);
1120 } 1120 }
1121 1121
@@ -1196,13 +1196,13 @@ start:
1196 */ 1196 */
1197 else if (alert_descr == SSL_AD_NO_RENEGOTIATION) { 1197 else if (alert_descr == SSL_AD_NO_RENEGOTIATION) {
1198 al = SSL_AD_HANDSHAKE_FAILURE; 1198 al = SSL_AD_HANDSHAKE_FAILURE;
1199 SSLerror(SSL_R_NO_RENEGOTIATION); 1199 SSLerror(s, SSL_R_NO_RENEGOTIATION);
1200 goto f_err; 1200 goto f_err;
1201 } 1201 }
1202 } else if (alert_level == SSL3_AL_FATAL) { 1202 } else if (alert_level == SSL3_AL_FATAL) {
1203 s->internal->rwstate = SSL_NOTHING; 1203 s->internal->rwstate = SSL_NOTHING;
1204 S3I(s)->fatal_alert = alert_descr; 1204 S3I(s)->fatal_alert = alert_descr;
1205 SSLerror(SSL_AD_REASON_OFFSET + alert_descr); 1205 SSLerror(s, SSL_AD_REASON_OFFSET + alert_descr);
1206 ERR_asprintf_error_data("SSL alert number %d", 1206 ERR_asprintf_error_data("SSL alert number %d",
1207 alert_descr); 1207 alert_descr);
1208 s->internal->shutdown |= SSL_RECEIVED_SHUTDOWN; 1208 s->internal->shutdown |= SSL_RECEIVED_SHUTDOWN;
@@ -1210,7 +1210,7 @@ start:
1210 return (0); 1210 return (0);
1211 } else { 1211 } else {
1212 al = SSL_AD_ILLEGAL_PARAMETER; 1212 al = SSL_AD_ILLEGAL_PARAMETER;
1213 SSLerror(SSL_R_UNKNOWN_ALERT_TYPE); 1213 SSLerror(s, SSL_R_UNKNOWN_ALERT_TYPE);
1214 goto f_err; 1214 goto f_err;
1215 } 1215 }
1216 1216
@@ -1230,21 +1230,21 @@ start:
1230 if ((rr->length != 1) || (rr->off != 0) || 1230 if ((rr->length != 1) || (rr->off != 0) ||
1231 (rr->data[0] != SSL3_MT_CCS)) { 1231 (rr->data[0] != SSL3_MT_CCS)) {
1232 al = SSL_AD_ILLEGAL_PARAMETER; 1232 al = SSL_AD_ILLEGAL_PARAMETER;
1233 SSLerror(SSL_R_BAD_CHANGE_CIPHER_SPEC); 1233 SSLerror(s, SSL_R_BAD_CHANGE_CIPHER_SPEC);
1234 goto f_err; 1234 goto f_err;
1235 } 1235 }
1236 1236
1237 /* Check we have a cipher to change to */ 1237 /* Check we have a cipher to change to */
1238 if (S3I(s)->tmp.new_cipher == NULL) { 1238 if (S3I(s)->tmp.new_cipher == NULL) {
1239 al = SSL_AD_UNEXPECTED_MESSAGE; 1239 al = SSL_AD_UNEXPECTED_MESSAGE;
1240 SSLerror(SSL_R_CCS_RECEIVED_EARLY); 1240 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
1241 goto f_err; 1241 goto f_err;
1242 } 1242 }
1243 1243
1244 /* Check that we should be receiving a Change Cipher Spec. */ 1244 /* Check that we should be receiving a Change Cipher Spec. */
1245 if (!(s->s3->flags & SSL3_FLAGS_CCS_OK)) { 1245 if (!(s->s3->flags & SSL3_FLAGS_CCS_OK)) {
1246 al = SSL_AD_UNEXPECTED_MESSAGE; 1246 al = SSL_AD_UNEXPECTED_MESSAGE;
1247 SSLerror(SSL_R_CCS_RECEIVED_EARLY); 1247 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
1248 goto f_err; 1248 goto f_err;
1249 } 1249 }
1250 s->s3->flags &= ~SSL3_FLAGS_CCS_OK; 1250 s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
@@ -1276,7 +1276,7 @@ start:
1276 if (i < 0) 1276 if (i < 0)
1277 return (i); 1277 return (i);
1278 if (i == 0) { 1278 if (i == 0) {
1279 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 1279 SSLerror(s, SSL_R_SSL_HANDSHAKE_FAILURE);
1280 return (-1); 1280 return (-1);
1281 } 1281 }
1282 1282
@@ -1305,7 +1305,7 @@ start:
1305 goto start; 1305 goto start;
1306 } 1306 }
1307 al = SSL_AD_UNEXPECTED_MESSAGE; 1307 al = SSL_AD_UNEXPECTED_MESSAGE;
1308 SSLerror(SSL_R_UNEXPECTED_RECORD); 1308 SSLerror(s, SSL_R_UNEXPECTED_RECORD);
1309 goto f_err; 1309 goto f_err;
1310 case SSL3_RT_CHANGE_CIPHER_SPEC: 1310 case SSL3_RT_CHANGE_CIPHER_SPEC:
1311 case SSL3_RT_ALERT: 1311 case SSL3_RT_ALERT:
@@ -1314,7 +1314,7 @@ start:
1314 * of SSL3_RT_HANDSHAKE when s->internal->in_handshake is set, but that 1314 * of SSL3_RT_HANDSHAKE when s->internal->in_handshake is set, but that
1315 * should not happen when type != rr->type */ 1315 * should not happen when type != rr->type */
1316 al = SSL_AD_UNEXPECTED_MESSAGE; 1316 al = SSL_AD_UNEXPECTED_MESSAGE;
1317 SSLerror(ERR_R_INTERNAL_ERROR); 1317 SSLerror(s, ERR_R_INTERNAL_ERROR);
1318 goto f_err; 1318 goto f_err;
1319 case SSL3_RT_APPLICATION_DATA: 1319 case SSL3_RT_APPLICATION_DATA:
1320 /* At this point, we were expecting handshake data, 1320 /* At this point, we were expecting handshake data,
@@ -1336,7 +1336,7 @@ start:
1336 return (-1); 1336 return (-1);
1337 } else { 1337 } else {
1338 al = SSL_AD_UNEXPECTED_MESSAGE; 1338 al = SSL_AD_UNEXPECTED_MESSAGE;
1339 SSLerror(SSL_R_UNEXPECTED_RECORD); 1339 SSLerror(s, SSL_R_UNEXPECTED_RECORD);
1340 goto f_err; 1340 goto f_err;
1341 } 1341 }
1342 } 1342 }
@@ -1363,7 +1363,7 @@ ssl3_do_change_cipher_spec(SSL *s)
1363 if (S3I(s)->tmp.key_block == NULL) { 1363 if (S3I(s)->tmp.key_block == NULL) {
1364 if (s->session == NULL || s->session->master_key_length == 0) { 1364 if (s->session == NULL || s->session->master_key_length == 0) {
1365 /* might happen if dtls1_read_bytes() calls this */ 1365 /* might happen if dtls1_read_bytes() calls this */
1366 SSLerror(SSL_R_CCS_RECEIVED_EARLY); 1366 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
1367 return (0); 1367 return (0);
1368 } 1368 }
1369 1369
@@ -1389,7 +1389,7 @@ ssl3_do_change_cipher_spec(SSL *s)
1389 i = tls1_final_finish_mac(s, sender, slen, 1389 i = tls1_final_finish_mac(s, sender, slen,
1390 S3I(s)->tmp.peer_finish_md); 1390 S3I(s)->tmp.peer_finish_md);
1391 if (i == 0) { 1391 if (i == 0) {
1392 SSLerror(ERR_R_INTERNAL_ERROR); 1392 SSLerror(s, ERR_R_INTERNAL_ERROR);
1393 return 0; 1393 return 0;
1394 } 1394 }
1395 S3I(s)->tmp.peer_finish_md_len = i; 1395 S3I(s)->tmp.peer_finish_md_len = i;
diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c
index facb8ac274..e99ce1e3ae 100644
--- a/src/lib/libssl/ssl_rsa.c
+++ b/src/lib/libssl/ssl_rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_rsa.c,v 1.27 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: ssl_rsa.c,v 1.28 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -74,11 +74,11 @@ int
74SSL_use_certificate(SSL *ssl, X509 *x) 74SSL_use_certificate(SSL *ssl, X509 *x)
75{ 75{
76 if (x == NULL) { 76 if (x == NULL) {
77 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 77 SSLerror(ssl, ERR_R_PASSED_NULL_PARAMETER);
78 return (0); 78 return (0);
79 } 79 }
80 if (!ssl_cert_inst(&ssl->cert)) { 80 if (!ssl_cert_inst(&ssl->cert)) {
81 SSLerror(ERR_R_MALLOC_FAILURE); 81 SSLerror(ssl, ERR_R_MALLOC_FAILURE);
82 return (0); 82 return (0);
83 } 83 }
84 return (ssl_set_cert(ssl->cert, x)); 84 return (ssl_set_cert(ssl->cert, x));
@@ -94,12 +94,12 @@ SSL_use_certificate_file(SSL *ssl, const char *file, int type)
94 94
95 in = BIO_new(BIO_s_file_internal()); 95 in = BIO_new(BIO_s_file_internal());
96 if (in == NULL) { 96 if (in == NULL) {
97 SSLerror(ERR_R_BUF_LIB); 97 SSLerror(ssl, ERR_R_BUF_LIB);
98 goto end; 98 goto end;
99 } 99 }
100 100
101 if (BIO_read_filename(in, file) <= 0) { 101 if (BIO_read_filename(in, file) <= 0) {
102 SSLerror(ERR_R_SYS_LIB); 102 SSLerror(ssl, ERR_R_SYS_LIB);
103 goto end; 103 goto end;
104 } 104 }
105 if (type == SSL_FILETYPE_ASN1) { 105 if (type == SSL_FILETYPE_ASN1) {
@@ -111,12 +111,12 @@ SSL_use_certificate_file(SSL *ssl, const char *file, int type)
111 ssl->ctx->default_passwd_callback, 111 ssl->ctx->default_passwd_callback,
112 ssl->ctx->default_passwd_callback_userdata); 112 ssl->ctx->default_passwd_callback_userdata);
113 } else { 113 } else {
114 SSLerror(SSL_R_BAD_SSL_FILETYPE); 114 SSLerror(ssl, SSL_R_BAD_SSL_FILETYPE);
115 goto end; 115 goto end;
116 } 116 }
117 117
118 if (x == NULL) { 118 if (x == NULL) {
119 SSLerror(j); 119 SSLerror(ssl, j);
120 goto end; 120 goto end;
121 } 121 }
122 122
@@ -135,7 +135,7 @@ SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
135 135
136 x = d2i_X509(NULL, &d,(long)len); 136 x = d2i_X509(NULL, &d,(long)len);
137 if (x == NULL) { 137 if (x == NULL) {
138 SSLerror(ERR_R_ASN1_LIB); 138 SSLerror(ssl, ERR_R_ASN1_LIB);
139 return (0); 139 return (0);
140 } 140 }
141 141
@@ -151,15 +151,15 @@ SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
151 int ret; 151 int ret;
152 152
153 if (rsa == NULL) { 153 if (rsa == NULL) {
154 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 154 SSLerror(ssl, ERR_R_PASSED_NULL_PARAMETER);
155 return (0); 155 return (0);
156 } 156 }
157 if (!ssl_cert_inst(&ssl->cert)) { 157 if (!ssl_cert_inst(&ssl->cert)) {
158 SSLerror(ERR_R_MALLOC_FAILURE); 158 SSLerror(ssl, ERR_R_MALLOC_FAILURE);
159 return (0); 159 return (0);
160 } 160 }
161 if ((pkey = EVP_PKEY_new()) == NULL) { 161 if ((pkey = EVP_PKEY_new()) == NULL) {
162 SSLerror(ERR_R_EVP_LIB); 162 SSLerror(ssl, ERR_R_EVP_LIB);
163 return (0); 163 return (0);
164 } 164 }
165 165
@@ -178,7 +178,7 @@ ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
178 178
179 i = ssl_cert_type(NULL, pkey); 179 i = ssl_cert_type(NULL, pkey);
180 if (i < 0) { 180 if (i < 0) {
181 SSLerror(SSL_R_UNKNOWN_CERTIFICATE_TYPE); 181 SSLerrorx(SSL_R_UNKNOWN_CERTIFICATE_TYPE);
182 return (0); 182 return (0);
183 } 183 }
184 184
@@ -222,12 +222,12 @@ SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
222 222
223 in = BIO_new(BIO_s_file_internal()); 223 in = BIO_new(BIO_s_file_internal());
224 if (in == NULL) { 224 if (in == NULL) {
225 SSLerror(ERR_R_BUF_LIB); 225 SSLerror(ssl, ERR_R_BUF_LIB);
226 goto end; 226 goto end;
227 } 227 }
228 228
229 if (BIO_read_filename(in, file) <= 0) { 229 if (BIO_read_filename(in, file) <= 0) {
230 SSLerror(ERR_R_SYS_LIB); 230 SSLerror(ssl, ERR_R_SYS_LIB);
231 goto end; 231 goto end;
232 } 232 }
233 if (type == SSL_FILETYPE_ASN1) { 233 if (type == SSL_FILETYPE_ASN1) {
@@ -239,11 +239,11 @@ SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
239 ssl->ctx->default_passwd_callback, 239 ssl->ctx->default_passwd_callback,
240 ssl->ctx->default_passwd_callback_userdata); 240 ssl->ctx->default_passwd_callback_userdata);
241 } else { 241 } else {
242 SSLerror(SSL_R_BAD_SSL_FILETYPE); 242 SSLerror(ssl, SSL_R_BAD_SSL_FILETYPE);
243 goto end; 243 goto end;
244 } 244 }
245 if (rsa == NULL) { 245 if (rsa == NULL) {
246 SSLerror(j); 246 SSLerror(ssl, j);
247 goto end; 247 goto end;
248 } 248 }
249 ret = SSL_use_RSAPrivateKey(ssl, rsa); 249 ret = SSL_use_RSAPrivateKey(ssl, rsa);
@@ -262,7 +262,7 @@ SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
262 262
263 p = d; 263 p = d;
264 if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) { 264 if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
265 SSLerror(ERR_R_ASN1_LIB); 265 SSLerror(ssl, ERR_R_ASN1_LIB);
266 return (0); 266 return (0);
267 } 267 }
268 268
@@ -277,11 +277,11 @@ SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
277 int ret; 277 int ret;
278 278
279 if (pkey == NULL) { 279 if (pkey == NULL) {
280 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 280 SSLerror(ssl, ERR_R_PASSED_NULL_PARAMETER);
281 return (0); 281 return (0);
282 } 282 }
283 if (!ssl_cert_inst(&ssl->cert)) { 283 if (!ssl_cert_inst(&ssl->cert)) {
284 SSLerror(ERR_R_MALLOC_FAILURE); 284 SSLerror(ssl, ERR_R_MALLOC_FAILURE);
285 return (0); 285 return (0);
286 } 286 }
287 ret = ssl_set_pkey(ssl->cert, pkey); 287 ret = ssl_set_pkey(ssl->cert, pkey);
@@ -297,12 +297,12 @@ SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
297 297
298 in = BIO_new(BIO_s_file_internal()); 298 in = BIO_new(BIO_s_file_internal());
299 if (in == NULL) { 299 if (in == NULL) {
300 SSLerror(ERR_R_BUF_LIB); 300 SSLerror(ssl, ERR_R_BUF_LIB);
301 goto end; 301 goto end;
302 } 302 }
303 303
304 if (BIO_read_filename(in, file) <= 0) { 304 if (BIO_read_filename(in, file) <= 0) {
305 SSLerror(ERR_R_SYS_LIB); 305 SSLerror(ssl, ERR_R_SYS_LIB);
306 goto end; 306 goto end;
307 } 307 }
308 if (type == SSL_FILETYPE_PEM) { 308 if (type == SSL_FILETYPE_PEM) {
@@ -314,11 +314,11 @@ SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
314 j = ERR_R_ASN1_LIB; 314 j = ERR_R_ASN1_LIB;
315 pkey = d2i_PrivateKey_bio(in, NULL); 315 pkey = d2i_PrivateKey_bio(in, NULL);
316 } else { 316 } else {
317 SSLerror(SSL_R_BAD_SSL_FILETYPE); 317 SSLerror(ssl, SSL_R_BAD_SSL_FILETYPE);
318 goto end; 318 goto end;
319 } 319 }
320 if (pkey == NULL) { 320 if (pkey == NULL) {
321 SSLerror(j); 321 SSLerror(ssl, j);
322 goto end; 322 goto end;
323 } 323 }
324 ret = SSL_use_PrivateKey(ssl, pkey); 324 ret = SSL_use_PrivateKey(ssl, pkey);
@@ -337,7 +337,7 @@ SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
337 337
338 p = d; 338 p = d;
339 if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) { 339 if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
340 SSLerror(ERR_R_ASN1_LIB); 340 SSLerror(ssl, ERR_R_ASN1_LIB);
341 return (0); 341 return (0);
342 } 342 }
343 343
@@ -350,11 +350,11 @@ int
350SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) 350SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
351{ 351{
352 if (x == NULL) { 352 if (x == NULL) {
353 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 353 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER);
354 return (0); 354 return (0);
355 } 355 }
356 if (!ssl_cert_inst(&ctx->internal->cert)) { 356 if (!ssl_cert_inst(&ctx->internal->cert)) {
357 SSLerror(ERR_R_MALLOC_FAILURE); 357 SSLerrorx(ERR_R_MALLOC_FAILURE);
358 return (0); 358 return (0);
359 } 359 }
360 return (ssl_set_cert(ctx->internal->cert, x)); 360 return (ssl_set_cert(ctx->internal->cert, x));
@@ -368,13 +368,13 @@ ssl_set_cert(CERT *c, X509 *x)
368 368
369 pkey = X509_get_pubkey(x); 369 pkey = X509_get_pubkey(x);
370 if (pkey == NULL) { 370 if (pkey == NULL) {
371 SSLerror(SSL_R_X509_LIB); 371 SSLerrorx(SSL_R_X509_LIB);
372 return (0); 372 return (0);
373 } 373 }
374 374
375 i = ssl_cert_type(x, pkey); 375 i = ssl_cert_type(x, pkey);
376 if (i < 0) { 376 if (i < 0) {
377 SSLerror(SSL_R_UNKNOWN_CERTIFICATE_TYPE); 377 SSLerrorx(SSL_R_UNKNOWN_CERTIFICATE_TYPE);
378 EVP_PKEY_free(pkey); 378 EVP_PKEY_free(pkey);
379 return (0); 379 return (0);
380 } 380 }
@@ -427,12 +427,12 @@ SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
427 427
428 in = BIO_new(BIO_s_file_internal()); 428 in = BIO_new(BIO_s_file_internal());
429 if (in == NULL) { 429 if (in == NULL) {
430 SSLerror(ERR_R_BUF_LIB); 430 SSLerrorx(ERR_R_BUF_LIB);
431 goto end; 431 goto end;
432 } 432 }
433 433
434 if (BIO_read_filename(in, file) <= 0) { 434 if (BIO_read_filename(in, file) <= 0) {
435 SSLerror(ERR_R_SYS_LIB); 435 SSLerrorx(ERR_R_SYS_LIB);
436 goto end; 436 goto end;
437 } 437 }
438 if (type == SSL_FILETYPE_ASN1) { 438 if (type == SSL_FILETYPE_ASN1) {
@@ -443,12 +443,12 @@ SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
443 x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, 443 x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
444 ctx->default_passwd_callback_userdata); 444 ctx->default_passwd_callback_userdata);
445 } else { 445 } else {
446 SSLerror(SSL_R_BAD_SSL_FILETYPE); 446 SSLerrorx(SSL_R_BAD_SSL_FILETYPE);
447 goto end; 447 goto end;
448 } 448 }
449 449
450 if (x == NULL) { 450 if (x == NULL) {
451 SSLerror(j); 451 SSLerrorx(j);
452 goto end; 452 goto end;
453 } 453 }
454 454
@@ -467,7 +467,7 @@ SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
467 467
468 x = d2i_X509(NULL, &d,(long)len); 468 x = d2i_X509(NULL, &d,(long)len);
469 if (x == NULL) { 469 if (x == NULL) {
470 SSLerror(ERR_R_ASN1_LIB); 470 SSLerrorx(ERR_R_ASN1_LIB);
471 return (0); 471 return (0);
472 } 472 }
473 473
@@ -483,15 +483,15 @@ SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
483 EVP_PKEY *pkey; 483 EVP_PKEY *pkey;
484 484
485 if (rsa == NULL) { 485 if (rsa == NULL) {
486 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 486 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER);
487 return (0); 487 return (0);
488 } 488 }
489 if (!ssl_cert_inst(&ctx->internal->cert)) { 489 if (!ssl_cert_inst(&ctx->internal->cert)) {
490 SSLerror(ERR_R_MALLOC_FAILURE); 490 SSLerrorx(ERR_R_MALLOC_FAILURE);
491 return (0); 491 return (0);
492 } 492 }
493 if ((pkey = EVP_PKEY_new()) == NULL) { 493 if ((pkey = EVP_PKEY_new()) == NULL) {
494 SSLerror(ERR_R_EVP_LIB); 494 SSLerrorx(ERR_R_EVP_LIB);
495 return (0); 495 return (0);
496 } 496 }
497 497
@@ -512,12 +512,12 @@ SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
512 512
513 in = BIO_new(BIO_s_file_internal()); 513 in = BIO_new(BIO_s_file_internal());
514 if (in == NULL) { 514 if (in == NULL) {
515 SSLerror(ERR_R_BUF_LIB); 515 SSLerrorx(ERR_R_BUF_LIB);
516 goto end; 516 goto end;
517 } 517 }
518 518
519 if (BIO_read_filename(in, file) <= 0) { 519 if (BIO_read_filename(in, file) <= 0) {
520 SSLerror(ERR_R_SYS_LIB); 520 SSLerrorx(ERR_R_SYS_LIB);
521 goto end; 521 goto end;
522 } 522 }
523 if (type == SSL_FILETYPE_ASN1) { 523 if (type == SSL_FILETYPE_ASN1) {
@@ -529,11 +529,11 @@ SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
529 ctx->default_passwd_callback, 529 ctx->default_passwd_callback,
530 ctx->default_passwd_callback_userdata); 530 ctx->default_passwd_callback_userdata);
531 } else { 531 } else {
532 SSLerror(SSL_R_BAD_SSL_FILETYPE); 532 SSLerrorx(SSL_R_BAD_SSL_FILETYPE);
533 goto end; 533 goto end;
534 } 534 }
535 if (rsa == NULL) { 535 if (rsa == NULL) {
536 SSLerror(j); 536 SSLerrorx(j);
537 goto end; 537 goto end;
538 } 538 }
539 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa); 539 ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
@@ -552,7 +552,7 @@ SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
552 552
553 p = d; 553 p = d;
554 if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) { 554 if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
555 SSLerror(ERR_R_ASN1_LIB); 555 SSLerrorx(ERR_R_ASN1_LIB);
556 return (0); 556 return (0);
557 } 557 }
558 558
@@ -565,11 +565,11 @@ int
565SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) 565SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
566{ 566{
567 if (pkey == NULL) { 567 if (pkey == NULL) {
568 SSLerror(ERR_R_PASSED_NULL_PARAMETER); 568 SSLerrorx(ERR_R_PASSED_NULL_PARAMETER);
569 return (0); 569 return (0);
570 } 570 }
571 if (!ssl_cert_inst(&ctx->internal->cert)) { 571 if (!ssl_cert_inst(&ctx->internal->cert)) {
572 SSLerror(ERR_R_MALLOC_FAILURE); 572 SSLerrorx(ERR_R_MALLOC_FAILURE);
573 return (0); 573 return (0);
574 } 574 }
575 return (ssl_set_pkey(ctx->internal->cert, pkey)); 575 return (ssl_set_pkey(ctx->internal->cert, pkey));
@@ -584,12 +584,12 @@ SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
584 584
585 in = BIO_new(BIO_s_file_internal()); 585 in = BIO_new(BIO_s_file_internal());
586 if (in == NULL) { 586 if (in == NULL) {
587 SSLerror(ERR_R_BUF_LIB); 587 SSLerrorx(ERR_R_BUF_LIB);
588 goto end; 588 goto end;
589 } 589 }
590 590
591 if (BIO_read_filename(in, file) <= 0) { 591 if (BIO_read_filename(in, file) <= 0) {
592 SSLerror(ERR_R_SYS_LIB); 592 SSLerrorx(ERR_R_SYS_LIB);
593 goto end; 593 goto end;
594 } 594 }
595 if (type == SSL_FILETYPE_PEM) { 595 if (type == SSL_FILETYPE_PEM) {
@@ -601,11 +601,11 @@ SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
601 j = ERR_R_ASN1_LIB; 601 j = ERR_R_ASN1_LIB;
602 pkey = d2i_PrivateKey_bio(in, NULL); 602 pkey = d2i_PrivateKey_bio(in, NULL);
603 } else { 603 } else {
604 SSLerror(SSL_R_BAD_SSL_FILETYPE); 604 SSLerrorx(SSL_R_BAD_SSL_FILETYPE);
605 goto end; 605 goto end;
606 } 606 }
607 if (pkey == NULL) { 607 if (pkey == NULL) {
608 SSLerror(j); 608 SSLerrorx(j);
609 goto end; 609 goto end;
610 } 610 }
611 ret = SSL_CTX_use_PrivateKey(ctx, pkey); 611 ret = SSL_CTX_use_PrivateKey(ctx, pkey);
@@ -625,7 +625,7 @@ SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
625 625
626 p = d; 626 p = d;
627 if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) { 627 if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
628 SSLerror(ERR_R_ASN1_LIB); 628 SSLerrorx(ERR_R_ASN1_LIB);
629 return (0); 629 return (0);
630 } 630 }
631 631
@@ -651,7 +651,7 @@ ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in)
651 x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, 651 x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
652 ctx->default_passwd_callback_userdata); 652 ctx->default_passwd_callback_userdata);
653 if (x == NULL) { 653 if (x == NULL) {
654 SSLerror(ERR_R_PEM_LIB); 654 SSLerrorx(ERR_R_PEM_LIB);
655 goto end; 655 goto end;
656 } 656 }
657 657
@@ -711,12 +711,12 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
711 711
712 in = BIO_new(BIO_s_file_internal()); 712 in = BIO_new(BIO_s_file_internal());
713 if (in == NULL) { 713 if (in == NULL) {
714 SSLerror(ERR_R_BUF_LIB); 714 SSLerrorx(ERR_R_BUF_LIB);
715 goto end; 715 goto end;
716 } 716 }
717 717
718 if (BIO_read_filename(in, file) <= 0) { 718 if (BIO_read_filename(in, file) <= 0) {
719 SSLerror(ERR_R_SYS_LIB); 719 SSLerrorx(ERR_R_SYS_LIB);
720 goto end; 720 goto end;
721 } 721 }
722 722
@@ -735,7 +735,7 @@ SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *buf, int len)
735 735
736 in = BIO_new_mem_buf(buf, len); 736 in = BIO_new_mem_buf(buf, len);
737 if (in == NULL) { 737 if (in == NULL) {
738 SSLerror(ERR_R_BUF_LIB); 738 SSLerrorx(ERR_R_BUF_LIB);
739 goto end; 739 goto end;
740 } 740 }
741 741
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 5477e9a168..5d80e58196 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sess.c,v 1.69 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: ssl_sess.c,v 1.70 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -200,12 +200,12 @@ SSL_SESSION_new(void)
200 SSL_SESSION *ss; 200 SSL_SESSION *ss;
201 201
202 if ((ss = calloc(1, sizeof(*ss))) == NULL) { 202 if ((ss = calloc(1, sizeof(*ss))) == NULL) {
203 SSLerror(ERR_R_MALLOC_FAILURE); 203 SSLerrorx(ERR_R_MALLOC_FAILURE);
204 return (NULL); 204 return (NULL);
205 } 205 }
206 if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) { 206 if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {
207 free(ss); 207 free(ss);
208 SSLerror(ERR_R_MALLOC_FAILURE); 208 SSLerrorx(ERR_R_MALLOC_FAILURE);
209 return (NULL); 209 return (NULL);
210 } 210 }
211 211
@@ -312,7 +312,7 @@ ssl_get_new_session(SSL *s, int session)
312 ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; 312 ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
313 break; 313 break;
314 default: 314 default:
315 SSLerror(SSL_R_UNSUPPORTED_SSL_VERSION); 315 SSLerror(s, SSL_R_UNSUPPORTED_SSL_VERSION);
316 SSL_SESSION_free(ss); 316 SSL_SESSION_free(ss);
317 return (0); 317 return (0);
318 } 318 }
@@ -335,7 +335,7 @@ ssl_get_new_session(SSL *s, int session)
335 tmp = ss->session_id_length; 335 tmp = ss->session_id_length;
336 if (!cb(s, ss->session_id, &tmp)) { 336 if (!cb(s, ss->session_id, &tmp)) {
337 /* The callback failed */ 337 /* The callback failed */
338 SSLerror(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED); 338 SSLerror(s, SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
339 SSL_SESSION_free(ss); 339 SSL_SESSION_free(ss);
340 return (0); 340 return (0);
341 } 341 }
@@ -346,7 +346,7 @@ ssl_get_new_session(SSL *s, int session)
346 */ 346 */
347 if (!tmp || (tmp > ss->session_id_length)) { 347 if (!tmp || (tmp > ss->session_id_length)) {
348 /* The callback set an illegal length */ 348 /* The callback set an illegal length */
349 SSLerror(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH); 349 SSLerror(s, SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
350 SSL_SESSION_free(ss); 350 SSL_SESSION_free(ss);
351 return (0); 351 return (0);
352 } 352 }
@@ -355,7 +355,7 @@ ssl_get_new_session(SSL *s, int session)
355 /* Finally, check for a conflict. */ 355 /* Finally, check for a conflict. */
356 if (SSL_has_matching_session_id(s, ss->session_id, 356 if (SSL_has_matching_session_id(s, ss->session_id,
357 ss->session_id_length)) { 357 ss->session_id_length)) {
358 SSLerror(SSL_R_SSL_SESSION_ID_CONFLICT); 358 SSLerror(s, SSL_R_SSL_SESSION_ID_CONFLICT);
359 SSL_SESSION_free(ss); 359 SSL_SESSION_free(ss);
360 return (0); 360 return (0);
361 } 361 }
@@ -364,7 +364,7 @@ sess_id_done:
364 if (s->tlsext_hostname) { 364 if (s->tlsext_hostname) {
365 ss->tlsext_hostname = strdup(s->tlsext_hostname); 365 ss->tlsext_hostname = strdup(s->tlsext_hostname);
366 if (ss->tlsext_hostname == NULL) { 366 if (ss->tlsext_hostname == NULL) {
367 SSLerror(ERR_R_INTERNAL_ERROR); 367 SSLerror(s, ERR_R_INTERNAL_ERROR);
368 SSL_SESSION_free(ss); 368 SSL_SESSION_free(ss);
369 return 0; 369 return 0;
370 } 370 }
@@ -374,7 +374,7 @@ sess_id_done:
374 } 374 }
375 375
376 if (s->sid_ctx_length > sizeof ss->sid_ctx) { 376 if (s->sid_ctx_length > sizeof ss->sid_ctx) {
377 SSLerror(ERR_R_INTERNAL_ERROR); 377 SSLerror(s, ERR_R_INTERNAL_ERROR);
378 SSL_SESSION_free(ss); 378 SSL_SESSION_free(ss);
379 return 0; 379 return 0;
380 } 380 }
@@ -523,7 +523,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
523 * applications to effectively disable the session cache by 523 * applications to effectively disable the session cache by
524 * accident without anyone noticing). 524 * accident without anyone noticing).
525 */ 525 */
526 SSLerror(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); 526 SSLerror(s, SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
527 fatal = 1; 527 fatal = 1;
528 goto err; 528 goto err;
529 } 529 }
@@ -723,7 +723,7 @@ SSL_set_session(SSL *s, SSL_SESSION *session)
723 if (meth == NULL) 723 if (meth == NULL)
724 meth = s->method->internal->get_ssl_method(session->ssl_version); 724 meth = s->method->internal->get_ssl_method(session->ssl_version);
725 if (meth == NULL) { 725 if (meth == NULL) {
726 SSLerror(SSL_R_UNABLE_TO_FIND_SSL_METHOD); 726 SSLerror(s, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
727 return (0); 727 return (0);
728 } 728 }
729 729
@@ -803,7 +803,7 @@ SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
803 unsigned int sid_ctx_len) 803 unsigned int sid_ctx_len)
804{ 804{
805 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { 805 if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
806 SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); 806 SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
807 return 0; 807 return 0;
808 } 808 }
809 s->sid_ctx_length = sid_ctx_len; 809 s->sid_ctx_length = sid_ctx_len;
@@ -864,7 +864,7 @@ SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
864 s->internal->tlsext_session_ticket = 864 s->internal->tlsext_session_ticket =
865 malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); 865 malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
866 if (!s->internal->tlsext_session_ticket) { 866 if (!s->internal->tlsext_session_ticket) {
867 SSLerror(ERR_R_MALLOC_FAILURE); 867 SSLerror(s, ERR_R_MALLOC_FAILURE);
868 return 0; 868 return 0;
869 } 869 }
870 870
@@ -1071,11 +1071,11 @@ int
1071SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e) 1071SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
1072{ 1072{
1073 if (!ENGINE_init(e)) { 1073 if (!ENGINE_init(e)) {
1074 SSLerror(ERR_R_ENGINE_LIB); 1074 SSLerrorx(ERR_R_ENGINE_LIB);
1075 return 0; 1075 return 0;
1076 } 1076 }
1077 if (!ENGINE_get_ssl_client_cert_function(e)) { 1077 if (!ENGINE_get_ssl_client_cert_function(e)) {
1078 SSLerror(SSL_R_NO_CLIENT_CERT_METHOD); 1078 SSLerrorx(SSL_R_NO_CLIENT_CERT_METHOD);
1079 ENGINE_finish(e); 1079 ENGINE_finish(e);
1080 return 0; 1080 return 0;
1081 } 1081 }
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 217ecafeec..bb43ec74e2 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.5 2017/01/26 12:28:00 jsing Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.6 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -189,7 +189,7 @@ ssl3_accept(SSL *s)
189 SSL_clear(s); 189 SSL_clear(s);
190 190
191 if (s->cert == NULL) { 191 if (s->cert == NULL) {
192 SSLerror(SSL_R_NO_CERTIFICATE_SET); 192 SSLerror(s, SSL_R_NO_CERTIFICATE_SET);
193 ret = -1; 193 ret = -1;
194 goto end; 194 goto end;
195 } 195 }
@@ -212,7 +212,7 @@ ssl3_accept(SSL *s)
212 cb(s, SSL_CB_HANDSHAKE_START, 1); 212 cb(s, SSL_CB_HANDSHAKE_START, 1);
213 213
214 if ((s->version >> 8) != 3) { 214 if ((s->version >> 8) != 3) {
215 SSLerror(ERR_R_INTERNAL_ERROR); 215 SSLerror(s, ERR_R_INTERNAL_ERROR);
216 ret = -1; 216 ret = -1;
217 goto end; 217 goto end;
218 } 218 }
@@ -253,7 +253,7 @@ ssl3_accept(SSL *s)
253 * client that doesn't support secure 253 * client that doesn't support secure
254 * renegotiation. 254 * renegotiation.
255 */ 255 */
256 SSLerror(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); 256 SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
257 ssl3_send_alert(s, SSL3_AL_FATAL, 257 ssl3_send_alert(s, SSL3_AL_FATAL,
258 SSL_AD_HANDSHAKE_FAILURE); 258 SSL_AD_HANDSHAKE_FAILURE);
259 ret = -1; 259 ret = -1;
@@ -483,7 +483,7 @@ ssl3_accept(SSL *s)
483 * at this point and digest cached records. 483 * at this point and digest cached records.
484 */ 484 */
485 if (!S3I(s)->handshake_buffer) { 485 if (!S3I(s)->handshake_buffer) {
486 SSLerror(ERR_R_INTERNAL_ERROR); 486 SSLerror(s, ERR_R_INTERNAL_ERROR);
487 ret = -1; 487 ret = -1;
488 goto end; 488 goto end;
489 } 489 }
@@ -671,7 +671,7 @@ ssl3_accept(SSL *s)
671 /* break; */ 671 /* break; */
672 672
673 default: 673 default:
674 SSLerror(SSL_R_UNKNOWN_STATE); 674 SSLerror(s, SSL_R_UNKNOWN_STATE);
675 ret = -1; 675 ret = -1;
676 goto end; 676 goto end;
677 /* break; */ 677 /* break; */
@@ -770,7 +770,7 @@ ssl3_get_client_hello(SSL *s)
770 goto truncated; 770 goto truncated;
771 771
772 if (ssl_max_shared_version(s, client_version, &shared_version) != 1) { 772 if (ssl_max_shared_version(s, client_version, &shared_version) != 1) {
773 SSLerror(SSL_R_WRONG_VERSION_NUMBER); 773 SSLerror(s, SSL_R_WRONG_VERSION_NUMBER);
774 if ((s->client_version >> 8) == SSL3_VERSION_MAJOR && 774 if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
775 !s->internal->enc_write_ctx && !s->internal->write_hash) { 775 !s->internal->enc_write_ctx && !s->internal->write_hash) {
776 /* 776 /*
@@ -788,7 +788,7 @@ ssl3_get_client_hello(SSL *s)
788 if ((method = tls1_get_server_method(shared_version)) == NULL) 788 if ((method = tls1_get_server_method(shared_version)) == NULL)
789 method = dtls1_get_server_method(shared_version); 789 method = dtls1_get_server_method(shared_version);
790 if (method == NULL) { 790 if (method == NULL) {
791 SSLerror(ERR_R_INTERNAL_ERROR); 791 SSLerror(s, ERR_R_INTERNAL_ERROR);
792 goto err; 792 goto err;
793 } 793 }
794 s->method = method; 794 s->method = method;
@@ -861,7 +861,7 @@ ssl3_get_client_hello(SSL *s)
861 */ 861 */
862 if (CBS_len(&cookie) > sizeof(D1I(s)->rcvd_cookie)) { 862 if (CBS_len(&cookie) > sizeof(D1I(s)->rcvd_cookie)) {
863 al = SSL_AD_DECODE_ERROR; 863 al = SSL_AD_DECODE_ERROR;
864 SSLerror(SSL_R_COOKIE_MISMATCH); 864 SSLerror(s, SSL_R_COOKIE_MISMATCH);
865 goto f_err; 865 goto f_err;
866 } 866 }
867 867
@@ -879,7 +879,7 @@ ssl3_get_client_hello(SSL *s)
879 if (s->ctx->internal->app_verify_cookie_cb(s, 879 if (s->ctx->internal->app_verify_cookie_cb(s,
880 D1I(s)->rcvd_cookie, cookie_len) == 0) { 880 D1I(s)->rcvd_cookie, cookie_len) == 0) {
881 al = SSL_AD_HANDSHAKE_FAILURE; 881 al = SSL_AD_HANDSHAKE_FAILURE;
882 SSLerror(SSL_R_COOKIE_MISMATCH); 882 SSLerror(s, SSL_R_COOKIE_MISMATCH);
883 goto f_err; 883 goto f_err;
884 } 884 }
885 /* else cookie verification succeeded */ 885 /* else cookie verification succeeded */
@@ -888,7 +888,7 @@ ssl3_get_client_hello(SSL *s)
888 D1I(s)->cookie, D1I(s)->cookie_len) != 0) { 888 D1I(s)->cookie, D1I(s)->cookie_len) != 0) {
889 /* default verification */ 889 /* default verification */
890 al = SSL_AD_HANDSHAKE_FAILURE; 890 al = SSL_AD_HANDSHAKE_FAILURE;
891 SSLerror(SSL_R_COOKIE_MISMATCH); 891 SSLerror(s, SSL_R_COOKIE_MISMATCH);
892 goto f_err; 892 goto f_err;
893 } 893 }
894 ret = 2; 894 ret = 2;
@@ -902,7 +902,7 @@ ssl3_get_client_hello(SSL *s)
902 if (CBS_len(&cipher_suites) == 0 && CBS_len(&session_id) != 0) { 902 if (CBS_len(&cipher_suites) == 0 && CBS_len(&session_id) != 0) {
903 /* we need a cipher if we are not resuming a session */ 903 /* we need a cipher if we are not resuming a session */
904 al = SSL_AD_ILLEGAL_PARAMETER; 904 al = SSL_AD_ILLEGAL_PARAMETER;
905 SSLerror(SSL_R_NO_CIPHERS_SPECIFIED); 905 SSLerror(s, SSL_R_NO_CIPHERS_SPECIFIED);
906 goto f_err; 906 goto f_err;
907 } 907 }
908 908
@@ -930,7 +930,7 @@ ssl3_get_client_hello(SSL *s)
930 * list if we are asked to reuse it 930 * list if we are asked to reuse it
931 */ 931 */
932 al = SSL_AD_ILLEGAL_PARAMETER; 932 al = SSL_AD_ILLEGAL_PARAMETER;
933 SSLerror(SSL_R_REQUIRED_CIPHER_MISSING); 933 SSLerror(s, SSL_R_REQUIRED_CIPHER_MISSING);
934 goto f_err; 934 goto f_err;
935 } 935 }
936 } 936 }
@@ -947,7 +947,7 @@ ssl3_get_client_hello(SSL *s)
947 } 947 }
948 if (comp_null == 0) { 948 if (comp_null == 0) {
949 al = SSL_AD_DECODE_ERROR; 949 al = SSL_AD_DECODE_ERROR;
950 SSLerror(SSL_R_NO_COMPRESSION_SPECIFIED); 950 SSLerror(s, SSL_R_NO_COMPRESSION_SPECIFIED);
951 goto f_err; 951 goto f_err;
952 } 952 }
953 953
@@ -956,11 +956,11 @@ ssl3_get_client_hello(SSL *s)
956 /* TLS extensions*/ 956 /* TLS extensions*/
957 if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { 957 if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) {
958 /* 'al' set by ssl_parse_clienthello_tlsext */ 958 /* 'al' set by ssl_parse_clienthello_tlsext */
959 SSLerror(SSL_R_PARSE_TLSEXT); 959 SSLerror(s, SSL_R_PARSE_TLSEXT);
960 goto f_err; 960 goto f_err;
961 } 961 }
962 if (ssl_check_clienthello_tlsext_early(s) <= 0) { 962 if (ssl_check_clienthello_tlsext_early(s) <= 0) {
963 SSLerror(SSL_R_CLIENTHELLO_TLSEXT); 963 SSLerror(s, SSL_R_CLIENTHELLO_TLSEXT);
964 goto err; 964 goto err;
965 } 965 }
966 966
@@ -991,7 +991,7 @@ ssl3_get_client_hello(SSL *s)
991 SSL_get_ciphers(s)); 991 SSL_get_ciphers(s));
992 if (pref_cipher == NULL) { 992 if (pref_cipher == NULL) {
993 al = SSL_AD_HANDSHAKE_FAILURE; 993 al = SSL_AD_HANDSHAKE_FAILURE;
994 SSLerror(SSL_R_NO_SHARED_CIPHER); 994 SSLerror(s, SSL_R_NO_SHARED_CIPHER);
995 goto f_err; 995 goto f_err;
996 } 996 }
997 997
@@ -1016,7 +1016,7 @@ ssl3_get_client_hello(SSL *s)
1016 s->session->ciphers = ciphers; 1016 s->session->ciphers = ciphers;
1017 if (ciphers == NULL) { 1017 if (ciphers == NULL) {
1018 al = SSL_AD_ILLEGAL_PARAMETER; 1018 al = SSL_AD_ILLEGAL_PARAMETER;
1019 SSLerror(SSL_R_NO_CIPHERS_PASSED); 1019 SSLerror(s, SSL_R_NO_CIPHERS_PASSED);
1020 goto f_err; 1020 goto f_err;
1021 } 1021 }
1022 ciphers = NULL; 1022 ciphers = NULL;
@@ -1025,7 +1025,7 @@ ssl3_get_client_hello(SSL *s)
1025 1025
1026 if (c == NULL) { 1026 if (c == NULL) {
1027 al = SSL_AD_HANDSHAKE_FAILURE; 1027 al = SSL_AD_HANDSHAKE_FAILURE;
1028 SSLerror(SSL_R_NO_SHARED_CIPHER); 1028 SSLerror(s, SSL_R_NO_SHARED_CIPHER);
1029 goto f_err; 1029 goto f_err;
1030 } 1030 }
1031 S3I(s)->tmp.new_cipher = c; 1031 S3I(s)->tmp.new_cipher = c;
@@ -1056,7 +1056,7 @@ ssl3_get_client_hello(SSL *s)
1056 1056
1057 /* Handles TLS extensions that we couldn't check earlier */ 1057 /* Handles TLS extensions that we couldn't check earlier */
1058 if (ssl_check_clienthello_tlsext_late(s) <= 0) { 1058 if (ssl_check_clienthello_tlsext_late(s) <= 0) {
1059 SSLerror(SSL_R_CLIENTHELLO_TLSEXT); 1059 SSLerror(s, SSL_R_CLIENTHELLO_TLSEXT);
1060 goto err; 1060 goto err;
1061 } 1061 }
1062 1062
@@ -1065,7 +1065,7 @@ ssl3_get_client_hello(SSL *s)
1065 if (0) { 1065 if (0) {
1066truncated: 1066truncated:
1067 al = SSL_AD_DECODE_ERROR; 1067 al = SSL_AD_DECODE_ERROR;
1068 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1068 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1069f_err: 1069f_err:
1070 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1070 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1071 } 1071 }
@@ -1124,7 +1124,7 @@ ssl3_send_server_hello(SSL *s)
1124 1124
1125 sl = s->session->session_id_length; 1125 sl = s->session->session_id_length;
1126 if (sl > (int)sizeof(s->session->session_id)) { 1126 if (sl > (int)sizeof(s->session->session_id)) {
1127 SSLerror(ERR_R_INTERNAL_ERROR); 1127 SSLerror(s, ERR_R_INTERNAL_ERROR);
1128 goto err; 1128 goto err;
1129 } 1129 }
1130 1130
@@ -1147,7 +1147,7 @@ ssl3_send_server_hello(SSL *s)
1147 1147
1148 if ((p = ssl_add_serverhello_tlsext(s, p + outlen, 1148 if ((p = ssl_add_serverhello_tlsext(s, p + outlen,
1149 bufend)) == NULL) { 1149 bufend)) == NULL) {
1150 SSLerror(ERR_R_INTERNAL_ERROR); 1150 SSLerror(s, ERR_R_INTERNAL_ERROR);
1151 goto err; 1151 goto err;
1152 } 1152 }
1153 1153
@@ -1188,7 +1188,7 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb)
1188 if (s->cert->dh_tmp_auto != 0) { 1188 if (s->cert->dh_tmp_auto != 0) {
1189 if ((dhp = ssl_get_auto_dh(s)) == NULL) { 1189 if ((dhp = ssl_get_auto_dh(s)) == NULL) {
1190 al = SSL_AD_INTERNAL_ERROR; 1190 al = SSL_AD_INTERNAL_ERROR;
1191 SSLerror(ERR_R_INTERNAL_ERROR); 1191 SSLerror(s, ERR_R_INTERNAL_ERROR);
1192 goto f_err; 1192 goto f_err;
1193 } 1193 }
1194 } else 1194 } else
@@ -1200,24 +1200,24 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb)
1200 1200
1201 if (dhp == NULL) { 1201 if (dhp == NULL) {
1202 al = SSL_AD_HANDSHAKE_FAILURE; 1202 al = SSL_AD_HANDSHAKE_FAILURE;
1203 SSLerror(SSL_R_MISSING_TMP_DH_KEY); 1203 SSLerror(s, SSL_R_MISSING_TMP_DH_KEY);
1204 goto f_err; 1204 goto f_err;
1205 } 1205 }
1206 1206
1207 if (S3I(s)->tmp.dh != NULL) { 1207 if (S3I(s)->tmp.dh != NULL) {
1208 SSLerror(ERR_R_INTERNAL_ERROR); 1208 SSLerror(s, ERR_R_INTERNAL_ERROR);
1209 goto err; 1209 goto err;
1210 } 1210 }
1211 1211
1212 if (s->cert->dh_tmp_auto != 0) { 1212 if (s->cert->dh_tmp_auto != 0) {
1213 dh = dhp; 1213 dh = dhp;
1214 } else if ((dh = DHparams_dup(dhp)) == NULL) { 1214 } else if ((dh = DHparams_dup(dhp)) == NULL) {
1215 SSLerror(ERR_R_DH_LIB); 1215 SSLerror(s, ERR_R_DH_LIB);
1216 goto err; 1216 goto err;
1217 } 1217 }
1218 S3I(s)->tmp.dh = dh; 1218 S3I(s)->tmp.dh = dh;
1219 if (!DH_generate_key(dh)) { 1219 if (!DH_generate_key(dh)) {
1220 SSLerror(ERR_R_DH_LIB); 1220 SSLerror(s, ERR_R_DH_LIB);
1221 goto err; 1221 goto err;
1222 } 1222 }
1223 1223
@@ -1276,12 +1276,12 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1276 } 1276 }
1277 if (ecdhp == NULL) { 1277 if (ecdhp == NULL) {
1278 al = SSL_AD_HANDSHAKE_FAILURE; 1278 al = SSL_AD_HANDSHAKE_FAILURE;
1279 SSLerror(SSL_R_MISSING_TMP_ECDH_KEY); 1279 SSLerror(s, SSL_R_MISSING_TMP_ECDH_KEY);
1280 goto f_err; 1280 goto f_err;
1281 } 1281 }
1282 1282
1283 if (S3I(s)->tmp.ecdh != NULL) { 1283 if (S3I(s)->tmp.ecdh != NULL) {
1284 SSLerror(ERR_R_INTERNAL_ERROR); 1284 SSLerror(s, ERR_R_INTERNAL_ERROR);
1285 goto err; 1285 goto err;
1286 } 1286 }
1287 1287
@@ -1289,7 +1289,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1289 if (s->cert->ecdh_tmp_auto != 0) { 1289 if (s->cert->ecdh_tmp_auto != 0) {
1290 ecdh = ecdhp; 1290 ecdh = ecdhp;
1291 } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) { 1291 } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
1292 SSLerror(ERR_R_ECDH_LIB); 1292 SSLerror(s, ERR_R_ECDH_LIB);
1293 goto err; 1293 goto err;
1294 } 1294 }
1295 S3I(s)->tmp.ecdh = ecdh; 1295 S3I(s)->tmp.ecdh = ecdh;
@@ -1298,7 +1298,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1298 (EC_KEY_get0_private_key(ecdh) == NULL) || 1298 (EC_KEY_get0_private_key(ecdh) == NULL) ||
1299 (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) { 1299 (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
1300 if (!EC_KEY_generate_key(ecdh)) { 1300 if (!EC_KEY_generate_key(ecdh)) {
1301 SSLerror(ERR_R_ECDH_LIB); 1301 SSLerror(s, ERR_R_ECDH_LIB);
1302 goto err; 1302 goto err;
1303 } 1303 }
1304 } 1304 }
@@ -1306,7 +1306,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1306 if (((group = EC_KEY_get0_group(ecdh)) == NULL) || 1306 if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
1307 (EC_KEY_get0_public_key(ecdh) == NULL) || 1307 (EC_KEY_get0_public_key(ecdh) == NULL) ||
1308 (EC_KEY_get0_private_key(ecdh) == NULL)) { 1308 (EC_KEY_get0_private_key(ecdh) == NULL)) {
1309 SSLerror(ERR_R_ECDH_LIB); 1309 SSLerror(s, ERR_R_ECDH_LIB);
1310 goto err; 1310 goto err;
1311 } 1311 }
1312 1312
@@ -1316,7 +1316,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1316 */ 1316 */
1317 if ((curve_id = tls1_ec_nid2curve_id( 1317 if ((curve_id = tls1_ec_nid2curve_id(
1318 EC_GROUP_get_curve_name(group))) == 0) { 1318 EC_GROUP_get_curve_name(group))) == 0) {
1319 SSLerror(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); 1319 SSLerror(s, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
1320 goto err; 1320 goto err;
1321 } 1321 }
1322 1322
@@ -1331,7 +1331,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1331 1331
1332 bn_ctx = BN_CTX_new(); 1332 bn_ctx = BN_CTX_new();
1333 if ((encodedPoint == NULL) || (bn_ctx == NULL)) { 1333 if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
1334 SSLerror(ERR_R_MALLOC_FAILURE); 1334 SSLerror(s, ERR_R_MALLOC_FAILURE);
1335 goto err; 1335 goto err;
1336 } 1336 }
1337 1337
@@ -1339,7 +1339,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1339 POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx); 1339 POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx);
1340 1340
1341 if (encodedlen == 0) { 1341 if (encodedlen == 0) {
1342 SSLerror(ERR_R_ECDH_LIB); 1342 SSLerror(s, ERR_R_ECDH_LIB);
1343 goto err; 1343 goto err;
1344 } 1344 }
1345 1345
@@ -1391,7 +1391,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb)
1391 1391
1392 /* Generate an X25519 key pair. */ 1392 /* Generate an X25519 key pair. */
1393 if (S3I(s)->tmp.x25519 != NULL) { 1393 if (S3I(s)->tmp.x25519 != NULL) {
1394 SSLerror(ERR_R_INTERNAL_ERROR); 1394 SSLerror(s, ERR_R_INTERNAL_ERROR);
1395 goto err; 1395 goto err;
1396 } 1396 }
1397 if ((S3I(s)->tmp.x25519 = malloc(X25519_KEY_LENGTH)) == NULL) 1397 if ((S3I(s)->tmp.x25519 = malloc(X25519_KEY_LENGTH)) == NULL)
@@ -1402,7 +1402,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb)
1402 1402
1403 /* Serialize public key. */ 1403 /* Serialize public key. */
1404 if ((curve_id = tls1_ec_nid2curve_id(nid)) == 0) { 1404 if ((curve_id = tls1_ec_nid2curve_id(nid)) == 0) {
1405 SSLerror(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); 1405 SSLerror(s, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
1406 goto err; 1406 goto err;
1407 } 1407 }
1408 1408
@@ -1477,7 +1477,7 @@ ssl3_send_server_key_exchange(SSL *s)
1477 goto err; 1477 goto err;
1478 } else { 1478 } else {
1479 al = SSL_AD_HANDSHAKE_FAILURE; 1479 al = SSL_AD_HANDSHAKE_FAILURE;
1480 SSLerror(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); 1480 SSLerror(s, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1481 goto f_err; 1481 goto f_err;
1482 } 1482 }
1483 1483
@@ -1498,7 +1498,7 @@ ssl3_send_server_key_exchange(SSL *s)
1498 1498
1499 if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) + 1499 if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) +
1500 params_len + kn)) { 1500 params_len + kn)) {
1501 SSLerror(ERR_LIB_BUF); 1501 SSLerror(s, ERR_LIB_BUF);
1502 goto err; 1502 goto err;
1503 } 1503 }
1504 1504
@@ -1541,7 +1541,7 @@ ssl3_send_server_key_exchange(SSL *s)
1541 } 1541 }
1542 if (RSA_sign(NID_md5_sha1, md_buf, j, 1542 if (RSA_sign(NID_md5_sha1, md_buf, j,
1543 &(p[2]), &u, pkey->pkey.rsa) <= 0) { 1543 &(p[2]), &u, pkey->pkey.rsa) <= 0) {
1544 SSLerror(ERR_R_RSA_LIB); 1544 SSLerror(s, ERR_R_RSA_LIB);
1545 goto err; 1545 goto err;
1546 } 1546 }
1547 s2n(u, p); 1547 s2n(u, p);
@@ -1552,7 +1552,7 @@ ssl3_send_server_key_exchange(SSL *s)
1552 if (!tls12_get_sigandhash(p, pkey, md)) { 1552 if (!tls12_get_sigandhash(p, pkey, md)) {
1553 /* Should never happen */ 1553 /* Should never happen */
1554 al = SSL_AD_INTERNAL_ERROR; 1554 al = SSL_AD_INTERNAL_ERROR;
1555 SSLerror(ERR_R_INTERNAL_ERROR); 1555 SSLerror(s, ERR_R_INTERNAL_ERROR);
1556 goto f_err; 1556 goto f_err;
1557 } 1557 }
1558 p += 2; 1558 p += 2;
@@ -1567,7 +1567,7 @@ ssl3_send_server_key_exchange(SSL *s)
1567 EVP_SignUpdate(&md_ctx, d, n); 1567 EVP_SignUpdate(&md_ctx, d, n);
1568 if (!EVP_SignFinal(&md_ctx, &p[2], 1568 if (!EVP_SignFinal(&md_ctx, &p[2],
1569 (unsigned int *)&i, pkey)) { 1569 (unsigned int *)&i, pkey)) {
1570 SSLerror(ERR_R_EVP_LIB); 1570 SSLerror(s, ERR_R_EVP_LIB);
1571 goto err; 1571 goto err;
1572 } 1572 }
1573 s2n(i, p); 1573 s2n(i, p);
@@ -1577,7 +1577,7 @@ ssl3_send_server_key_exchange(SSL *s)
1577 } else { 1577 } else {
1578 /* Is this error check actually needed? */ 1578 /* Is this error check actually needed? */
1579 al = SSL_AD_HANDSHAKE_FAILURE; 1579 al = SSL_AD_HANDSHAKE_FAILURE;
1580 SSLerror(SSL_R_UNKNOWN_PKEY_TYPE); 1580 SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
1581 goto f_err; 1581 goto f_err;
1582 } 1582 }
1583 } 1583 }
@@ -1643,7 +1643,7 @@ ssl3_send_certificate_request(SSL *s)
1643 if (!BUF_MEM_grow_clean(buf, 1643 if (!BUF_MEM_grow_clean(buf,
1644 ssl3_handshake_msg_hdr_len(s) + n + j 1644 ssl3_handshake_msg_hdr_len(s) + n + j
1645 + 2)) { 1645 + 2)) {
1646 SSLerror(ERR_R_BUF_LIB); 1646 SSLerror(s, ERR_R_BUF_LIB);
1647 goto err; 1647 goto err;
1648 } 1648 }
1649 p = ssl3_handshake_msg_start(s, 1649 p = ssl3_handshake_msg_start(s,
@@ -1689,7 +1689,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1689 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || 1689 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) ||
1690 (pkey->pkey.rsa == NULL)) { 1690 (pkey->pkey.rsa == NULL)) {
1691 al = SSL_AD_HANDSHAKE_FAILURE; 1691 al = SSL_AD_HANDSHAKE_FAILURE;
1692 SSLerror(SSL_R_MISSING_RSA_CERTIFICATE); 1692 SSLerror(s, SSL_R_MISSING_RSA_CERTIFICATE);
1693 goto f_err; 1693 goto f_err;
1694 } 1694 }
1695 rsa = pkey->pkey.rsa; 1695 rsa = pkey->pkey.rsa;
@@ -1698,7 +1698,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1698 goto truncated; 1698 goto truncated;
1699 n2s(p, i); 1699 n2s(p, i);
1700 if (n != i + 2) { 1700 if (n != i + 2) {
1701 SSLerror(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); 1701 SSLerror(s, SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
1702 goto err; 1702 goto err;
1703 } else 1703 } else
1704 n = i; 1704 n = i;
@@ -1711,7 +1711,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1711 1711
1712 if (i != SSL_MAX_MASTER_KEY_LENGTH) { 1712 if (i != SSL_MAX_MASTER_KEY_LENGTH) {
1713 al = SSL_AD_DECODE_ERROR; 1713 al = SSL_AD_DECODE_ERROR;
1714 /* SSLerror(SSL_R_BAD_RSA_DECRYPT); */ 1714 /* SSLerror(s, SSL_R_BAD_RSA_DECRYPT); */
1715 } 1715 }
1716 1716
1717 if (p - d + 2 > n) /* needed in the SSL3 case */ 1717 if (p - d + 2 > n) /* needed in the SSL3 case */
@@ -1733,7 +1733,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1733 (p[0] == (s->version >> 8)) && 1733 (p[0] == (s->version >> 8)) &&
1734 (p[1] == (s->version & 0xff)))) { 1734 (p[1] == (s->version & 0xff)))) {
1735 al = SSL_AD_DECODE_ERROR; 1735 al = SSL_AD_DECODE_ERROR;
1736 /* SSLerror(SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */ 1736 /* SSLerror(s, SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
1737 1737
1738 /* 1738 /*
1739 * The Klima-Pokorny-Rosa extension of 1739 * The Klima-Pokorny-Rosa extension of
@@ -1771,7 +1771,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1771 return (1); 1771 return (1);
1772truncated: 1772truncated:
1773 al = SSL_AD_DECODE_ERROR; 1773 al = SSL_AD_DECODE_ERROR;
1774 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1774 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1775f_err: 1775f_err:
1776 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1776 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1777err: 1777err:
@@ -1799,19 +1799,19 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n)
1799 1799
1800 if (S3I(s)->tmp.dh == NULL) { 1800 if (S3I(s)->tmp.dh == NULL) {
1801 al = SSL_AD_HANDSHAKE_FAILURE; 1801 al = SSL_AD_HANDSHAKE_FAILURE;
1802 SSLerror(SSL_R_MISSING_TMP_DH_KEY); 1802 SSLerror(s, SSL_R_MISSING_TMP_DH_KEY);
1803 goto f_err; 1803 goto f_err;
1804 } 1804 }
1805 dh = S3I(s)->tmp.dh; 1805 dh = S3I(s)->tmp.dh;
1806 1806
1807 if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) { 1807 if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) {
1808 SSLerror(SSL_R_BN_LIB); 1808 SSLerror(s, SSL_R_BN_LIB);
1809 goto err; 1809 goto err;
1810 } 1810 }
1811 1811
1812 key_size = DH_compute_key(p, bn, dh); 1812 key_size = DH_compute_key(p, bn, dh);
1813 if (key_size <= 0) { 1813 if (key_size <= 0) {
1814 SSLerror(ERR_R_DH_LIB); 1814 SSLerror(s, ERR_R_DH_LIB);
1815 BN_clear_free(bn); 1815 BN_clear_free(bn);
1816 goto err; 1816 goto err;
1817 } 1817 }
@@ -1831,7 +1831,7 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n)
1831 1831
1832 truncated: 1832 truncated:
1833 al = SSL_AD_DECODE_ERROR; 1833 al = SSL_AD_DECODE_ERROR;
1834 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1834 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1835 f_err: 1835 f_err:
1836 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1836 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1837 err: 1837 err:
@@ -1855,7 +1855,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1855 1855
1856 /* Initialize structures for server's ECDH key pair. */ 1856 /* Initialize structures for server's ECDH key pair. */
1857 if ((srvr_ecdh = EC_KEY_new()) == NULL) { 1857 if ((srvr_ecdh = EC_KEY_new()) == NULL) {
1858 SSLerror(ERR_R_MALLOC_FAILURE); 1858 SSLerror(s, ERR_R_MALLOC_FAILURE);
1859 goto err; 1859 goto err;
1860 } 1860 }
1861 1861
@@ -1870,13 +1870,13 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1870 1870
1871 if (!EC_KEY_set_group(srvr_ecdh, group) || 1871 if (!EC_KEY_set_group(srvr_ecdh, group) ||
1872 !EC_KEY_set_private_key(srvr_ecdh, priv_key)) { 1872 !EC_KEY_set_private_key(srvr_ecdh, priv_key)) {
1873 SSLerror(ERR_R_EC_LIB); 1873 SSLerror(s, ERR_R_EC_LIB);
1874 goto err; 1874 goto err;
1875 } 1875 }
1876 1876
1877 /* Let's get client's public key */ 1877 /* Let's get client's public key */
1878 if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) { 1878 if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) {
1879 SSLerror(ERR_R_MALLOC_FAILURE); 1879 SSLerror(s, ERR_R_MALLOC_FAILURE);
1880 goto err; 1880 goto err;
1881 } 1881 }
1882 1882
@@ -1898,14 +1898,14 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1898 * group. 1898 * group.
1899 */ 1899 */
1900 al = SSL_AD_HANDSHAKE_FAILURE; 1900 al = SSL_AD_HANDSHAKE_FAILURE;
1901 SSLerror(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS); 1901 SSLerror(s, SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
1902 goto f_err; 1902 goto f_err;
1903 } 1903 }
1904 1904
1905 if (EC_POINT_copy(clnt_ecpoint, 1905 if (EC_POINT_copy(clnt_ecpoint,
1906 EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec)) 1906 EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec))
1907 == 0) { 1907 == 0) {
1908 SSLerror(ERR_R_EC_LIB); 1908 SSLerror(s, ERR_R_EC_LIB);
1909 goto err; 1909 goto err;
1910 } 1910 }
1911 ret = 2; /* Skip certificate verify processing */ 1911 ret = 2; /* Skip certificate verify processing */
@@ -1915,7 +1915,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1915 * in the ClientKeyExchange message. 1915 * in the ClientKeyExchange message.
1916 */ 1916 */
1917 if ((bn_ctx = BN_CTX_new()) == NULL) { 1917 if ((bn_ctx = BN_CTX_new()) == NULL) {
1918 SSLerror(ERR_R_MALLOC_FAILURE); 1918 SSLerror(s, ERR_R_MALLOC_FAILURE);
1919 goto err; 1919 goto err;
1920 } 1920 }
1921 1921
@@ -1924,12 +1924,12 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1924 1924
1925 p += 1; 1925 p += 1;
1926 if (n != 1 + i) { 1926 if (n != 1 + i) {
1927 SSLerror(ERR_R_EC_LIB); 1927 SSLerror(s, ERR_R_EC_LIB);
1928 goto err; 1928 goto err;
1929 } 1929 }
1930 if (EC_POINT_oct2point(group, 1930 if (EC_POINT_oct2point(group,
1931 clnt_ecpoint, p, i, bn_ctx) == 0) { 1931 clnt_ecpoint, p, i, bn_ctx) == 0) {
1932 SSLerror(ERR_R_EC_LIB); 1932 SSLerror(s, ERR_R_EC_LIB);
1933 goto err; 1933 goto err;
1934 } 1934 }
1935 /* 1935 /*
@@ -1942,13 +1942,13 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1942 /* Compute the shared pre-master secret */ 1942 /* Compute the shared pre-master secret */
1943 key_size = ECDH_size(srvr_ecdh); 1943 key_size = ECDH_size(srvr_ecdh);
1944 if (key_size <= 0) { 1944 if (key_size <= 0) {
1945 SSLerror(ERR_R_ECDH_LIB); 1945 SSLerror(s, ERR_R_ECDH_LIB);
1946 goto err; 1946 goto err;
1947 } 1947 }
1948 i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh, 1948 i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh,
1949 NULL); 1949 NULL);
1950 if (i <= 0) { 1950 if (i <= 0) {
1951 SSLerror(ERR_R_ECDH_LIB); 1951 SSLerror(s, ERR_R_ECDH_LIB);
1952 goto err; 1952 goto err;
1953 } 1953 }
1954 1954
@@ -2065,14 +2065,14 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n)
2065 if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag, 2065 if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag,
2066 &Tclass, n) != V_ASN1_CONSTRUCTED || 2066 &Tclass, n) != V_ASN1_CONSTRUCTED ||
2067 Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) { 2067 Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) {
2068 SSLerror(SSL_R_DECRYPTION_FAILED); 2068 SSLerror(s, SSL_R_DECRYPTION_FAILED);
2069 goto gerr; 2069 goto gerr;
2070 } 2070 }
2071 start = p; 2071 start = p;
2072 inlen = Tlen; 2072 inlen = Tlen;
2073 if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, 2073 if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen,
2074 start, inlen) <=0) { 2074 start, inlen) <=0) {
2075 SSLerror(SSL_R_DECRYPTION_FAILED); 2075 SSLerror(s, SSL_R_DECRYPTION_FAILED);
2076 goto gerr; 2076 goto gerr;
2077 } 2077 }
2078 /* Generate master secret */ 2078 /* Generate master secret */
@@ -2095,7 +2095,7 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n)
2095 2095
2096 truncated: 2096 truncated:
2097 al = SSL_AD_DECODE_ERROR; 2097 al = SSL_AD_DECODE_ERROR;
2098 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2098 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2099 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2099 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2100 err: 2100 err:
2101 return (-1); 2101 return (-1);
@@ -2133,7 +2133,7 @@ ssl3_get_client_key_exchange(SSL *s)
2133 goto err; 2133 goto err;
2134 } else { 2134 } else {
2135 al = SSL_AD_HANDSHAKE_FAILURE; 2135 al = SSL_AD_HANDSHAKE_FAILURE;
2136 SSLerror(SSL_R_UNKNOWN_CIPHER_TYPE); 2136 SSLerror(s, SSL_R_UNKNOWN_CIPHER_TYPE);
2137 goto f_err; 2137 goto f_err;
2138 } 2138 }
2139 2139
@@ -2176,7 +2176,7 @@ ssl3_get_cert_verify(SSL *s)
2176 S3I(s)->tmp.reuse_message = 1; 2176 S3I(s)->tmp.reuse_message = 1;
2177 if (peer != NULL) { 2177 if (peer != NULL) {
2178 al = SSL_AD_UNEXPECTED_MESSAGE; 2178 al = SSL_AD_UNEXPECTED_MESSAGE;
2179 SSLerror(SSL_R_MISSING_VERIFY_MESSAGE); 2179 SSLerror(s, SSL_R_MISSING_VERIFY_MESSAGE);
2180 goto f_err; 2180 goto f_err;
2181 } 2181 }
2182 ret = 1; 2182 ret = 1;
@@ -2184,19 +2184,19 @@ ssl3_get_cert_verify(SSL *s)
2184 } 2184 }
2185 2185
2186 if (peer == NULL) { 2186 if (peer == NULL) {
2187 SSLerror(SSL_R_NO_CLIENT_CERT_RECEIVED); 2187 SSLerror(s, SSL_R_NO_CLIENT_CERT_RECEIVED);
2188 al = SSL_AD_UNEXPECTED_MESSAGE; 2188 al = SSL_AD_UNEXPECTED_MESSAGE;
2189 goto f_err; 2189 goto f_err;
2190 } 2190 }
2191 2191
2192 if (!(type & EVP_PKT_SIGN)) { 2192 if (!(type & EVP_PKT_SIGN)) {
2193 SSLerror(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE); 2193 SSLerror(s, SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
2194 al = SSL_AD_ILLEGAL_PARAMETER; 2194 al = SSL_AD_ILLEGAL_PARAMETER;
2195 goto f_err; 2195 goto f_err;
2196 } 2196 }
2197 2197
2198 if (S3I(s)->change_cipher_spec) { 2198 if (S3I(s)->change_cipher_spec) {
2199 SSLerror(SSL_R_CCS_RECEIVED_EARLY); 2199 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
2200 al = SSL_AD_UNEXPECTED_MESSAGE; 2200 al = SSL_AD_UNEXPECTED_MESSAGE;
2201 goto f_err; 2201 goto f_err;
2202 } 2202 }
@@ -2217,7 +2217,7 @@ ssl3_get_cert_verify(SSL *s)
2217 int sigalg = tls12_get_sigid(pkey); 2217 int sigalg = tls12_get_sigid(pkey);
2218 /* Should never happen */ 2218 /* Should never happen */
2219 if (sigalg == -1) { 2219 if (sigalg == -1) {
2220 SSLerror(ERR_R_INTERNAL_ERROR); 2220 SSLerror(s, ERR_R_INTERNAL_ERROR);
2221 al = SSL_AD_INTERNAL_ERROR; 2221 al = SSL_AD_INTERNAL_ERROR;
2222 goto f_err; 2222 goto f_err;
2223 } 2223 }
@@ -2225,13 +2225,13 @@ ssl3_get_cert_verify(SSL *s)
2225 goto truncated; 2225 goto truncated;
2226 /* Check key type is consistent with signature */ 2226 /* Check key type is consistent with signature */
2227 if (sigalg != (int)p[1]) { 2227 if (sigalg != (int)p[1]) {
2228 SSLerror(SSL_R_WRONG_SIGNATURE_TYPE); 2228 SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
2229 al = SSL_AD_DECODE_ERROR; 2229 al = SSL_AD_DECODE_ERROR;
2230 goto f_err; 2230 goto f_err;
2231 } 2231 }
2232 md = tls12_get_hash(p[0]); 2232 md = tls12_get_hash(p[0]);
2233 if (md == NULL) { 2233 if (md == NULL) {
2234 SSLerror(SSL_R_UNKNOWN_DIGEST); 2234 SSLerror(s, SSL_R_UNKNOWN_DIGEST);
2235 al = SSL_AD_DECODE_ERROR; 2235 al = SSL_AD_DECODE_ERROR;
2236 goto f_err; 2236 goto f_err;
2237 } 2237 }
@@ -2247,7 +2247,7 @@ ssl3_get_cert_verify(SSL *s)
2247 } 2247 }
2248 j = EVP_PKEY_size(pkey); 2248 j = EVP_PKEY_size(pkey);
2249 if ((i > j) || (n > j) || (n <= 0)) { 2249 if ((i > j) || (n > j) || (n <= 0)) {
2250 SSLerror(SSL_R_WRONG_SIGNATURE_SIZE); 2250 SSLerror(s, SSL_R_WRONG_SIGNATURE_SIZE);
2251 al = SSL_AD_DECODE_ERROR; 2251 al = SSL_AD_DECODE_ERROR;
2252 goto f_err; 2252 goto f_err;
2253 } 2253 }
@@ -2257,20 +2257,20 @@ ssl3_get_cert_verify(SSL *s)
2257 void *hdata; 2257 void *hdata;
2258 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2258 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2259 if (hdatalen <= 0) { 2259 if (hdatalen <= 0) {
2260 SSLerror(ERR_R_INTERNAL_ERROR); 2260 SSLerror(s, ERR_R_INTERNAL_ERROR);
2261 al = SSL_AD_INTERNAL_ERROR; 2261 al = SSL_AD_INTERNAL_ERROR;
2262 goto f_err; 2262 goto f_err;
2263 } 2263 }
2264 if (!EVP_VerifyInit_ex(&mctx, md, NULL) || 2264 if (!EVP_VerifyInit_ex(&mctx, md, NULL) ||
2265 !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) { 2265 !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
2266 SSLerror(ERR_R_EVP_LIB); 2266 SSLerror(s, ERR_R_EVP_LIB);
2267 al = SSL_AD_INTERNAL_ERROR; 2267 al = SSL_AD_INTERNAL_ERROR;
2268 goto f_err; 2268 goto f_err;
2269 } 2269 }
2270 2270
2271 if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) { 2271 if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
2272 al = SSL_AD_DECRYPT_ERROR; 2272 al = SSL_AD_DECRYPT_ERROR;
2273 SSLerror(SSL_R_BAD_SIGNATURE); 2273 SSLerror(s, SSL_R_BAD_SIGNATURE);
2274 goto f_err; 2274 goto f_err;
2275 } 2275 }
2276 } else 2276 } else
@@ -2280,12 +2280,12 @@ ssl3_get_cert_verify(SSL *s)
2280 pkey->pkey.rsa); 2280 pkey->pkey.rsa);
2281 if (i < 0) { 2281 if (i < 0) {
2282 al = SSL_AD_DECRYPT_ERROR; 2282 al = SSL_AD_DECRYPT_ERROR;
2283 SSLerror(SSL_R_BAD_RSA_DECRYPT); 2283 SSLerror(s, SSL_R_BAD_RSA_DECRYPT);
2284 goto f_err; 2284 goto f_err;
2285 } 2285 }
2286 if (i == 0) { 2286 if (i == 0) {
2287 al = SSL_AD_DECRYPT_ERROR; 2287 al = SSL_AD_DECRYPT_ERROR;
2288 SSLerror(SSL_R_BAD_RSA_SIGNATURE); 2288 SSLerror(s, SSL_R_BAD_RSA_SIGNATURE);
2289 goto f_err; 2289 goto f_err;
2290 } 2290 }
2291 } else 2291 } else
@@ -2296,7 +2296,7 @@ ssl3_get_cert_verify(SSL *s)
2296 if (j <= 0) { 2296 if (j <= 0) {
2297 /* bad signature */ 2297 /* bad signature */
2298 al = SSL_AD_DECRYPT_ERROR; 2298 al = SSL_AD_DECRYPT_ERROR;
2299 SSLerror(SSL_R_BAD_DSA_SIGNATURE); 2299 SSLerror(s, SSL_R_BAD_DSA_SIGNATURE);
2300 goto f_err; 2300 goto f_err;
2301 } 2301 }
2302 } else 2302 } else
@@ -2307,7 +2307,7 @@ ssl3_get_cert_verify(SSL *s)
2307 if (j <= 0) { 2307 if (j <= 0) {
2308 /* bad signature */ 2308 /* bad signature */
2309 al = SSL_AD_DECRYPT_ERROR; 2309 al = SSL_AD_DECRYPT_ERROR;
2310 SSLerror(SSL_R_BAD_ECDSA_SIGNATURE); 2310 SSLerror(s, SSL_R_BAD_ECDSA_SIGNATURE);
2311 goto f_err; 2311 goto f_err;
2312 } 2312 }
2313 } else 2313 } else
@@ -2323,19 +2323,19 @@ ssl3_get_cert_verify(SSL *s)
2323 2323
2324 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2324 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2325 if (hdatalen <= 0) { 2325 if (hdatalen <= 0) {
2326 SSLerror(ERR_R_INTERNAL_ERROR); 2326 SSLerror(s, ERR_R_INTERNAL_ERROR);
2327 al = SSL_AD_INTERNAL_ERROR; 2327 al = SSL_AD_INTERNAL_ERROR;
2328 goto f_err; 2328 goto f_err;
2329 } 2329 }
2330 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || 2330 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) ||
2331 !(md = EVP_get_digestbynid(nid))) { 2331 !(md = EVP_get_digestbynid(nid))) {
2332 SSLerror(ERR_R_EVP_LIB); 2332 SSLerror(s, ERR_R_EVP_LIB);
2333 al = SSL_AD_INTERNAL_ERROR; 2333 al = SSL_AD_INTERNAL_ERROR;
2334 goto f_err; 2334 goto f_err;
2335 } 2335 }
2336 pctx = EVP_PKEY_CTX_new(pkey, NULL); 2336 pctx = EVP_PKEY_CTX_new(pkey, NULL);
2337 if (!pctx) { 2337 if (!pctx) {
2338 SSLerror(ERR_R_EVP_LIB); 2338 SSLerror(s, ERR_R_EVP_LIB);
2339 al = SSL_AD_INTERNAL_ERROR; 2339 al = SSL_AD_INTERNAL_ERROR;
2340 goto f_err; 2340 goto f_err;
2341 } 2341 }
@@ -2348,7 +2348,7 @@ ssl3_get_cert_verify(SSL *s)
2348 EVP_PKEY_CTRL_GOST_SIG_FORMAT, 2348 EVP_PKEY_CTRL_GOST_SIG_FORMAT,
2349 GOST_SIG_FORMAT_RS_LE, 2349 GOST_SIG_FORMAT_RS_LE,
2350 NULL) <= 0)) { 2350 NULL) <= 0)) {
2351 SSLerror(ERR_R_EVP_LIB); 2351 SSLerror(s, ERR_R_EVP_LIB);
2352 al = SSL_AD_INTERNAL_ERROR; 2352 al = SSL_AD_INTERNAL_ERROR;
2353 EVP_PKEY_CTX_free(pctx); 2353 EVP_PKEY_CTX_free(pctx);
2354 goto f_err; 2354 goto f_err;
@@ -2356,7 +2356,7 @@ ssl3_get_cert_verify(SSL *s)
2356 2356
2357 if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) { 2357 if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) {
2358 al = SSL_AD_DECRYPT_ERROR; 2358 al = SSL_AD_DECRYPT_ERROR;
2359 SSLerror(SSL_R_BAD_SIGNATURE); 2359 SSLerror(s, SSL_R_BAD_SIGNATURE);
2360 EVP_PKEY_CTX_free(pctx); 2360 EVP_PKEY_CTX_free(pctx);
2361 goto f_err; 2361 goto f_err;
2362 } 2362 }
@@ -2365,7 +2365,7 @@ ssl3_get_cert_verify(SSL *s)
2365 } else 2365 } else
2366#endif 2366#endif
2367 { 2367 {
2368 SSLerror(ERR_R_INTERNAL_ERROR); 2368 SSLerror(s, ERR_R_INTERNAL_ERROR);
2369 al = SSL_AD_UNSUPPORTED_CERTIFICATE; 2369 al = SSL_AD_UNSUPPORTED_CERTIFICATE;
2370 goto f_err; 2370 goto f_err;
2371 } 2371 }
@@ -2375,7 +2375,7 @@ ssl3_get_cert_verify(SSL *s)
2375 if (0) { 2375 if (0) {
2376truncated: 2376truncated:
2377 al = SSL_AD_DECODE_ERROR; 2377 al = SSL_AD_DECODE_ERROR;
2378 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2378 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2379f_err: 2379f_err:
2380 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2380 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2381 } 2381 }
@@ -2409,7 +2409,7 @@ ssl3_get_client_certificate(SSL *s)
2409 if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) { 2409 if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
2410 if ((s->verify_mode & SSL_VERIFY_PEER) && 2410 if ((s->verify_mode & SSL_VERIFY_PEER) &&
2411 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { 2411 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
2412 SSLerror(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); 2412 SSLerror(s, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
2413 al = SSL_AD_HANDSHAKE_FAILURE; 2413 al = SSL_AD_HANDSHAKE_FAILURE;
2414 goto f_err; 2414 goto f_err;
2415 } 2415 }
@@ -2418,7 +2418,7 @@ ssl3_get_client_certificate(SSL *s)
2418 * the client must return a 0 list. 2418 * the client must return a 0 list.
2419 */ 2419 */
2420 if (S3I(s)->tmp.cert_request) { 2420 if (S3I(s)->tmp.cert_request) {
2421 SSLerror(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 2421 SSLerror(s, SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST
2422 ); 2422 );
2423 al = SSL_AD_UNEXPECTED_MESSAGE; 2423 al = SSL_AD_UNEXPECTED_MESSAGE;
2424 goto f_err; 2424 goto f_err;
@@ -2429,7 +2429,7 @@ ssl3_get_client_certificate(SSL *s)
2429 2429
2430 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { 2430 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) {
2431 al = SSL_AD_UNEXPECTED_MESSAGE; 2431 al = SSL_AD_UNEXPECTED_MESSAGE;
2432 SSLerror(SSL_R_WRONG_MESSAGE_TYPE); 2432 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE);
2433 goto f_err; 2433 goto f_err;
2434 } 2434 }
2435 2435
@@ -2439,7 +2439,7 @@ ssl3_get_client_certificate(SSL *s)
2439 CBS_init(&cbs, s->internal->init_msg, n); 2439 CBS_init(&cbs, s->internal->init_msg, n);
2440 2440
2441 if ((sk = sk_X509_new_null()) == NULL) { 2441 if ((sk = sk_X509_new_null()) == NULL) {
2442 SSLerror(ERR_R_MALLOC_FAILURE); 2442 SSLerror(s, ERR_R_MALLOC_FAILURE);
2443 goto err; 2443 goto err;
2444 } 2444 }
2445 2445
@@ -2452,23 +2452,23 @@ ssl3_get_client_certificate(SSL *s)
2452 2452
2453 if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) { 2453 if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) {
2454 al = SSL_AD_DECODE_ERROR; 2454 al = SSL_AD_DECODE_ERROR;
2455 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 2455 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
2456 goto f_err; 2456 goto f_err;
2457 } 2457 }
2458 2458
2459 q = CBS_data(&cert); 2459 q = CBS_data(&cert);
2460 x = d2i_X509(NULL, &q, CBS_len(&cert)); 2460 x = d2i_X509(NULL, &q, CBS_len(&cert));
2461 if (x == NULL) { 2461 if (x == NULL) {
2462 SSLerror(ERR_R_ASN1_LIB); 2462 SSLerror(s, ERR_R_ASN1_LIB);
2463 goto err; 2463 goto err;
2464 } 2464 }
2465 if (q != CBS_data(&cert) + CBS_len(&cert)) { 2465 if (q != CBS_data(&cert) + CBS_len(&cert)) {
2466 al = SSL_AD_DECODE_ERROR; 2466 al = SSL_AD_DECODE_ERROR;
2467 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 2467 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
2468 goto f_err; 2468 goto f_err;
2469 } 2469 }
2470 if (!sk_X509_push(sk, x)) { 2470 if (!sk_X509_push(sk, x)) {
2471 SSLerror(ERR_R_MALLOC_FAILURE); 2471 SSLerror(s, ERR_R_MALLOC_FAILURE);
2472 goto err; 2472 goto err;
2473 } 2473 }
2474 x = NULL; 2474 x = NULL;
@@ -2481,7 +2481,7 @@ ssl3_get_client_certificate(SSL *s)
2481 */ 2481 */
2482 if ((s->verify_mode & SSL_VERIFY_PEER) && 2482 if ((s->verify_mode & SSL_VERIFY_PEER) &&
2483 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { 2483 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
2484 SSLerror(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); 2484 SSLerror(s, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
2485 al = SSL_AD_HANDSHAKE_FAILURE; 2485 al = SSL_AD_HANDSHAKE_FAILURE;
2486 goto f_err; 2486 goto f_err;
2487 } 2487 }
@@ -2494,7 +2494,7 @@ ssl3_get_client_certificate(SSL *s)
2494 i = ssl_verify_cert_chain(s, sk); 2494 i = ssl_verify_cert_chain(s, sk);
2495 if (i <= 0) { 2495 if (i <= 0) {
2496 al = ssl_verify_alarm_type(s->verify_result); 2496 al = ssl_verify_alarm_type(s->verify_result);
2497 SSLerror(SSL_R_NO_CERTIFICATE_RETURNED); 2497 SSLerror(s, SSL_R_NO_CERTIFICATE_RETURNED);
2498 goto f_err; 2498 goto f_err;
2499 } 2499 }
2500 } 2500 }
@@ -2510,7 +2510,7 @@ ssl3_get_client_certificate(SSL *s)
2510 if (SSI(s)->sess_cert == NULL) { 2510 if (SSI(s)->sess_cert == NULL) {
2511 SSI(s)->sess_cert = ssl_sess_cert_new(); 2511 SSI(s)->sess_cert = ssl_sess_cert_new();
2512 if (SSI(s)->sess_cert == NULL) { 2512 if (SSI(s)->sess_cert == NULL) {
2513 SSLerror(ERR_R_MALLOC_FAILURE); 2513 SSLerror(s, ERR_R_MALLOC_FAILURE);
2514 goto err; 2514 goto err;
2515 } 2515 }
2516 } 2516 }
@@ -2528,7 +2528,7 @@ ssl3_get_client_certificate(SSL *s)
2528 if (0) { 2528 if (0) {
2529truncated: 2529truncated:
2530 al = SSL_AD_DECODE_ERROR; 2530 al = SSL_AD_DECODE_ERROR;
2531 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2531 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2532f_err: 2532f_err:
2533 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2533 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2534 } 2534 }
@@ -2553,7 +2553,7 @@ ssl3_send_server_certificate(SSL *s)
2553 2553
2554 if (s->internal->state == SSL3_ST_SW_CERT_A) { 2554 if (s->internal->state == SSL3_ST_SW_CERT_A) {
2555 if ((x = ssl_get_server_send_cert(s)) == NULL) { 2555 if ((x = ssl_get_server_send_cert(s)) == NULL) {
2556 SSLerror(ERR_R_INTERNAL_ERROR); 2556 SSLerror(s, ERR_R_INTERNAL_ERROR);
2557 return (0); 2557 return (0);
2558 } 2558 }
2559 2559
@@ -2771,7 +2771,7 @@ ssl3_get_next_proto(SSL *s)
2771 * extension in their ClientHello 2771 * extension in their ClientHello
2772 */ 2772 */
2773 if (!S3I(s)->next_proto_neg_seen) { 2773 if (!S3I(s)->next_proto_neg_seen) {
2774 SSLerror(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION); 2774 SSLerror(s, SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
2775 return (-1); 2775 return (-1);
2776 } 2776 }
2777 2777
@@ -2787,7 +2787,7 @@ ssl3_get_next_proto(SSL *s)
2787 * by ssl3_get_finished). 2787 * by ssl3_get_finished).
2788 */ 2788 */
2789 if (!S3I(s)->change_cipher_spec) { 2789 if (!S3I(s)->change_cipher_spec) {
2790 SSLerror(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS); 2790 SSLerror(s, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
2791 return (-1); 2791 return (-1);
2792 } 2792 }
2793 2793
@@ -2817,7 +2817,7 @@ ssl3_get_next_proto(SSL *s)
2817 s->internal->next_proto_negotiated_len = 0; 2817 s->internal->next_proto_negotiated_len = 0;
2818 2818
2819 if (!CBS_stow(&proto, &s->internal->next_proto_negotiated, &len)) { 2819 if (!CBS_stow(&proto, &s->internal->next_proto_negotiated, &len)) {
2820 SSLerror(ERR_R_MALLOC_FAILURE); 2820 SSLerror(s, ERR_R_MALLOC_FAILURE);
2821 return (0); 2821 return (0);
2822 } 2822 }
2823 s->internal->next_proto_negotiated_len = (uint8_t)len; 2823 s->internal->next_proto_negotiated_len = (uint8_t)len;
diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c
index f654d0b3a1..81ac493e6c 100644
--- a/src/lib/libssl/ssl_txt.c
+++ b/src/lib/libssl/ssl_txt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_txt.c,v 1.27 2017/01/26 10:40:21 beck Exp $ */ 1/* $OpenBSD: ssl_txt.c,v 1.28 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -95,7 +95,7 @@ SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
95 int ret; 95 int ret;
96 96
97 if ((b = BIO_new(BIO_s_file_internal())) == NULL) { 97 if ((b = BIO_new(BIO_s_file_internal())) == NULL) {
98 SSLerror(ERR_R_BUF_LIB); 98 SSLerrorx(ERR_R_BUF_LIB);
99 return (0); 99 return (0);
100 } 100 }
101 BIO_set_fp(b, fp, BIO_NOCLOSE); 101 BIO_set_fp(b, fp, BIO_NOCLOSE);
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 2ee521b073..85d28298bf 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_enc.c,v 1.95 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: t1_enc.c,v 1.96 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -203,7 +203,7 @@ tls1_finish_mac(SSL *s, const unsigned char *buf, int len)
203 if (S3I(s)->handshake_dgst[i] == NULL) 203 if (S3I(s)->handshake_dgst[i] == NULL)
204 continue; 204 continue;
205 if (!EVP_DigestUpdate(S3I(s)->handshake_dgst[i], buf, len)) { 205 if (!EVP_DigestUpdate(S3I(s)->handshake_dgst[i], buf, len)) {
206 SSLerror(ERR_R_EVP_LIB); 206 SSLerror(s, ERR_R_EVP_LIB);
207 return 0; 207 return 0;
208 } 208 }
209 } 209 }
@@ -223,12 +223,12 @@ tls1_digest_cached_records(SSL *s)
223 223
224 S3I(s)->handshake_dgst = calloc(SSL_MAX_DIGEST, sizeof(EVP_MD_CTX *)); 224 S3I(s)->handshake_dgst = calloc(SSL_MAX_DIGEST, sizeof(EVP_MD_CTX *));
225 if (S3I(s)->handshake_dgst == NULL) { 225 if (S3I(s)->handshake_dgst == NULL) {
226 SSLerror(ERR_R_MALLOC_FAILURE); 226 SSLerror(s, ERR_R_MALLOC_FAILURE);
227 goto err; 227 goto err;
228 } 228 }
229 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 229 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
230 if (hdatalen <= 0) { 230 if (hdatalen <= 0) {
231 SSLerror(SSL_R_BAD_HANDSHAKE_LENGTH); 231 SSLerror(s, SSL_R_BAD_HANDSHAKE_LENGTH);
232 goto err; 232 goto err;
233 } 233 }
234 234
@@ -239,16 +239,16 @@ tls1_digest_cached_records(SSL *s)
239 239
240 S3I(s)->handshake_dgst[i] = EVP_MD_CTX_create(); 240 S3I(s)->handshake_dgst[i] = EVP_MD_CTX_create();
241 if (S3I(s)->handshake_dgst[i] == NULL) { 241 if (S3I(s)->handshake_dgst[i] == NULL) {
242 SSLerror(ERR_R_MALLOC_FAILURE); 242 SSLerror(s, ERR_R_MALLOC_FAILURE);
243 goto err; 243 goto err;
244 } 244 }
245 if (!EVP_DigestInit_ex(S3I(s)->handshake_dgst[i], md, NULL)) { 245 if (!EVP_DigestInit_ex(S3I(s)->handshake_dgst[i], md, NULL)) {
246 SSLerror(ERR_R_EVP_LIB); 246 SSLerror(s, ERR_R_EVP_LIB);
247 goto err; 247 goto err;
248 } 248 }
249 if (!EVP_DigestUpdate(S3I(s)->handshake_dgst[i], hdata, 249 if (!EVP_DigestUpdate(S3I(s)->handshake_dgst[i], hdata,
250 hdatalen)) { 250 hdatalen)) {
251 SSLerror(ERR_R_EVP_LIB); 251 SSLerror(s, ERR_R_EVP_LIB);
252 goto err; 252 goto err;
253 } 253 }
254 } 254 }
@@ -383,7 +383,7 @@ tls1_PRF(long digest_mask, const void *seed1, int seed1_len, const void *seed2,
383 count++; 383 count++;
384 } 384 }
385 if (count == 0) { 385 if (count == 0) {
386 SSLerror(SSL_R_SSL_HANDSHAKE_FAILURE); 386 SSLerrorx(SSL_R_SSL_HANDSHAKE_FAILURE);
387 goto err; 387 goto err;
388 } 388 }
389 len = slen / count; 389 len = slen / count;
@@ -394,7 +394,7 @@ tls1_PRF(long digest_mask, const void *seed1, int seed1_len, const void *seed2,
394 for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) { 394 for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
395 if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) { 395 if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) {
396 if (!md) { 396 if (!md) {
397 SSLerror(SSL_R_UNSUPPORTED_DIGEST_TYPE); 397 SSLerrorx(SSL_R_UNSUPPORTED_DIGEST_TYPE);
398 goto err; 398 goto err;
399 } 399 }
400 if (!tls1_P_hash(md , S1, len + (slen&1), seed1, 400 if (!tls1_P_hash(md , S1, len + (slen&1), seed1,
@@ -442,7 +442,7 @@ tls1_aead_ctx_init(SSL_AEAD_CTX **aead_ctx)
442 442
443 *aead_ctx = malloc(sizeof(SSL_AEAD_CTX)); 443 *aead_ctx = malloc(sizeof(SSL_AEAD_CTX));
444 if (*aead_ctx == NULL) { 444 if (*aead_ctx == NULL) {
445 SSLerror(ERR_R_MALLOC_FAILURE); 445 SSLerrorx(ERR_R_MALLOC_FAILURE);
446 return (0); 446 return (0);
447 } 447 }
448 448
@@ -470,7 +470,7 @@ tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
470 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL)) 470 EVP_AEAD_DEFAULT_TAG_LENGTH, NULL))
471 return (0); 471 return (0);
472 if (iv_len > sizeof(aead_ctx->fixed_nonce)) { 472 if (iv_len > sizeof(aead_ctx->fixed_nonce)) {
473 SSLerror(ERR_R_INTERNAL_ERROR); 473 SSLerrorx(ERR_R_INTERNAL_ERROR);
474 return (0); 474 return (0);
475 } 475 }
476 memcpy(aead_ctx->fixed_nonce, iv, iv_len); 476 memcpy(aead_ctx->fixed_nonce, iv, iv_len);
@@ -486,13 +486,13 @@ tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
486 if (aead_ctx->xor_fixed_nonce) { 486 if (aead_ctx->xor_fixed_nonce) {
487 if (aead_ctx->fixed_nonce_len != EVP_AEAD_nonce_length(aead) || 487 if (aead_ctx->fixed_nonce_len != EVP_AEAD_nonce_length(aead) ||
488 aead_ctx->variable_nonce_len > EVP_AEAD_nonce_length(aead)) { 488 aead_ctx->variable_nonce_len > EVP_AEAD_nonce_length(aead)) {
489 SSLerror(ERR_R_INTERNAL_ERROR); 489 SSLerrorx(ERR_R_INTERNAL_ERROR);
490 return (0); 490 return (0);
491 } 491 }
492 } else { 492 } else {
493 if (aead_ctx->variable_nonce_len + aead_ctx->fixed_nonce_len != 493 if (aead_ctx->variable_nonce_len + aead_ctx->fixed_nonce_len !=
494 EVP_AEAD_nonce_length(aead)) { 494 EVP_AEAD_nonce_length(aead)) {
495 SSLerror(ERR_R_INTERNAL_ERROR); 495 SSLerrorx(ERR_R_INTERNAL_ERROR);
496 return (0); 496 return (0);
497 } 497 }
498 } 498 }
@@ -603,7 +603,7 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys,
603 return (1); 603 return (1);
604 604
605err: 605err:
606 SSLerror(ERR_R_MALLOC_FAILURE); 606 SSLerrorx(ERR_R_MALLOC_FAILURE);
607 return (0); 607 return (0);
608} 608}
609 609
@@ -688,7 +688,7 @@ tls1_change_cipher_state(SSL *s, int which)
688 } 688 }
689 689
690 if (key_block - S3I(s)->tmp.key_block != S3I(s)->tmp.key_block_length) { 690 if (key_block - S3I(s)->tmp.key_block != S3I(s)->tmp.key_block_length) {
691 SSLerror(ERR_R_INTERNAL_ERROR); 691 SSLerror(s, ERR_R_INTERNAL_ERROR);
692 goto err2; 692 goto err2;
693 } 693 }
694 694
@@ -729,7 +729,7 @@ tls1_setup_key_block(SSL *s)
729 if (s->session->cipher && 729 if (s->session->cipher &&
730 (s->session->cipher->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD)) { 730 (s->session->cipher->algorithm2 & SSL_CIPHER_ALGORITHM2_AEAD)) {
731 if (!ssl_cipher_get_evp_aead(s->session, &aead)) { 731 if (!ssl_cipher_get_evp_aead(s->session, &aead)) {
732 SSLerror(SSL_R_CIPHER_OR_HASH_UNAVAILABLE); 732 SSLerror(s, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
733 return (0); 733 return (0);
734 } 734 }
735 key_len = EVP_AEAD_key_length(aead); 735 key_len = EVP_AEAD_key_length(aead);
@@ -737,7 +737,7 @@ tls1_setup_key_block(SSL *s)
737 } else { 737 } else {
738 if (!ssl_cipher_get_evp(s->session, &cipher, &mac, &mac_type, 738 if (!ssl_cipher_get_evp(s->session, &cipher, &mac, &mac_type,
739 &mac_secret_size)) { 739 &mac_secret_size)) {
740 SSLerror(SSL_R_CIPHER_OR_HASH_UNAVAILABLE); 740 SSLerror(s, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
741 return (0); 741 return (0);
742 } 742 }
743 key_len = EVP_CIPHER_key_length(cipher); 743 key_len = EVP_CIPHER_key_length(cipher);
@@ -758,7 +758,7 @@ tls1_setup_key_block(SSL *s)
758 758
759 if ((key_block = reallocarray(NULL, mac_secret_size + key_len + iv_len, 759 if ((key_block = reallocarray(NULL, mac_secret_size + key_len + iv_len,
760 2)) == NULL) { 760 2)) == NULL) {
761 SSLerror(ERR_R_MALLOC_FAILURE); 761 SSLerror(s, ERR_R_MALLOC_FAILURE);
762 goto err; 762 goto err;
763 } 763 }
764 key_block_len = (mac_secret_size + key_len + iv_len) * 2; 764 key_block_len = (mac_secret_size + key_len + iv_len) * 2;
@@ -767,7 +767,7 @@ tls1_setup_key_block(SSL *s)
767 S3I(s)->tmp.key_block = key_block; 767 S3I(s)->tmp.key_block = key_block;
768 768
769 if ((tmp_block = malloc(key_block_len)) == NULL) { 769 if ((tmp_block = malloc(key_block_len)) == NULL) {
770 SSLerror(ERR_R_MALLOC_FAILURE); 770 SSLerror(s, ERR_R_MALLOC_FAILURE);
771 goto err; 771 goto err;
772 } 772 }
773 773
@@ -1105,7 +1105,7 @@ tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
1105 } 1105 }
1106 } 1106 }
1107 if (d == NULL) { 1107 if (d == NULL) {
1108 SSLerror(SSL_R_NO_REQUIRED_DIGEST); 1108 SSLerror(s, SSL_R_NO_REQUIRED_DIGEST);
1109 return 0; 1109 return 0;
1110 } 1110 }
1111 1111
@@ -1336,11 +1336,11 @@ tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
1336 1336
1337 goto ret; 1337 goto ret;
1338err1: 1338err1:
1339 SSLerror(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL); 1339 SSLerror(s, SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
1340 rv = 0; 1340 rv = 0;
1341 goto ret; 1341 goto ret;
1342err2: 1342err2:
1343 SSLerror(ERR_R_MALLOC_FAILURE); 1343 SSLerror(s, ERR_R_MALLOC_FAILURE);
1344 rv = 0; 1344 rv = 0;
1345ret: 1345ret:
1346 free(buff); 1346 free(buff);
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 2e9d31112d..a42e414dec 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.114 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.115 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -742,7 +742,7 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
742 int el; 742 int el;
743 743
744 if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) { 744 if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) {
745 SSLerror(ERR_R_INTERNAL_ERROR); 745 SSLerror(s, ERR_R_INTERNAL_ERROR);
746 return NULL; 746 return NULL;
747 } 747 }
748 748
@@ -753,7 +753,7 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
753 s2n(el, ret); 753 s2n(el, ret);
754 754
755 if (!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el)) { 755 if (!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el)) {
756 SSLerror(ERR_R_INTERNAL_ERROR); 756 SSLerror(s, ERR_R_INTERNAL_ERROR);
757 return NULL; 757 return NULL;
758 } 758 }
759 759
@@ -778,7 +778,7 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
778 if (formatslen > lenmax) 778 if (formatslen > lenmax)
779 return NULL; 779 return NULL;
780 if (formatslen > 255) { 780 if (formatslen > 255) {
781 SSLerror(ERR_R_INTERNAL_ERROR); 781 SSLerror(s, ERR_R_INTERNAL_ERROR);
782 return NULL; 782 return NULL;
783 } 783 }
784 784
@@ -800,7 +800,7 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
800 if (curveslen * 2 > lenmax) 800 if (curveslen * 2 > lenmax)
801 return NULL; 801 return NULL;
802 if (curveslen * 2 > 65532) { 802 if (curveslen * 2 > 65532) {
803 SSLerror(ERR_R_INTERNAL_ERROR); 803 SSLerror(s, ERR_R_INTERNAL_ERROR);
804 return NULL; 804 return NULL;
805 } 805 }
806 806
@@ -942,7 +942,7 @@ skip_ext:
942 s2n(el, ret); 942 s2n(el, ret);
943 943
944 if (ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) { 944 if (ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) {
945 SSLerror(ERR_R_INTERNAL_ERROR); 945 SSLerror(s, ERR_R_INTERNAL_ERROR);
946 return NULL; 946 return NULL;
947 } 947 }
948 ret += el; 948 ret += el;
@@ -1020,7 +1020,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
1020 int el; 1020 int el;
1021 1021
1022 if (!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0)) { 1022 if (!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0)) {
1023 SSLerror(ERR_R_INTERNAL_ERROR); 1023 SSLerror(s, ERR_R_INTERNAL_ERROR);
1024 return NULL; 1024 return NULL;
1025 } 1025 }
1026 1026
@@ -1031,7 +1031,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
1031 s2n(el, ret); 1031 s2n(el, ret);
1032 1032
1033 if (!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el)) { 1033 if (!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el)) {
1034 SSLerror(ERR_R_INTERNAL_ERROR); 1034 SSLerror(s, ERR_R_INTERNAL_ERROR);
1035 return NULL; 1035 return NULL;
1036 } 1036 }
1037 1037
@@ -1054,7 +1054,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
1054 if (formatslen > lenmax) 1054 if (formatslen > lenmax)
1055 return NULL; 1055 return NULL;
1056 if (formatslen > 255) { 1056 if (formatslen > 255) {
1057 SSLerror(ERR_R_INTERNAL_ERROR); 1057 SSLerror(s, ERR_R_INTERNAL_ERROR);
1058 return NULL; 1058 return NULL;
1059 } 1059 }
1060 1060
@@ -1100,7 +1100,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
1100 s2n(el, ret); 1100 s2n(el, ret);
1101 1101
1102 if (ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) { 1102 if (ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) {
1103 SSLerror(ERR_R_INTERNAL_ERROR); 1103 SSLerror(s, ERR_R_INTERNAL_ERROR);
1104 return NULL; 1104 return NULL;
1105 } 1105 }
1106 ret += el; 1106 ret += el;
@@ -1618,7 +1618,7 @@ ri_check:
1618 1618
1619 if (!renegotiate_seen && s->internal->renegotiate) { 1619 if (!renegotiate_seen && s->internal->renegotiate) {
1620 *al = SSL_AD_HANDSHAKE_FAILURE; 1620 *al = SSL_AD_HANDSHAKE_FAILURE;
1621 SSLerror(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); 1621 SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
1622 return 0; 1622 return 0;
1623 } 1623 }
1624 1624
@@ -1870,7 +1870,7 @@ ri_check:
1870 if (!renegotiate_seen && 1870 if (!renegotiate_seen &&
1871 !(s->internal->options & SSL_OP_LEGACY_SERVER_CONNECT)) { 1871 !(s->internal->options & SSL_OP_LEGACY_SERVER_CONNECT)) {
1872 *al = SSL_AD_HANDSHAKE_FAILURE; 1872 *al = SSL_AD_HANDSHAKE_FAILURE;
1873 SSLerror(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); 1873 SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
1874 return 0; 1874 return 0;
1875 } 1875 }
1876 1876
@@ -2005,7 +2005,7 @@ ssl_check_serverhello_tlsext(SSL *s)
2005 } 2005 }
2006 } 2006 }
2007 if (!found_uncompressed) { 2007 if (!found_uncompressed) {
2008 SSLerror(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST); 2008 SSLerror(s, SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
2009 return -1; 2009 return -1;
2010 } 2010 }
2011 } 2011 }
diff --git a/src/lib/libssl/t1_reneg.c b/src/lib/libssl/t1_reneg.c
index 596b96edd3..4e194dd5df 100644
--- a/src/lib/libssl/t1_reneg.c
+++ b/src/lib/libssl/t1_reneg.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_reneg.c,v 1.14 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: t1_reneg.c,v 1.15 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -123,7 +123,7 @@ ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
123{ 123{
124 if (p) { 124 if (p) {
125 if ((S3I(s)->previous_client_finished_len + 1) > maxlen) { 125 if ((S3I(s)->previous_client_finished_len + 1) > maxlen) {
126 SSLerror(SSL_R_RENEGOTIATE_EXT_TOO_LONG); 126 SSLerror(s, SSL_R_RENEGOTIATE_EXT_TOO_LONG);
127 return 0; 127 return 0;
128 } 128 }
129 129
@@ -150,7 +150,7 @@ ssl_parse_clienthello_renegotiate_ext(SSL *s, const unsigned char *d, int len,
150 CBS cbs, reneg; 150 CBS cbs, reneg;
151 151
152 if (len < 0) { 152 if (len < 0) {
153 SSLerror(SSL_R_RENEGOTIATION_ENCODING_ERR); 153 SSLerror(s, SSL_R_RENEGOTIATION_ENCODING_ERR);
154 *al = SSL_AD_ILLEGAL_PARAMETER; 154 *al = SSL_AD_ILLEGAL_PARAMETER;
155 return 0; 155 return 0;
156 } 156 }
@@ -159,21 +159,21 @@ ssl_parse_clienthello_renegotiate_ext(SSL *s, const unsigned char *d, int len,
159 if (!CBS_get_u8_length_prefixed(&cbs, &reneg) || 159 if (!CBS_get_u8_length_prefixed(&cbs, &reneg) ||
160 /* Consistency check */ 160 /* Consistency check */
161 CBS_len(&cbs) != 0) { 161 CBS_len(&cbs) != 0) {
162 SSLerror(SSL_R_RENEGOTIATION_ENCODING_ERR); 162 SSLerror(s, SSL_R_RENEGOTIATION_ENCODING_ERR);
163 *al = SSL_AD_ILLEGAL_PARAMETER; 163 *al = SSL_AD_ILLEGAL_PARAMETER;
164 return 0; 164 return 0;
165 } 165 }
166 166
167 /* Check that the extension matches */ 167 /* Check that the extension matches */
168 if (CBS_len(&reneg) != S3I(s)->previous_client_finished_len) { 168 if (CBS_len(&reneg) != S3I(s)->previous_client_finished_len) {
169 SSLerror(SSL_R_RENEGOTIATION_MISMATCH); 169 SSLerror(s, SSL_R_RENEGOTIATION_MISMATCH);
170 *al = SSL_AD_HANDSHAKE_FAILURE; 170 *al = SSL_AD_HANDSHAKE_FAILURE;
171 return 0; 171 return 0;
172 } 172 }
173 173
174 if (!CBS_mem_equal(&reneg, S3I(s)->previous_client_finished, 174 if (!CBS_mem_equal(&reneg, S3I(s)->previous_client_finished,
175 S3I(s)->previous_client_finished_len)) { 175 S3I(s)->previous_client_finished_len)) {
176 SSLerror(SSL_R_RENEGOTIATION_MISMATCH); 176 SSLerror(s, SSL_R_RENEGOTIATION_MISMATCH);
177 *al = SSL_AD_HANDSHAKE_FAILURE; 177 *al = SSL_AD_HANDSHAKE_FAILURE;
178 return 0; 178 return 0;
179 } 179 }
@@ -191,7 +191,7 @@ ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
191 if (p) { 191 if (p) {
192 if ((S3I(s)->previous_client_finished_len + 192 if ((S3I(s)->previous_client_finished_len +
193 S3I(s)->previous_server_finished_len + 1) > maxlen) { 193 S3I(s)->previous_server_finished_len + 1) > maxlen) {
194 SSLerror(SSL_R_RENEGOTIATE_EXT_TOO_LONG); 194 SSLerror(s, SSL_R_RENEGOTIATE_EXT_TOO_LONG);
195 return 0; 195 return 0;
196 } 196 }
197 197
@@ -229,7 +229,7 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d, int len, i
229 OPENSSL_assert(!expected_len || S3I(s)->previous_server_finished_len); 229 OPENSSL_assert(!expected_len || S3I(s)->previous_server_finished_len);
230 230
231 if (len < 0) { 231 if (len < 0) {
232 SSLerror(SSL_R_RENEGOTIATION_ENCODING_ERR); 232 SSLerror(s, SSL_R_RENEGOTIATION_ENCODING_ERR);
233 *al = SSL_AD_ILLEGAL_PARAMETER; 233 *al = SSL_AD_ILLEGAL_PARAMETER;
234 return 0; 234 return 0;
235 } 235 }
@@ -239,7 +239,7 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d, int len, i
239 if (!CBS_get_u8_length_prefixed(&cbs, &reneg) || 239 if (!CBS_get_u8_length_prefixed(&cbs, &reneg) ||
240 /* Consistency check */ 240 /* Consistency check */
241 CBS_len(&cbs) != 0) { 241 CBS_len(&cbs) != 0) {
242 SSLerror(SSL_R_RENEGOTIATION_ENCODING_ERR); 242 SSLerror(s, SSL_R_RENEGOTIATION_ENCODING_ERR);
243 *al = SSL_AD_ILLEGAL_PARAMETER; 243 *al = SSL_AD_ILLEGAL_PARAMETER;
244 return 0; 244 return 0;
245 } 245 }
@@ -251,20 +251,20 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d, int len, i
251 !CBS_get_bytes(&reneg, &previous_server, 251 !CBS_get_bytes(&reneg, &previous_server,
252 S3I(s)->previous_server_finished_len) || 252 S3I(s)->previous_server_finished_len) ||
253 CBS_len(&reneg) != 0) { 253 CBS_len(&reneg) != 0) {
254 SSLerror(SSL_R_RENEGOTIATION_MISMATCH); 254 SSLerror(s, SSL_R_RENEGOTIATION_MISMATCH);
255 *al = SSL_AD_HANDSHAKE_FAILURE; 255 *al = SSL_AD_HANDSHAKE_FAILURE;
256 return 0; 256 return 0;
257 } 257 }
258 258
259 if (!CBS_mem_equal(&previous_client, S3I(s)->previous_client_finished, 259 if (!CBS_mem_equal(&previous_client, S3I(s)->previous_client_finished,
260 CBS_len(&previous_client))) { 260 CBS_len(&previous_client))) {
261 SSLerror(SSL_R_RENEGOTIATION_MISMATCH); 261 SSLerror(s, SSL_R_RENEGOTIATION_MISMATCH);
262 *al = SSL_AD_HANDSHAKE_FAILURE; 262 *al = SSL_AD_HANDSHAKE_FAILURE;
263 return 0; 263 return 0;
264 } 264 }
265 if (!CBS_mem_equal(&previous_server, S3I(s)->previous_server_finished, 265 if (!CBS_mem_equal(&previous_server, S3I(s)->previous_server_finished,
266 CBS_len(&previous_server))) { 266 CBS_len(&previous_server))) {
267 SSLerror(SSL_R_RENEGOTIATION_MISMATCH); 267 SSLerror(s, SSL_R_RENEGOTIATION_MISMATCH);
268 *al = SSL_AD_ILLEGAL_PARAMETER; 268 *al = SSL_AD_ILLEGAL_PARAMETER;
269 return 0; 269 return 0;
270 } 270 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 12:02:21 +0000