summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509
diff options
context:
space:
mode:
authorbeck <>2017-01-29 17:49:23 +0000
committerbeck <>2017-01-29 17:49:23 +0000
commitd1f47bd292f36094480caa49ada36b99a69c59b0 (patch)
tree1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/x509
parentf8c627888330b75c2eea8a3c27d0efe947a4f9da (diff)
downloadopenbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.gz
openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.bz2
openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.zip
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/x509')
-rw-r--r--src/lib/libcrypto/x509/by_dir.c24
-rw-r--r--src/lib/libcrypto/x509/by_file.c27
-rw-r--r--src/lib/libcrypto/x509/by_mem.c4
-rw-r--r--src/lib/libcrypto/x509/x509_att.c22
-rw-r--r--src/lib/libcrypto/x509/x509_cmp.c11
-rw-r--r--src/lib/libcrypto/x509/x509_err.c48
-rw-r--r--src/lib/libcrypto/x509/x509_lu.c21
-rw-r--r--src/lib/libcrypto/x509/x509_obj.c4
-rw-r--r--src/lib/libcrypto/x509/x509_r2x.c4
-rw-r--r--src/lib/libcrypto/x509/x509_req.c19
-rw-r--r--src/lib/libcrypto/x509/x509_trs.c10
-rw-r--r--src/lib/libcrypto/x509/x509_v3.c12
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c48
-rw-r--r--src/lib/libcrypto/x509/x509name.c13
-rw-r--r--src/lib/libcrypto/x509/x509spki.c9
15 files changed, 98 insertions, 178 deletions
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
index 7b7d14a950..01a302b538 100644
--- a/src/lib/libcrypto/x509/by_dir.c
+++ b/src/lib/libcrypto/x509/by_dir.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: by_dir.c,v 1.37 2015/04/11 16:03:21 deraadt Exp $ */ 1/* $OpenBSD: by_dir.c,v 1.38 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -133,7 +133,7 @@ dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
133 ret = add_cert_dir(ld, X509_get_default_cert_dir(), 133 ret = add_cert_dir(ld, X509_get_default_cert_dir(),
134 X509_FILETYPE_PEM); 134 X509_FILETYPE_PEM);
135 if (!ret) { 135 if (!ret) {
136 X509err(X509_F_DIR_CTRL, X509_R_LOADING_CERT_DIR); 136 X509error(X509_R_LOADING_CERT_DIR);
137 } 137 }
138 } else 138 } else
139 ret = add_cert_dir(ld, argp, (int)argl); 139 ret = add_cert_dir(ld, argp, (int)argl);
@@ -205,7 +205,7 @@ add_cert_dir(BY_DIR *ctx, const char *dir, int type)
205 ptrdiff_t len; 205 ptrdiff_t len;
206 206
207 if (dir == NULL || !*dir) { 207 if (dir == NULL || !*dir) {
208 X509err(X509_F_ADD_CERT_DIR, X509_R_INVALID_DIRECTORY); 208 X509error(X509_R_INVALID_DIRECTORY);
209 return 0; 209 return 0;
210 } 210 }
211 211
@@ -230,25 +230,25 @@ add_cert_dir(BY_DIR *ctx, const char *dir, int type)
230 if (ctx->dirs == NULL) { 230 if (ctx->dirs == NULL) {
231 ctx->dirs = sk_BY_DIR_ENTRY_new_null(); 231 ctx->dirs = sk_BY_DIR_ENTRY_new_null();
232 if (!ctx->dirs) { 232 if (!ctx->dirs) {
233 X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE); 233 X509error(ERR_R_MALLOC_FAILURE);
234 return 0; 234 return 0;
235 } 235 }
236 } 236 }
237 ent = malloc(sizeof(BY_DIR_ENTRY)); 237 ent = malloc(sizeof(BY_DIR_ENTRY));
238 if (!ent) { 238 if (!ent) {
239 X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE); 239 X509error(ERR_R_MALLOC_FAILURE);
240 return 0; 240 return 0;
241 } 241 }
242 ent->dir_type = type; 242 ent->dir_type = type;
243 ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); 243 ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
244 ent->dir = strndup(ss, (size_t)len); 244 ent->dir = strndup(ss, (size_t)len);
245 if (!ent->dir || !ent->hashes) { 245 if (!ent->dir || !ent->hashes) {
246 X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE); 246 X509error(ERR_R_MALLOC_FAILURE);
247 by_dir_entry_free(ent); 247 by_dir_entry_free(ent);
248 return 0; 248 return 0;
249 } 249 }
250 if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) { 250 if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
251 X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE); 251 X509error(ERR_R_MALLOC_FAILURE);
252 by_dir_entry_free(ent); 252 by_dir_entry_free(ent);
253 return 0; 253 return 0;
254 } 254 }
@@ -294,12 +294,12 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
294 stmp.data.crl = &data.crl.st_crl; 294 stmp.data.crl = &data.crl.st_crl;
295 postfix="r"; 295 postfix="r";
296 } else { 296 } else {
297 X509err(X509_F_GET_CERT_BY_SUBJECT, X509_R_WRONG_LOOKUP_TYPE); 297 X509error(X509_R_WRONG_LOOKUP_TYPE);
298 goto finish; 298 goto finish;
299 } 299 }
300 300
301 if ((b = BUF_MEM_new()) == NULL) { 301 if ((b = BUF_MEM_new()) == NULL) {
302 X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_BUF_LIB); 302 X509error(ERR_R_BUF_LIB);
303 goto finish; 303 goto finish;
304 } 304 }
305 305
@@ -313,7 +313,7 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
313 ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i); 313 ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i);
314 j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1; 314 j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1;
315 if (!BUF_MEM_grow(b, j)) { 315 if (!BUF_MEM_grow(b, j)) {
316 X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE); 316 X509error(ERR_R_MALLOC_FAILURE);
317 goto finish; 317 goto finish;
318 } 318 }
319 if (type == X509_LU_CRL && ent->hashes) { 319 if (type == X509_LU_CRL && ent->hashes) {
@@ -381,7 +381,7 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
381 if (!hent) { 381 if (!hent) {
382 hent = malloc(sizeof(BY_DIR_HASH)); 382 hent = malloc(sizeof(BY_DIR_HASH));
383 if (!hent) { 383 if (!hent) {
384 X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE); 384 X509error(ERR_R_MALLOC_FAILURE);
385 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); 385 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
386 ok = 0; 386 ok = 0;
387 goto finish; 387 goto finish;
@@ -389,7 +389,7 @@ get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
389 hent->hash = h; 389 hent->hash = h;
390 hent->suffix = k; 390 hent->suffix = k;
391 if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) { 391 if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) {
392 X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE); 392 X509error(ERR_R_MALLOC_FAILURE);
393 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); 393 CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
394 free(hent); 394 free(hent);
395 ok = 0; 395 ok = 0;
diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c
index 377b3b0a8b..b2c8ef6cfa 100644
--- a/src/lib/libcrypto/x509/by_file.c
+++ b/src/lib/libcrypto/x509/by_file.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: by_file.c,v 1.20 2016/03/11 07:08:45 mmcc Exp $ */ 1/* $OpenBSD: by_file.c,v 1.21 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -102,8 +102,7 @@ by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
102 X509_get_default_cert_file(), 102 X509_get_default_cert_file(),
103 X509_FILETYPE_PEM) != 0); 103 X509_FILETYPE_PEM) != 0);
104 if (!ok) { 104 if (!ok) {
105 X509err(X509_F_BY_FILE_CTRL, 105 X509error(X509_R_LOADING_DEFAULTS);
106 X509_R_LOADING_DEFAULTS);
107 } 106 }
108 } else { 107 } else {
109 if (argl == X509_FILETYPE_PEM) 108 if (argl == X509_FILETYPE_PEM)
@@ -131,7 +130,7 @@ X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
131 in = BIO_new(BIO_s_file_internal()); 130 in = BIO_new(BIO_s_file_internal());
132 131
133 if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) { 132 if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
134 X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_SYS_LIB); 133 X509error(ERR_R_SYS_LIB);
135 goto err; 134 goto err;
136 } 135 }
137 136
@@ -144,8 +143,7 @@ X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
144 ERR_clear_error(); 143 ERR_clear_error();
145 break; 144 break;
146 } else { 145 } else {
147 X509err(X509_F_X509_LOAD_CERT_FILE, 146 X509error(ERR_R_PEM_LIB);
148 ERR_R_PEM_LIB);
149 goto err; 147 goto err;
150 } 148 }
151 } 149 }
@@ -160,7 +158,7 @@ X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
160 } else if (type == X509_FILETYPE_ASN1) { 158 } else if (type == X509_FILETYPE_ASN1) {
161 x = d2i_X509_bio(in, NULL); 159 x = d2i_X509_bio(in, NULL);
162 if (x == NULL) { 160 if (x == NULL) {
163 X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_ASN1_LIB); 161 X509error(ERR_R_ASN1_LIB);
164 goto err; 162 goto err;
165 } 163 }
166 i = X509_STORE_add_cert(ctx->store_ctx, x); 164 i = X509_STORE_add_cert(ctx->store_ctx, x);
@@ -168,7 +166,7 @@ X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
168 goto err; 166 goto err;
169 ret = i; 167 ret = i;
170 } else { 168 } else {
171 X509err(X509_F_X509_LOAD_CERT_FILE, X509_R_BAD_X509_FILETYPE); 169 X509error(X509_R_BAD_X509_FILETYPE);
172 goto err; 170 goto err;
173 } 171 }
174err: 172err:
@@ -190,7 +188,7 @@ X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
190 in = BIO_new(BIO_s_file_internal()); 188 in = BIO_new(BIO_s_file_internal());
191 189
192 if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) { 190 if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
193 X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_SYS_LIB); 191 X509error(ERR_R_SYS_LIB);
194 goto err; 192 goto err;
195 } 193 }
196 194
@@ -203,8 +201,7 @@ X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
203 ERR_clear_error(); 201 ERR_clear_error();
204 break; 202 break;
205 } else { 203 } else {
206 X509err(X509_F_X509_LOAD_CRL_FILE, 204 X509error(ERR_R_PEM_LIB);
207 ERR_R_PEM_LIB);
208 goto err; 205 goto err;
209 } 206 }
210 } 207 }
@@ -219,7 +216,7 @@ X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
219 } else if (type == X509_FILETYPE_ASN1) { 216 } else if (type == X509_FILETYPE_ASN1) {
220 x = d2i_X509_CRL_bio(in, NULL); 217 x = d2i_X509_CRL_bio(in, NULL);
221 if (x == NULL) { 218 if (x == NULL) {
222 X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_ASN1_LIB); 219 X509error(ERR_R_ASN1_LIB);
223 goto err; 220 goto err;
224 } 221 }
225 i = X509_STORE_add_crl(ctx->store_ctx, x); 222 i = X509_STORE_add_crl(ctx->store_ctx, x);
@@ -227,7 +224,7 @@ X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
227 goto err; 224 goto err;
228 ret = i; 225 ret = i;
229 } else { 226 } else {
230 X509err(X509_F_X509_LOAD_CRL_FILE, X509_R_BAD_X509_FILETYPE); 227 X509error(X509_R_BAD_X509_FILETYPE);
231 goto err; 228 goto err;
232 } 229 }
233err: 230err:
@@ -248,13 +245,13 @@ X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
248 return X509_load_cert_file(ctx, file, type); 245 return X509_load_cert_file(ctx, file, type);
249 in = BIO_new_file(file, "r"); 246 in = BIO_new_file(file, "r");
250 if (!in) { 247 if (!in) {
251 X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_SYS_LIB); 248 X509error(ERR_R_SYS_LIB);
252 return 0; 249 return 0;
253 } 250 }
254 inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); 251 inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
255 BIO_free(in); 252 BIO_free(in);
256 if (!inf) { 253 if (!inf) {
257 X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_PEM_LIB); 254 X509error(ERR_R_PEM_LIB);
258 return 0; 255 return 0;
259 } 256 }
260 for (i = 0; i < sk_X509_INFO_num(inf); i++) { 257 for (i = 0; i < sk_X509_INFO_num(inf); i++) {
diff --git a/src/lib/libcrypto/x509/by_mem.c b/src/lib/libcrypto/x509/by_mem.c
index ecab813406..34d4040d84 100644
--- a/src/lib/libcrypto/x509/by_mem.c
+++ b/src/lib/libcrypto/x509/by_mem.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: by_mem.c,v 1.3 2015/02/05 01:33:22 reyk Exp $ */ 1/* $OpenBSD: by_mem.c,v 1.4 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -129,7 +129,7 @@ by_mem_ctrl(X509_LOOKUP *lu, int cmd, const char *buf,
129 ok = count != 0; 129 ok = count != 0;
130 done: 130 done:
131 if (count == 0) 131 if (count == 0)
132 X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_PEM_LIB); 132 X509error(ERR_R_PEM_LIB);
133 if (inf != NULL) 133 if (inf != NULL)
134 sk_X509_INFO_pop_free(inf, X509_INFO_free); 134 sk_X509_INFO_pop_free(inf, X509_INFO_free);
135 if (in != NULL) 135 if (in != NULL)
diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c
index ab11e79b0a..7304118eb3 100644
--- a/src/lib/libcrypto/x509/x509_att.c
+++ b/src/lib/libcrypto/x509/x509_att.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_att.c,v 1.14 2016/03/21 04:05:33 mmcc Exp $ */ 1/* $OpenBSD: x509_att.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -131,7 +131,7 @@ X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr)
131 STACK_OF(X509_ATTRIBUTE) *sk = NULL; 131 STACK_OF(X509_ATTRIBUTE) *sk = NULL;
132 132
133 if (x == NULL) { 133 if (x == NULL) {
134 X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER); 134 X509error(ERR_R_PASSED_NULL_PARAMETER);
135 return (NULL); 135 return (NULL);
136 } 136 }
137 137
@@ -150,7 +150,7 @@ X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr)
150 return (sk); 150 return (sk);
151 151
152err: 152err:
153 X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE); 153 X509error(ERR_R_MALLOC_FAILURE);
154err2: 154err2:
155 if (new_attr != NULL) 155 if (new_attr != NULL)
156 X509_ATTRIBUTE_free(new_attr); 156 X509_ATTRIBUTE_free(new_attr);
@@ -231,8 +231,7 @@ X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype,
231 231
232 obj = OBJ_nid2obj(nid); 232 obj = OBJ_nid2obj(nid);
233 if (obj == NULL) { 233 if (obj == NULL) {
234 X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID, 234 X509error(X509_R_UNKNOWN_NID);
235 X509_R_UNKNOWN_NID);
236 return (NULL); 235 return (NULL);
237 } 236 }
238 ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len); 237 ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len);
@@ -249,8 +248,7 @@ X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, const ASN1_OBJECT *obj,
249 248
250 if ((attr == NULL) || (*attr == NULL)) { 249 if ((attr == NULL) || (*attr == NULL)) {
251 if ((ret = X509_ATTRIBUTE_new()) == NULL) { 250 if ((ret = X509_ATTRIBUTE_new()) == NULL) {
252 X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ, 251 X509error(ERR_R_MALLOC_FAILURE);
253 ERR_R_MALLOC_FAILURE);
254 return (NULL); 252 return (NULL);
255 } 253 }
256 } else 254 } else
@@ -280,8 +278,7 @@ X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, const char *atrname,
280 278
281 obj = OBJ_txt2obj(atrname, 0); 279 obj = OBJ_txt2obj(atrname, 0);
282 if (obj == NULL) { 280 if (obj == NULL) {
283 X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT, 281 X509error(X509_R_INVALID_FIELD_NAME);
284 X509_R_INVALID_FIELD_NAME);
285 ERR_asprintf_error_data("name=%s", atrname); 282 ERR_asprintf_error_data("name=%s", atrname);
286 return (NULL); 283 return (NULL);
287 } 284 }
@@ -314,8 +311,7 @@ X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data,
314 stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, 311 stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
315 OBJ_obj2nid(attr->object)); 312 OBJ_obj2nid(attr->object));
316 if (!stmp) { 313 if (!stmp) {
317 X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, 314 X509error(ERR_R_ASN1_LIB);
318 ERR_R_ASN1_LIB);
319 return 0; 315 return 0;
320 } 316 }
321 atype = stmp->type; 317 atype = stmp->type;
@@ -352,7 +348,7 @@ X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data,
352err: 348err:
353 ASN1_TYPE_free(ttmp); 349 ASN1_TYPE_free(ttmp);
354 ASN1_STRING_free(stmp); 350 ASN1_STRING_free(stmp);
355 X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); 351 X509error(ERR_R_MALLOC_FAILURE);
356 return 0; 352 return 0;
357} 353}
358 354
@@ -383,7 +379,7 @@ X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype, void *data)
383 if (!ttmp) 379 if (!ttmp)
384 return NULL; 380 return NULL;
385 if (atrtype != ASN1_TYPE_get(ttmp)){ 381 if (atrtype != ASN1_TYPE_get(ttmp)){
386 X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE); 382 X509error(X509_R_WRONG_TYPE);
387 return NULL; 383 return NULL;
388 } 384 }
389 return ttmp->value.ptr; 385 return ttmp->value.ptr;
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
index 407e1e07ad..72fbef1544 100644
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_cmp.c,v 1.26 2015/07/29 14:58:34 jsing Exp $ */ 1/* $OpenBSD: x509_cmp.c,v 1.27 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -351,16 +351,13 @@ X509_check_private_key(X509 *x, EVP_PKEY *k)
351 case 1: 351 case 1:
352 break; 352 break;
353 case 0: 353 case 0:
354 X509err(X509_F_X509_CHECK_PRIVATE_KEY, 354 X509error(X509_R_KEY_VALUES_MISMATCH);
355 X509_R_KEY_VALUES_MISMATCH);
356 break; 355 break;
357 case -1: 356 case -1:
358 X509err(X509_F_X509_CHECK_PRIVATE_KEY, 357 X509error(X509_R_KEY_TYPE_MISMATCH);
359 X509_R_KEY_TYPE_MISMATCH);
360 break; 358 break;
361 case -2: 359 case -2:
362 X509err(X509_F_X509_CHECK_PRIVATE_KEY, 360 X509error(X509_R_UNKNOWN_KEY_TYPE);
363 X509_R_UNKNOWN_KEY_TYPE);
364 } 361 }
365 EVP_PKEY_free(xk); 362 EVP_PKEY_free(xk);
366 if (ret > 0) 363 if (ret > 0)
diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c
index 6a15ac9fd0..3b321376ad 100644
--- a/src/lib/libcrypto/x509/x509_err.c
+++ b/src/lib/libcrypto/x509/x509_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_err.c,v 1.12 2014/07/10 22:45:58 jsing Exp $ */ 1/* $OpenBSD: x509_err.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -72,51 +72,7 @@
72#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason) 72#define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
73 73
74static ERR_STRING_DATA X509_str_functs[] = { 74static ERR_STRING_DATA X509_str_functs[] = {
75 {ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"}, 75 {ERR_FUNC(0xfff), "CRYPTO_internal"},
76 {ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"},
77 {ERR_FUNC(X509_F_CHECK_POLICY), "CHECK_POLICY"},
78 {ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"},
79 {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"},
80 {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"},
81 {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"},
82 {ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"},
83 {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"},
84 {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID), "X509_ATTRIBUTE_create_by_NID"},
85 {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ), "X509_ATTRIBUTE_create_by_OBJ"},
86 {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT), "X509_ATTRIBUTE_create_by_txt"},
87 {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"},
88 {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"},
89 {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"},
90 {ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"},
91 {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID), "X509_EXTENSION_create_by_NID"},
92 {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ), "X509_EXTENSION_create_by_OBJ"},
93 {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS), "X509_get_pubkey_parameters"},
94 {ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE), "X509_load_cert_crl_file"},
95 {ERR_FUNC(X509_F_X509_LOAD_CERT_FILE), "X509_load_cert_file"},
96 {ERR_FUNC(X509_F_X509_LOAD_CRL_FILE), "X509_load_crl_file"},
97 {ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY), "X509_NAME_add_entry"},
98 {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID), "X509_NAME_ENTRY_create_by_NID"},
99 {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT), "X509_NAME_ENTRY_create_by_txt"},
100 {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT), "X509_NAME_ENTRY_set_object"},
101 {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
102 {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
103 {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
104 {ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"},
105 {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
106 {ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY), "X509_REQ_check_private_key"},
107 {ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"},
108 {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"},
109 {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"},
110 {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"},
111 {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"},
112 {ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER), "X509_STORE_CTX_get1_issuer"},
113 {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"},
114 {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
115 {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT), "X509_STORE_CTX_purpose_inherit"},
116 {ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
117 {ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
118 {ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
119 {ERR_FUNC(X509_F_X509_VERIFY_CERT), "X509_verify_cert"},
120 {0, NULL} 76 {0, NULL}
121}; 77};
122 78
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
index d8d0bb4147..6cde29fefc 100644
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ b/src/lib/libcrypto/x509/x509_lu.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_lu.c,v 1.22 2016/11/13 08:47:54 miod Exp $ */ 1/* $OpenBSD: x509_lu.c,v 1.23 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -349,7 +349,7 @@ X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
349 return 0; 349 return 0;
350 obj = malloc(sizeof(X509_OBJECT)); 350 obj = malloc(sizeof(X509_OBJECT));
351 if (obj == NULL) { 351 if (obj == NULL) {
352 X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE); 352 X509error(ERR_R_MALLOC_FAILURE);
353 return 0; 353 return 0;
354 } 354 }
355 obj->type = X509_LU_X509; 355 obj->type = X509_LU_X509;
@@ -360,13 +360,11 @@ X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
360 X509_OBJECT_up_ref_count(obj); 360 X509_OBJECT_up_ref_count(obj);
361 361
362 if (X509_OBJECT_retrieve_match(ctx->objs, obj)) { 362 if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
363 X509err(X509_F_X509_STORE_ADD_CERT, 363 X509error(X509_R_CERT_ALREADY_IN_HASH_TABLE);
364 X509_R_CERT_ALREADY_IN_HASH_TABLE);
365 ret = 0; 364 ret = 0;
366 } else { 365 } else {
367 if (sk_X509_OBJECT_push(ctx->objs, obj) == 0) { 366 if (sk_X509_OBJECT_push(ctx->objs, obj) == 0) {
368 X509err(X509_F_X509_STORE_ADD_CERT, 367 X509error(ERR_R_MALLOC_FAILURE);
369 ERR_R_MALLOC_FAILURE);
370 ret = 0; 368 ret = 0;
371 } 369 }
372 } 370 }
@@ -394,7 +392,7 @@ X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
394 return 0; 392 return 0;
395 obj = malloc(sizeof(X509_OBJECT)); 393 obj = malloc(sizeof(X509_OBJECT));
396 if (obj == NULL) { 394 if (obj == NULL) {
397 X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE); 395 X509error(ERR_R_MALLOC_FAILURE);
398 return 0; 396 return 0;
399 } 397 }
400 obj->type = X509_LU_CRL; 398 obj->type = X509_LU_CRL;
@@ -405,13 +403,11 @@ X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
405 X509_OBJECT_up_ref_count(obj); 403 X509_OBJECT_up_ref_count(obj);
406 404
407 if (X509_OBJECT_retrieve_match(ctx->objs, obj)) { 405 if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
408 X509err(X509_F_X509_STORE_ADD_CRL, 406 X509error(X509_R_CERT_ALREADY_IN_HASH_TABLE);
409 X509_R_CERT_ALREADY_IN_HASH_TABLE);
410 ret = 0; 407 ret = 0;
411 } else { 408 } else {
412 if (sk_X509_OBJECT_push(ctx->objs, obj) == 0) { 409 if (sk_X509_OBJECT_push(ctx->objs, obj) == 0) {
413 X509err(X509_F_X509_STORE_ADD_CRL, 410 X509error(ERR_R_MALLOC_FAILURE);
414 ERR_R_MALLOC_FAILURE);
415 ret = 0; 411 ret = 0;
416 } 412 }
417 } 413 }
@@ -678,8 +674,7 @@ X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
678 if (ok != X509_LU_X509) { 674 if (ok != X509_LU_X509) {
679 if (ok == X509_LU_RETRY) { 675 if (ok == X509_LU_RETRY) {
680 X509_OBJECT_free_contents(&obj); 676 X509_OBJECT_free_contents(&obj);
681 X509err(X509_F_X509_STORE_CTX_GET1_ISSUER, 677 X509error(X509_R_SHOULD_RETRY);
682 X509_R_SHOULD_RETRY);
683 return -1; 678 return -1;
684 } else if (ok != X509_LU_FAIL) { 679 } else if (ok != X509_LU_FAIL) {
685 X509_OBJECT_free_contents(&obj); 680 X509_OBJECT_free_contents(&obj);
diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c
index f7f2a380a1..b34f25b013 100644
--- a/src/lib/libcrypto/x509/x509_obj.c
+++ b/src/lib/libcrypto/x509/x509_obj.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_obj.c,v 1.16 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: x509_obj.c,v 1.17 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -172,7 +172,7 @@ X509_NAME_oneline(X509_NAME *a, char *buf, int len)
172 return (p); 172 return (p);
173 173
174err: 174err:
175 X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE); 175 X509error(ERR_R_MALLOC_FAILURE);
176 if (b != NULL) 176 if (b != NULL)
177 BUF_MEM_free(b); 177 BUF_MEM_free(b);
178 return (NULL); 178 return (NULL);
diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c
index 76faa29b7f..525163bc3e 100644
--- a/src/lib/libcrypto/x509/x509_r2x.c
+++ b/src/lib/libcrypto/x509/x509_r2x.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_r2x.c,v 1.10 2015/09/30 17:30:16 jsing Exp $ */ 1/* $OpenBSD: x509_r2x.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -74,7 +74,7 @@ X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
74 X509_NAME *xn; 74 X509_NAME *xn;
75 75
76 if ((ret = X509_new()) == NULL) { 76 if ((ret = X509_new()) == NULL) {
77 X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE); 77 X509error(ERR_R_MALLOC_FAILURE);
78 goto err; 78 goto err;
79 } 79 }
80 80
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
index e6fc3c5df8..f87b35c706 100644
--- a/src/lib/libcrypto/x509/x509_req.c
+++ b/src/lib/libcrypto/x509/x509_req.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_req.c,v 1.19 2016/12/30 15:24:51 jsing Exp $ */ 1/* $OpenBSD: x509_req.c,v 1.20 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -80,7 +80,7 @@ X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
80 80
81 ret = X509_REQ_new(); 81 ret = X509_REQ_new();
82 if (ret == NULL) { 82 if (ret == NULL) {
83 X509err(X509_F_X509_TO_X509_REQ, ERR_R_MALLOC_FAILURE); 83 X509error(ERR_R_MALLOC_FAILURE);
84 goto err; 84 goto err;
85 } 85 }
86 86
@@ -133,31 +133,26 @@ X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
133 ok = 1; 133 ok = 1;
134 break; 134 break;
135 case 0: 135 case 0:
136 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, 136 X509error(X509_R_KEY_VALUES_MISMATCH);
137 X509_R_KEY_VALUES_MISMATCH);
138 break; 137 break;
139 case -1: 138 case -1:
140 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, 139 X509error(X509_R_KEY_TYPE_MISMATCH);
141 X509_R_KEY_TYPE_MISMATCH);
142 break; 140 break;
143 case -2: 141 case -2:
144#ifndef OPENSSL_NO_EC 142#ifndef OPENSSL_NO_EC
145 if (k->type == EVP_PKEY_EC) { 143 if (k->type == EVP_PKEY_EC) {
146 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, 144 X509error(ERR_R_EC_LIB);
147 ERR_R_EC_LIB);
148 break; 145 break;
149 } 146 }
150#endif 147#endif
151#ifndef OPENSSL_NO_DH 148#ifndef OPENSSL_NO_DH
152 if (k->type == EVP_PKEY_DH) { 149 if (k->type == EVP_PKEY_DH) {
153 /* No idea */ 150 /* No idea */
154 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, 151 X509error(X509_R_CANT_CHECK_DH_KEY);
155 X509_R_CANT_CHECK_DH_KEY);
156 break; 152 break;
157 } 153 }
158#endif 154#endif
159 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, 155 X509error(X509_R_UNKNOWN_KEY_TYPE);
160 X509_R_UNKNOWN_KEY_TYPE);
161 } 156 }
162 157
163 EVP_PKEY_free(xk); 158 EVP_PKEY_free(xk);
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c
index 5be7abdf08..9af74de1ca 100644
--- a/src/lib/libcrypto/x509/x509_trs.c
+++ b/src/lib/libcrypto/x509/x509_trs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_trs.c,v 1.21 2016/11/06 10:31:34 beck Exp $ */ 1/* $OpenBSD: x509_trs.c,v 1.22 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -178,7 +178,7 @@ int
178X509_TRUST_set(int *t, int trust) 178X509_TRUST_set(int *t, int trust)
179{ 179{
180 if (X509_TRUST_get_by_id(trust) == -1) { 180 if (X509_TRUST_get_by_id(trust) == -1) {
181 X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST); 181 X509error(X509_R_INVALID_TRUST);
182 return 0; 182 return 0;
183 } 183 }
184 *t = trust; 184 *t = trust;
@@ -202,14 +202,14 @@ X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
202 /* Need a new entry */ 202 /* Need a new entry */
203 if (idx == -1) { 203 if (idx == -1) {
204 if (!(trtmp = malloc(sizeof(X509_TRUST)))) { 204 if (!(trtmp = malloc(sizeof(X509_TRUST)))) {
205 X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); 205 X509error(ERR_R_MALLOC_FAILURE);
206 return 0; 206 return 0;
207 } 207 }
208 trtmp->flags = X509_TRUST_DYNAMIC; 208 trtmp->flags = X509_TRUST_DYNAMIC;
209 } else { 209 } else {
210 trtmp = X509_TRUST_get0(idx); 210 trtmp = X509_TRUST_get0(idx);
211 if (trtmp == NULL) { 211 if (trtmp == NULL) {
212 X509err(X509_F_X509_TRUST_ADD, X509_R_INVALID_TRUST); 212 X509error(X509_R_INVALID_TRUST);
213 return 0; 213 return 0;
214 } 214 }
215 } 215 }
@@ -246,7 +246,7 @@ err:
246 free(name_dup); 246 free(name_dup);
247 if (idx == -1) 247 if (idx == -1)
248 free(trtmp); 248 free(trtmp);
249 X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); 249 X509error(ERR_R_MALLOC_FAILURE);
250 return 0; 250 return 0;
251} 251}
252 252
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c
index d9ec9c8c14..446ef319f8 100644
--- a/src/lib/libcrypto/x509/x509_v3.c
+++ b/src/lib/libcrypto/x509/x509_v3.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_v3.c,v 1.13 2016/03/21 04:05:33 mmcc Exp $ */ 1/* $OpenBSD: x509_v3.c,v 1.14 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -156,7 +156,7 @@ X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc)
156 STACK_OF(X509_EXTENSION) *sk = NULL; 156 STACK_OF(X509_EXTENSION) *sk = NULL;
157 157
158 if (x == NULL) { 158 if (x == NULL) {
159 X509err(X509_F_X509V3_ADD_EXT, ERR_R_PASSED_NULL_PARAMETER); 159 X509error(ERR_R_PASSED_NULL_PARAMETER);
160 goto err2; 160 goto err2;
161 } 161 }
162 162
@@ -181,7 +181,7 @@ X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc)
181 return (sk); 181 return (sk);
182 182
183err: 183err:
184 X509err(X509_F_X509V3_ADD_EXT, ERR_R_MALLOC_FAILURE); 184 X509error(ERR_R_MALLOC_FAILURE);
185err2: 185err2:
186 if (new_ex != NULL) 186 if (new_ex != NULL)
187 X509_EXTENSION_free(new_ex); 187 X509_EXTENSION_free(new_ex);
@@ -199,8 +199,7 @@ X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, int crit,
199 199
200 obj = OBJ_nid2obj(nid); 200 obj = OBJ_nid2obj(nid);
201 if (obj == NULL) { 201 if (obj == NULL) {
202 X509err(X509_F_X509_EXTENSION_CREATE_BY_NID, 202 X509error(X509_R_UNKNOWN_NID);
203 X509_R_UNKNOWN_NID);
204 return (NULL); 203 return (NULL);
205 } 204 }
206 ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data); 205 ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data);
@@ -217,8 +216,7 @@ X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, ASN1_OBJECT *obj, int crit,
217 216
218 if ((ex == NULL) || (*ex == NULL)) { 217 if ((ex == NULL) || (*ex == NULL)) {
219 if ((ret = X509_EXTENSION_new()) == NULL) { 218 if ((ret = X509_EXTENSION_new()) == NULL) {
220 X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ, 219 X509error(ERR_R_MALLOC_FAILURE);
221 ERR_R_MALLOC_FAILURE);
222 return (NULL); 220 return (NULL);
223 } 221 }
224 } else 222 } else
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 9dba97bbf8..b81387a237 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_vfy.c,v 1.59 2017/01/21 01:09:54 beck Exp $ */ 1/* $OpenBSD: x509_vfy.c,v 1.60 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -228,8 +228,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
228 STACK_OF(X509) *sktmp = NULL; 228 STACK_OF(X509) *sktmp = NULL;
229 229
230 if (ctx->cert == NULL) { 230 if (ctx->cert == NULL) {
231 X509err(X509_F_X509_VERIFY_CERT, 231 X509error(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
232 X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
233 ctx->error = X509_V_ERR_INVALID_CALL; 232 ctx->error = X509_V_ERR_INVALID_CALL;
234 return -1; 233 return -1;
235 } 234 }
@@ -238,8 +237,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
238 * This X509_STORE_CTX has already been used to verify 237 * This X509_STORE_CTX has already been used to verify
239 * a cert. We cannot do another one. 238 * a cert. We cannot do another one.
240 */ 239 */
241 X509err(X509_F_X509_VERIFY_CERT, 240 X509error(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
242 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
243 ctx->error = X509_V_ERR_INVALID_CALL; 241 ctx->error = X509_V_ERR_INVALID_CALL;
244 return -1; 242 return -1;
245 } 243 }
@@ -247,8 +245,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
247 /* 245 /*
248 * This X509_STORE_CTX has not been properly initialized. 246 * This X509_STORE_CTX has not been properly initialized.
249 */ 247 */
250 X509err(X509_F_X509_VERIFY_CERT, 248 X509error(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
251 ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
252 ctx->error = X509_V_ERR_INVALID_CALL; 249 ctx->error = X509_V_ERR_INVALID_CALL;
253 return -1; 250 return -1;
254 } 251 }
@@ -262,7 +259,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
262 */ 259 */
263 ctx->chain = sk_X509_new_null(); 260 ctx->chain = sk_X509_new_null();
264 if (ctx->chain == NULL || !sk_X509_push(ctx->chain, ctx->cert)) { 261 if (ctx->chain == NULL || !sk_X509_push(ctx->chain, ctx->cert)) {
265 X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); 262 X509error(ERR_R_MALLOC_FAILURE);
266 ctx->error = X509_V_ERR_OUT_OF_MEM; 263 ctx->error = X509_V_ERR_OUT_OF_MEM;
267 goto end; 264 goto end;
268 } 265 }
@@ -272,7 +269,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
272 /* We use a temporary STACK so we can chop and hack at it */ 269 /* We use a temporary STACK so we can chop and hack at it */
273 if (ctx->untrusted != NULL && 270 if (ctx->untrusted != NULL &&
274 (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) { 271 (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
275 X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); 272 X509error(ERR_R_MALLOC_FAILURE);
276 ctx->error = X509_V_ERR_OUT_OF_MEM; 273 ctx->error = X509_V_ERR_OUT_OF_MEM;
277 goto end; 274 goto end;
278 } 275 }
@@ -316,8 +313,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
316 xtmp = find_issuer(ctx, sktmp, x); 313 xtmp = find_issuer(ctx, sktmp, x);
317 if (xtmp != NULL) { 314 if (xtmp != NULL) {
318 if (!sk_X509_push(ctx->chain, xtmp)) { 315 if (!sk_X509_push(ctx->chain, xtmp)) {
319 X509err(X509_F_X509_VERIFY_CERT, 316 X509error(ERR_R_MALLOC_FAILURE);
320 ERR_R_MALLOC_FAILURE);
321 ctx->error = X509_V_ERR_OUT_OF_MEM; 317 ctx->error = X509_V_ERR_OUT_OF_MEM;
322 ok = 0; 318 ok = 0;
323 goto end; 319 goto end;
@@ -415,8 +411,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
415 x = xtmp; 411 x = xtmp;
416 if (!sk_X509_push(ctx->chain, x)) { 412 if (!sk_X509_push(ctx->chain, x)) {
417 X509_free(xtmp); 413 X509_free(xtmp);
418 X509err(X509_F_X509_VERIFY_CERT, 414 X509error(ERR_R_MALLOC_FAILURE);
419 ERR_R_MALLOC_FAILURE);
420 ctx->error = X509_V_ERR_OUT_OF_MEM; 415 ctx->error = X509_V_ERR_OUT_OF_MEM;
421 ok = 0; 416 ok = 0;
422 goto end; 417 goto end;
@@ -488,7 +483,7 @@ X509_verify_cert(X509_STORE_CTX *ctx)
488 } else { 483 } else {
489 if (!sk_X509_push(ctx->chain, chain_ss)) { 484 if (!sk_X509_push(ctx->chain, chain_ss)) {
490 X509_free(chain_ss); 485 X509_free(chain_ss);
491 X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE); 486 X509error(ERR_R_MALLOC_FAILURE);
492 return 0; 487 return 0;
493 } 488 }
494 num++; 489 num++;
@@ -1669,7 +1664,7 @@ check_policy(X509_STORE_CTX *ctx)
1669 ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, 1664 ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
1670 ctx->param->policies, ctx->param->flags); 1665 ctx->param->policies, ctx->param->flags);
1671 if (ret == 0) { 1666 if (ret == 0) {
1672 X509err(X509_F_CHECK_POLICY, ERR_R_MALLOC_FAILURE); 1667 X509error(ERR_R_MALLOC_FAILURE);
1673 return 0; 1668 return 0;
1674 } 1669 }
1675 /* Invalid or inconsistent extensions */ 1670 /* Invalid or inconsistent extensions */
@@ -1941,8 +1936,7 @@ X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
1941 for (i = 0; i < sk_X509_num(chain); i++) { 1936 for (i = 0; i < sk_X509_num(chain); i++) {
1942 ktmp = X509_get_pubkey(sk_X509_value(chain, i)); 1937 ktmp = X509_get_pubkey(sk_X509_value(chain, i));
1943 if (ktmp == NULL) { 1938 if (ktmp == NULL) {
1944 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS, 1939 X509error(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
1945 X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
1946 return 0; 1940 return 0;
1947 } 1941 }
1948 if (!EVP_PKEY_missing_parameters(ktmp)) 1942 if (!EVP_PKEY_missing_parameters(ktmp))
@@ -1953,8 +1947,7 @@ X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
1953 } 1947 }
1954 } 1948 }
1955 if (ktmp == NULL) { 1949 if (ktmp == NULL) {
1956 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS, 1950 X509error(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
1957 X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
1958 return 0; 1951 return 0;
1959 } 1952 }
1960 1953
@@ -2109,16 +2102,14 @@ X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
2109 X509_PURPOSE *ptmp; 2102 X509_PURPOSE *ptmp;
2110 idx = X509_PURPOSE_get_by_id(purpose); 2103 idx = X509_PURPOSE_get_by_id(purpose);
2111 if (idx == -1) { 2104 if (idx == -1) {
2112 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, 2105 X509error(X509_R_UNKNOWN_PURPOSE_ID);
2113 X509_R_UNKNOWN_PURPOSE_ID);
2114 return 0; 2106 return 0;
2115 } 2107 }
2116 ptmp = X509_PURPOSE_get0(idx); 2108 ptmp = X509_PURPOSE_get0(idx);
2117 if (ptmp->trust == X509_TRUST_DEFAULT) { 2109 if (ptmp->trust == X509_TRUST_DEFAULT) {
2118 idx = X509_PURPOSE_get_by_id(def_purpose); 2110 idx = X509_PURPOSE_get_by_id(def_purpose);
2119 if (idx == -1) { 2111 if (idx == -1) {
2120 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, 2112 X509error(X509_R_UNKNOWN_PURPOSE_ID);
2121 X509_R_UNKNOWN_PURPOSE_ID);
2122 return 0; 2113 return 0;
2123 } 2114 }
2124 ptmp = X509_PURPOSE_get0(idx); 2115 ptmp = X509_PURPOSE_get0(idx);
@@ -2130,8 +2121,7 @@ X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
2130 if (trust) { 2121 if (trust) {
2131 idx = X509_TRUST_get_by_id(trust); 2122 idx = X509_TRUST_get_by_id(trust);
2132 if (idx == -1) { 2123 if (idx == -1) {
2133 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, 2124 X509error(X509_R_UNKNOWN_TRUST_ID);
2134 X509_R_UNKNOWN_TRUST_ID);
2135 return 0; 2125 return 0;
2136 } 2126 }
2137 } 2127 }
@@ -2150,7 +2140,7 @@ X509_STORE_CTX_new(void)
2150 2140
2151 ctx = calloc(1, sizeof(X509_STORE_CTX)); 2141 ctx = calloc(1, sizeof(X509_STORE_CTX));
2152 if (!ctx) { 2142 if (!ctx) {
2153 X509err(X509_F_X509_STORE_CTX_NEW, ERR_R_MALLOC_FAILURE); 2143 X509error(ERR_R_MALLOC_FAILURE);
2154 return NULL; 2144 return NULL;
2155 } 2145 }
2156 return ctx; 2146 return ctx;
@@ -2258,7 +2248,7 @@ X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
2258 2248
2259 ctx->param = X509_VERIFY_PARAM_new(); 2249 ctx->param = X509_VERIFY_PARAM_new();
2260 if (!ctx->param) { 2250 if (!ctx->param) {
2261 X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE); 2251 X509error(ERR_R_MALLOC_FAILURE);
2262 return 0; 2252 return 0;
2263 } 2253 }
2264 2254
@@ -2275,13 +2265,13 @@ X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
2275 X509_VERIFY_PARAM_lookup("default")); 2265 X509_VERIFY_PARAM_lookup("default"));
2276 2266
2277 if (param_ret == 0) { 2267 if (param_ret == 0) {
2278 X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE); 2268 X509error(ERR_R_MALLOC_FAILURE);
2279 return 0; 2269 return 0;
2280 } 2270 }
2281 2271
2282 if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, 2272 if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
2283 &(ctx->ex_data)) == 0) { 2273 &(ctx->ex_data)) == 0) {
2284 X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE); 2274 X509error(ERR_R_MALLOC_FAILURE);
2285 return 0; 2275 return 0;
2286 } 2276 }
2287 return 1; 2277 return 1;
diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c
index 14634013cf..ef242ce0a5 100644
--- a/src/lib/libcrypto/x509/x509name.c
+++ b/src/lib/libcrypto/x509/x509name.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509name.c,v 1.13 2014/09/29 04:17:24 miod Exp $ */ 1/* $OpenBSD: x509name.c,v 1.14 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -275,7 +275,7 @@ X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, int set)
275 goto err; 275 goto err;
276 new_name->set = set; 276 new_name->set = set;
277 if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) { 277 if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) {
278 X509err(X509_F_X509_NAME_ADD_ENTRY, ERR_R_MALLOC_FAILURE); 278 X509error(ERR_R_MALLOC_FAILURE);
279 goto err; 279 goto err;
280 } 280 }
281 if (inc) { 281 if (inc) {
@@ -300,8 +300,7 @@ X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
300 300
301 obj = OBJ_txt2obj(field, 0); 301 obj = OBJ_txt2obj(field, 0);
302 if (obj == NULL) { 302 if (obj == NULL) {
303 X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT, 303 X509error(X509_R_INVALID_FIELD_NAME);
304 X509_R_INVALID_FIELD_NAME);
305 ERR_asprintf_error_data("name=%s", field); 304 ERR_asprintf_error_data("name=%s", field);
306 return (NULL); 305 return (NULL);
307 } 306 }
@@ -319,8 +318,7 @@ X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,
319 318
320 obj = OBJ_nid2obj(nid); 319 obj = OBJ_nid2obj(nid);
321 if (obj == NULL) { 320 if (obj == NULL) {
322 X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID, 321 X509error(X509_R_UNKNOWN_NID);
323 X509_R_UNKNOWN_NID);
324 return (NULL); 322 return (NULL);
325 } 323 }
326 nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len); 324 nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
@@ -359,8 +357,7 @@ int
359X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj) 357X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
360{ 358{
361 if ((ne == NULL) || (obj == NULL)) { 359 if ((ne == NULL) || (obj == NULL)) {
362 X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT, 360 X509error(ERR_R_PASSED_NULL_PARAMETER);
363 ERR_R_PASSED_NULL_PARAMETER);
364 return (0); 361 return (0);
365 } 362 }
366 ASN1_OBJECT_free(ne->object); 363 ASN1_OBJECT_free(ne->object);
diff --git a/src/lib/libcrypto/x509/x509spki.c b/src/lib/libcrypto/x509/x509spki.c
index cd29a8138a..3a1c37cd86 100644
--- a/src/lib/libcrypto/x509/x509spki.c
+++ b/src/lib/libcrypto/x509/x509spki.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509spki.c,v 1.12 2014/07/11 08:44:49 jsing Exp $ */ 1/* $OpenBSD: x509spki.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -91,13 +91,12 @@ NETSCAPE_SPKI_b64_decode(const char *str, int len)
91 if (len <= 0) 91 if (len <= 0)
92 len = strlen(str); 92 len = strlen(str);
93 if (!(spki_der = malloc(len + 1))) { 93 if (!(spki_der = malloc(len + 1))) {
94 X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE); 94 X509error(ERR_R_MALLOC_FAILURE);
95 return NULL; 95 return NULL;
96 } 96 }
97 spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len); 97 spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len);
98 if (spki_len < 0) { 98 if (spki_len < 0) {
99 X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, 99 X509error(X509_R_BASE64_DECODE_ERROR);
100 X509_R_BASE64_DECODE_ERROR);
101 free(spki_der); 100 free(spki_der);
102 return NULL; 101 return NULL;
103 } 102 }
@@ -119,7 +118,7 @@ NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
119 der_spki = malloc(der_len); 118 der_spki = malloc(der_len);
120 b64_str = reallocarray(NULL, der_len, 2); 119 b64_str = reallocarray(NULL, der_len, 2);
121 if (!der_spki || !b64_str) { 120 if (!der_spki || !b64_str) {
122 X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE); 121 X509error(ERR_R_MALLOC_FAILURE);
123 free(der_spki); 122 free(der_spki);
124 free(b64_str); 123 free(b64_str);
125 return NULL; 124 return NULL;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-09 03:07:22 +0000