summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509v3
diff options
context:
space:
mode:
authorbeck <>2017-01-29 17:49:23 +0000
committerbeck <>2017-01-29 17:49:23 +0000
commitd1f47bd292f36094480caa49ada36b99a69c59b0 (patch)
tree1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/x509v3
parentf8c627888330b75c2eea8a3c27d0efe947a4f9da (diff)
downloadopenbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.gz
openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.bz2
openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.zip
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/x509v3')
-rw-r--r--src/lib/libcrypto/x509v3/v3_akey.c17
-rw-r--r--src/lib/libcrypto/x509v3/v3_alt.c49
-rw-r--r--src/lib/libcrypto/x509v3/v3_bcons.c7
-rw-r--r--src/lib/libcrypto/x509v3/v3_bitst.c10
-rw-r--r--src/lib/libcrypto/x509v3/v3_conf.c37
-rw-r--r--src/lib/libcrypto/x509v3/v3_cpols.c49
-rw-r--r--src/lib/libcrypto/x509v3/v3_crld.c20
-rw-r--r--src/lib/libcrypto/x509v3/v3_extku.c11
-rw-r--r--src/lib/libcrypto/x509v3/v3_ia5.c9
-rw-r--r--src/lib/libcrypto/x509v3/v3_info.c23
-rw-r--r--src/lib/libcrypto/x509v3/v3_lib.c16
-rw-r--r--src/lib/libcrypto/x509v3/v3_ncons.c7
-rw-r--r--src/lib/libcrypto/x509v3/v3_ocsp.c4
-rw-r--r--src/lib/libcrypto/x509v3/v3_pci.c52
-rw-r--r--src/lib/libcrypto/x509v3/v3_pcons.c11
-rw-r--r--src/lib/libcrypto/x509v3/v3_pmaps.c6
-rw-r--r--src/lib/libcrypto/x509v3/v3_purp.c12
-rw-r--r--src/lib/libcrypto/x509v3/v3_skey.c12
-rw-r--r--src/lib/libcrypto/x509v3/v3_sxnet.c23
-rw-r--r--src/lib/libcrypto/x509v3/v3_utl.c48
20 files changed, 167 insertions, 256 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c
index 028c709d28..e2e5730c7d 100644
--- a/src/lib/libcrypto/x509v3/v3_akey.c
+++ b/src/lib/libcrypto/x509v3/v3_akey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_akey.c,v 1.18 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_akey.c,v 1.19 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -145,8 +145,7 @@ v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
145 if (cnf->value && !strcmp(cnf->value, "always")) 145 if (cnf->value && !strcmp(cnf->value, "always"))
146 issuer = 2; 146 issuer = 2;
147 } else { 147 } else {
148 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, 148 X509V3error(X509V3_R_UNKNOWN_OPTION);
149 X509V3_R_UNKNOWN_OPTION);
150 ERR_asprintf_error_data("name=%s", cnf->name); 149 ERR_asprintf_error_data("name=%s", cnf->name);
151 return NULL; 150 return NULL;
152 } 151 }
@@ -155,8 +154,7 @@ v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
155 if (!ctx || !ctx->issuer_cert) { 154 if (!ctx || !ctx->issuer_cert) {
156 if (ctx && (ctx->flags == CTX_TEST)) 155 if (ctx && (ctx->flags == CTX_TEST))
157 return AUTHORITY_KEYID_new(); 156 return AUTHORITY_KEYID_new();
158 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, 157 X509V3error(X509V3_R_NO_ISSUER_CERTIFICATE);
159 X509V3_R_NO_ISSUER_CERTIFICATE);
160 return NULL; 158 return NULL;
161 } 159 }
162 160
@@ -167,8 +165,7 @@ v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
167 if ((i >= 0) && (ext = X509_get_ext(cert, i))) 165 if ((i >= 0) && (ext = X509_get_ext(cert, i)))
168 ikeyid = X509V3_EXT_d2i(ext); 166 ikeyid = X509V3_EXT_d2i(ext);
169 if (keyid == 2 && !ikeyid) { 167 if (keyid == 2 && !ikeyid) {
170 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, 168 X509V3error(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
171 X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
172 return NULL; 169 return NULL;
173 } 170 }
174 } 171 }
@@ -177,8 +174,7 @@ v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
177 isname = X509_NAME_dup(X509_get_issuer_name(cert)); 174 isname = X509_NAME_dup(X509_get_issuer_name(cert));
178 serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert)); 175 serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert));
179 if (!isname || !serial) { 176 if (!isname || !serial) {
180 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, 177 X509V3error(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
181 X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
182 goto err; 178 goto err;
183 } 179 }
184 } 180 }
@@ -190,8 +186,7 @@ v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
190 if (!(gens = sk_GENERAL_NAME_new_null()) || 186 if (!(gens = sk_GENERAL_NAME_new_null()) ||
191 !(gen = GENERAL_NAME_new()) || 187 !(gen = GENERAL_NAME_new()) ||
192 !sk_GENERAL_NAME_push(gens, gen)) { 188 !sk_GENERAL_NAME_push(gens, gen)) {
193 X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, 189 X509V3error(ERR_R_MALLOC_FAILURE);
194 ERR_R_MALLOC_FAILURE);
195 goto err; 190 goto err;
196 } 191 }
197 gen->type = GEN_DIRNAME; 192 gen->type = GEN_DIRNAME;
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c
index 23867ea449..746339bebd 100644
--- a/src/lib/libcrypto/x509v3/v3_alt.c
+++ b/src/lib/libcrypto/x509v3/v3_alt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_alt.c,v 1.26 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_alt.c,v 1.27 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -279,7 +279,7 @@ v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
279 int i; 279 int i;
280 280
281 if ((gens = sk_GENERAL_NAME_new_null()) == NULL) { 281 if ((gens = sk_GENERAL_NAME_new_null()) == NULL) {
282 X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE); 282 X509V3error(ERR_R_MALLOC_FAILURE);
283 return NULL; 283 return NULL;
284 } 284 }
285 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 285 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
@@ -318,7 +318,7 @@ copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
318 if (ctx && (ctx->flags == CTX_TEST)) 318 if (ctx && (ctx->flags == CTX_TEST))
319 return 1; 319 return 1;
320 if (!ctx || !ctx->issuer_cert) { 320 if (!ctx || !ctx->issuer_cert) {
321 X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_NO_ISSUER_DETAILS); 321 X509V3error(X509V3_R_NO_ISSUER_DETAILS);
322 goto err; 322 goto err;
323 } 323 }
324 i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1); 324 i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
@@ -326,14 +326,14 @@ copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
326 return 1; 326 return 1;
327 if (!(ext = X509_get_ext(ctx->issuer_cert, i)) || 327 if (!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
328 !(ialt = X509V3_EXT_d2i(ext))) { 328 !(ialt = X509V3_EXT_d2i(ext))) {
329 X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_ISSUER_DECODE_ERROR); 329 X509V3error(X509V3_R_ISSUER_DECODE_ERROR);
330 goto err; 330 goto err;
331 } 331 }
332 332
333 for (i = 0; i < sk_GENERAL_NAME_num(ialt); i++) { 333 for (i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
334 gen = sk_GENERAL_NAME_value(ialt, i); 334 gen = sk_GENERAL_NAME_value(ialt, i);
335 if (!sk_GENERAL_NAME_push(gens, gen)) { 335 if (!sk_GENERAL_NAME_push(gens, gen)) {
336 X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE); 336 X509V3error(ERR_R_MALLOC_FAILURE);
337 goto err; 337 goto err;
338 } 338 }
339 } 339 }
@@ -355,7 +355,7 @@ v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
355 int i; 355 int i;
356 356
357 if (!(gens = sk_GENERAL_NAME_new_null())) { 357 if (!(gens = sk_GENERAL_NAME_new_null())) {
358 X509V3err(X509V3_F_V2I_SUBJECT_ALT, ERR_R_MALLOC_FAILURE); 358 X509V3error(ERR_R_MALLOC_FAILURE);
359 return NULL; 359 return NULL;
360 } 360 }
361 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 361 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
@@ -401,7 +401,7 @@ copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
401 if (ctx != NULL && ctx->flags == CTX_TEST) 401 if (ctx != NULL && ctx->flags == CTX_TEST)
402 return 1; 402 return 1;
403 if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) { 403 if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
404 X509V3err(X509V3_F_COPY_EMAIL, X509V3_R_NO_SUBJECT_DETAILS); 404 X509V3error(X509V3_R_NO_SUBJECT_DETAILS);
405 goto err; 405 goto err;
406 } 406 }
407 /* Find the subject name */ 407 /* Find the subject name */
@@ -422,14 +422,14 @@ copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
422 i--; 422 i--;
423 } 423 }
424 if (!email || !(gen = GENERAL_NAME_new())) { 424 if (!email || !(gen = GENERAL_NAME_new())) {
425 X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE); 425 X509V3error(ERR_R_MALLOC_FAILURE);
426 goto err; 426 goto err;
427 } 427 }
428 gen->d.ia5 = email; 428 gen->d.ia5 = email;
429 email = NULL; 429 email = NULL;
430 gen->type = GEN_EMAIL; 430 gen->type = GEN_EMAIL;
431 if (!sk_GENERAL_NAME_push(gens, gen)) { 431 if (!sk_GENERAL_NAME_push(gens, gen)) {
432 X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE); 432 X509V3error(ERR_R_MALLOC_FAILURE);
433 goto err; 433 goto err;
434 } 434 }
435 gen = NULL; 435 gen = NULL;
@@ -453,7 +453,7 @@ v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
453 int i; 453 int i;
454 454
455 if (!(gens = sk_GENERAL_NAME_new_null())) { 455 if (!(gens = sk_GENERAL_NAME_new_null())) {
456 X509V3err(X509V3_F_V2I_GENERAL_NAMES, ERR_R_MALLOC_FAILURE); 456 X509V3error(ERR_R_MALLOC_FAILURE);
457 return NULL; 457 return NULL;
458 } 458 }
459 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 459 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
@@ -487,7 +487,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
487 GENERAL_NAME *gen = NULL; 487 GENERAL_NAME *gen = NULL;
488 488
489 if (!value) { 489 if (!value) {
490 X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_MISSING_VALUE); 490 X509V3error(X509V3_R_MISSING_VALUE);
491 return NULL; 491 return NULL;
492 } 492 }
493 493
@@ -496,8 +496,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
496 else { 496 else {
497 gen = GENERAL_NAME_new(); 497 gen = GENERAL_NAME_new();
498 if (gen == NULL) { 498 if (gen == NULL) {
499 X509V3err(X509V3_F_A2I_GENERAL_NAME, 499 X509V3error(ERR_R_MALLOC_FAILURE);
500 ERR_R_MALLOC_FAILURE);
501 return NULL; 500 return NULL;
502 } 501 }
503 } 502 }
@@ -513,8 +512,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
513 { 512 {
514 ASN1_OBJECT *obj; 513 ASN1_OBJECT *obj;
515 if (!(obj = OBJ_txt2obj(value, 0))) { 514 if (!(obj = OBJ_txt2obj(value, 0))) {
516 X509V3err(X509V3_F_A2I_GENERAL_NAME, 515 X509V3error(X509V3_R_BAD_OBJECT);
517 X509V3_R_BAD_OBJECT);
518 ERR_asprintf_error_data("value=%s", value); 516 ERR_asprintf_error_data("value=%s", value);
519 goto err; 517 goto err;
520 } 518 }
@@ -528,8 +526,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
528 else 526 else
529 gen->d.ip = a2i_IPADDRESS(value); 527 gen->d.ip = a2i_IPADDRESS(value);
530 if (gen->d.ip == NULL) { 528 if (gen->d.ip == NULL) {
531 X509V3err(X509V3_F_A2I_GENERAL_NAME, 529 X509V3error(X509V3_R_BAD_IP_ADDRESS);
532 X509V3_R_BAD_IP_ADDRESS);
533 ERR_asprintf_error_data("value=%s", value); 530 ERR_asprintf_error_data("value=%s", value);
534 goto err; 531 goto err;
535 } 532 }
@@ -537,22 +534,20 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
537 534
538 case GEN_DIRNAME: 535 case GEN_DIRNAME:
539 if (!do_dirname(gen, value, ctx)) { 536 if (!do_dirname(gen, value, ctx)) {
540 X509V3err(X509V3_F_A2I_GENERAL_NAME, 537 X509V3error(X509V3_R_DIRNAME_ERROR);
541 X509V3_R_DIRNAME_ERROR);
542 goto err; 538 goto err;
543 } 539 }
544 break; 540 break;
545 541
546 case GEN_OTHERNAME: 542 case GEN_OTHERNAME:
547 if (!do_othername(gen, value, ctx)) { 543 if (!do_othername(gen, value, ctx)) {
548 X509V3err(X509V3_F_A2I_GENERAL_NAME, 544 X509V3error(X509V3_R_OTHERNAME_ERROR);
549 X509V3_R_OTHERNAME_ERROR);
550 goto err; 545 goto err;
551 } 546 }
552 break; 547 break;
553 548
554 default: 549 default:
555 X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_UNSUPPORTED_TYPE); 550 X509V3error(X509V3_R_UNSUPPORTED_TYPE);
556 goto err; 551 goto err;
557 } 552 }
558 553
@@ -560,8 +555,7 @@ a2i_GENERAL_NAME(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
560 if (!(gen->d.ia5 = ASN1_IA5STRING_new()) || 555 if (!(gen->d.ia5 = ASN1_IA5STRING_new()) ||
561 !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, 556 !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value,
562 strlen(value))) { 557 strlen(value))) {
563 X509V3err(X509V3_F_A2I_GENERAL_NAME, 558 X509V3error(ERR_R_MALLOC_FAILURE);
564 ERR_R_MALLOC_FAILURE);
565 goto err; 559 goto err;
566 } 560 }
567 } 561 }
@@ -587,7 +581,7 @@ v2i_GENERAL_NAME_ex(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
587 value = cnf->value; 581 value = cnf->value;
588 582
589 if (!value) { 583 if (!value) {
590 X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_MISSING_VALUE); 584 X509V3error(X509V3_R_MISSING_VALUE);
591 return NULL; 585 return NULL;
592 } 586 }
593 587
@@ -606,8 +600,7 @@ v2i_GENERAL_NAME_ex(GENERAL_NAME *out, const X509V3_EXT_METHOD *method,
606 else if (!name_cmp(name, "otherName")) 600 else if (!name_cmp(name, "otherName"))
607 type = GEN_OTHERNAME; 601 type = GEN_OTHERNAME;
608 else { 602 else {
609 X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, 603 X509V3error(X509V3_R_UNSUPPORTED_OPTION);
610 X509V3_R_UNSUPPORTED_OPTION);
611 ERR_asprintf_error_data("name=%s", name); 604 ERR_asprintf_error_data("name=%s", name);
612 return NULL; 605 return NULL;
613 } 606 }
@@ -655,7 +648,7 @@ do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
655 return 0; 648 return 0;
656 sk = X509V3_get_section(ctx, value); 649 sk = X509V3_get_section(ctx, value);
657 if (!sk) { 650 if (!sk) {
658 X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND); 651 X509V3error(X509V3_R_SECTION_NOT_FOUND);
659 ERR_asprintf_error_data("section=%s", value); 652 ERR_asprintf_error_data("section=%s", value);
660 X509_NAME_free(nm); 653 X509_NAME_free(nm);
661 return 0; 654 return 0;
diff --git a/src/lib/libcrypto/x509v3/v3_bcons.c b/src/lib/libcrypto/x509v3/v3_bcons.c
index 96b42e2e20..6c5823c44e 100644
--- a/src/lib/libcrypto/x509v3/v3_bcons.c
+++ b/src/lib/libcrypto/x509v3/v3_bcons.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_bcons.c,v 1.14 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_bcons.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -159,7 +159,7 @@ v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
159 int i; 159 int i;
160 160
161 if (!(bcons = BASIC_CONSTRAINTS_new())) { 161 if (!(bcons = BASIC_CONSTRAINTS_new())) {
162 X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE); 162 X509V3error(ERR_R_MALLOC_FAILURE);
163 return NULL; 163 return NULL;
164 } 164 }
165 for (i = 0; i < sk_CONF_VALUE_num(values); i++) { 165 for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
@@ -171,8 +171,7 @@ v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
171 if (!X509V3_get_value_int(val, &bcons->pathlen)) 171 if (!X509V3_get_value_int(val, &bcons->pathlen))
172 goto err; 172 goto err;
173 } else { 173 } else {
174 X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, 174 X509V3error(X509V3_R_INVALID_NAME);
175 X509V3_R_INVALID_NAME);
176 X509V3_conf_err(val); 175 X509V3_conf_err(val);
177 goto err; 176 goto err;
178 } 177 }
diff --git a/src/lib/libcrypto/x509v3/v3_bitst.c b/src/lib/libcrypto/x509v3/v3_bitst.c
index e846fc2ffe..039faf2fd6 100644
--- a/src/lib/libcrypto/x509v3/v3_bitst.c
+++ b/src/lib/libcrypto/x509v3/v3_bitst.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_bitst.c,v 1.13 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_bitst.c,v 1.14 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -145,7 +145,7 @@ v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
145 BIT_STRING_BITNAME *bnam; 145 BIT_STRING_BITNAME *bnam;
146 146
147 if (!(bs = ASN1_BIT_STRING_new())) { 147 if (!(bs = ASN1_BIT_STRING_new())) {
148 X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE); 148 X509V3error(ERR_R_MALLOC_FAILURE);
149 return NULL; 149 return NULL;
150 } 150 }
151 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 151 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
@@ -155,8 +155,7 @@ v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
155 !strcmp(bnam->lname, val->name) ) { 155 !strcmp(bnam->lname, val->name) ) {
156 if (!ASN1_BIT_STRING_set_bit(bs, 156 if (!ASN1_BIT_STRING_set_bit(bs,
157 bnam->bitnum, 1)) { 157 bnam->bitnum, 1)) {
158 X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, 158 X509V3error(ERR_R_MALLOC_FAILURE);
159 ERR_R_MALLOC_FAILURE);
160 ASN1_BIT_STRING_free(bs); 159 ASN1_BIT_STRING_free(bs);
161 return NULL; 160 return NULL;
162 } 161 }
@@ -164,8 +163,7 @@ v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
164 } 163 }
165 } 164 }
166 if (!bnam->lname) { 165 if (!bnam->lname) {
167 X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, 166 X509V3error(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
168 X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
169 X509V3_conf_err(val); 167 X509V3_conf_err(val);
170 ASN1_BIT_STRING_free(bs); 168 ASN1_BIT_STRING_free(bs);
171 return NULL; 169 return NULL;
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c
index 6847985913..27e1bc9f57 100644
--- a/src/lib/libcrypto/x509v3/v3_conf.c
+++ b/src/lib/libcrypto/x509v3/v3_conf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_conf.c,v 1.20 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_conf.c,v 1.21 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -93,8 +93,7 @@ X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name, char *value)
93 return v3_generic_extension(name, value, crit, ext_type, ctx); 93 return v3_generic_extension(name, value, crit, ext_type, ctx);
94 ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value); 94 ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
95 if (!ret) { 95 if (!ret) {
96 X509V3err(X509V3_F_X509V3_EXT_NCONF, 96 X509V3error(X509V3_R_ERROR_IN_EXTENSION);
97 X509V3_R_ERROR_IN_EXTENSION);
98 ERR_asprintf_error_data("name=%s, value=%s", name, value); 97 ERR_asprintf_error_data("name=%s, value=%s", name, value);
99 } 98 }
100 return ret; 99 return ret;
@@ -125,12 +124,11 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
125 void *ext_struc; 124 void *ext_struc;
126 125
127 if (ext_nid == NID_undef) { 126 if (ext_nid == NID_undef) {
128 X509V3err(X509V3_F_DO_EXT_NCONF, 127 X509V3error(X509V3_R_UNKNOWN_EXTENSION_NAME);
129 X509V3_R_UNKNOWN_EXTENSION_NAME);
130 return NULL; 128 return NULL;
131 } 129 }
132 if (!(method = X509V3_EXT_get_nid(ext_nid))) { 130 if (!(method = X509V3_EXT_get_nid(ext_nid))) {
133 X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION); 131 X509V3error(X509V3_R_UNKNOWN_EXTENSION);
134 return NULL; 132 return NULL;
135 } 133 }
136 /* Now get internal extension representation based on type */ 134 /* Now get internal extension representation based on type */
@@ -142,8 +140,7 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
142 else 140 else
143 nval = X509V3_parse_list(value); 141 nval = X509V3_parse_list(value);
144 if (sk_CONF_VALUE_num(nval) <= 0) { 142 if (sk_CONF_VALUE_num(nval) <= 0) {
145 X509V3err(X509V3_F_DO_EXT_NCONF, 143 X509V3error(X509V3_R_INVALID_EXTENSION_STRING);
146 X509V3_R_INVALID_EXTENSION_STRING);
147 ERR_asprintf_error_data("name=%s,section=%s", 144 ERR_asprintf_error_data("name=%s,section=%s",
148 OBJ_nid2sn(ext_nid), value); 145 OBJ_nid2sn(ext_nid), value);
149 if (*value != '@') 146 if (*value != '@')
@@ -157,14 +154,12 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
157 ext_struc = method->s2i(method, ctx, value); 154 ext_struc = method->s2i(method, ctx, value);
158 } else if (method->r2i) { 155 } else if (method->r2i) {
159 if (!ctx->db || !ctx->db_meth) { 156 if (!ctx->db || !ctx->db_meth) {
160 X509V3err(X509V3_F_DO_EXT_NCONF, 157 X509V3error(X509V3_R_NO_CONFIG_DATABASE);
161 X509V3_R_NO_CONFIG_DATABASE);
162 return NULL; 158 return NULL;
163 } 159 }
164 ext_struc = method->r2i(method, ctx, value); 160 ext_struc = method->r2i(method, ctx, value);
165 } else { 161 } else {
166 X509V3err(X509V3_F_DO_EXT_NCONF, 162 X509V3error(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
167 X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
168 ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid)); 163 ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid));
169 return NULL; 164 return NULL;
170 } 165 }
@@ -217,7 +212,7 @@ do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, int crit,
217 212
218merr: 213merr:
219 ASN1_OCTET_STRING_free(ext_oct); 214 ASN1_OCTET_STRING_free(ext_oct);
220 X509V3err(X509V3_F_DO_EXT_I2D, ERR_R_MALLOC_FAILURE); 215 X509V3error(ERR_R_MALLOC_FAILURE);
221 return NULL; 216 return NULL;
222 217
223} 218}
@@ -230,7 +225,7 @@ X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
230 const X509V3_EXT_METHOD *method; 225 const X509V3_EXT_METHOD *method;
231 226
232 if (!(method = X509V3_EXT_get_nid(ext_nid))) { 227 if (!(method = X509V3_EXT_get_nid(ext_nid))) {
233 X509V3err(X509V3_F_X509V3_EXT_I2D, X509V3_R_UNKNOWN_EXTENSION); 228 X509V3error(X509V3_R_UNKNOWN_EXTENSION);
234 return NULL; 229 return NULL;
235 } 230 }
236 return do_ext_i2d(method, ext_nid, crit, ext_struc); 231 return do_ext_i2d(method, ext_nid, crit, ext_struc);
@@ -284,8 +279,7 @@ v3_generic_extension(const char *ext, char *value, int crit, int gen_type,
284 X509_EXTENSION *extension = NULL; 279 X509_EXTENSION *extension = NULL;
285 280
286 if (!(obj = OBJ_txt2obj(ext, 0))) { 281 if (!(obj = OBJ_txt2obj(ext, 0))) {
287 X509V3err(X509V3_F_V3_GENERIC_EXTENSION, 282 X509V3error(X509V3_R_EXTENSION_NAME_ERROR);
288 X509V3_R_EXTENSION_NAME_ERROR);
289 ERR_asprintf_error_data("name=%s", ext); 283 ERR_asprintf_error_data("name=%s", ext);
290 goto err; 284 goto err;
291 } 285 }
@@ -300,14 +294,13 @@ v3_generic_extension(const char *ext, char *value, int crit, int gen_type,
300 } 294 }
301 295
302 if (ext_der == NULL) { 296 if (ext_der == NULL) {
303 X509V3err(X509V3_F_V3_GENERIC_EXTENSION, 297 X509V3error(X509V3_R_EXTENSION_VALUE_ERROR);
304 X509V3_R_EXTENSION_VALUE_ERROR);
305 ERR_asprintf_error_data("value=%s", value); 298 ERR_asprintf_error_data("value=%s", value);
306 goto err; 299 goto err;
307 } 300 }
308 301
309 if (!(oct = ASN1_OCTET_STRING_new())) { 302 if (!(oct = ASN1_OCTET_STRING_new())) {
310 X509V3err(X509V3_F_V3_GENERIC_EXTENSION, ERR_R_MALLOC_FAILURE); 303 X509V3error(ERR_R_MALLOC_FAILURE);
311 goto err; 304 goto err;
312 } 305 }
313 306
@@ -414,8 +407,7 @@ char *
414X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) 407X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
415{ 408{
416 if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) { 409 if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) {
417 X509V3err(X509V3_F_X509V3_GET_STRING, 410 X509V3error(X509V3_R_OPERATION_NOT_DEFINED);
418 X509V3_R_OPERATION_NOT_DEFINED);
419 return NULL; 411 return NULL;
420 } 412 }
421 if (ctx->db_meth->get_string) 413 if (ctx->db_meth->get_string)
@@ -427,8 +419,7 @@ STACK_OF(CONF_VALUE) *
427X509V3_get_section(X509V3_CTX *ctx, char *section) 419X509V3_get_section(X509V3_CTX *ctx, char *section)
428{ 420{
429 if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) { 421 if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) {
430 X509V3err(X509V3_F_X509V3_GET_SECTION, 422 X509V3error(X509V3_R_OPERATION_NOT_DEFINED);
431 X509V3_R_OPERATION_NOT_DEFINED);
432 return NULL; 423 return NULL;
433 } 424 }
434 if (ctx->db_meth->get_section) 425 if (ctx->db_meth->get_section)
diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c
index 216e91c040..34d3381d76 100644
--- a/src/lib/libcrypto/x509v3/v3_cpols.c
+++ b/src/lib/libcrypto/x509v3/v3_cpols.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_cpols.c,v 1.24 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_cpols.c,v 1.25 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -412,20 +412,19 @@ STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
412 412
413 pols = sk_POLICYINFO_new_null(); 413 pols = sk_POLICYINFO_new_null();
414 if (pols == NULL) { 414 if (pols == NULL) {
415 X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); 415 X509V3error(ERR_R_MALLOC_FAILURE);
416 return NULL; 416 return NULL;
417 } 417 }
418 vals = X509V3_parse_list(value); 418 vals = X509V3_parse_list(value);
419 if (vals == NULL) { 419 if (vals == NULL) {
420 X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB); 420 X509V3error(ERR_R_X509V3_LIB);
421 goto err; 421 goto err;
422 } 422 }
423 ia5org = 0; 423 ia5org = 0;
424 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) { 424 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
425 cnf = sk_CONF_VALUE_value(vals, i); 425 cnf = sk_CONF_VALUE_value(vals, i);
426 if (cnf->value || !cnf->name) { 426 if (cnf->value || !cnf->name) {
427 X509V3err(X509V3_F_R2I_CERTPOL, 427 X509V3error(X509V3_R_INVALID_POLICY_IDENTIFIER);
428 X509V3_R_INVALID_POLICY_IDENTIFIER);
429 X509V3_conf_err(cnf); 428 X509V3_conf_err(cnf);
430 goto err; 429 goto err;
431 } 430 }
@@ -437,8 +436,7 @@ STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
437 STACK_OF(CONF_VALUE) *polsect; 436 STACK_OF(CONF_VALUE) *polsect;
438 polsect = X509V3_get_section(ctx, pstr + 1); 437 polsect = X509V3_get_section(ctx, pstr + 1);
439 if (!polsect) { 438 if (!polsect) {
440 X509V3err(X509V3_F_R2I_CERTPOL, 439 X509V3error(X509V3_R_INVALID_SECTION);
441 X509V3_R_INVALID_SECTION);
442 X509V3_conf_err(cnf); 440 X509V3_conf_err(cnf);
443 goto err; 441 goto err;
444 } 442 }
@@ -448,8 +446,7 @@ STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
448 goto err; 446 goto err;
449 } else { 447 } else {
450 if (!(pobj = OBJ_txt2obj(cnf->name, 0))) { 448 if (!(pobj = OBJ_txt2obj(cnf->name, 0))) {
451 X509V3err(X509V3_F_R2I_CERTPOL, 449 X509V3error(X509V3_R_INVALID_OBJECT_IDENTIFIER);
452 X509V3_R_INVALID_OBJECT_IDENTIFIER);
453 X509V3_conf_err(cnf); 450 X509V3_conf_err(cnf);
454 goto err; 451 goto err;
455 } 452 }
@@ -458,7 +455,7 @@ STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
458 } 455 }
459 if (!sk_POLICYINFO_push(pols, pol)){ 456 if (!sk_POLICYINFO_push(pols, pol)){
460 POLICYINFO_free(pol); 457 POLICYINFO_free(pol);
461 X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); 458 X509V3error(ERR_R_MALLOC_FAILURE);
462 goto err; 459 goto err;
463 } 460 }
464 } 461 }
@@ -487,8 +484,7 @@ policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org)
487 ASN1_OBJECT *pobj; 484 ASN1_OBJECT *pobj;
488 485
489 if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) { 486 if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) {
490 X509V3err(X509V3_F_POLICY_SECTION, 487 X509V3error(X509V3_R_INVALID_OBJECT_IDENTIFIER);
491 X509V3_R_INVALID_OBJECT_IDENTIFIER);
492 X509V3_conf_err(cnf); 488 X509V3_conf_err(cnf);
493 goto err; 489 goto err;
494 } 490 }
@@ -517,15 +513,13 @@ policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org)
517 POLICYQUALINFO *qual; 513 POLICYQUALINFO *qual;
518 514
519 if (*cnf->value != '@') { 515 if (*cnf->value != '@') {
520 X509V3err(X509V3_F_POLICY_SECTION, 516 X509V3error(X509V3_R_EXPECTED_A_SECTION_NAME);
521 X509V3_R_EXPECTED_A_SECTION_NAME);
522 X509V3_conf_err(cnf); 517 X509V3_conf_err(cnf);
523 goto err; 518 goto err;
524 } 519 }
525 unot = X509V3_get_section(ctx, cnf->value + 1); 520 unot = X509V3_get_section(ctx, cnf->value + 1);
526 if (unot == NULL) { 521 if (unot == NULL) {
527 X509V3err(X509V3_F_POLICY_SECTION, 522 X509V3error(X509V3_R_INVALID_SECTION);
528 X509V3_R_INVALID_SECTION);
529 X509V3_conf_err(cnf); 523 X509V3_conf_err(cnf);
530 goto err; 524 goto err;
531 } 525 }
@@ -542,22 +536,20 @@ policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org)
542 if (sk_POLICYQUALINFO_push(pol->qualifiers, qual) == 0) 536 if (sk_POLICYQUALINFO_push(pol->qualifiers, qual) == 0)
543 goto merr; 537 goto merr;
544 } else { 538 } else {
545 X509V3err(X509V3_F_POLICY_SECTION, 539 X509V3error(X509V3_R_INVALID_OPTION);
546 X509V3_R_INVALID_OPTION);
547 X509V3_conf_err(cnf); 540 X509V3_conf_err(cnf);
548 goto err; 541 goto err;
549 } 542 }
550 } 543 }
551 if (pol->policyid == NULL) { 544 if (pol->policyid == NULL) {
552 X509V3err(X509V3_F_POLICY_SECTION, 545 X509V3error(X509V3_R_NO_POLICY_IDENTIFIER);
553 X509V3_R_NO_POLICY_IDENTIFIER);
554 goto err; 546 goto err;
555 } 547 }
556 548
557 return pol; 549 return pol;
558 550
559merr: 551merr:
560 X509V3err(X509V3_F_POLICY_SECTION, ERR_R_MALLOC_FAILURE); 552 X509V3error(ERR_R_MALLOC_FAILURE);
561 553
562err: 554err:
563 POLICYQUALINFO_free(nqual); 555 POLICYQUALINFO_free(nqual);
@@ -616,8 +608,7 @@ notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org)
616 nref = not->noticeref; 608 nref = not->noticeref;
617 nos = X509V3_parse_list(cnf->value); 609 nos = X509V3_parse_list(cnf->value);
618 if (!nos || !sk_CONF_VALUE_num(nos)) { 610 if (!nos || !sk_CONF_VALUE_num(nos)) {
619 X509V3err(X509V3_F_NOTICE_SECTION, 611 X509V3error(X509V3_R_INVALID_NUMBERS);
620 X509V3_R_INVALID_NUMBERS);
621 X509V3_conf_err(cnf); 612 X509V3_conf_err(cnf);
622 if (nos != NULL) 613 if (nos != NULL)
623 sk_CONF_VALUE_pop_free(nos, 614 sk_CONF_VALUE_pop_free(nos,
@@ -629,8 +620,7 @@ notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org)
629 if (!ret) 620 if (!ret)
630 goto err; 621 goto err;
631 } else { 622 } else {
632 X509V3err(X509V3_F_NOTICE_SECTION, 623 X509V3error(X509V3_R_INVALID_OPTION);
633 X509V3_R_INVALID_OPTION);
634 X509V3_conf_err(cnf); 624 X509V3_conf_err(cnf);
635 goto err; 625 goto err;
636 } 626 }
@@ -638,15 +628,14 @@ notice_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *unot, int ia5org)
638 628
639 if (not->noticeref && 629 if (not->noticeref &&
640 (!not->noticeref->noticenos || !not->noticeref->organization)) { 630 (!not->noticeref->noticenos || !not->noticeref->organization)) {
641 X509V3err(X509V3_F_NOTICE_SECTION, 631 X509V3error(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS);
642 X509V3_R_NEED_ORGANIZATION_AND_NUMBERS);
643 goto err; 632 goto err;
644 } 633 }
645 634
646 return qual; 635 return qual;
647 636
648merr: 637merr:
649 X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_MALLOC_FAILURE); 638 X509V3error(ERR_R_MALLOC_FAILURE);
650 639
651err: 640err:
652 POLICYQUALINFO_free(qual); 641 POLICYQUALINFO_free(qual);
@@ -663,7 +652,7 @@ nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
663 for (i = 0; i < sk_CONF_VALUE_num(nos); i++) { 652 for (i = 0; i < sk_CONF_VALUE_num(nos); i++) {
664 cnf = sk_CONF_VALUE_value(nos, i); 653 cnf = sk_CONF_VALUE_value(nos, i);
665 if (!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { 654 if (!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
666 X509V3err(X509V3_F_NREF_NOS, X509V3_R_INVALID_NUMBER); 655 X509V3error(X509V3_R_INVALID_NUMBER);
667 goto err; 656 goto err;
668 } 657 }
669 if (!sk_ASN1_INTEGER_push(nnums, aint)) 658 if (!sk_ASN1_INTEGER_push(nnums, aint))
@@ -672,7 +661,7 @@ nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
672 return 1; 661 return 1;
673 662
674merr: 663merr:
675 X509V3err(X509V3_F_NREF_NOS, ERR_R_MALLOC_FAILURE); 664 X509V3error(ERR_R_MALLOC_FAILURE);
676 665
677err: 666err:
678 sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); 667 sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
diff --git a/src/lib/libcrypto/x509v3/v3_crld.c b/src/lib/libcrypto/x509v3/v3_crld.c
index b13bbc3501..f9f69fee14 100644
--- a/src/lib/libcrypto/x509v3/v3_crld.c
+++ b/src/lib/libcrypto/x509v3/v3_crld.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_crld.c,v 1.20 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_crld.c,v 1.21 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -115,8 +115,7 @@ STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx, char *sect)
115 else 115 else
116 gnsect = X509V3_parse_list(sect); 116 gnsect = X509V3_parse_list(sect);
117 if (!gnsect) { 117 if (!gnsect) {
118 X509V3err(X509V3_F_GNAMES_FROM_SECTNAME, 118 X509V3error(X509V3_R_SECTION_NOT_FOUND);
119 X509V3_R_SECTION_NOT_FOUND);
120 return NULL; 119 return NULL;
121 } 120 }
122 gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); 121 gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
@@ -146,8 +145,7 @@ set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, CONF_VALUE *cnf)
146 return -1; 145 return -1;
147 dnsect = X509V3_get_section(ctx, cnf->value); 146 dnsect = X509V3_get_section(ctx, cnf->value);
148 if (!dnsect) { 147 if (!dnsect) {
149 X509V3err(X509V3_F_SET_DIST_POINT_NAME, 148 X509V3error(X509V3_R_SECTION_NOT_FOUND);
150 X509V3_R_SECTION_NOT_FOUND);
151 X509_NAME_free(nm); 149 X509_NAME_free(nm);
152 return -1; 150 return -1;
153 } 151 }
@@ -163,16 +161,14 @@ set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, CONF_VALUE *cnf)
163 */ 161 */
164 if (sk_X509_NAME_ENTRY_value(rnm, 162 if (sk_X509_NAME_ENTRY_value(rnm,
165 sk_X509_NAME_ENTRY_num(rnm) - 1)->set) { 163 sk_X509_NAME_ENTRY_num(rnm) - 1)->set) {
166 X509V3err(X509V3_F_SET_DIST_POINT_NAME, 164 X509V3error(X509V3_R_INVALID_MULTIPLE_RDNS);
167 X509V3_R_INVALID_MULTIPLE_RDNS);
168 goto err; 165 goto err;
169 } 166 }
170 } else 167 } else
171 return 0; 168 return 0;
172 169
173 if (*pdp) { 170 if (*pdp) {
174 X509V3err(X509V3_F_SET_DIST_POINT_NAME, 171 X509V3error(X509V3_R_DISTPOINT_ALREADY_SET);
175 X509V3_R_DISTPOINT_ALREADY_SET);
176 goto err; 172 goto err;
177 } 173 }
178 174
@@ -361,7 +357,7 @@ v2i_crld(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
361 return crld; 357 return crld;
362 358
363merr: 359merr:
364 X509V3err(X509V3_F_V2I_CRLD, ERR_R_MALLOC_FAILURE); 360 X509V3error(ERR_R_MALLOC_FAILURE);
365err: 361err:
366 GENERAL_NAME_free(gen); 362 GENERAL_NAME_free(gen);
367 GENERAL_NAMES_free(gens); 363 GENERAL_NAMES_free(gens);
@@ -692,7 +688,7 @@ v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
692 if (!set_reasons(&idp->onlysomereasons, val)) 688 if (!set_reasons(&idp->onlysomereasons, val))
693 goto err; 689 goto err;
694 } else { 690 } else {
695 X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME); 691 X509V3error(X509V3_R_INVALID_NAME);
696 X509V3_conf_err(cnf); 692 X509V3_conf_err(cnf);
697 goto err; 693 goto err;
698 } 694 }
@@ -700,7 +696,7 @@ v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
700 return idp; 696 return idp;
701 697
702merr: 698merr:
703 X509V3err(X509V3_F_V2I_IDP, ERR_R_MALLOC_FAILURE); 699 X509V3error(ERR_R_MALLOC_FAILURE);
704err: 700err:
705 ISSUING_DIST_POINT_free(idp); 701 ISSUING_DIST_POINT_free(idp);
706 return NULL; 702 return NULL;
diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c
index 88682f6818..527e80b28e 100644
--- a/src/lib/libcrypto/x509v3/v3_extku.c
+++ b/src/lib/libcrypto/x509v3/v3_extku.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_extku.c,v 1.14 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_extku.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -175,8 +175,7 @@ v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
175 int i; 175 int i;
176 176
177 if (!(extku = sk_ASN1_OBJECT_new_null())) { 177 if (!(extku = sk_ASN1_OBJECT_new_null())) {
178 X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, 178 X509V3error(ERR_R_MALLOC_FAILURE);
179 ERR_R_MALLOC_FAILURE);
180 return NULL; 179 return NULL;
181 } 180 }
182 181
@@ -188,16 +187,14 @@ v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
188 extval = val->name; 187 extval = val->name;
189 if (!(objtmp = OBJ_txt2obj(extval, 0))) { 188 if (!(objtmp = OBJ_txt2obj(extval, 0))) {
190 sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); 189 sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
191 X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, 190 X509V3error(X509V3_R_INVALID_OBJECT_IDENTIFIER);
192 X509V3_R_INVALID_OBJECT_IDENTIFIER);
193 X509V3_conf_err(val); 191 X509V3_conf_err(val);
194 return NULL; 192 return NULL;
195 } 193 }
196 if (sk_ASN1_OBJECT_push(extku, objtmp) == 0) { 194 if (sk_ASN1_OBJECT_push(extku, objtmp) == 0) {
197 ASN1_OBJECT_free(objtmp); 195 ASN1_OBJECT_free(objtmp);
198 sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); 196 sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
199 X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, 197 X509V3error(ERR_R_MALLOC_FAILURE);
200 ERR_R_MALLOC_FAILURE);
201 return NULL; 198 return NULL;
202 } 199 }
203 } 200 }
diff --git a/src/lib/libcrypto/x509v3/v3_ia5.c b/src/lib/libcrypto/x509v3/v3_ia5.c
index 74b6439346..a92041e691 100644
--- a/src/lib/libcrypto/x509v3/v3_ia5.c
+++ b/src/lib/libcrypto/x509v3/v3_ia5.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_ia5.c,v 1.16 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_ia5.c,v 1.17 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -207,7 +207,7 @@ i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5)
207 if (!ia5 || !ia5->length) 207 if (!ia5 || !ia5->length)
208 return NULL; 208 return NULL;
209 if (!(tmp = malloc(ia5->length + 1))) { 209 if (!(tmp = malloc(ia5->length + 1))) {
210 X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE); 210 X509V3error(ERR_R_MALLOC_FAILURE);
211 return NULL; 211 return NULL;
212 } 212 }
213 memcpy(tmp, ia5->data, ia5->length); 213 memcpy(tmp, ia5->data, ia5->length);
@@ -220,8 +220,7 @@ s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
220{ 220{
221 ASN1_IA5STRING *ia5; 221 ASN1_IA5STRING *ia5;
222 if (!str) { 222 if (!str) {
223 X509V3err(X509V3_F_S2I_ASN1_IA5STRING, 223 X509V3error(X509V3_R_INVALID_NULL_ARGUMENT);
224 X509V3_R_INVALID_NULL_ARGUMENT);
225 return NULL; 224 return NULL;
226 } 225 }
227 if (!(ia5 = ASN1_IA5STRING_new())) 226 if (!(ia5 = ASN1_IA5STRING_new()))
@@ -234,6 +233,6 @@ s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
234 return ia5; 233 return ia5;
235 234
236err: 235err:
237 X509V3err(X509V3_F_S2I_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE); 236 X509V3error(ERR_R_MALLOC_FAILURE);
238 return NULL; 237 return NULL;
239} 238}
diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c
index 34ffb1c539..27b5415b2a 100644
--- a/src/lib/libcrypto/x509v3/v3_info.c
+++ b/src/lib/libcrypto/x509v3/v3_info.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_info.c,v 1.24 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_info.c,v 1.25 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -221,8 +221,7 @@ i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
221 nlen = strlen(objtmp) + strlen(vtmp->name) + 5; 221 nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
222 ntmp = malloc(nlen); 222 ntmp = malloc(nlen);
223 if (!ntmp) { 223 if (!ntmp) {
224 X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, 224 X509V3error(ERR_R_MALLOC_FAILURE);
225 ERR_R_MALLOC_FAILURE);
226 return NULL; 225 return NULL;
227 } 226 }
228 strlcpy(ntmp, objtmp, nlen); 227 strlcpy(ntmp, objtmp, nlen);
@@ -248,27 +247,23 @@ v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
248 char *objtmp, *ptmp; 247 char *objtmp, *ptmp;
249 248
250 if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { 249 if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
251 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, 250 X509V3error(ERR_R_MALLOC_FAILURE);
252 ERR_R_MALLOC_FAILURE);
253 return NULL; 251 return NULL;
254 } 252 }
255 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) { 253 for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
256 cnf = sk_CONF_VALUE_value(nval, i); 254 cnf = sk_CONF_VALUE_value(nval, i);
257 if ((acc = ACCESS_DESCRIPTION_new()) == NULL) { 255 if ((acc = ACCESS_DESCRIPTION_new()) == NULL) {
258 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, 256 X509V3error(ERR_R_MALLOC_FAILURE);
259 ERR_R_MALLOC_FAILURE);
260 goto err; 257 goto err;
261 } 258 }
262 if (sk_ACCESS_DESCRIPTION_push(ainfo, acc) == 0) { 259 if (sk_ACCESS_DESCRIPTION_push(ainfo, acc) == 0) {
263 ACCESS_DESCRIPTION_free(acc); 260 ACCESS_DESCRIPTION_free(acc);
264 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, 261 X509V3error(ERR_R_MALLOC_FAILURE);
265 ERR_R_MALLOC_FAILURE);
266 goto err; 262 goto err;
267 } 263 }
268 ptmp = strchr(cnf->name, ';'); 264 ptmp = strchr(cnf->name, ';');
269 if (!ptmp) { 265 if (!ptmp) {
270 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, 266 X509V3error(X509V3_R_INVALID_SYNTAX);
271 X509V3_R_INVALID_SYNTAX);
272 goto err; 267 goto err;
273 } 268 }
274 objlen = ptmp - cnf->name; 269 objlen = ptmp - cnf->name;
@@ -277,15 +272,13 @@ v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
277 if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0)) 272 if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
278 goto err; 273 goto err;
279 if (!(objtmp = malloc(objlen + 1))) { 274 if (!(objtmp = malloc(objlen + 1))) {
280 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, 275 X509V3error(ERR_R_MALLOC_FAILURE);
281 ERR_R_MALLOC_FAILURE);
282 goto err; 276 goto err;
283 } 277 }
284 strlcpy(objtmp, cnf->name, objlen + 1); 278 strlcpy(objtmp, cnf->name, objlen + 1);
285 acc->method = OBJ_txt2obj(objtmp, 0); 279 acc->method = OBJ_txt2obj(objtmp, 0);
286 if (!acc->method) { 280 if (!acc->method) {
287 X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, 281 X509V3error(X509V3_R_BAD_OBJECT);
288 X509V3_R_BAD_OBJECT);
289 ERR_asprintf_error_data("value=%s", objtmp); 282 ERR_asprintf_error_data("value=%s", objtmp);
290 free(objtmp); 283 free(objtmp);
291 goto err; 284 goto err;
diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c
index 946ef1d54e..f0cc93bda6 100644
--- a/src/lib/libcrypto/x509v3/v3_lib.c
+++ b/src/lib/libcrypto/x509v3/v3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_lib.c,v 1.16 2017/01/21 04:42:16 jsing Exp $ */ 1/* $OpenBSD: v3_lib.c,v 1.17 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -75,11 +75,11 @@ int
75X509V3_EXT_add(X509V3_EXT_METHOD *ext) 75X509V3_EXT_add(X509V3_EXT_METHOD *ext)
76{ 76{
77 if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) { 77 if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
78 X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE); 78 X509V3error(ERR_R_MALLOC_FAILURE);
79 return 0; 79 return 0;
80 } 80 }
81 if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) { 81 if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
82 X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE); 82 X509V3error(ERR_R_MALLOC_FAILURE);
83 return 0; 83 return 0;
84 } 84 }
85 return 1; 85 return 1;
@@ -157,12 +157,11 @@ X509V3_EXT_add_alias(int nid_to, int nid_from)
157 X509V3_EXT_METHOD *tmpext; 157 X509V3_EXT_METHOD *tmpext;
158 158
159 if (!(ext = X509V3_EXT_get_nid(nid_from))) { 159 if (!(ext = X509V3_EXT_get_nid(nid_from))) {
160 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, 160 X509V3error(X509V3_R_EXTENSION_NOT_FOUND);
161 X509V3_R_EXTENSION_NOT_FOUND);
162 return 0; 161 return 0;
163 } 162 }
164 if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) { 163 if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
165 X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE); 164 X509V3error(ERR_R_MALLOC_FAILURE);
166 return 0; 165 return 0;
167 } 166 }
168 *tmpext = *ext; 167 *tmpext = *ext;
@@ -331,8 +330,7 @@ X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
331 ext = X509V3_EXT_i2d(nid, crit, value); 330 ext = X509V3_EXT_i2d(nid, crit, value);
332 331
333 if (!ext) { 332 if (!ext) {
334 X509V3err(X509V3_F_X509V3_ADD1_I2D, 333 X509V3error(X509V3_R_ERROR_CREATING_EXTENSION);
335 X509V3_R_ERROR_CREATING_EXTENSION);
336 return 0; 334 return 0;
337 } 335 }
338 336
@@ -354,6 +352,6 @@ X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
354 352
355err: 353err:
356 if (!(flags & X509V3_ADD_SILENT)) 354 if (!(flags & X509V3_ADD_SILENT))
357 X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode); 355 X509V3error(errcode);
358 return 0; 356 return 0;
359} 357}
diff --git a/src/lib/libcrypto/x509v3/v3_ncons.c b/src/lib/libcrypto/x509v3/v3_ncons.c
index e96d426de6..88643981ca 100644
--- a/src/lib/libcrypto/x509v3/v3_ncons.c
+++ b/src/lib/libcrypto/x509v3/v3_ncons.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_ncons.c,v 1.10 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_ncons.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -204,8 +204,7 @@ v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
204 ptree = &ncons->excludedSubtrees; 204 ptree = &ncons->excludedSubtrees;
205 tval.name = val->name + 9; 205 tval.name = val->name + 9;
206 } else { 206 } else {
207 X509V3err(X509V3_F_V2I_NAME_CONSTRAINTS, 207 X509V3error(X509V3_R_INVALID_SYNTAX);
208 X509V3_R_INVALID_SYNTAX);
209 goto err; 208 goto err;
210 } 209 }
211 tval.value = val->value; 210 tval.value = val->value;
@@ -222,7 +221,7 @@ v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
222 return ncons; 221 return ncons;
223 222
224memerr: 223memerr:
225 X509V3err(X509V3_F_V2I_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE); 224 X509V3error(ERR_R_MALLOC_FAILURE);
226err: 225err:
227 if (ncons) 226 if (ncons)
228 NAME_CONSTRAINTS_free(ncons); 227 NAME_CONSTRAINTS_free(ncons);
diff --git a/src/lib/libcrypto/x509v3/v3_ocsp.c b/src/lib/libcrypto/x509v3/v3_ocsp.c
index 0c8094dcb8..8ebda2e770 100644
--- a/src/lib/libcrypto/x509v3/v3_ocsp.c
+++ b/src/lib/libcrypto/x509v3/v3_ocsp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_ocsp.c,v 1.14 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_ocsp.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -313,7 +313,7 @@ d2i_ocsp_nonce(void *a, const unsigned char **pp, long length)
313err: 313err:
314 if (pos == NULL || *pos != os) 314 if (pos == NULL || *pos != os)
315 ASN1_OCTET_STRING_free(os); 315 ASN1_OCTET_STRING_free(os);
316 OCSPerr(OCSP_F_D2I_OCSP_NONCE, ERR_R_MALLOC_FAILURE); 316 OCSPerror(ERR_R_MALLOC_FAILURE);
317 return NULL; 317 return NULL;
318} 318}
319 319
diff --git a/src/lib/libcrypto/x509v3/v3_pci.c b/src/lib/libcrypto/x509v3/v3_pci.c
index d0a1af96ea..dd015452d0 100644
--- a/src/lib/libcrypto/x509v3/v3_pci.c
+++ b/src/lib/libcrypto/x509v3/v3_pci.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_pci.c,v 1.11 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_pci.c,v 1.12 2017/01/29 17:49:23 beck Exp $ */
2/* Contributed to the OpenSSL Project 2004 2/* Contributed to the OpenSSL Project 2004
3 * by Richard Levitte (richard@levitte.org) 3 * by Richard Levitte (richard@levitte.org)
4 */ 4 */
@@ -90,28 +90,24 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
90 90
91 if (strcmp(val->name, "language") == 0) { 91 if (strcmp(val->name, "language") == 0) {
92 if (*language) { 92 if (*language) {
93 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 93 X509V3error(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
94 X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
95 X509V3_conf_err(val); 94 X509V3_conf_err(val);
96 return 0; 95 return 0;
97 } 96 }
98 if (!(*language = OBJ_txt2obj(val->value, 0))) { 97 if (!(*language = OBJ_txt2obj(val->value, 0))) {
99 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 98 X509V3error(X509V3_R_INVALID_OBJECT_IDENTIFIER);
100 X509V3_R_INVALID_OBJECT_IDENTIFIER);
101 X509V3_conf_err(val); 99 X509V3_conf_err(val);
102 return 0; 100 return 0;
103 } 101 }
104 } 102 }
105 else if (strcmp(val->name, "pathlen") == 0) { 103 else if (strcmp(val->name, "pathlen") == 0) {
106 if (*pathlen) { 104 if (*pathlen) {
107 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 105 X509V3error(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
108 X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
109 X509V3_conf_err(val); 106 X509V3_conf_err(val);
110 return 0; 107 return 0;
111 } 108 }
112 if (!X509V3_get_value_int(val, pathlen)) { 109 if (!X509V3_get_value_int(val, pathlen)) {
113 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 110 X509V3error(X509V3_R_POLICY_PATH_LENGTH);
114 X509V3_R_POLICY_PATH_LENGTH);
115 X509V3_conf_err(val); 111 X509V3_conf_err(val);
116 return 0; 112 return 0;
117 } 113 }
@@ -122,8 +118,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
122 if (!*policy) { 118 if (!*policy) {
123 *policy = ASN1_OCTET_STRING_new(); 119 *policy = ASN1_OCTET_STRING_new();
124 if (!*policy) { 120 if (!*policy) {
125 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 121 X509V3error(ERR_R_MALLOC_FAILURE);
126 ERR_R_MALLOC_FAILURE);
127 X509V3_conf_err(val); 122 X509V3_conf_err(val);
128 return 0; 123 return 0;
129 } 124 }
@@ -134,8 +129,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
134 string_to_hex(val->value + 4, &val_len); 129 string_to_hex(val->value + 4, &val_len);
135 130
136 if (!tmp_data2) { 131 if (!tmp_data2) {
137 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 132 X509V3error(X509V3_R_ILLEGAL_HEX_DIGIT);
138 X509V3_R_ILLEGAL_HEX_DIGIT);
139 X509V3_conf_err(val); 133 X509V3_conf_err(val);
140 goto err; 134 goto err;
141 } 135 }
@@ -153,8 +147,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
153 free((*policy)->data); 147 free((*policy)->data);
154 (*policy)->data = NULL; 148 (*policy)->data = NULL;
155 (*policy)->length = 0; 149 (*policy)->length = 0;
156 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 150 X509V3error(ERR_R_MALLOC_FAILURE);
157 ERR_R_MALLOC_FAILURE);
158 X509V3_conf_err(val); 151 X509V3_conf_err(val);
159 goto err; 152 goto err;
160 } 153 }
@@ -165,8 +158,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
165 int n; 158 int n;
166 BIO *b = BIO_new_file(val->value + 5, "r"); 159 BIO *b = BIO_new_file(val->value + 5, "r");
167 if (!b) { 160 if (!b) {
168 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 161 X509V3error(ERR_R_BIO_LIB);
169 ERR_R_BIO_LIB);
170 X509V3_conf_err(val); 162 X509V3_conf_err(val);
171 goto err; 163 goto err;
172 } 164 }
@@ -190,8 +182,7 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
190 BIO_free_all(b); 182 BIO_free_all(b);
191 183
192 if (n < 0) { 184 if (n < 0) {
193 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 185 X509V3error(ERR_R_BIO_LIB);
194 ERR_R_BIO_LIB);
195 X509V3_conf_err(val); 186 X509V3_conf_err(val);
196 goto err; 187 goto err;
197 } 188 }
@@ -210,20 +201,17 @@ process_pci_value(CONF_VALUE *val, ASN1_OBJECT **language,
210 free((*policy)->data); 201 free((*policy)->data);
211 (*policy)->data = NULL; 202 (*policy)->data = NULL;
212 (*policy)->length = 0; 203 (*policy)->length = 0;
213 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 204 X509V3error(ERR_R_MALLOC_FAILURE);
214 ERR_R_MALLOC_FAILURE);
215 X509V3_conf_err(val); 205 X509V3_conf_err(val);
216 goto err; 206 goto err;
217 } 207 }
218 } else { 208 } else {
219 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 209 X509V3error(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
220 X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
221 X509V3_conf_err(val); 210 X509V3_conf_err(val);
222 goto err; 211 goto err;
223 } 212 }
224 if (!tmp_data) { 213 if (!tmp_data) {
225 X509V3err(X509V3_F_PROCESS_PCI_VALUE, 214 X509V3error(ERR_R_MALLOC_FAILURE);
226 ERR_R_MALLOC_FAILURE);
227 X509V3_conf_err(val); 215 X509V3_conf_err(val);
228 goto err; 216 goto err;
229 } 217 }
@@ -252,8 +240,7 @@ r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
252 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) { 240 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
253 CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i); 241 CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
254 if (!cnf->name || (*cnf->name != '@' && !cnf->value)) { 242 if (!cnf->name || (*cnf->name != '@' && !cnf->value)) {
255 X509V3err(X509V3_F_R2I_PCI, 243 X509V3error(X509V3_R_INVALID_PROXY_POLICY_SETTING);
256 X509V3_R_INVALID_PROXY_POLICY_SETTING);
257 X509V3_conf_err(cnf); 244 X509V3_conf_err(cnf);
258 goto err; 245 goto err;
259 } 246 }
@@ -263,8 +250,7 @@ r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
263 250
264 sect = X509V3_get_section(ctx, cnf->name + 1); 251 sect = X509V3_get_section(ctx, cnf->name + 1);
265 if (!sect) { 252 if (!sect) {
266 X509V3err(X509V3_F_R2I_PCI, 253 X509V3error(X509V3_R_INVALID_SECTION);
267 X509V3_R_INVALID_SECTION);
268 X509V3_conf_err(cnf); 254 X509V3_conf_err(cnf);
269 goto err; 255 goto err;
270 } 256 }
@@ -288,20 +274,18 @@ r2i_pci(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
288 274
289 /* Language is mandatory */ 275 /* Language is mandatory */
290 if (!language) { 276 if (!language) {
291 X509V3err(X509V3_F_R2I_PCI, 277 X509V3error(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
292 X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
293 goto err; 278 goto err;
294 } 279 }
295 i = OBJ_obj2nid(language); 280 i = OBJ_obj2nid(language);
296 if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) { 281 if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) {
297 X509V3err(X509V3_F_R2I_PCI, 282 X509V3error(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
298 X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
299 goto err; 283 goto err;
300 } 284 }
301 285
302 pci = PROXY_CERT_INFO_EXTENSION_new(); 286 pci = PROXY_CERT_INFO_EXTENSION_new();
303 if (!pci) { 287 if (!pci) {
304 X509V3err(X509V3_F_R2I_PCI, ERR_R_MALLOC_FAILURE); 288 X509V3error(ERR_R_MALLOC_FAILURE);
305 goto err; 289 goto err;
306 } 290 }
307 291
diff --git a/src/lib/libcrypto/x509v3/v3_pcons.c b/src/lib/libcrypto/x509v3/v3_pcons.c
index 144ba88e8d..30487a4d18 100644
--- a/src/lib/libcrypto/x509v3/v3_pcons.c
+++ b/src/lib/libcrypto/x509v3/v3_pcons.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_pcons.c,v 1.10 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_pcons.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -150,8 +150,7 @@ v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
150 int i; 150 int i;
151 151
152 if (!(pcons = POLICY_CONSTRAINTS_new())) { 152 if (!(pcons = POLICY_CONSTRAINTS_new())) {
153 X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, 153 X509V3error(ERR_R_MALLOC_FAILURE);
154 ERR_R_MALLOC_FAILURE);
155 return NULL; 154 return NULL;
156 } 155 }
157 for (i = 0; i < sk_CONF_VALUE_num(values); i++) { 156 for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
@@ -163,15 +162,13 @@ v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
163 if (!X509V3_get_value_int(val, 162 if (!X509V3_get_value_int(val,
164 &pcons->inhibitPolicyMapping)) goto err; 163 &pcons->inhibitPolicyMapping)) goto err;
165 } else { 164 } else {
166 X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, 165 X509V3error(X509V3_R_INVALID_NAME);
167 X509V3_R_INVALID_NAME);
168 X509V3_conf_err(val); 166 X509V3_conf_err(val);
169 goto err; 167 goto err;
170 } 168 }
171 } 169 }
172 if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) { 170 if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) {
173 X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, 171 X509V3error(X509V3_R_ILLEGAL_EMPTY_EXTENSION);
174 X509V3_R_ILLEGAL_EMPTY_EXTENSION);
175 goto err; 172 goto err;
176 } 173 }
177 174
diff --git a/src/lib/libcrypto/x509v3/v3_pmaps.c b/src/lib/libcrypto/x509v3/v3_pmaps.c
index 8c92098006..32ef6be866 100644
--- a/src/lib/libcrypto/x509v3/v3_pmaps.c
+++ b/src/lib/libcrypto/x509v3/v3_pmaps.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_pmaps.c,v 1.10 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_pmaps.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -174,7 +174,7 @@ v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
174 int i, rc; 174 int i, rc;
175 175
176 if (!(pmaps = sk_POLICY_MAPPING_new_null())) { 176 if (!(pmaps = sk_POLICY_MAPPING_new_null())) {
177 X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE); 177 X509V3error(ERR_R_MALLOC_FAILURE);
178 return NULL; 178 return NULL;
179 } 179 }
180 180
@@ -208,7 +208,7 @@ v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
208 208
209err: 209err:
210 sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); 210 sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
211 X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, rc); 211 X509V3error(rc);
212 if (rc == X509V3_R_INVALID_OBJECT_IDENTIFIER) 212 if (rc == X509V3_R_INVALID_OBJECT_IDENTIFIER)
213 X509V3_conf_err(val); 213 X509V3_conf_err(val);
214 ASN1_OBJECT_free(obj1); 214 ASN1_OBJECT_free(obj1);
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c
index d8ab679304..bdcdf95d12 100644
--- a/src/lib/libcrypto/x509v3/v3_purp.c
+++ b/src/lib/libcrypto/x509v3/v3_purp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_purp.c,v 1.28 2017/01/21 04:42:16 jsing Exp $ */ 1/* $OpenBSD: v3_purp.c,v 1.29 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2001. 3 * project 2001.
4 */ 4 */
@@ -138,7 +138,7 @@ int
138X509_PURPOSE_set(int *p, int purpose) 138X509_PURPOSE_set(int *p, int purpose)
139{ 139{
140 if (X509_PURPOSE_get_by_id(purpose) == -1) { 140 if (X509_PURPOSE_get_by_id(purpose) == -1) {
141 X509V3err(X509V3_F_X509_PURPOSE_SET, X509V3_R_INVALID_PURPOSE); 141 X509V3error(X509V3_R_INVALID_PURPOSE);
142 return 0; 142 return 0;
143 } 143 }
144 *p = purpose; 144 *p = purpose;
@@ -206,8 +206,7 @@ X509_PURPOSE_add(int id, int trust, int flags,
206 name_dup = sname_dup = NULL; 206 name_dup = sname_dup = NULL;
207 207
208 if (name == NULL || sname == NULL) { 208 if (name == NULL || sname == NULL) {
209 X509V3err(X509V3_F_X509_PURPOSE_ADD, 209 X509V3error(X509V3_R_INVALID_NULL_ARGUMENT);
210 X509V3_R_INVALID_NULL_ARGUMENT);
211 return 0; 210 return 0;
212 } 211 }
213 212
@@ -220,8 +219,7 @@ X509_PURPOSE_add(int id, int trust, int flags,
220 /* Need a new entry */ 219 /* Need a new entry */
221 if (idx == -1) { 220 if (idx == -1) {
222 if ((ptmp = malloc(sizeof(X509_PURPOSE))) == NULL) { 221 if ((ptmp = malloc(sizeof(X509_PURPOSE))) == NULL) {
223 X509V3err(X509V3_F_X509_PURPOSE_ADD, 222 X509V3error(ERR_R_MALLOC_FAILURE);
224 ERR_R_MALLOC_FAILURE);
225 return 0; 223 return 0;
226 } 224 }
227 ptmp->flags = X509_PURPOSE_DYNAMIC; 225 ptmp->flags = X509_PURPOSE_DYNAMIC;
@@ -266,7 +264,7 @@ err:
266 free(sname_dup); 264 free(sname_dup);
267 if (idx == -1) 265 if (idx == -1)
268 free(ptmp); 266 free(ptmp);
269 X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE); 267 X509V3error(ERR_R_MALLOC_FAILURE);
270 return 0; 268 return 0;
271} 269}
272 270
diff --git a/src/lib/libcrypto/x509v3/v3_skey.c b/src/lib/libcrypto/x509v3/v3_skey.c
index fbd66bb721..9dc1741788 100644
--- a/src/lib/libcrypto/x509v3/v3_skey.c
+++ b/src/lib/libcrypto/x509v3/v3_skey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_skey.c,v 1.14 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_skey.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -95,7 +95,7 @@ s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
95 long length; 95 long length;
96 96
97 if (!(oct = ASN1_OCTET_STRING_new())) { 97 if (!(oct = ASN1_OCTET_STRING_new())) {
98 X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE); 98 X509V3error(ERR_R_MALLOC_FAILURE);
99 return NULL; 99 return NULL;
100 } 100 }
101 101
@@ -121,7 +121,7 @@ s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
121 return s2i_ASN1_OCTET_STRING(method, ctx, str); 121 return s2i_ASN1_OCTET_STRING(method, ctx, str);
122 122
123 if (!(oct = ASN1_OCTET_STRING_new())) { 123 if (!(oct = ASN1_OCTET_STRING_new())) {
124 X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE); 124 X509V3error(ERR_R_MALLOC_FAILURE);
125 return NULL; 125 return NULL;
126 } 126 }
127 127
@@ -129,7 +129,7 @@ s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
129 return oct; 129 return oct;
130 130
131 if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) { 131 if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
132 X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY); 132 X509V3error(X509V3_R_NO_PUBLIC_KEY);
133 goto err; 133 goto err;
134 } 134 }
135 135
@@ -139,7 +139,7 @@ s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
139 pk = ctx->subject_cert->cert_info->key->public_key; 139 pk = ctx->subject_cert->cert_info->key->public_key;
140 140
141 if (!pk) { 141 if (!pk) {
142 X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY); 142 X509V3error(X509V3_R_NO_PUBLIC_KEY);
143 goto err; 143 goto err;
144 } 144 }
145 145
@@ -148,7 +148,7 @@ s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str)
148 goto err; 148 goto err;
149 149
150 if (!ASN1_STRING_set(oct, pkey_dig, diglen)) { 150 if (!ASN1_STRING_set(oct, pkey_dig, diglen)) {
151 X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE); 151 X509V3error(ERR_R_MALLOC_FAILURE);
152 goto err; 152 goto err;
153 } 153 }
154 154
diff --git a/src/lib/libcrypto/x509v3/v3_sxnet.c b/src/lib/libcrypto/x509v3/v3_sxnet.c
index bb88da4b49..14c6e5c0a4 100644
--- a/src/lib/libcrypto/x509v3/v3_sxnet.c
+++ b/src/lib/libcrypto/x509v3/v3_sxnet.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_sxnet.c,v 1.18 2016/12/30 15:54:49 jsing Exp $ */ 1/* $OpenBSD: v3_sxnet.c,v 1.19 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -258,8 +258,7 @@ SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen)
258 ASN1_INTEGER *izone = NULL; 258 ASN1_INTEGER *izone = NULL;
259 259
260 if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) { 260 if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
261 X509V3err(X509V3_F_SXNET_ADD_ID_ASC, 261 X509V3error(X509V3_R_ERROR_CONVERTING_ZONE);
262 X509V3_R_ERROR_CONVERTING_ZONE);
263 return 0; 262 return 0;
264 } 263 }
265 return SXNET_add_id_INTEGER(psx, izone, user, userlen); 264 return SXNET_add_id_INTEGER(psx, izone, user, userlen);
@@ -274,7 +273,7 @@ SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen)
274 273
275 if (!(izone = ASN1_INTEGER_new()) || 274 if (!(izone = ASN1_INTEGER_new()) ||
276 !ASN1_INTEGER_set(izone, lzone)) { 275 !ASN1_INTEGER_set(izone, lzone)) {
277 X509V3err(X509V3_F_SXNET_ADD_ID_ULONG, ERR_R_MALLOC_FAILURE); 276 X509V3error(ERR_R_MALLOC_FAILURE);
278 ASN1_INTEGER_free(izone); 277 ASN1_INTEGER_free(izone);
279 return 0; 278 return 0;
280 } 279 }
@@ -293,15 +292,13 @@ SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, int userlen)
293 SXNETID *id = NULL; 292 SXNETID *id = NULL;
294 293
295 if (!psx || !zone || !user) { 294 if (!psx || !zone || !user) {
296 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, 295 X509V3error(X509V3_R_INVALID_NULL_ARGUMENT);
297 X509V3_R_INVALID_NULL_ARGUMENT);
298 return 0; 296 return 0;
299 } 297 }
300 if (userlen == -1) 298 if (userlen == -1)
301 userlen = strlen(user); 299 userlen = strlen(user);
302 if (userlen > 64) { 300 if (userlen > 64) {
303 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, 301 X509V3error(X509V3_R_USER_TOO_LONG);
304 X509V3_R_USER_TOO_LONG);
305 return 0; 302 return 0;
306 } 303 }
307 if (!*psx) { 304 if (!*psx) {
@@ -313,8 +310,7 @@ SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, int userlen)
313 } else 310 } else
314 sx = *psx; 311 sx = *psx;
315 if (SXNET_get_id_INTEGER(sx, zone)) { 312 if (SXNET_get_id_INTEGER(sx, zone)) {
316 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, 313 X509V3error(X509V3_R_DUPLICATE_ZONE_ID);
317 X509V3_R_DUPLICATE_ZONE_ID);
318 return 0; 314 return 0;
319 } 315 }
320 316
@@ -331,7 +327,7 @@ SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, int userlen)
331 return 1; 327 return 1;
332 328
333err: 329err:
334 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, ERR_R_MALLOC_FAILURE); 330 X509V3error(ERR_R_MALLOC_FAILURE);
335 SXNETID_free(id); 331 SXNETID_free(id);
336 SXNET_free(sx); 332 SXNET_free(sx);
337 *psx = NULL; 333 *psx = NULL;
@@ -345,8 +341,7 @@ SXNET_get_id_asc(SXNET *sx, char *zone)
345 ASN1_OCTET_STRING *oct; 341 ASN1_OCTET_STRING *oct;
346 342
347 if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) { 343 if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
348 X509V3err(X509V3_F_SXNET_GET_ID_ASC, 344 X509V3error(X509V3_R_ERROR_CONVERTING_ZONE);
349 X509V3_R_ERROR_CONVERTING_ZONE);
350 return NULL; 345 return NULL;
351 } 346 }
352 oct = SXNET_get_id_INTEGER(sx, izone); 347 oct = SXNET_get_id_INTEGER(sx, izone);
@@ -362,7 +357,7 @@ SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
362 357
363 if (!(izone = ASN1_INTEGER_new()) || 358 if (!(izone = ASN1_INTEGER_new()) ||
364 !ASN1_INTEGER_set(izone, lzone)) { 359 !ASN1_INTEGER_set(izone, lzone)) {
365 X509V3err(X509V3_F_SXNET_GET_ID_ULONG, ERR_R_MALLOC_FAILURE); 360 X509V3error(ERR_R_MALLOC_FAILURE);
366 ASN1_INTEGER_free(izone); 361 ASN1_INTEGER_free(izone);
367 return NULL; 362 return NULL;
368 } 363 }
diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c
index 7516cd3c20..04c789922b 100644
--- a/src/lib/libcrypto/x509v3/v3_utl.c
+++ b/src/lib/libcrypto/x509v3/v3_utl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: v3_utl.c,v 1.25 2016/09/03 11:56:33 beck Exp $ */ 1/* $OpenBSD: v3_utl.c,v 1.26 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -103,7 +103,7 @@ X509V3_add_value(const char *name, const char *value,
103 return 1; 103 return 1;
104 104
105err: 105err:
106 X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE); 106 X509V3error(ERR_R_MALLOC_FAILURE);
107 free(vtmp); 107 free(vtmp);
108 free(tname); 108 free(tname);
109 free(tvalue); 109 free(tvalue);
@@ -159,7 +159,7 @@ i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
159 return NULL; 159 return NULL;
160 if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) || 160 if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
161 !(strtmp = BN_bn2dec(bntmp))) 161 !(strtmp = BN_bn2dec(bntmp)))
162 X509V3err(X509V3_F_I2S_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); 162 X509V3error(ERR_R_MALLOC_FAILURE);
163 BN_free(bntmp); 163 BN_free(bntmp);
164 return strtmp; 164 return strtmp;
165} 165}
@@ -174,7 +174,7 @@ i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
174 return NULL; 174 return NULL;
175 if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) || 175 if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
176 !(strtmp = BN_bn2dec(bntmp))) 176 !(strtmp = BN_bn2dec(bntmp)))
177 X509V3err(X509V3_F_I2S_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); 177 X509V3error(ERR_R_MALLOC_FAILURE);
178 BN_free(bntmp); 178 BN_free(bntmp);
179 return strtmp; 179 return strtmp;
180} 180}
@@ -188,8 +188,7 @@ s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
188 int ret; 188 int ret;
189 189
190 if (!value) { 190 if (!value) {
191 X509V3err(X509V3_F_S2I_ASN1_INTEGER, 191 X509V3error(X509V3_R_INVALID_NULL_VALUE);
192 X509V3_R_INVALID_NULL_VALUE);
193 return 0; 192 return 0;
194 } 193 }
195 bn = BN_new(); 194 bn = BN_new();
@@ -212,7 +211,7 @@ s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
212 211
213 if (!ret || value[ret]) { 212 if (!ret || value[ret]) {
214 BN_free(bn); 213 BN_free(bn);
215 X509V3err(X509V3_F_S2I_ASN1_INTEGER, X509V3_R_BN_DEC2BN_ERROR); 214 X509V3error(X509V3_R_BN_DEC2BN_ERROR);
216 return 0; 215 return 0;
217 } 216 }
218 217
@@ -222,8 +221,7 @@ s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
222 aint = BN_to_ASN1_INTEGER(bn, NULL); 221 aint = BN_to_ASN1_INTEGER(bn, NULL);
223 BN_free(bn); 222 BN_free(bn);
224 if (!aint) { 223 if (!aint) {
225 X509V3err(X509V3_F_S2I_ASN1_INTEGER, 224 X509V3error(X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
226 X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
227 return 0; 225 return 0;
228 } 226 }
229 if (isneg) 227 if (isneg)
@@ -267,8 +265,7 @@ X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
267 } 265 }
268 266
269err: 267err:
270 X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL, 268 X509V3error(X509V3_R_INVALID_BOOLEAN_STRING);
271 X509V3_R_INVALID_BOOLEAN_STRING);
272 X509V3_conf_err(value); 269 X509V3_conf_err(value);
273 return 0; 270 return 0;
274} 271}
@@ -302,7 +299,7 @@ X509V3_parse_list(const char *line)
302 299
303 /* We are going to modify the line so copy it first */ 300 /* We are going to modify the line so copy it first */
304 if ((linebuf = strdup(line)) == NULL) { 301 if ((linebuf = strdup(line)) == NULL) {
305 X509V3err(X509V3_F_X509V3_PARSE_LIST, ERR_R_MALLOC_FAILURE); 302 X509V3error(ERR_R_MALLOC_FAILURE);
306 goto err; 303 goto err;
307 } 304 }
308 state = HDR_NAME; 305 state = HDR_NAME;
@@ -319,8 +316,7 @@ X509V3_parse_list(const char *line)
319 *p = 0; 316 *p = 0;
320 ntmp = strip_spaces(q); 317 ntmp = strip_spaces(q);
321 if (!ntmp) { 318 if (!ntmp) {
322 X509V3err(X509V3_F_X509V3_PARSE_LIST, 319 X509V3error(X509V3_R_INVALID_NULL_NAME);
323 X509V3_R_INVALID_NULL_NAME);
324 goto err; 320 goto err;
325 } 321 }
326 q = p + 1; 322 q = p + 1;
@@ -329,8 +325,7 @@ X509V3_parse_list(const char *line)
329 ntmp = strip_spaces(q); 325 ntmp = strip_spaces(q);
330 q = p + 1; 326 q = p + 1;
331 if (!ntmp) { 327 if (!ntmp) {
332 X509V3err(X509V3_F_X509V3_PARSE_LIST, 328 X509V3error(X509V3_R_INVALID_NULL_NAME);
333 X509V3_R_INVALID_NULL_NAME);
334 goto err; 329 goto err;
335 } 330 }
336 X509V3_add_value(ntmp, NULL, &values); 331 X509V3_add_value(ntmp, NULL, &values);
@@ -343,8 +338,7 @@ X509V3_parse_list(const char *line)
343 *p = 0; 338 *p = 0;
344 vtmp = strip_spaces(q); 339 vtmp = strip_spaces(q);
345 if (!vtmp) { 340 if (!vtmp) {
346 X509V3err(X509V3_F_X509V3_PARSE_LIST, 341 X509V3error(X509V3_R_INVALID_NULL_VALUE);
347 X509V3_R_INVALID_NULL_VALUE);
348 goto err; 342 goto err;
349 } 343 }
350 X509V3_add_value(ntmp, vtmp, &values); 344 X509V3_add_value(ntmp, vtmp, &values);
@@ -358,16 +352,14 @@ X509V3_parse_list(const char *line)
358 if (state == HDR_VALUE) { 352 if (state == HDR_VALUE) {
359 vtmp = strip_spaces(q); 353 vtmp = strip_spaces(q);
360 if (!vtmp) { 354 if (!vtmp) {
361 X509V3err(X509V3_F_X509V3_PARSE_LIST, 355 X509V3error(X509V3_R_INVALID_NULL_VALUE);
362 X509V3_R_INVALID_NULL_VALUE);
363 goto err; 356 goto err;
364 } 357 }
365 X509V3_add_value(ntmp, vtmp, &values); 358 X509V3_add_value(ntmp, vtmp, &values);
366 } else { 359 } else {
367 ntmp = strip_spaces(q); 360 ntmp = strip_spaces(q);
368 if (!ntmp) { 361 if (!ntmp) {
369 X509V3err(X509V3_F_X509V3_PARSE_LIST, 362 X509V3error(X509V3_R_INVALID_NULL_NAME);
370 X509V3_R_INVALID_NULL_NAME);
371 goto err; 363 goto err;
372 } 364 }
373 X509V3_add_value(ntmp, NULL, &values); 365 X509V3_add_value(ntmp, NULL, &values);
@@ -420,7 +412,7 @@ hex_to_string(const unsigned char *buffer, long len)
420 if (!buffer || !len) 412 if (!buffer || !len)
421 return NULL; 413 return NULL;
422 if (!(tmp = malloc(len * 3 + 1))) { 414 if (!(tmp = malloc(len * 3 + 1))) {
423 X509V3err(X509V3_F_HEX_TO_STRING, ERR_R_MALLOC_FAILURE); 415 X509V3error(ERR_R_MALLOC_FAILURE);
424 return NULL; 416 return NULL;
425 } 417 }
426 q = tmp; 418 q = tmp;
@@ -443,8 +435,7 @@ string_to_hex(const char *str, long *len)
443 unsigned char *hexbuf, *q; 435 unsigned char *hexbuf, *q;
444 unsigned char ch, cl, *p; 436 unsigned char ch, cl, *p;
445 if (!str) { 437 if (!str) {
446 X509V3err(X509V3_F_STRING_TO_HEX, 438 X509V3error(X509V3_R_INVALID_NULL_ARGUMENT);
447 X509V3_R_INVALID_NULL_ARGUMENT);
448 return NULL; 439 return NULL;
449 } 440 }
450 if (!(hexbuf = malloc(strlen(str) >> 1))) 441 if (!(hexbuf = malloc(strlen(str) >> 1)))
@@ -455,8 +446,7 @@ string_to_hex(const char *str, long *len)
455 continue; 446 continue;
456 cl = *p++; 447 cl = *p++;
457 if (!cl) { 448 if (!cl) {
458 X509V3err(X509V3_F_STRING_TO_HEX, 449 X509V3error(X509V3_R_ODD_NUMBER_OF_DIGITS);
459 X509V3_R_ODD_NUMBER_OF_DIGITS);
460 free(hexbuf); 450 free(hexbuf);
461 return NULL; 451 return NULL;
462 } 452 }
@@ -487,12 +477,12 @@ string_to_hex(const char *str, long *len)
487 477
488err: 478err:
489 free(hexbuf); 479 free(hexbuf);
490 X509V3err(X509V3_F_STRING_TO_HEX, ERR_R_MALLOC_FAILURE); 480 X509V3error(ERR_R_MALLOC_FAILURE);
491 return NULL; 481 return NULL;
492 482
493badhex: 483badhex:
494 free(hexbuf); 484 free(hexbuf);
495 X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_ILLEGAL_HEX_DIGIT); 485 X509V3error(X509V3_R_ILLEGAL_HEX_DIGIT);
496 return NULL; 486 return NULL;
497} 487}
498 488
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-09 23:03:01 +0000