diff options
| author | beck <> | 2017-01-26 10:40:21 +0000 |
|---|---|---|
| committer | beck <> | 2017-01-26 10:40:21 +0000 |
| commit | a4abf558fd44464a5a48bfeb5393b01002f66c5e (patch) | |
| tree | e105a2b33d3aefb54727a955e9c746cc8edb0e50 /src/lib/libssl/d1_srtp.c | |
| parent | b7978753e566fd60946300b252a9d9d89559733e (diff) | |
| download | openbsd-a4abf558fd44464a5a48bfeb5393b01002f66c5e.tar.gz openbsd-a4abf558fd44464a5a48bfeb5393b01002f66c5e.tar.bz2 openbsd-a4abf558fd44464a5a48bfeb5393b01002f66c5e.zip | |
Send the error function codes to rot in the depths of hell where they belong
We leave a single funciton code (0xFFF) to say "SSL_internal" so the public
API will not break, and we replace all internal use of the two argument
SSL_err() with the internal only SSL_error() that only takes a reason code.
ok jsing@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/d1_srtp.c | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c index a9f45a2d9a..b98c04b7cf 100644 --- a/src/lib/libssl/d1_srtp.c +++ b/src/lib/libssl/d1_srtp.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_srtp.c,v 1.18 2017/01/24 15:04:12 jsing Exp $ */ | 1 | /* $OpenBSD: d1_srtp.c,v 1.19 2017/01/26 10:40:21 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -187,7 +187,7 @@ ssl_ctx_make_profiles(const char *profiles_string, | |||
| 187 | SRTP_PROTECTION_PROFILE *p; | 187 | SRTP_PROTECTION_PROFILE *p; |
| 188 | 188 | ||
| 189 | if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) { | 189 | if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) { |
| 190 | SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, | 190 | SSLerror( |
| 191 | SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); | 191 | SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); |
| 192 | return 1; | 192 | return 1; |
| 193 | } | 193 | } |
| @@ -199,7 +199,7 @@ ssl_ctx_make_profiles(const char *profiles_string, | |||
| 199 | col ? col - ptr : (int)strlen(ptr))) { | 199 | col ? col - ptr : (int)strlen(ptr))) { |
| 200 | sk_SRTP_PROTECTION_PROFILE_push(profiles, p); | 200 | sk_SRTP_PROTECTION_PROFILE_push(profiles, p); |
| 201 | } else { | 201 | } else { |
| 202 | SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, | 202 | SSLerror( |
| 203 | SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); | 203 | SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE); |
| 204 | sk_SRTP_PROTECTION_PROFILE_free(profiles); | 204 | sk_SRTP_PROTECTION_PROFILE_free(profiles); |
| 205 | return 1; | 205 | return 1; |
| @@ -264,13 +264,13 @@ ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) | |||
| 264 | 264 | ||
| 265 | if (p) { | 265 | if (p) { |
| 266 | if (ct == 0) { | 266 | if (ct == 0) { |
| 267 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT, | 267 | SSLerror( |
| 268 | SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST); | 268 | SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST); |
| 269 | return 1; | 269 | return 1; |
| 270 | } | 270 | } |
| 271 | 271 | ||
| 272 | if ((2 + ct * 2 + 1) > maxlen) { | 272 | if ((2 + ct * 2 + 1) > maxlen) { |
| 273 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT, | 273 | SSLerror( |
| 274 | SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); | 274 | SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); |
| 275 | return 1; | 275 | return 1; |
| 276 | } | 276 | } |
| @@ -304,7 +304,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, | |||
| 304 | CBS cbs, ciphers, mki; | 304 | CBS cbs, ciphers, mki; |
| 305 | 305 | ||
| 306 | if (len < 0) { | 306 | if (len < 0) { |
| 307 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, | 307 | SSLerror( |
| 308 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | 308 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); |
| 309 | *al = SSL_AD_DECODE_ERROR; | 309 | *al = SSL_AD_DECODE_ERROR; |
| 310 | goto done; | 310 | goto done; |
| @@ -314,7 +314,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, | |||
| 314 | /* Pull off the cipher suite list */ | 314 | /* Pull off the cipher suite list */ |
| 315 | if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) || | 315 | if (!CBS_get_u16_length_prefixed(&cbs, &ciphers) || |
| 316 | CBS_len(&ciphers) % 2) { | 316 | CBS_len(&ciphers) % 2) { |
| 317 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, | 317 | SSLerror( |
| 318 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | 318 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); |
| 319 | *al = SSL_AD_DECODE_ERROR; | 319 | *al = SSL_AD_DECODE_ERROR; |
| 320 | goto done; | 320 | goto done; |
| @@ -324,7 +324,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, | |||
| 324 | 324 | ||
| 325 | while (CBS_len(&ciphers) > 0) { | 325 | while (CBS_len(&ciphers) > 0) { |
| 326 | if (!CBS_get_u16(&ciphers, &id)) { | 326 | if (!CBS_get_u16(&ciphers, &id)) { |
| 327 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, | 327 | SSLerror( |
| 328 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | 328 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); |
| 329 | *al = SSL_AD_DECODE_ERROR; | 329 | *al = SSL_AD_DECODE_ERROR; |
| 330 | goto done; | 330 | goto done; |
| @@ -339,7 +339,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, | |||
| 339 | /* Extract the MKI value as a sanity check, but discard it for now. */ | 339 | /* Extract the MKI value as a sanity check, but discard it for now. */ |
| 340 | if (!CBS_get_u8_length_prefixed(&cbs, &mki) || | 340 | if (!CBS_get_u8_length_prefixed(&cbs, &mki) || |
| 341 | CBS_len(&cbs) != 0) { | 341 | CBS_len(&cbs) != 0) { |
| 342 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, | 342 | SSLerror( |
| 343 | SSL_R_BAD_SRTP_MKI_VALUE); | 343 | SSL_R_BAD_SRTP_MKI_VALUE); |
| 344 | *al = SSL_AD_DECODE_ERROR; | 344 | *al = SSL_AD_DECODE_ERROR; |
| 345 | goto done; | 345 | goto done; |
| @@ -381,13 +381,13 @@ ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) | |||
| 381 | { | 381 | { |
| 382 | if (p) { | 382 | if (p) { |
| 383 | if (maxlen < 5) { | 383 | if (maxlen < 5) { |
| 384 | SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT, | 384 | SSLerror( |
| 385 | SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); | 385 | SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG); |
| 386 | return 1; | 386 | return 1; |
| 387 | } | 387 | } |
| 388 | 388 | ||
| 389 | if (s->internal->srtp_profile == 0) { | 389 | if (s->internal->srtp_profile == 0) { |
| 390 | SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT, | 390 | SSLerror( |
| 391 | SSL_R_USE_SRTP_NOT_NEGOTIATED); | 391 | SSL_R_USE_SRTP_NOT_NEGOTIATED); |
| 392 | return 1; | 392 | return 1; |
| 393 | } | 393 | } |
| @@ -411,7 +411,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int | |||
| 411 | CBS cbs, profile_ids, mki; | 411 | CBS cbs, profile_ids, mki; |
| 412 | 412 | ||
| 413 | if (len < 0) { | 413 | if (len < 0) { |
| 414 | SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, | 414 | SSLerror( |
| 415 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | 415 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); |
| 416 | *al = SSL_AD_DECODE_ERROR; | 416 | *al = SSL_AD_DECODE_ERROR; |
| 417 | return 1; | 417 | return 1; |
| @@ -425,7 +425,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int | |||
| 425 | */ | 425 | */ |
| 426 | if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) || | 426 | if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) || |
| 427 | !CBS_get_u16(&profile_ids, &id) || CBS_len(&profile_ids) != 0) { | 427 | !CBS_get_u16(&profile_ids, &id) || CBS_len(&profile_ids) != 0) { |
| 428 | SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, | 428 | SSLerror( |
| 429 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | 429 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); |
| 430 | *al = SSL_AD_DECODE_ERROR; | 430 | *al = SSL_AD_DECODE_ERROR; |
| 431 | return 1; | 431 | return 1; |
| @@ -433,7 +433,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int | |||
| 433 | 433 | ||
| 434 | /* Must be no MKI, since we never offer one. */ | 434 | /* Must be no MKI, since we never offer one. */ |
| 435 | if (!CBS_get_u8_length_prefixed(&cbs, &mki) || CBS_len(&mki) != 0) { | 435 | if (!CBS_get_u8_length_prefixed(&cbs, &mki) || CBS_len(&mki) != 0) { |
| 436 | SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, | 436 | SSLerror( |
| 437 | SSL_R_BAD_SRTP_MKI_VALUE); | 437 | SSL_R_BAD_SRTP_MKI_VALUE); |
| 438 | *al = SSL_AD_ILLEGAL_PARAMETER; | 438 | *al = SSL_AD_ILLEGAL_PARAMETER; |
| 439 | return 1; | 439 | return 1; |
| @@ -443,7 +443,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int | |||
| 443 | 443 | ||
| 444 | /* Throw an error if the server gave us an unsolicited extension. */ | 444 | /* Throw an error if the server gave us an unsolicited extension. */ |
| 445 | if (clnt == NULL) { | 445 | if (clnt == NULL) { |
| 446 | SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, | 446 | SSLerror( |
| 447 | SSL_R_NO_SRTP_PROFILES); | 447 | SSL_R_NO_SRTP_PROFILES); |
| 448 | *al = SSL_AD_DECODE_ERROR; | 448 | *al = SSL_AD_DECODE_ERROR; |
| 449 | return 1; | 449 | return 1; |
| @@ -463,7 +463,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int | |||
| 463 | } | 463 | } |
| 464 | } | 464 | } |
| 465 | 465 | ||
| 466 | SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, | 466 | SSLerror( |
| 467 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | 467 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); |
| 468 | *al = SSL_AD_DECODE_ERROR; | 468 | *al = SSL_AD_DECODE_ERROR; |
| 469 | return 1; | 469 | return 1; |