Change SSLerror() back to taking two args, with the first one being an SSL *.

Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
author: beck <> 2017-02-07 02:08:38 +0000
committer: beck <> 2017-02-07 02:08:38 +0000
commit: 91c389f89015a024212e73f5ec6e24166955ab6e (patch)
tree: a4e6a6d2d23329b576b63c8698e62a87e7388b69 /src/lib/libssl/ssl_ciph.c
parent: 8a1ec4c748b269fba0669ee71234ec9a0f128613 (diff)
download: openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.gz
openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.bz2
openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.zip
1 files changed, 6 insertions, 6 deletions
diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c
index f167244eb4..9808c7c37f 100644
--- a/src/lib/libssl/ssl_ciph.c
+++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.92 2017/01/26 12:16:13 beck Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.93 2017/02/07 02:08:38 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1072,7 +1072,7 @@ ssl_cipher_strength_sort(CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p)
        number_uses = calloc((max_strength_bits + 1), sizeof(int));
        if (!number_uses) {
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return (0);
        }
@@ -1162,7 +1162,7 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,
                                 * it is no command or separator nor
                                 * alphanumeric, so we call this an error.
                                 */
-                                SSLerror(SSL_R_INVALID_COMMAND);
+                                SSLerrorx(SSL_R_INVALID_COMMAND);
                                retval = found = 0;
                                l++;
                                break;
@@ -1308,7 +1308,7 @@ ssl_cipher_process_rulestr(const char *rule_str, CIPHER_ORDER **head_p,
                        if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
                                ok = ssl_cipher_strength_sort(head_p, tail_p);
                        else
-                                SSLerror(SSL_R_INVALID_COMMAND);
+                                SSLerrorx(SSL_R_INVALID_COMMAND);
                        if (ok == 0)
                                retval = 0;
                        /*
@@ -1377,7 +1377,7 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
        num_of_ciphers = ssl_method->num_ciphers();
        co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER));
        if (co_list == NULL) {
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return(NULL);   /* Failure */
        }
@@ -1457,7 +1457,7 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
        ca_list = reallocarray(NULL, num_of_alias_max, sizeof(SSL_CIPHER *));
        if (ca_list == NULL) {
                free(co_list);
-                SSLerror(ERR_R_MALLOC_FAILURE);
+                SSLerrorx(ERR_R_MALLOC_FAILURE);
                return(NULL);   /* Failure */
        }
        ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
author	beck <>	2017-02-07 02:08:38 +0000
committer	beck <>	2017-02-07 02:08:38 +0000
commit	91c389f89015a024212e73f5ec6e24166955ab6e (patch)
tree	a4e6a6d2d23329b576b63c8698e62a87e7388b69 /src/lib/libssl/ssl_ciph.c
parent	8a1ec4c748b269fba0669ee71234ec9a0f128613 (diff)
download	openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.gz openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.bz2 openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.zip

diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c index f167244eb4..9808c7c37f 100644 --- a/src/lib/libssl/ssl_ciph.c +++ b/src/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_ciph.c,v 1.92 2017/01/26 12:16:13 beck Exp $ */	1	/* $OpenBSD: ssl_ciph.c,v 1.93 2017/02/07 02:08:38 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1072,7 +1072,7 @@ ssl_cipher_strength_sort(CIPHER_ORDER head_p, CIPHER_ORDER tail_p)
1072		1072
1073	number_uses = calloc((max_strength_bits + 1), sizeof(int));	1073	number_uses = calloc((max_strength_bits + 1), sizeof(int));
1074	if (!number_uses) {	1074	if (!number_uses) {
1075	SSLerror(ERR_R_MALLOC_FAILURE);	1075	SSLerrorx(ERR_R_MALLOC_FAILURE);
1076	return (0);	1076	return (0);
1077	}	1077	}
1078		1078
@@ -1162,7 +1162,7 @@ ssl_cipher_process_rulestr(const char rule_str, CIPHER_ORDER *head_p,
1162	* it is no command or separator nor	1162	* it is no command or separator nor
1163	* alphanumeric, so we call this an error.	1163	* alphanumeric, so we call this an error.
1164	*/	1164	*/
1165	SSLerror(SSL_R_INVALID_COMMAND);	1165	SSLerrorx(SSL_R_INVALID_COMMAND);
1166	retval = found = 0;	1166	retval = found = 0;
1167	l++;	1167	l++;
1168	break;	1168	break;
@@ -1308,7 +1308,7 @@ ssl_cipher_process_rulestr(const char rule_str, CIPHER_ORDER *head_p,
1308	if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))	1308	if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
1309	ok = ssl_cipher_strength_sort(head_p, tail_p);	1309	ok = ssl_cipher_strength_sort(head_p, tail_p);
1310	else	1310	else
1311	SSLerror(SSL_R_INVALID_COMMAND);	1311	SSLerrorx(SSL_R_INVALID_COMMAND);
1312	if (ok == 0)	1312	if (ok == 0)
1313	retval = 0;	1313	retval = 0;
1314	/*	1314	/*
@@ -1377,7 +1377,7 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1377	num_of_ciphers = ssl_method->num_ciphers();	1377	num_of_ciphers = ssl_method->num_ciphers();
1378	co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER));	1378	co_list = reallocarray(NULL, num_of_ciphers, sizeof(CIPHER_ORDER));
1379	if (co_list == NULL) {	1379	if (co_list == NULL) {
1380	SSLerror(ERR_R_MALLOC_FAILURE);	1380	SSLerrorx(ERR_R_MALLOC_FAILURE);
1381	return(NULL); /* Failure */	1381	return(NULL); /* Failure */
1382	}	1382	}
1383		1383
@@ -1457,7 +1457,7 @@ ssl_create_cipher_list(const SSL_METHOD *ssl_method,
1457	ca_list = reallocarray(NULL, num_of_alias_max, sizeof(SSL_CIPHER *));	1457	ca_list = reallocarray(NULL, num_of_alias_max, sizeof(SSL_CIPHER *));
1458	if (ca_list == NULL) {	1458	if (ca_list == NULL) {
1459	free(co_list);	1459	free(co_list);
1460	SSLerror(ERR_R_MALLOC_FAILURE);	1460	SSLerrorx(ERR_R_MALLOC_FAILURE);
1461	return(NULL); /* Failure */	1461	return(NULL); /* Failure */
1462	}	1462	}
1463	ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,	1463	ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,