summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_clnt.c
diff options
context:
space:
mode:
authorbeck <>2017-02-07 02:08:38 +0000
committerbeck <>2017-02-07 02:08:38 +0000
commit91c389f89015a024212e73f5ec6e24166955ab6e (patch)
treea4e6a6d2d23329b576b63c8698e62a87e7388b69 /src/lib/libssl/ssl_clnt.c
parent8a1ec4c748b269fba0669ee71234ec9a0f128613 (diff)
downloadopenbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.gz
openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.bz2
openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.zip
Change SSLerror() back to taking two args, with the first one being an SSL *.
Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl_clnt.c262
1 files changed, 131 insertions, 131 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 6f2edf5d90..7f4d6582da 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.4 2017/01/26 12:16:13 beck Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.5 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -211,7 +211,7 @@ ssl3_connect(SSL *s)
211 cb(s, SSL_CB_HANDSHAKE_START, 1); 211 cb(s, SSL_CB_HANDSHAKE_START, 1);
212 212
213 if ((s->version & 0xff00 ) != 0x0300) { 213 if ((s->version & 0xff00 ) != 0x0300) {
214 SSLerror(ERR_R_INTERNAL_ERROR); 214 SSLerror(s, ERR_R_INTERNAL_ERROR);
215 ret = -1; 215 ret = -1;
216 goto end; 216 goto end;
217 } 217 }
@@ -550,7 +550,7 @@ ssl3_connect(SSL *s)
550 /* break; */ 550 /* break; */
551 551
552 default: 552 default:
553 SSLerror(SSL_R_UNKNOWN_STATE); 553 SSLerror(s, SSL_R_UNKNOWN_STATE);
554 ret = -1; 554 ret = -1;
555 goto end; 555 goto end;
556 /* break; */ 556 /* break; */
@@ -595,7 +595,7 @@ ssl3_client_hello(SSL *s)
595 SSL_SESSION *sess = s->session; 595 SSL_SESSION *sess = s->session;
596 596
597 if (ssl_supported_version_range(s, NULL, &max_version) != 1) { 597 if (ssl_supported_version_range(s, NULL, &max_version) != 1) {
598 SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE); 598 SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
599 return (-1); 599 return (-1);
600 } 600 }
601 s->client_version = s->version = max_version; 601 s->client_version = s->version = max_version;
@@ -665,7 +665,7 @@ ssl3_client_hello(SSL *s)
665 *(p++) = i; 665 *(p++) = i;
666 if (i != 0) { 666 if (i != 0) {
667 if (i > (int)sizeof(s->session->session_id)) { 667 if (i > (int)sizeof(s->session->session_id)) {
668 SSLerror(ERR_R_INTERNAL_ERROR); 668 SSLerror(s, ERR_R_INTERNAL_ERROR);
669 goto err; 669 goto err;
670 } 670 }
671 memcpy(p, s->session->session_id, i); 671 memcpy(p, s->session->session_id, i);
@@ -675,7 +675,7 @@ ssl3_client_hello(SSL *s)
675 /* DTLS Cookie. */ 675 /* DTLS Cookie. */
676 if (SSL_IS_DTLS(s)) { 676 if (SSL_IS_DTLS(s)) {
677 if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) { 677 if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) {
678 SSLerror(ERR_R_INTERNAL_ERROR); 678 SSLerror(s, ERR_R_INTERNAL_ERROR);
679 goto err; 679 goto err;
680 } 680 }
681 *(p++) = D1I(s)->cookie_len; 681 *(p++) = D1I(s)->cookie_len;
@@ -688,7 +688,7 @@ ssl3_client_hello(SSL *s)
688 bufend - &p[2], &outlen)) 688 bufend - &p[2], &outlen))
689 goto err; 689 goto err;
690 if (outlen == 0) { 690 if (outlen == 0) {
691 SSLerror(SSL_R_NO_CIPHERS_AVAILABLE); 691 SSLerror(s, SSL_R_NO_CIPHERS_AVAILABLE);
692 goto err; 692 goto err;
693 } 693 }
694 s2n(outlen, p); 694 s2n(outlen, p);
@@ -700,7 +700,7 @@ ssl3_client_hello(SSL *s)
700 700
701 /* TLS extensions*/ 701 /* TLS extensions*/
702 if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) { 702 if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
703 SSLerror(ERR_R_INTERNAL_ERROR); 703 SSLerror(s, ERR_R_INTERNAL_ERROR);
704 goto err; 704 goto err;
705 } 705 }
706 706
@@ -752,7 +752,7 @@ ssl3_get_server_hello(SSL *s)
752 } else { 752 } else {
753 /* Already sent a cookie. */ 753 /* Already sent a cookie. */
754 al = SSL_AD_UNEXPECTED_MESSAGE; 754 al = SSL_AD_UNEXPECTED_MESSAGE;
755 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 755 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
756 goto f_err; 756 goto f_err;
757 } 757 }
758 } 758 }
@@ -760,7 +760,7 @@ ssl3_get_server_hello(SSL *s)
760 760
761 if (S3I(s)->tmp.message_type != SSL3_MT_SERVER_HELLO) { 761 if (S3I(s)->tmp.message_type != SSL3_MT_SERVER_HELLO) {
762 al = SSL_AD_UNEXPECTED_MESSAGE; 762 al = SSL_AD_UNEXPECTED_MESSAGE;
763 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 763 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
764 goto f_err; 764 goto f_err;
765 } 765 }
766 766
@@ -768,12 +768,12 @@ ssl3_get_server_hello(SSL *s)
768 goto truncated; 768 goto truncated;
769 769
770 if (ssl_supported_version_range(s, &min_version, &max_version) != 1) { 770 if (ssl_supported_version_range(s, &min_version, &max_version) != 1) {
771 SSLerror(SSL_R_NO_PROTOCOLS_AVAILABLE); 771 SSLerror(s, SSL_R_NO_PROTOCOLS_AVAILABLE);
772 goto err; 772 goto err;
773 } 773 }
774 774
775 if (server_version < min_version || server_version > max_version) { 775 if (server_version < min_version || server_version > max_version) {
776 SSLerror(SSL_R_WRONG_SSL_VERSION); 776 SSLerror(s, SSL_R_WRONG_SSL_VERSION);
777 s->version = (s->version & 0xff00) | (server_version & 0xff); 777 s->version = (s->version & 0xff00) | (server_version & 0xff);
778 al = SSL_AD_PROTOCOL_VERSION; 778 al = SSL_AD_PROTOCOL_VERSION;
779 goto f_err; 779 goto f_err;
@@ -783,7 +783,7 @@ ssl3_get_server_hello(SSL *s)
783 if ((method = tls1_get_client_method(server_version)) == NULL) 783 if ((method = tls1_get_client_method(server_version)) == NULL)
784 method = dtls1_get_client_method(server_version); 784 method = dtls1_get_client_method(server_version);
785 if (method == NULL) { 785 if (method == NULL) {
786 SSLerror(ERR_R_INTERNAL_ERROR); 786 SSLerror(s, ERR_R_INTERNAL_ERROR);
787 goto err; 787 goto err;
788 } 788 }
789 s->method = method; 789 s->method = method;
@@ -802,7 +802,7 @@ ssl3_get_server_hello(SSL *s)
802 if ((CBS_len(&session_id) > sizeof(s->session->session_id)) || 802 if ((CBS_len(&session_id) > sizeof(s->session->session_id)) ||
803 (CBS_len(&session_id) > SSL3_SESSION_ID_SIZE)) { 803 (CBS_len(&session_id) > SSL3_SESSION_ID_SIZE)) {
804 al = SSL_AD_ILLEGAL_PARAMETER; 804 al = SSL_AD_ILLEGAL_PARAMETER;
805 SSLerror(SSL_R_SSL3_SESSION_ID_TOO_LONG); 805 SSLerror(s, SSL_R_SSL3_SESSION_ID_TOO_LONG);
806 goto f_err; 806 goto f_err;
807 } 807 }
808 808
@@ -834,7 +834,7 @@ ssl3_get_server_hello(SSL *s)
834 s->sid_ctx, s->sid_ctx_length) != 0) { 834 s->sid_ctx, s->sid_ctx_length) != 0) {
835 /* actually a client application bug */ 835 /* actually a client application bug */
836 al = SSL_AD_ILLEGAL_PARAMETER; 836 al = SSL_AD_ILLEGAL_PARAMETER;
837 SSLerror(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); 837 SSLerror(s, SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
838 goto f_err; 838 goto f_err;
839 } 839 }
840 s->s3->flags |= SSL3_FLAGS_CCS_OK; 840 s->s3->flags |= SSL3_FLAGS_CCS_OK;
@@ -866,7 +866,7 @@ ssl3_get_server_hello(SSL *s)
866 866
867 if ((cipher = ssl3_get_cipher_by_value(cipher_suite)) == NULL) { 867 if ((cipher = ssl3_get_cipher_by_value(cipher_suite)) == NULL) {
868 al = SSL_AD_ILLEGAL_PARAMETER; 868 al = SSL_AD_ILLEGAL_PARAMETER;
869 SSLerror(SSL_R_UNKNOWN_CIPHER_RETURNED); 869 SSLerror(s, SSL_R_UNKNOWN_CIPHER_RETURNED);
870 goto f_err; 870 goto f_err;
871 } 871 }
872 872
@@ -874,7 +874,7 @@ ssl3_get_server_hello(SSL *s)
874 if ((cipher->algorithm_ssl & SSL_TLSV1_2) && 874 if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
875 (TLS1_get_version(s) < TLS1_2_VERSION)) { 875 (TLS1_get_version(s) < TLS1_2_VERSION)) {
876 al = SSL_AD_ILLEGAL_PARAMETER; 876 al = SSL_AD_ILLEGAL_PARAMETER;
877 SSLerror(SSL_R_WRONG_CIPHER_RETURNED); 877 SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
878 goto f_err; 878 goto f_err;
879 } 879 }
880 880
@@ -883,7 +883,7 @@ ssl3_get_server_hello(SSL *s)
883 if (i < 0) { 883 if (i < 0) {
884 /* we did not say we would use this cipher */ 884 /* we did not say we would use this cipher */
885 al = SSL_AD_ILLEGAL_PARAMETER; 885 al = SSL_AD_ILLEGAL_PARAMETER;
886 SSLerror(SSL_R_WRONG_CIPHER_RETURNED); 886 SSLerror(s, SSL_R_WRONG_CIPHER_RETURNED);
887 goto f_err; 887 goto f_err;
888 } 888 }
889 889
@@ -896,7 +896,7 @@ ssl3_get_server_hello(SSL *s)
896 s->session->cipher_id = s->session->cipher->id; 896 s->session->cipher_id = s->session->cipher->id;
897 if (s->internal->hit && (s->session->cipher_id != cipher->id)) { 897 if (s->internal->hit && (s->session->cipher_id != cipher->id)) {
898 al = SSL_AD_ILLEGAL_PARAMETER; 898 al = SSL_AD_ILLEGAL_PARAMETER;
899 SSLerror(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); 899 SSLerror(s, SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
900 goto f_err; 900 goto f_err;
901 } 901 }
902 S3I(s)->tmp.new_cipher = cipher; 902 S3I(s)->tmp.new_cipher = cipher;
@@ -917,7 +917,7 @@ ssl3_get_server_hello(SSL *s)
917 917
918 if (compression_method != 0) { 918 if (compression_method != 0) {
919 al = SSL_AD_ILLEGAL_PARAMETER; 919 al = SSL_AD_ILLEGAL_PARAMETER;
920 SSLerror(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); 920 SSLerror(s, SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
921 goto f_err; 921 goto f_err;
922 } 922 }
923 923
@@ -925,11 +925,11 @@ ssl3_get_server_hello(SSL *s)
925 p = (unsigned char *)CBS_data(&cbs); 925 p = (unsigned char *)CBS_data(&cbs);
926 if (!ssl_parse_serverhello_tlsext(s, &p, CBS_len(&cbs), &al)) { 926 if (!ssl_parse_serverhello_tlsext(s, &p, CBS_len(&cbs), &al)) {
927 /* 'al' set by ssl_parse_serverhello_tlsext */ 927 /* 'al' set by ssl_parse_serverhello_tlsext */
928 SSLerror(SSL_R_PARSE_TLSEXT); 928 SSLerror(s, SSL_R_PARSE_TLSEXT);
929 goto f_err; 929 goto f_err;
930 } 930 }
931 if (ssl_check_serverhello_tlsext(s) <= 0) { 931 if (ssl_check_serverhello_tlsext(s) <= 0) {
932 SSLerror(SSL_R_SERVERHELLO_TLSEXT); 932 SSLerror(s, SSL_R_SERVERHELLO_TLSEXT);
933 goto err; 933 goto err;
934 } 934 }
935 935
@@ -942,7 +942,7 @@ ssl3_get_server_hello(SSL *s)
942truncated: 942truncated:
943 /* wrong packet length */ 943 /* wrong packet length */
944 al = SSL_AD_DECODE_ERROR; 944 al = SSL_AD_DECODE_ERROR;
945 SSLerror(SSL_R_BAD_PACKET_LENGTH); 945 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
946f_err: 946f_err:
947 ssl3_send_alert(s, SSL3_AL_FATAL, al); 947 ssl3_send_alert(s, SSL3_AL_FATAL, al);
948err: 948err:
@@ -974,13 +974,13 @@ ssl3_get_server_certificate(SSL *s)
974 974
975 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { 975 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) {
976 al = SSL_AD_UNEXPECTED_MESSAGE; 976 al = SSL_AD_UNEXPECTED_MESSAGE;
977 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 977 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
978 goto f_err; 978 goto f_err;
979 } 979 }
980 980
981 981
982 if ((sk = sk_X509_new_null()) == NULL) { 982 if ((sk = sk_X509_new_null()) == NULL) {
983 SSLerror(ERR_R_MALLOC_FAILURE); 983 SSLerror(s, ERR_R_MALLOC_FAILURE);
984 goto err; 984 goto err;
985 } 985 }
986 986
@@ -994,7 +994,7 @@ ssl3_get_server_certificate(SSL *s)
994 if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) || 994 if (!CBS_get_u24_length_prefixed(&cbs, &cert_list) ||
995 CBS_len(&cbs) != 0) { 995 CBS_len(&cbs) != 0) {
996 al = SSL_AD_DECODE_ERROR; 996 al = SSL_AD_DECODE_ERROR;
997 SSLerror(SSL_R_LENGTH_MISMATCH); 997 SSLerror(s, SSL_R_LENGTH_MISMATCH);
998 goto f_err; 998 goto f_err;
999 } 999 }
1000 1000
@@ -1005,7 +1005,7 @@ ssl3_get_server_certificate(SSL *s)
1005 goto truncated; 1005 goto truncated;
1006 if (!CBS_get_u24_length_prefixed(&cert_list, &cert)) { 1006 if (!CBS_get_u24_length_prefixed(&cert_list, &cert)) {
1007 al = SSL_AD_DECODE_ERROR; 1007 al = SSL_AD_DECODE_ERROR;
1008 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 1008 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
1009 goto f_err; 1009 goto f_err;
1010 } 1010 }
1011 1011
@@ -1013,16 +1013,16 @@ ssl3_get_server_certificate(SSL *s)
1013 x = d2i_X509(NULL, &q, CBS_len(&cert)); 1013 x = d2i_X509(NULL, &q, CBS_len(&cert));
1014 if (x == NULL) { 1014 if (x == NULL) {
1015 al = SSL_AD_BAD_CERTIFICATE; 1015 al = SSL_AD_BAD_CERTIFICATE;
1016 SSLerror(ERR_R_ASN1_LIB); 1016 SSLerror(s, ERR_R_ASN1_LIB);
1017 goto f_err; 1017 goto f_err;
1018 } 1018 }
1019 if (q != CBS_data(&cert) + CBS_len(&cert)) { 1019 if (q != CBS_data(&cert) + CBS_len(&cert)) {
1020 al = SSL_AD_DECODE_ERROR; 1020 al = SSL_AD_DECODE_ERROR;
1021 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 1021 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
1022 goto f_err; 1022 goto f_err;
1023 } 1023 }
1024 if (!sk_X509_push(sk, x)) { 1024 if (!sk_X509_push(sk, x)) {
1025 SSLerror(ERR_R_MALLOC_FAILURE); 1025 SSLerror(s, ERR_R_MALLOC_FAILURE);
1026 goto err; 1026 goto err;
1027 } 1027 }
1028 x = NULL; 1028 x = NULL;
@@ -1031,7 +1031,7 @@ ssl3_get_server_certificate(SSL *s)
1031 i = ssl_verify_cert_chain(s, sk); 1031 i = ssl_verify_cert_chain(s, sk);
1032 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) { 1032 if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
1033 al = ssl_verify_alarm_type(s->verify_result); 1033 al = ssl_verify_alarm_type(s->verify_result);
1034 SSLerror(SSL_R_CERTIFICATE_VERIFY_FAILED); 1034 SSLerror(s, SSL_R_CERTIFICATE_VERIFY_FAILED);
1035 goto f_err; 1035 goto f_err;
1036 1036
1037 } 1037 }
@@ -1057,7 +1057,7 @@ ssl3_get_server_certificate(SSL *s)
1057 if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) { 1057 if (pkey == NULL || EVP_PKEY_missing_parameters(pkey)) {
1058 x = NULL; 1058 x = NULL;
1059 al = SSL3_AL_FATAL; 1059 al = SSL3_AL_FATAL;
1060 SSLerror(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); 1060 SSLerror(s, SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
1061 goto f_err; 1061 goto f_err;
1062 } 1062 }
1063 1063
@@ -1065,7 +1065,7 @@ ssl3_get_server_certificate(SSL *s)
1065 if (i < 0) { 1065 if (i < 0) {
1066 x = NULL; 1066 x = NULL;
1067 al = SSL3_AL_FATAL; 1067 al = SSL3_AL_FATAL;
1068 SSLerror(SSL_R_UNKNOWN_CERTIFICATE_TYPE); 1068 SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
1069 goto f_err; 1069 goto f_err;
1070 } 1070 }
1071 1071
@@ -1091,7 +1091,7 @@ ssl3_get_server_certificate(SSL *s)
1091truncated: 1091truncated:
1092 /* wrong packet length */ 1092 /* wrong packet length */
1093 al = SSL_AD_DECODE_ERROR; 1093 al = SSL_AD_DECODE_ERROR;
1094 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1094 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1095f_err: 1095f_err:
1096 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1096 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1097 } 1097 }
@@ -1122,21 +1122,21 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1122 CBS_init(&cbs, *pp, *nn); 1122 CBS_init(&cbs, *pp, *nn);
1123 1123
1124 if ((dh = DH_new()) == NULL) { 1124 if ((dh = DH_new()) == NULL) {
1125 SSLerror(ERR_R_DH_LIB); 1125 SSLerror(s, ERR_R_DH_LIB);
1126 goto err; 1126 goto err;
1127 } 1127 }
1128 1128
1129 if (!CBS_get_u16_length_prefixed(&cbs, &dhp)) 1129 if (!CBS_get_u16_length_prefixed(&cbs, &dhp))
1130 goto truncated; 1130 goto truncated;
1131 if ((dh->p = BN_bin2bn(CBS_data(&dhp), CBS_len(&dhp), NULL)) == NULL) { 1131 if ((dh->p = BN_bin2bn(CBS_data(&dhp), CBS_len(&dhp), NULL)) == NULL) {
1132 SSLerror(ERR_R_BN_LIB); 1132 SSLerror(s, ERR_R_BN_LIB);
1133 goto err; 1133 goto err;
1134 } 1134 }
1135 1135
1136 if (!CBS_get_u16_length_prefixed(&cbs, &dhg)) 1136 if (!CBS_get_u16_length_prefixed(&cbs, &dhg))
1137 goto truncated; 1137 goto truncated;
1138 if ((dh->g = BN_bin2bn(CBS_data(&dhg), CBS_len(&dhg), NULL)) == NULL) { 1138 if ((dh->g = BN_bin2bn(CBS_data(&dhg), CBS_len(&dhg), NULL)) == NULL) {
1139 SSLerror(ERR_R_BN_LIB); 1139 SSLerror(s, ERR_R_BN_LIB);
1140 goto err; 1140 goto err;
1141 } 1141 }
1142 1142
@@ -1144,7 +1144,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1144 goto truncated; 1144 goto truncated;
1145 if ((dh->pub_key = BN_bin2bn(CBS_data(&dhpk), CBS_len(&dhpk), 1145 if ((dh->pub_key = BN_bin2bn(CBS_data(&dhpk), CBS_len(&dhpk),
1146 NULL)) == NULL) { 1146 NULL)) == NULL) {
1147 SSLerror(ERR_R_BN_LIB); 1147 SSLerror(s, ERR_R_BN_LIB);
1148 goto err; 1148 goto err;
1149 } 1149 }
1150 1150
@@ -1153,7 +1153,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1153 * Discard keys weaker than 1024 bits. 1153 * Discard keys weaker than 1024 bits.
1154 */ 1154 */
1155 if (DH_size(dh) < 1024 / 8) { 1155 if (DH_size(dh) < 1024 / 8) {
1156 SSLerror(SSL_R_BAD_DH_P_LENGTH); 1156 SSLerror(s, SSL_R_BAD_DH_P_LENGTH);
1157 goto err; 1157 goto err;
1158 } 1158 }
1159 1159
@@ -1174,7 +1174,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1174 1174
1175 truncated: 1175 truncated:
1176 al = SSL_AD_DECODE_ERROR; 1176 al = SSL_AD_DECODE_ERROR;
1177 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1177 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1178 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1178 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1179 1179
1180 err: 1180 err:
@@ -1199,16 +1199,16 @@ ssl3_get_server_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1199 */ 1199 */
1200 1200
1201 if ((ecdh = EC_KEY_new()) == NULL) { 1201 if ((ecdh = EC_KEY_new()) == NULL) {
1202 SSLerror(ERR_R_MALLOC_FAILURE); 1202 SSLerror(s, ERR_R_MALLOC_FAILURE);
1203 goto err; 1203 goto err;
1204 } 1204 }
1205 1205
1206 if ((ngroup = EC_GROUP_new_by_curve_name(nid)) == NULL) { 1206 if ((ngroup = EC_GROUP_new_by_curve_name(nid)) == NULL) {
1207 SSLerror(ERR_R_EC_LIB); 1207 SSLerror(s, ERR_R_EC_LIB);
1208 goto err; 1208 goto err;
1209 } 1209 }
1210 if (EC_KEY_set_group(ecdh, ngroup) == 0) { 1210 if (EC_KEY_set_group(ecdh, ngroup) == 0) {
1211 SSLerror(ERR_R_EC_LIB); 1211 SSLerror(s, ERR_R_EC_LIB);
1212 goto err; 1212 goto err;
1213 } 1213 }
1214 1214
@@ -1216,13 +1216,13 @@ ssl3_get_server_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1216 1216
1217 if ((point = EC_POINT_new(group)) == NULL || 1217 if ((point = EC_POINT_new(group)) == NULL ||
1218 (bn_ctx = BN_CTX_new()) == NULL) { 1218 (bn_ctx = BN_CTX_new()) == NULL) {
1219 SSLerror(ERR_R_MALLOC_FAILURE); 1219 SSLerror(s, ERR_R_MALLOC_FAILURE);
1220 goto err; 1220 goto err;
1221 } 1221 }
1222 1222
1223 if (EC_POINT_oct2point(group, point, CBS_data(public), 1223 if (EC_POINT_oct2point(group, point, CBS_data(public),
1224 CBS_len(public), bn_ctx) == 0) { 1224 CBS_len(public), bn_ctx) == 0) {
1225 SSLerror(SSL_R_BAD_ECPOINT); 1225 SSLerror(s, SSL_R_BAD_ECPOINT);
1226 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1226 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1227 goto err; 1227 goto err;
1228 } 1228 }
@@ -1248,18 +1248,18 @@ ssl3_get_server_kex_ecdhe_ecx(SSL *s, SESS_CERT *sc, int nid, CBS *public)
1248 size_t outlen; 1248 size_t outlen;
1249 1249
1250 if (nid != NID_X25519) { 1250 if (nid != NID_X25519) {
1251 SSLerror(ERR_R_INTERNAL_ERROR); 1251 SSLerror(s, ERR_R_INTERNAL_ERROR);
1252 goto err; 1252 goto err;
1253 } 1253 }
1254 1254
1255 if (CBS_len(public) != X25519_KEY_LENGTH) { 1255 if (CBS_len(public) != X25519_KEY_LENGTH) {
1256 SSLerror(SSL_R_BAD_ECPOINT); 1256 SSLerror(s, SSL_R_BAD_ECPOINT);
1257 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1257 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1258 goto err; 1258 goto err;
1259 } 1259 }
1260 1260
1261 if (!CBS_stow(public, &sc->peer_x25519_tmp, &outlen)) { 1261 if (!CBS_stow(public, &sc->peer_x25519_tmp, &outlen)) {
1262 SSLerror(ERR_R_MALLOC_FAILURE); 1262 SSLerror(s, ERR_R_MALLOC_FAILURE);
1263 goto err; 1263 goto err;
1264 } 1264 }
1265 1265
@@ -1293,7 +1293,7 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1293 curve_type != NAMED_CURVE_TYPE || 1293 curve_type != NAMED_CURVE_TYPE ||
1294 !CBS_get_u16(&cbs, &curve_id)) { 1294 !CBS_get_u16(&cbs, &curve_id)) {
1295 al = SSL_AD_DECODE_ERROR; 1295 al = SSL_AD_DECODE_ERROR;
1296 SSLerror(SSL_R_LENGTH_TOO_SHORT); 1296 SSLerror(s, SSL_R_LENGTH_TOO_SHORT);
1297 goto f_err; 1297 goto f_err;
1298 } 1298 }
1299 1299
@@ -1303,13 +1303,13 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1303 */ 1303 */
1304 if (tls1_check_curve(s, curve_id) != 1) { 1304 if (tls1_check_curve(s, curve_id) != 1) {
1305 al = SSL_AD_DECODE_ERROR; 1305 al = SSL_AD_DECODE_ERROR;
1306 SSLerror(SSL_R_WRONG_CURVE); 1306 SSLerror(s, SSL_R_WRONG_CURVE);
1307 goto f_err; 1307 goto f_err;
1308 } 1308 }
1309 1309
1310 if ((nid = tls1_ec_curve_id2nid(curve_id)) == 0) { 1310 if ((nid = tls1_ec_curve_id2nid(curve_id)) == 0) {
1311 al = SSL_AD_INTERNAL_ERROR; 1311 al = SSL_AD_INTERNAL_ERROR;
1312 SSLerror(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); 1312 SSLerror(s, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
1313 goto f_err; 1313 goto f_err;
1314 } 1314 }
1315 1315
@@ -1344,7 +1344,7 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
1344 1344
1345 truncated: 1345 truncated:
1346 al = SSL_AD_DECODE_ERROR; 1346 al = SSL_AD_DECODE_ERROR;
1347 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1347 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1348 1348
1349 f_err: 1349 f_err:
1350 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1350 ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1385,7 +1385,7 @@ ssl3_get_server_key_exchange(SSL *s)
1385 * ephemeral keys. 1385 * ephemeral keys.
1386 */ 1386 */
1387 if (alg_k & (SSL_kDHE|SSL_kECDHE)) { 1387 if (alg_k & (SSL_kDHE|SSL_kECDHE)) {
1388 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 1388 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
1389 al = SSL_AD_UNEXPECTED_MESSAGE; 1389 al = SSL_AD_UNEXPECTED_MESSAGE;
1390 goto f_err; 1390 goto f_err;
1391 } 1391 }
@@ -1421,7 +1421,7 @@ ssl3_get_server_key_exchange(SSL *s)
1421 goto err; 1421 goto err;
1422 } else if (alg_k != 0) { 1422 } else if (alg_k != 0) {
1423 al = SSL_AD_UNEXPECTED_MESSAGE; 1423 al = SSL_AD_UNEXPECTED_MESSAGE;
1424 SSLerror(SSL_R_UNEXPECTED_MESSAGE); 1424 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
1425 goto f_err; 1425 goto f_err;
1426 } 1426 }
1427 1427
@@ -1433,7 +1433,7 @@ ssl3_get_server_key_exchange(SSL *s)
1433 int sigalg = tls12_get_sigid(pkey); 1433 int sigalg = tls12_get_sigid(pkey);
1434 /* Should never happen */ 1434 /* Should never happen */
1435 if (sigalg == -1) { 1435 if (sigalg == -1) {
1436 SSLerror(ERR_R_INTERNAL_ERROR); 1436 SSLerror(s, ERR_R_INTERNAL_ERROR);
1437 goto err; 1437 goto err;
1438 } 1438 }
1439 /* 1439 /*
@@ -1443,13 +1443,13 @@ ssl3_get_server_key_exchange(SSL *s)
1443 if (2 > n) 1443 if (2 > n)
1444 goto truncated; 1444 goto truncated;
1445 if (sigalg != (int)p[1]) { 1445 if (sigalg != (int)p[1]) {
1446 SSLerror(SSL_R_WRONG_SIGNATURE_TYPE); 1446 SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
1447 al = SSL_AD_DECODE_ERROR; 1447 al = SSL_AD_DECODE_ERROR;
1448 goto f_err; 1448 goto f_err;
1449 } 1449 }
1450 md = tls12_get_hash(p[0]); 1450 md = tls12_get_hash(p[0]);
1451 if (md == NULL) { 1451 if (md == NULL) {
1452 SSLerror(SSL_R_UNKNOWN_DIGEST); 1452 SSLerror(s, SSL_R_UNKNOWN_DIGEST);
1453 al = SSL_AD_DECODE_ERROR; 1453 al = SSL_AD_DECODE_ERROR;
1454 goto f_err; 1454 goto f_err;
1455 } 1455 }
@@ -1467,7 +1467,7 @@ ssl3_get_server_key_exchange(SSL *s)
1467 if (i != n || n > j) { 1467 if (i != n || n > j) {
1468 /* wrong packet length */ 1468 /* wrong packet length */
1469 al = SSL_AD_DECODE_ERROR; 1469 al = SSL_AD_DECODE_ERROR;
1470 SSLerror(SSL_R_WRONG_SIGNATURE_LENGTH); 1470 SSLerror(s, SSL_R_WRONG_SIGNATURE_LENGTH);
1471 goto f_err; 1471 goto f_err;
1472 } 1472 }
1473 1473
@@ -1499,13 +1499,13 @@ ssl3_get_server_key_exchange(SSL *s)
1499 p, n, pkey->pkey.rsa); 1499 p, n, pkey->pkey.rsa);
1500 if (i < 0) { 1500 if (i < 0) {
1501 al = SSL_AD_DECRYPT_ERROR; 1501 al = SSL_AD_DECRYPT_ERROR;
1502 SSLerror(SSL_R_BAD_RSA_DECRYPT); 1502 SSLerror(s, SSL_R_BAD_RSA_DECRYPT);
1503 goto f_err; 1503 goto f_err;
1504 } 1504 }
1505 if (i == 0) { 1505 if (i == 0) {
1506 /* bad signature */ 1506 /* bad signature */
1507 al = SSL_AD_DECRYPT_ERROR; 1507 al = SSL_AD_DECRYPT_ERROR;
1508 SSLerror(SSL_R_BAD_SIGNATURE); 1508 SSLerror(s, SSL_R_BAD_SIGNATURE);
1509 goto f_err; 1509 goto f_err;
1510 } 1510 }
1511 } else { 1511 } else {
@@ -1518,20 +1518,20 @@ ssl3_get_server_key_exchange(SSL *s)
1518 if (EVP_VerifyFinal(&md_ctx, p,(int)n, pkey) <= 0) { 1518 if (EVP_VerifyFinal(&md_ctx, p,(int)n, pkey) <= 0) {
1519 /* bad signature */ 1519 /* bad signature */
1520 al = SSL_AD_DECRYPT_ERROR; 1520 al = SSL_AD_DECRYPT_ERROR;
1521 SSLerror(SSL_R_BAD_SIGNATURE); 1521 SSLerror(s, SSL_R_BAD_SIGNATURE);
1522 goto f_err; 1522 goto f_err;
1523 } 1523 }
1524 } 1524 }
1525 } else { 1525 } else {
1526 /* aNULL does not need public keys. */ 1526 /* aNULL does not need public keys. */
1527 if (!(alg_a & SSL_aNULL)) { 1527 if (!(alg_a & SSL_aNULL)) {
1528 SSLerror(ERR_R_INTERNAL_ERROR); 1528 SSLerror(s, ERR_R_INTERNAL_ERROR);
1529 goto err; 1529 goto err;
1530 } 1530 }
1531 /* still data left over */ 1531 /* still data left over */
1532 if (n != 0) { 1532 if (n != 0) {
1533 al = SSL_AD_DECODE_ERROR; 1533 al = SSL_AD_DECODE_ERROR;
1534 SSLerror(SSL_R_EXTRA_DATA_IN_MESSAGE); 1534 SSLerror(s, SSL_R_EXTRA_DATA_IN_MESSAGE);
1535 goto f_err; 1535 goto f_err;
1536 } 1536 }
1537 } 1537 }
@@ -1544,7 +1544,7 @@ ssl3_get_server_key_exchange(SSL *s)
1544 truncated: 1544 truncated:
1545 /* wrong packet length */ 1545 /* wrong packet length */
1546 al = SSL_AD_DECODE_ERROR; 1546 al = SSL_AD_DECODE_ERROR;
1547 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1547 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1548 1548
1549 f_err: 1549 f_err:
1550 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1550 ssl3_send_alert(s, SSL3_AL_FATAL, al);
@@ -1591,14 +1591,14 @@ ssl3_get_certificate_request(SSL *s)
1591 1591
1592 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) { 1592 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
1593 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); 1593 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1594 SSLerror(SSL_R_WRONG_MESSAGE_TYPE); 1594 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE);
1595 goto err; 1595 goto err;
1596 } 1596 }
1597 1597
1598 /* TLS does not like anon-DH with client cert */ 1598 /* TLS does not like anon-DH with client cert */
1599 if (S3I(s)->tmp.new_cipher->algorithm_auth & SSL_aNULL) { 1599 if (S3I(s)->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
1600 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE); 1600 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
1601 SSLerror(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); 1601 SSLerror(s, SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
1602 goto err; 1602 goto err;
1603 } 1603 }
1604 1604
@@ -1607,7 +1607,7 @@ ssl3_get_certificate_request(SSL *s)
1607 CBS_init(&cert_request, s->internal->init_msg, n); 1607 CBS_init(&cert_request, s->internal->init_msg, n);
1608 1608
1609 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) { 1609 if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
1610 SSLerror(ERR_R_MALLOC_FAILURE); 1610 SSLerror(s, ERR_R_MALLOC_FAILURE);
1611 goto err; 1611 goto err;
1612 } 1612 }
1613 1613
@@ -1620,7 +1620,7 @@ ssl3_get_certificate_request(SSL *s)
1620 if (!CBS_get_bytes(&cert_request, &ctypes, ctype_num) || 1620 if (!CBS_get_bytes(&cert_request, &ctypes, ctype_num) ||
1621 !CBS_write_bytes(&ctypes, (uint8_t *)S3I(s)->tmp.ctype, 1621 !CBS_write_bytes(&ctypes, (uint8_t *)S3I(s)->tmp.ctype,
1622 sizeof(S3I(s)->tmp.ctype), NULL)) { 1622 sizeof(S3I(s)->tmp.ctype), NULL)) {
1623 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1623 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1624 goto err; 1624 goto err;
1625 } 1625 }
1626 1626
@@ -1628,7 +1628,7 @@ ssl3_get_certificate_request(SSL *s)
1628 CBS sigalgs; 1628 CBS sigalgs;
1629 1629
1630 if (CBS_len(&cert_request) < 2) { 1630 if (CBS_len(&cert_request) < 2) {
1631 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1631 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1632 goto err; 1632 goto err;
1633 } 1633 }
1634 1634
@@ -1637,28 +1637,28 @@ ssl3_get_certificate_request(SSL *s)
1637 */ 1637 */
1638 if (!CBS_get_u16_length_prefixed(&cert_request, &sigalgs)) { 1638 if (!CBS_get_u16_length_prefixed(&cert_request, &sigalgs)) {
1639 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1639 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1640 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1640 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1641 goto err; 1641 goto err;
1642 } 1642 }
1643 if ((CBS_len(&sigalgs) & 1) || 1643 if ((CBS_len(&sigalgs) & 1) ||
1644 !tls1_process_sigalgs(s, CBS_data(&sigalgs), 1644 !tls1_process_sigalgs(s, CBS_data(&sigalgs),
1645 CBS_len(&sigalgs))) { 1645 CBS_len(&sigalgs))) {
1646 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1646 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1647 SSLerror(SSL_R_SIGNATURE_ALGORITHMS_ERROR); 1647 SSLerror(s, SSL_R_SIGNATURE_ALGORITHMS_ERROR);
1648 goto err; 1648 goto err;
1649 } 1649 }
1650 } 1650 }
1651 1651
1652 /* get the CA RDNs */ 1652 /* get the CA RDNs */
1653 if (CBS_len(&cert_request) < 2) { 1653 if (CBS_len(&cert_request) < 2) {
1654 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1654 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1655 goto err; 1655 goto err;
1656 } 1656 }
1657 1657
1658 if (!CBS_get_u16_length_prefixed(&cert_request, &rdn_list) || 1658 if (!CBS_get_u16_length_prefixed(&cert_request, &rdn_list) ||
1659 CBS_len(&cert_request) != 0) { 1659 CBS_len(&cert_request) != 0) {
1660 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1660 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1661 SSLerror(SSL_R_LENGTH_MISMATCH); 1661 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1662 goto err; 1662 goto err;
1663 } 1663 }
1664 1664
@@ -1666,13 +1666,13 @@ ssl3_get_certificate_request(SSL *s)
1666 CBS rdn; 1666 CBS rdn;
1667 1667
1668 if (CBS_len(&rdn_list) < 2) { 1668 if (CBS_len(&rdn_list) < 2) {
1669 SSLerror(SSL_R_DATA_LENGTH_TOO_LONG); 1669 SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG);
1670 goto err; 1670 goto err;
1671 } 1671 }
1672 1672
1673 if (!CBS_get_u16_length_prefixed(&rdn_list, &rdn)) { 1673 if (!CBS_get_u16_length_prefixed(&rdn_list, &rdn)) {
1674 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1674 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1675 SSLerror(SSL_R_CA_DN_TOO_LONG); 1675 SSLerror(s, SSL_R_CA_DN_TOO_LONG);
1676 goto err; 1676 goto err;
1677 } 1677 }
1678 1678
@@ -1680,17 +1680,17 @@ ssl3_get_certificate_request(SSL *s)
1680 if ((xn = d2i_X509_NAME(NULL, &q, CBS_len(&rdn))) == NULL) { 1680 if ((xn = d2i_X509_NAME(NULL, &q, CBS_len(&rdn))) == NULL) {
1681 ssl3_send_alert(s, SSL3_AL_FATAL, 1681 ssl3_send_alert(s, SSL3_AL_FATAL,
1682 SSL_AD_DECODE_ERROR); 1682 SSL_AD_DECODE_ERROR);
1683 SSLerror(ERR_R_ASN1_LIB); 1683 SSLerror(s, ERR_R_ASN1_LIB);
1684 goto err; 1684 goto err;
1685 } 1685 }
1686 1686
1687 if (q != CBS_data(&rdn) + CBS_len(&rdn)) { 1687 if (q != CBS_data(&rdn) + CBS_len(&rdn)) {
1688 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1688 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1689 SSLerror(SSL_R_CA_DN_LENGTH_MISMATCH); 1689 SSLerror(s, SSL_R_CA_DN_LENGTH_MISMATCH);
1690 goto err; 1690 goto err;
1691 } 1691 }
1692 if (!sk_X509_NAME_push(ca_sk, xn)) { 1692 if (!sk_X509_NAME_push(ca_sk, xn)) {
1693 SSLerror(ERR_R_MALLOC_FAILURE); 1693 SSLerror(s, ERR_R_MALLOC_FAILURE);
1694 goto err; 1694 goto err;
1695 } 1695 }
1696 xn = NULL; /* avoid free in err block */ 1696 xn = NULL; /* avoid free in err block */
@@ -1706,7 +1706,7 @@ ssl3_get_certificate_request(SSL *s)
1706 ret = 1; 1706 ret = 1;
1707 if (0) { 1707 if (0) {
1708truncated: 1708truncated:
1709 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1709 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1710 } 1710 }
1711err: 1711err:
1712 X509_NAME_free(xn); 1712 X509_NAME_free(xn);
@@ -1739,13 +1739,13 @@ ssl3_get_new_session_ticket(SSL *s)
1739 } 1739 }
1740 if (S3I(s)->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) { 1740 if (S3I(s)->tmp.message_type != SSL3_MT_NEWSESSION_TICKET) {
1741 al = SSL_AD_UNEXPECTED_MESSAGE; 1741 al = SSL_AD_UNEXPECTED_MESSAGE;
1742 SSLerror(SSL_R_BAD_MESSAGE_TYPE); 1742 SSLerror(s, SSL_R_BAD_MESSAGE_TYPE);
1743 goto f_err; 1743 goto f_err;
1744 } 1744 }
1745 1745
1746 if (n < 0) { 1746 if (n < 0) {
1747 al = SSL_AD_DECODE_ERROR; 1747 al = SSL_AD_DECODE_ERROR;
1748 SSLerror(SSL_R_LENGTH_MISMATCH); 1748 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1749 goto f_err; 1749 goto f_err;
1750 } 1750 }
1751 1751
@@ -1757,14 +1757,14 @@ ssl3_get_new_session_ticket(SSL *s)
1757 !CBS_get_u16_length_prefixed(&cbs, &session_ticket) || 1757 !CBS_get_u16_length_prefixed(&cbs, &session_ticket) ||
1758 CBS_len(&cbs) != 0) { 1758 CBS_len(&cbs) != 0) {
1759 al = SSL_AD_DECODE_ERROR; 1759 al = SSL_AD_DECODE_ERROR;
1760 SSLerror(SSL_R_LENGTH_MISMATCH); 1760 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1761 goto f_err; 1761 goto f_err;
1762 } 1762 }
1763 s->session->tlsext_tick_lifetime_hint = (long)lifetime_hint; 1763 s->session->tlsext_tick_lifetime_hint = (long)lifetime_hint;
1764 1764
1765 if (!CBS_stow(&session_ticket, &s->session->tlsext_tick, 1765 if (!CBS_stow(&session_ticket, &s->session->tlsext_tick,
1766 &s->session->tlsext_ticklen)) { 1766 &s->session->tlsext_ticklen)) {
1767 SSLerror(ERR_R_MALLOC_FAILURE); 1767 SSLerror(s, ERR_R_MALLOC_FAILURE);
1768 goto err; 1768 goto err;
1769 } 1769 }
1770 1770
@@ -1814,7 +1814,7 @@ ssl3_get_cert_status(SSL *s)
1814 if (n < 0) { 1814 if (n < 0) {
1815 /* need at least status type + length */ 1815 /* need at least status type + length */
1816 al = SSL_AD_DECODE_ERROR; 1816 al = SSL_AD_DECODE_ERROR;
1817 SSLerror(SSL_R_LENGTH_MISMATCH); 1817 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1818 goto f_err; 1818 goto f_err;
1819 } 1819 }
1820 1820
@@ -1823,20 +1823,20 @@ ssl3_get_cert_status(SSL *s)
1823 CBS_len(&cert_status) < 3) { 1823 CBS_len(&cert_status) < 3) {
1824 /* need at least status type + length */ 1824 /* need at least status type + length */
1825 al = SSL_AD_DECODE_ERROR; 1825 al = SSL_AD_DECODE_ERROR;
1826 SSLerror(SSL_R_LENGTH_MISMATCH); 1826 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1827 goto f_err; 1827 goto f_err;
1828 } 1828 }
1829 1829
1830 if (status_type != TLSEXT_STATUSTYPE_ocsp) { 1830 if (status_type != TLSEXT_STATUSTYPE_ocsp) {
1831 al = SSL_AD_DECODE_ERROR; 1831 al = SSL_AD_DECODE_ERROR;
1832 SSLerror(SSL_R_UNSUPPORTED_STATUS_TYPE); 1832 SSLerror(s, SSL_R_UNSUPPORTED_STATUS_TYPE);
1833 goto f_err; 1833 goto f_err;
1834 } 1834 }
1835 1835
1836 if (!CBS_get_u24_length_prefixed(&cert_status, &response) || 1836 if (!CBS_get_u24_length_prefixed(&cert_status, &response) ||
1837 CBS_len(&cert_status) != 0) { 1837 CBS_len(&cert_status) != 0) {
1838 al = SSL_AD_DECODE_ERROR; 1838 al = SSL_AD_DECODE_ERROR;
1839 SSLerror(SSL_R_LENGTH_MISMATCH); 1839 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1840 goto f_err; 1840 goto f_err;
1841 } 1841 }
1842 1842
@@ -1844,7 +1844,7 @@ ssl3_get_cert_status(SSL *s)
1844 &stow_len) || stow_len > INT_MAX) { 1844 &stow_len) || stow_len > INT_MAX) {
1845 s->internal->tlsext_ocsp_resplen = 0; 1845 s->internal->tlsext_ocsp_resplen = 0;
1846 al = SSL_AD_INTERNAL_ERROR; 1846 al = SSL_AD_INTERNAL_ERROR;
1847 SSLerror(ERR_R_MALLOC_FAILURE); 1847 SSLerror(s, ERR_R_MALLOC_FAILURE);
1848 goto f_err; 1848 goto f_err;
1849 } 1849 }
1850 s->internal->tlsext_ocsp_resplen = (int)stow_len; 1850 s->internal->tlsext_ocsp_resplen = (int)stow_len;
@@ -1855,12 +1855,12 @@ ssl3_get_cert_status(SSL *s)
1855 s->ctx->internal->tlsext_status_arg); 1855 s->ctx->internal->tlsext_status_arg);
1856 if (ret == 0) { 1856 if (ret == 0) {
1857 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; 1857 al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
1858 SSLerror(SSL_R_INVALID_STATUS_RESPONSE); 1858 SSLerror(s, SSL_R_INVALID_STATUS_RESPONSE);
1859 goto f_err; 1859 goto f_err;
1860 } 1860 }
1861 if (ret < 0) { 1861 if (ret < 0) {
1862 al = SSL_AD_INTERNAL_ERROR; 1862 al = SSL_AD_INTERNAL_ERROR;
1863 SSLerror(ERR_R_MALLOC_FAILURE); 1863 SSLerror(s, ERR_R_MALLOC_FAILURE);
1864 goto f_err; 1864 goto f_err;
1865 } 1865 }
1866 } 1866 }
@@ -1885,7 +1885,7 @@ ssl3_get_server_done(SSL *s)
1885 if (n > 0) { 1885 if (n > 0) {
1886 /* should contain no data */ 1886 /* should contain no data */
1887 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); 1887 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1888 SSLerror(SSL_R_LENGTH_MISMATCH); 1888 SSLerror(s, SSL_R_LENGTH_MISMATCH);
1889 return (-1); 1889 return (-1);
1890 } 1890 }
1891 ret = 1; 1891 ret = 1;
@@ -1909,7 +1909,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1909 pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); 1909 pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
1910 if (pkey == NULL || pkey->type != EVP_PKEY_RSA || 1910 if (pkey == NULL || pkey->type != EVP_PKEY_RSA ||
1911 pkey->pkey.rsa == NULL) { 1911 pkey->pkey.rsa == NULL) {
1912 SSLerror(ERR_R_INTERNAL_ERROR); 1912 SSLerror(s, ERR_R_INTERNAL_ERROR);
1913 goto err; 1913 goto err;
1914 } 1914 }
1915 1915
@@ -1918,14 +1918,14 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1918 arc4random_buf(&pms[2], sizeof(pms) - 2); 1918 arc4random_buf(&pms[2], sizeof(pms) - 2);
1919 1919
1920 if ((enc_pms = malloc(RSA_size(pkey->pkey.rsa))) == NULL) { 1920 if ((enc_pms = malloc(RSA_size(pkey->pkey.rsa))) == NULL) {
1921 SSLerror(ERR_R_MALLOC_FAILURE); 1921 SSLerror(s, ERR_R_MALLOC_FAILURE);
1922 goto err; 1922 goto err;
1923 } 1923 }
1924 1924
1925 enc_len = RSA_public_encrypt(sizeof(pms), pms, enc_pms, pkey->pkey.rsa, 1925 enc_len = RSA_public_encrypt(sizeof(pms), pms, enc_pms, pkey->pkey.rsa,
1926 RSA_PKCS1_PADDING); 1926 RSA_PKCS1_PADDING);
1927 if (enc_len <= 0) { 1927 if (enc_len <= 0) {
1928 SSLerror(SSL_R_BAD_RSA_ENCRYPT); 1928 SSLerror(s, SSL_R_BAD_RSA_ENCRYPT);
1929 goto err; 1929 goto err;
1930 } 1930 }
1931 1931
@@ -1963,28 +1963,28 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
1963 /* Ensure that we have an ephemeral key for DHE. */ 1963 /* Ensure that we have an ephemeral key for DHE. */
1964 if (sess_cert->peer_dh_tmp == NULL) { 1964 if (sess_cert->peer_dh_tmp == NULL) {
1965 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); 1965 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
1966 SSLerror(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS); 1966 SSLerror(s, SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
1967 goto err; 1967 goto err;
1968 } 1968 }
1969 dh_srvr = sess_cert->peer_dh_tmp; 1969 dh_srvr = sess_cert->peer_dh_tmp;
1970 1970
1971 /* Generate a new random key. */ 1971 /* Generate a new random key. */
1972 if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) { 1972 if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
1973 SSLerror(ERR_R_DH_LIB); 1973 SSLerror(s, ERR_R_DH_LIB);
1974 goto err; 1974 goto err;
1975 } 1975 }
1976 if (!DH_generate_key(dh_clnt)) { 1976 if (!DH_generate_key(dh_clnt)) {
1977 SSLerror(ERR_R_DH_LIB); 1977 SSLerror(s, ERR_R_DH_LIB);
1978 goto err; 1978 goto err;
1979 } 1979 }
1980 key_size = DH_size(dh_clnt); 1980 key_size = DH_size(dh_clnt);
1981 if ((key = malloc(key_size)) == NULL) { 1981 if ((key = malloc(key_size)) == NULL) {
1982 SSLerror(ERR_R_MALLOC_FAILURE); 1982 SSLerror(s, ERR_R_MALLOC_FAILURE);
1983 goto err; 1983 goto err;
1984 } 1984 }
1985 key_len = DH_compute_key(key, dh_srvr->pub_key, dh_clnt); 1985 key_len = DH_compute_key(key, dh_srvr->pub_key, dh_clnt);
1986 if (key_len <= 0) { 1986 if (key_len <= 0) {
1987 SSLerror(ERR_R_DH_LIB); 1987 SSLerror(s, ERR_R_DH_LIB);
1988 goto err; 1988 goto err;
1989 } 1989 }
1990 1990
@@ -2028,35 +2028,35 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
2028 2028
2029 if ((group = EC_KEY_get0_group(sc->peer_ecdh_tmp)) == NULL || 2029 if ((group = EC_KEY_get0_group(sc->peer_ecdh_tmp)) == NULL ||
2030 (point = EC_KEY_get0_public_key(sc->peer_ecdh_tmp)) == NULL) { 2030 (point = EC_KEY_get0_public_key(sc->peer_ecdh_tmp)) == NULL) {
2031 SSLerror(ERR_R_INTERNAL_ERROR); 2031 SSLerror(s, ERR_R_INTERNAL_ERROR);
2032 goto err; 2032 goto err;
2033 } 2033 }
2034 2034
2035 if ((ecdh = EC_KEY_new()) == NULL) { 2035 if ((ecdh = EC_KEY_new()) == NULL) {
2036 SSLerror(ERR_R_MALLOC_FAILURE); 2036 SSLerror(s, ERR_R_MALLOC_FAILURE);
2037 goto err; 2037 goto err;
2038 } 2038 }
2039 2039
2040 if (!EC_KEY_set_group(ecdh, group)) { 2040 if (!EC_KEY_set_group(ecdh, group)) {
2041 SSLerror(ERR_R_EC_LIB); 2041 SSLerror(s, ERR_R_EC_LIB);
2042 goto err; 2042 goto err;
2043 } 2043 }
2044 2044
2045 /* Generate a new ECDH key pair. */ 2045 /* Generate a new ECDH key pair. */
2046 if (!(EC_KEY_generate_key(ecdh))) { 2046 if (!(EC_KEY_generate_key(ecdh))) {
2047 SSLerror(ERR_R_ECDH_LIB); 2047 SSLerror(s, ERR_R_ECDH_LIB);
2048 goto err; 2048 goto err;
2049 } 2049 }
2050 if ((key_size = ECDH_size(ecdh)) <= 0) { 2050 if ((key_size = ECDH_size(ecdh)) <= 0) {
2051 SSLerror(ERR_R_ECDH_LIB); 2051 SSLerror(s, ERR_R_ECDH_LIB);
2052 goto err; 2052 goto err;
2053 } 2053 }
2054 if ((key = malloc(key_size)) == NULL) { 2054 if ((key = malloc(key_size)) == NULL) {
2055 SSLerror(ERR_R_MALLOC_FAILURE); 2055 SSLerror(s, ERR_R_MALLOC_FAILURE);
2056 } 2056 }
2057 key_len = ECDH_compute_key(key, key_size, point, ecdh, NULL); 2057 key_len = ECDH_compute_key(key, key_size, point, ecdh, NULL);
2058 if (key_len <= 0) { 2058 if (key_len <= 0) {
2059 SSLerror(ERR_R_ECDH_LIB); 2059 SSLerror(s, ERR_R_ECDH_LIB);
2060 goto err; 2060 goto err;
2061 } 2061 }
2062 2062
@@ -2068,12 +2068,12 @@ ssl3_send_client_kex_ecdhe_ecp(SSL *s, SESS_CERT *sc, CBB *cbb)
2068 encoded_len = EC_POINT_point2oct(group, EC_KEY_get0_public_key(ecdh), 2068 encoded_len = EC_POINT_point2oct(group, EC_KEY_get0_public_key(ecdh),
2069 POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); 2069 POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
2070 if (encoded_len == 0) { 2070 if (encoded_len == 0) {
2071 SSLerror(ERR_R_ECDH_LIB); 2071 SSLerror(s, ERR_R_ECDH_LIB);
2072 goto err; 2072 goto err;
2073 } 2073 }
2074 2074
2075 if ((bn_ctx = BN_CTX_new()) == NULL) { 2075 if ((bn_ctx = BN_CTX_new()) == NULL) {
2076 SSLerror(ERR_R_MALLOC_FAILURE); 2076 SSLerror(s, ERR_R_MALLOC_FAILURE);
2077 goto err; 2077 goto err;
2078 } 2078 }
2079 2079
@@ -2159,7 +2159,7 @@ ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb)
2159 goto err; 2159 goto err;
2160 } else { 2160 } else {
2161 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); 2161 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
2162 SSLerror(ERR_R_INTERNAL_ERROR); 2162 SSLerror(s, ERR_R_INTERNAL_ERROR);
2163 goto err; 2163 goto err;
2164 } 2164 }
2165 2165
@@ -2186,7 +2186,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2186 /* Get server sertificate PKEY and create ctx from it */ 2186 /* Get server sertificate PKEY and create ctx from it */
2187 peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509; 2187 peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509;
2188 if (peer_cert == NULL) { 2188 if (peer_cert == NULL) {
2189 SSLerror(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER); 2189 SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
2190 goto err; 2190 goto err;
2191 } 2191 }
2192 2192
@@ -2222,7 +2222,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2222 */ 2222 */
2223 ukm_hash = EVP_MD_CTX_create(); 2223 ukm_hash = EVP_MD_CTX_create();
2224 if (ukm_hash == NULL) { 2224 if (ukm_hash == NULL) {
2225 SSLerror(ERR_R_MALLOC_FAILURE); 2225 SSLerror(s, ERR_R_MALLOC_FAILURE);
2226 goto err; 2226 goto err;
2227 } 2227 }
2228 2228
@@ -2238,7 +2238,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2238 EVP_MD_CTX_destroy(ukm_hash); 2238 EVP_MD_CTX_destroy(ukm_hash);
2239 if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, 2239 if (EVP_PKEY_CTX_ctrl(pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT,
2240 EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) { 2240 EVP_PKEY_CTRL_SET_IV, 8, shared_ukm) < 0) {
2241 SSLerror(SSL_R_LIBRARY_BUG); 2241 SSLerror(s, SSL_R_LIBRARY_BUG);
2242 goto err; 2242 goto err;
2243 } 2243 }
2244 2244
@@ -2248,7 +2248,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
2248 msglen = 255; 2248 msglen = 255;
2249 if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 2249 if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret,
2250 32) < 0) { 2250 32) < 0) {
2251 SSLerror(SSL_R_LIBRARY_BUG); 2251 SSLerror(s, SSL_R_LIBRARY_BUG);
2252 goto err; 2252 goto err;
2253 } 2253 }
2254 2254
@@ -2294,7 +2294,7 @@ ssl3_send_client_key_exchange(SSL *s)
2294 if ((sess_cert = SSI(s)->sess_cert) == NULL) { 2294 if ((sess_cert = SSI(s)->sess_cert) == NULL) {
2295 ssl3_send_alert(s, SSL3_AL_FATAL, 2295 ssl3_send_alert(s, SSL3_AL_FATAL,
2296 SSL_AD_UNEXPECTED_MESSAGE); 2296 SSL_AD_UNEXPECTED_MESSAGE);
2297 SSLerror(ERR_R_INTERNAL_ERROR); 2297 SSLerror(s, ERR_R_INTERNAL_ERROR);
2298 goto err; 2298 goto err;
2299 } 2299 }
2300 2300
@@ -2317,7 +2317,7 @@ ssl3_send_client_key_exchange(SSL *s)
2317 } else { 2317 } else {
2318 ssl3_send_alert(s, SSL3_AL_FATAL, 2318 ssl3_send_alert(s, SSL3_AL_FATAL,
2319 SSL_AD_HANDSHAKE_FAILURE); 2319 SSL_AD_HANDSHAKE_FAILURE);
2320 SSLerror(ERR_R_INTERNAL_ERROR); 2320 SSLerror(s, ERR_R_INTERNAL_ERROR);
2321 goto err; 2321 goto err;
2322 } 2322 }
2323 2323
@@ -2379,14 +2379,14 @@ ssl3_send_client_verify(SSL *s)
2379 &hdata); 2379 &hdata);
2380 if (hdatalen <= 0 || 2380 if (hdatalen <= 0 ||
2381 !tls12_get_sigandhash(p, pkey, md)) { 2381 !tls12_get_sigandhash(p, pkey, md)) {
2382 SSLerror(ERR_R_INTERNAL_ERROR); 2382 SSLerror(s, ERR_R_INTERNAL_ERROR);
2383 goto err; 2383 goto err;
2384 } 2384 }
2385 p += 2; 2385 p += 2;
2386 if (!EVP_SignInit_ex(&mctx, md, NULL) || 2386 if (!EVP_SignInit_ex(&mctx, md, NULL) ||
2387 !EVP_SignUpdate(&mctx, hdata, hdatalen) || 2387 !EVP_SignUpdate(&mctx, hdata, hdatalen) ||
2388 !EVP_SignFinal(&mctx, p + 2, &u, pkey)) { 2388 !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
2389 SSLerror(ERR_R_EVP_LIB); 2389 SSLerror(s, ERR_R_EVP_LIB);
2390 goto err; 2390 goto err;
2391 } 2391 }
2392 s2n(u, p); 2392 s2n(u, p);
@@ -2399,7 +2399,7 @@ ssl3_send_client_verify(SSL *s)
2399 if (RSA_sign(NID_md5_sha1, data, 2399 if (RSA_sign(NID_md5_sha1, data,
2400 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]), 2400 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, &(p[2]),
2401 &u, pkey->pkey.rsa) <= 0 ) { 2401 &u, pkey->pkey.rsa) <= 0 ) {
2402 SSLerror(ERR_R_RSA_LIB); 2402 SSLerror(s, ERR_R_RSA_LIB);
2403 goto err; 2403 goto err;
2404 } 2404 }
2405 s2n(u, p); 2405 s2n(u, p);
@@ -2409,7 +2409,7 @@ ssl3_send_client_verify(SSL *s)
2409 &(data[MD5_DIGEST_LENGTH]), 2409 &(data[MD5_DIGEST_LENGTH]),
2410 SHA_DIGEST_LENGTH, &(p[2]), 2410 SHA_DIGEST_LENGTH, &(p[2]),
2411 (unsigned int *)&j, pkey->pkey.dsa)) { 2411 (unsigned int *)&j, pkey->pkey.dsa)) {
2412 SSLerror(ERR_R_DSA_LIB); 2412 SSLerror(s, ERR_R_DSA_LIB);
2413 goto err; 2413 goto err;
2414 } 2414 }
2415 s2n(j, p); 2415 s2n(j, p);
@@ -2419,7 +2419,7 @@ ssl3_send_client_verify(SSL *s)
2419 &(data[MD5_DIGEST_LENGTH]), 2419 &(data[MD5_DIGEST_LENGTH]),
2420 SHA_DIGEST_LENGTH, &(p[2]), 2420 SHA_DIGEST_LENGTH, &(p[2]),
2421 (unsigned int *)&j, pkey->pkey.ec)) { 2421 (unsigned int *)&j, pkey->pkey.ec)) {
2422 SSLerror(ERR_R_ECDSA_LIB); 2422 SSLerror(s, ERR_R_ECDSA_LIB);
2423 goto err; 2423 goto err;
2424 } 2424 }
2425 s2n(j, p); 2425 s2n(j, p);
@@ -2436,12 +2436,12 @@ ssl3_send_client_verify(SSL *s)
2436 2436
2437 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2437 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2438 if (hdatalen <= 0) { 2438 if (hdatalen <= 0) {
2439 SSLerror(ERR_R_INTERNAL_ERROR); 2439 SSLerror(s, ERR_R_INTERNAL_ERROR);
2440 goto err; 2440 goto err;
2441 } 2441 }
2442 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || 2442 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) ||
2443 !(md = EVP_get_digestbynid(nid))) { 2443 !(md = EVP_get_digestbynid(nid))) {
2444 SSLerror(ERR_R_EVP_LIB); 2444 SSLerror(s, ERR_R_EVP_LIB);
2445 goto err; 2445 goto err;
2446 } 2446 }
2447 if (!EVP_DigestInit_ex(&mctx, md, NULL) || 2447 if (!EVP_DigestInit_ex(&mctx, md, NULL) ||
@@ -2454,7 +2454,7 @@ ssl3_send_client_verify(SSL *s)
2454 NULL) <= 0) || 2454 NULL) <= 0) ||
2455 (EVP_PKEY_sign(pctx, &(p[2]), &sigsize, 2455 (EVP_PKEY_sign(pctx, &(p[2]), &sigsize,
2456 signbuf, u) <= 0)) { 2456 signbuf, u) <= 0)) {
2457 SSLerror(ERR_R_EVP_LIB); 2457 SSLerror(s, ERR_R_EVP_LIB);
2458 goto err; 2458 goto err;
2459 } 2459 }
2460 if (!tls1_digest_cached_records(s)) 2460 if (!tls1_digest_cached_records(s))
@@ -2464,7 +2464,7 @@ ssl3_send_client_verify(SSL *s)
2464 n = j + 2; 2464 n = j + 2;
2465#endif 2465#endif
2466 } else { 2466 } else {
2467 SSLerror(ERR_R_INTERNAL_ERROR); 2467 SSLerror(s, ERR_R_INTERNAL_ERROR);
2468 goto err; 2468 goto err;
2469 } 2469 }
2470 2470
@@ -2522,7 +2522,7 @@ ssl3_send_client_certificate(SSL *s)
2522 i = 0; 2522 i = 0;
2523 } else if (i == 1) { 2523 } else if (i == 1) {
2524 i = 0; 2524 i = 0;
2525 SSLerror(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); 2525 SSLerror(s, SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
2526 } 2526 }
2527 2527
2528 X509_free(x509); 2528 X509_free(x509);
@@ -2576,7 +2576,7 @@ ssl3_check_cert_and_algorithm(SSL *s)
2576 2576
2577 sc = SSI(s)->sess_cert; 2577 sc = SSI(s)->sess_cert;
2578 if (sc == NULL) { 2578 if (sc == NULL) {
2579 SSLerror(ERR_R_INTERNAL_ERROR); 2579 SSLerror(s, ERR_R_INTERNAL_ERROR);
2580 goto err; 2580 goto err;
2581 } 2581 }
2582 dh = SSI(s)->sess_cert->peer_dh_tmp; 2582 dh = SSI(s)->sess_cert->peer_dh_tmp;
@@ -2588,7 +2588,7 @@ ssl3_check_cert_and_algorithm(SSL *s)
2588 if (ssl_check_srvr_ecc_cert_and_alg( 2588 if (ssl_check_srvr_ecc_cert_and_alg(
2589 sc->peer_pkeys[idx].x509, s) == 0) { 2589 sc->peer_pkeys[idx].x509, s) == 0) {
2590 /* check failed */ 2590 /* check failed */
2591 SSLerror(SSL_R_BAD_ECC_CERT); 2591 SSLerror(s, SSL_R_BAD_ECC_CERT);
2592 goto f_err; 2592 goto f_err;
2593 } else { 2593 } else {
2594 return (1); 2594 return (1);
@@ -2600,21 +2600,21 @@ ssl3_check_cert_and_algorithm(SSL *s)
2600 2600
2601 /* Check that we have a certificate if we require one. */ 2601 /* Check that we have a certificate if we require one. */
2602 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) { 2602 if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA|EVP_PKT_SIGN)) {
2603 SSLerror(SSL_R_MISSING_RSA_SIGNING_CERT); 2603 SSLerror(s, SSL_R_MISSING_RSA_SIGNING_CERT);
2604 goto f_err; 2604 goto f_err;
2605 } else if ((alg_a & SSL_aDSS) && 2605 } else if ((alg_a & SSL_aDSS) &&
2606 !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) { 2606 !has_bits(i, EVP_PK_DSA|EVP_PKT_SIGN)) {
2607 SSLerror(SSL_R_MISSING_DSA_SIGNING_CERT); 2607 SSLerror(s, SSL_R_MISSING_DSA_SIGNING_CERT);
2608 goto f_err; 2608 goto f_err;
2609 } 2609 }
2610 if ((alg_k & SSL_kRSA) && 2610 if ((alg_k & SSL_kRSA) &&
2611 !has_bits(i, EVP_PK_RSA|EVP_PKT_ENC)) { 2611 !has_bits(i, EVP_PK_RSA|EVP_PKT_ENC)) {
2612 SSLerror(SSL_R_MISSING_RSA_ENCRYPTING_CERT); 2612 SSLerror(s, SSL_R_MISSING_RSA_ENCRYPTING_CERT);
2613 goto f_err; 2613 goto f_err;
2614 } 2614 }
2615 if ((alg_k & SSL_kDHE) && 2615 if ((alg_k & SSL_kDHE) &&
2616 !(has_bits(i, EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) { 2616 !(has_bits(i, EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) {
2617 SSLerror(SSL_R_MISSING_DH_KEY); 2617 SSLerror(s, SSL_R_MISSING_DH_KEY);
2618 goto f_err; 2618 goto f_err;
2619 } 2619 }
2620 2620
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-07 08:21:27 +0000