diff options
| author | beck <> | 2017-02-07 02:08:38 +0000 |
|---|---|---|
| committer | beck <> | 2017-02-07 02:08:38 +0000 |
| commit | 9a5920738bea15430db1fdd138e67d9bbc3a95d3 (patch) | |
| tree | a4e6a6d2d23329b576b63c8698e62a87e7388b69 /src/lib/libssl/ssl_lib.c | |
| parent | 39e6b39981109a910f15cb187f48bd78dc3e75bb (diff) | |
| download | openbsd-9a5920738bea15430db1fdd138e67d9bbc3a95d3.tar.gz openbsd-9a5920738bea15430db1fdd138e67d9bbc3a95d3.tar.bz2 openbsd-9a5920738bea15430db1fdd138e67d9bbc3a95d3.zip | |
Change SSLerror() back to taking two args, with the first one being an SSL *.
Make a table of "function codes" which maps the internal state of the SSL *
to something like a useful name so in a typical error in the connection you
know in what sort of place in the handshake things happened. (instead of
by arcane function name).
Add SSLerrorx() for when we don't have an SSL *
ok jsing@ after us both being prodded by bluhm@ to make it not terrible
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 98 |
1 files changed, 49 insertions, 49 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 898fdbc479..7e752ae0d0 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.155 2017/01/26 12:16:13 beck Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.156 2017/02/07 02:08:38 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -163,7 +163,7 @@ int | |||
| 163 | SSL_clear(SSL *s) | 163 | SSL_clear(SSL *s) |
| 164 | { | 164 | { |
| 165 | if (s->method == NULL) { | 165 | if (s->method == NULL) { |
| 166 | SSLerror(SSL_R_NO_METHOD_SPECIFIED); | 166 | SSLerror(s, SSL_R_NO_METHOD_SPECIFIED); |
| 167 | return (0); | 167 | return (0); |
| 168 | } | 168 | } |
| 169 | 169 | ||
| @@ -177,7 +177,7 @@ SSL_clear(SSL *s) | |||
| 177 | s->internal->shutdown = 0; | 177 | s->internal->shutdown = 0; |
| 178 | 178 | ||
| 179 | if (s->internal->renegotiate) { | 179 | if (s->internal->renegotiate) { |
| 180 | SSLerror(ERR_R_INTERNAL_ERROR); | 180 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
| 181 | return (0); | 181 | return (0); |
| 182 | } | 182 | } |
| 183 | 183 | ||
| @@ -226,7 +226,7 @@ SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth) | |||
| 226 | sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list), | 226 | sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list), |
| 227 | &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST); | 227 | &(ctx->internal->cipher_list_by_id), SSL_DEFAULT_CIPHER_LIST); |
| 228 | if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { | 228 | if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) { |
| 229 | SSLerror(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); | 229 | SSLerrorx(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); |
| 230 | return (0); | 230 | return (0); |
| 231 | } | 231 | } |
| 232 | return (1); | 232 | return (1); |
| @@ -238,21 +238,21 @@ SSL_new(SSL_CTX *ctx) | |||
| 238 | SSL *s; | 238 | SSL *s; |
| 239 | 239 | ||
| 240 | if (ctx == NULL) { | 240 | if (ctx == NULL) { |
| 241 | SSLerror(SSL_R_NULL_SSL_CTX); | 241 | SSLerrorx(SSL_R_NULL_SSL_CTX); |
| 242 | return (NULL); | 242 | return (NULL); |
| 243 | } | 243 | } |
| 244 | if (ctx->method == NULL) { | 244 | if (ctx->method == NULL) { |
| 245 | SSLerror(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); | 245 | SSLerrorx(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); |
| 246 | return (NULL); | 246 | return (NULL); |
| 247 | } | 247 | } |
| 248 | 248 | ||
| 249 | if ((s = calloc(1, sizeof(*s))) == NULL) { | 249 | if ((s = calloc(1, sizeof(*s))) == NULL) { |
| 250 | SSLerror(ERR_R_MALLOC_FAILURE); | 250 | SSLerrorx(ERR_R_MALLOC_FAILURE); |
| 251 | return (NULL); | 251 | return (NULL); |
| 252 | } | 252 | } |
| 253 | if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) { | 253 | if ((s->internal = calloc(1, sizeof(*s->internal))) == NULL) { |
| 254 | free(s); | 254 | free(s); |
| 255 | SSLerror(ERR_R_MALLOC_FAILURE); | 255 | SSLerrorx(ERR_R_MALLOC_FAILURE); |
| 256 | return (NULL); | 256 | return (NULL); |
| 257 | } | 257 | } |
| 258 | 258 | ||
| @@ -371,7 +371,7 @@ SSL_new(SSL_CTX *ctx) | |||
| 371 | 371 | ||
| 372 | err: | 372 | err: |
| 373 | SSL_free(s); | 373 | SSL_free(s); |
| 374 | SSLerror(ERR_R_MALLOC_FAILURE); | 374 | SSLerrorx(ERR_R_MALLOC_FAILURE); |
| 375 | return (NULL); | 375 | return (NULL); |
| 376 | } | 376 | } |
| 377 | 377 | ||
| @@ -380,7 +380,7 @@ SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, | |||
| 380 | unsigned int sid_ctx_len) | 380 | unsigned int sid_ctx_len) |
| 381 | { | 381 | { |
| 382 | if (sid_ctx_len > sizeof ctx->sid_ctx) { | 382 | if (sid_ctx_len > sizeof ctx->sid_ctx) { |
| 383 | SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); | 383 | SSLerrorx(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); |
| 384 | return (0); | 384 | return (0); |
| 385 | } | 385 | } |
| 386 | ctx->sid_ctx_length = sid_ctx_len; | 386 | ctx->sid_ctx_length = sid_ctx_len; |
| @@ -394,7 +394,7 @@ SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx, | |||
| 394 | unsigned int sid_ctx_len) | 394 | unsigned int sid_ctx_len) |
| 395 | { | 395 | { |
| 396 | if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { | 396 | if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) { |
| 397 | SSLerror(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); | 397 | SSLerror(ssl, SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); |
| 398 | return (0); | 398 | return (0); |
| 399 | } | 399 | } |
| 400 | ssl->sid_ctx_length = sid_ctx_len; | 400 | ssl->sid_ctx_length = sid_ctx_len; |
| @@ -631,7 +631,7 @@ SSL_set_fd(SSL *s, int fd) | |||
| 631 | bio = BIO_new(BIO_s_socket()); | 631 | bio = BIO_new(BIO_s_socket()); |
| 632 | 632 | ||
| 633 | if (bio == NULL) { | 633 | if (bio == NULL) { |
| 634 | SSLerror(ERR_R_BUF_LIB); | 634 | SSLerror(s, ERR_R_BUF_LIB); |
| 635 | goto err; | 635 | goto err; |
| 636 | } | 636 | } |
| 637 | BIO_set_fd(bio, fd, BIO_NOCLOSE); | 637 | BIO_set_fd(bio, fd, BIO_NOCLOSE); |
| @@ -652,7 +652,7 @@ SSL_set_wfd(SSL *s, int fd) | |||
| 652 | bio = BIO_new(BIO_s_socket()); | 652 | bio = BIO_new(BIO_s_socket()); |
| 653 | 653 | ||
| 654 | if (bio == NULL) { | 654 | if (bio == NULL) { |
| 655 | SSLerror(ERR_R_BUF_LIB); | 655 | SSLerror(s, ERR_R_BUF_LIB); |
| 656 | goto err; | 656 | goto err; |
| 657 | } | 657 | } |
| 658 | BIO_set_fd(bio, fd, BIO_NOCLOSE); | 658 | BIO_set_fd(bio, fd, BIO_NOCLOSE); |
| @@ -675,7 +675,7 @@ SSL_set_rfd(SSL *s, int fd) | |||
| 675 | bio = BIO_new(BIO_s_socket()); | 675 | bio = BIO_new(BIO_s_socket()); |
| 676 | 676 | ||
| 677 | if (bio == NULL) { | 677 | if (bio == NULL) { |
| 678 | SSLerror(ERR_R_BUF_LIB); | 678 | SSLerror(s, ERR_R_BUF_LIB); |
| 679 | goto err; | 679 | goto err; |
| 680 | } | 680 | } |
| 681 | BIO_set_fd(bio, fd, BIO_NOCLOSE); | 681 | BIO_set_fd(bio, fd, BIO_NOCLOSE); |
| @@ -870,11 +870,11 @@ SSL_CTX_check_private_key(const SSL_CTX *ctx) | |||
| 870 | { | 870 | { |
| 871 | if ((ctx == NULL) || (ctx->internal->cert == NULL) || | 871 | if ((ctx == NULL) || (ctx->internal->cert == NULL) || |
| 872 | (ctx->internal->cert->key->x509 == NULL)) { | 872 | (ctx->internal->cert->key->x509 == NULL)) { |
| 873 | SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED); | 873 | SSLerrorx(SSL_R_NO_CERTIFICATE_ASSIGNED); |
| 874 | return (0); | 874 | return (0); |
| 875 | } | 875 | } |
| 876 | if (ctx->internal->cert->key->privatekey == NULL) { | 876 | if (ctx->internal->cert->key->privatekey == NULL) { |
| 877 | SSLerror(SSL_R_NO_PRIVATE_KEY_ASSIGNED); | 877 | SSLerrorx(SSL_R_NO_PRIVATE_KEY_ASSIGNED); |
| 878 | return (0); | 878 | return (0); |
| 879 | } | 879 | } |
| 880 | return (X509_check_private_key(ctx->internal->cert->key->x509, | 880 | return (X509_check_private_key(ctx->internal->cert->key->x509, |
| @@ -886,19 +886,19 @@ int | |||
| 886 | SSL_check_private_key(const SSL *ssl) | 886 | SSL_check_private_key(const SSL *ssl) |
| 887 | { | 887 | { |
| 888 | if (ssl == NULL) { | 888 | if (ssl == NULL) { |
| 889 | SSLerror(ERR_R_PASSED_NULL_PARAMETER); | 889 | SSLerror(ssl, ERR_R_PASSED_NULL_PARAMETER); |
| 890 | return (0); | 890 | return (0); |
| 891 | } | 891 | } |
| 892 | if (ssl->cert == NULL) { | 892 | if (ssl->cert == NULL) { |
| 893 | SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED); | 893 | SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED); |
| 894 | return (0); | 894 | return (0); |
| 895 | } | 895 | } |
| 896 | if (ssl->cert->key->x509 == NULL) { | 896 | if (ssl->cert->key->x509 == NULL) { |
| 897 | SSLerror(SSL_R_NO_CERTIFICATE_ASSIGNED); | 897 | SSLerror(ssl, SSL_R_NO_CERTIFICATE_ASSIGNED); |
| 898 | return (0); | 898 | return (0); |
| 899 | } | 899 | } |
| 900 | if (ssl->cert->key->privatekey == NULL) { | 900 | if (ssl->cert->key->privatekey == NULL) { |
| 901 | SSLerror(SSL_R_NO_PRIVATE_KEY_ASSIGNED); | 901 | SSLerror(ssl, SSL_R_NO_PRIVATE_KEY_ASSIGNED); |
| 902 | return (0); | 902 | return (0); |
| 903 | } | 903 | } |
| 904 | return (X509_check_private_key(ssl->cert->key->x509, | 904 | return (X509_check_private_key(ssl->cert->key->x509, |
| @@ -933,7 +933,7 @@ int | |||
| 933 | SSL_read(SSL *s, void *buf, int num) | 933 | SSL_read(SSL *s, void *buf, int num) |
| 934 | { | 934 | { |
| 935 | if (s->internal->handshake_func == NULL) { | 935 | if (s->internal->handshake_func == NULL) { |
| 936 | SSLerror(SSL_R_UNINITIALIZED); | 936 | SSLerror(s, SSL_R_UNINITIALIZED); |
| 937 | return (-1); | 937 | return (-1); |
| 938 | } | 938 | } |
| 939 | 939 | ||
| @@ -948,7 +948,7 @@ int | |||
| 948 | SSL_peek(SSL *s, void *buf, int num) | 948 | SSL_peek(SSL *s, void *buf, int num) |
| 949 | { | 949 | { |
| 950 | if (s->internal->handshake_func == NULL) { | 950 | if (s->internal->handshake_func == NULL) { |
| 951 | SSLerror(SSL_R_UNINITIALIZED); | 951 | SSLerror(s, SSL_R_UNINITIALIZED); |
| 952 | return (-1); | 952 | return (-1); |
| 953 | } | 953 | } |
| 954 | 954 | ||
| @@ -962,13 +962,13 @@ int | |||
| 962 | SSL_write(SSL *s, const void *buf, int num) | 962 | SSL_write(SSL *s, const void *buf, int num) |
| 963 | { | 963 | { |
| 964 | if (s->internal->handshake_func == NULL) { | 964 | if (s->internal->handshake_func == NULL) { |
| 965 | SSLerror(SSL_R_UNINITIALIZED); | 965 | SSLerror(s, SSL_R_UNINITIALIZED); |
| 966 | return (-1); | 966 | return (-1); |
| 967 | } | 967 | } |
| 968 | 968 | ||
| 969 | if (s->internal->shutdown & SSL_SENT_SHUTDOWN) { | 969 | if (s->internal->shutdown & SSL_SENT_SHUTDOWN) { |
| 970 | s->internal->rwstate = SSL_NOTHING; | 970 | s->internal->rwstate = SSL_NOTHING; |
| 971 | SSLerror(SSL_R_PROTOCOL_IS_SHUTDOWN); | 971 | SSLerror(s, SSL_R_PROTOCOL_IS_SHUTDOWN); |
| 972 | return (-1); | 972 | return (-1); |
| 973 | } | 973 | } |
| 974 | return (s->method->internal->ssl_write(s, buf, num)); | 974 | return (s->method->internal->ssl_write(s, buf, num)); |
| @@ -985,7 +985,7 @@ SSL_shutdown(SSL *s) | |||
| 985 | */ | 985 | */ |
| 986 | 986 | ||
| 987 | if (s->internal->handshake_func == NULL) { | 987 | if (s->internal->handshake_func == NULL) { |
| 988 | SSLerror(SSL_R_UNINITIALIZED); | 988 | SSLerror(s, SSL_R_UNINITIALIZED); |
| 989 | return (-1); | 989 | return (-1); |
| 990 | } | 990 | } |
| 991 | 991 | ||
| @@ -1297,7 +1297,7 @@ SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) | |||
| 1297 | if (sk == NULL) | 1297 | if (sk == NULL) |
| 1298 | return (0); | 1298 | return (0); |
| 1299 | else if (sk_SSL_CIPHER_num(sk) == 0) { | 1299 | else if (sk_SSL_CIPHER_num(sk) == 0) { |
| 1300 | SSLerror(SSL_R_NO_CIPHER_MATCH); | 1300 | SSLerrorx(SSL_R_NO_CIPHER_MATCH); |
| 1301 | return (0); | 1301 | return (0); |
| 1302 | } | 1302 | } |
| 1303 | return (1); | 1303 | return (1); |
| @@ -1315,7 +1315,7 @@ SSL_set_cipher_list(SSL *s, const char *str) | |||
| 1315 | if (sk == NULL) | 1315 | if (sk == NULL) |
| 1316 | return (0); | 1316 | return (0); |
| 1317 | else if (sk_SSL_CIPHER_num(sk) == 0) { | 1317 | else if (sk_SSL_CIPHER_num(sk) == 0) { |
| 1318 | SSLerror(SSL_R_NO_CIPHER_MATCH); | 1318 | SSLerror(s, SSL_R_NO_CIPHER_MATCH); |
| 1319 | return (0); | 1319 | return (0); |
| 1320 | } | 1320 | } |
| 1321 | return (1); | 1321 | return (1); |
| @@ -1419,19 +1419,19 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num) | |||
| 1419 | * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2]. | 1419 | * RFC 5246 section 7.4.1.2 defines the interval as [2,2^16-2]. |
| 1420 | */ | 1420 | */ |
| 1421 | if (num < 2 || num > 0x10000 - 2) { | 1421 | if (num < 2 || num > 0x10000 - 2) { |
| 1422 | SSLerror(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); | 1422 | SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); |
| 1423 | return (NULL); | 1423 | return (NULL); |
| 1424 | } | 1424 | } |
| 1425 | 1425 | ||
| 1426 | if ((sk = sk_SSL_CIPHER_new_null()) == NULL) { | 1426 | if ((sk = sk_SSL_CIPHER_new_null()) == NULL) { |
| 1427 | SSLerror(ERR_R_MALLOC_FAILURE); | 1427 | SSLerror(s, ERR_R_MALLOC_FAILURE); |
| 1428 | goto err; | 1428 | goto err; |
| 1429 | } | 1429 | } |
| 1430 | 1430 | ||
| 1431 | CBS_init(&cbs, p, num); | 1431 | CBS_init(&cbs, p, num); |
| 1432 | while (CBS_len(&cbs) > 0) { | 1432 | while (CBS_len(&cbs) > 0) { |
| 1433 | if (!CBS_get_u16(&cbs, &cipher_value)) { | 1433 | if (!CBS_get_u16(&cbs, &cipher_value)) { |
| 1434 | SSLerror(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); | 1434 | SSLerror(s, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); |
| 1435 | goto err; | 1435 | goto err; |
| 1436 | } | 1436 | } |
| 1437 | 1437 | ||
| @@ -1443,7 +1443,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num) | |||
| 1443 | * renegotiating. | 1443 | * renegotiating. |
| 1444 | */ | 1444 | */ |
| 1445 | if (s->internal->renegotiate) { | 1445 | if (s->internal->renegotiate) { |
| 1446 | SSLerror(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); | 1446 | SSLerror(s, SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); |
| 1447 | ssl3_send_alert(s, SSL3_AL_FATAL, | 1447 | ssl3_send_alert(s, SSL3_AL_FATAL, |
| 1448 | SSL_AD_HANDSHAKE_FAILURE); | 1448 | SSL_AD_HANDSHAKE_FAILURE); |
| 1449 | 1449 | ||
| @@ -1462,7 +1462,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num) | |||
| 1462 | */ | 1462 | */ |
| 1463 | max_version = ssl_max_server_version(s); | 1463 | max_version = ssl_max_server_version(s); |
| 1464 | if (max_version == 0 || s->version < max_version) { | 1464 | if (max_version == 0 || s->version < max_version) { |
| 1465 | SSLerror(SSL_R_INAPPROPRIATE_FALLBACK); | 1465 | SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK); |
| 1466 | if (s->s3 != NULL) | 1466 | if (s->s3 != NULL) |
| 1467 | ssl3_send_alert(s, SSL3_AL_FATAL, | 1467 | ssl3_send_alert(s, SSL3_AL_FATAL, |
| 1468 | SSL_AD_INAPPROPRIATE_FALLBACK); | 1468 | SSL_AD_INAPPROPRIATE_FALLBACK); |
| @@ -1473,7 +1473,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num) | |||
| 1473 | 1473 | ||
| 1474 | if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) { | 1474 | if ((c = ssl3_get_cipher_by_value(cipher_value)) != NULL) { |
| 1475 | if (!sk_SSL_CIPHER_push(sk, c)) { | 1475 | if (!sk_SSL_CIPHER_push(sk, c)) { |
| 1476 | SSLerror(ERR_R_MALLOC_FAILURE); | 1476 | SSLerror(s, ERR_R_MALLOC_FAILURE); |
| 1477 | goto err; | 1477 | goto err; |
| 1478 | } | 1478 | } |
| 1479 | } | 1479 | } |
| @@ -1783,22 +1783,22 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1783 | SSL_CTX *ret; | 1783 | SSL_CTX *ret; |
| 1784 | 1784 | ||
| 1785 | if (meth == NULL) { | 1785 | if (meth == NULL) { |
| 1786 | SSLerror(SSL_R_NULL_SSL_METHOD_PASSED); | 1786 | SSLerrorx(SSL_R_NULL_SSL_METHOD_PASSED); |
| 1787 | return (NULL); | 1787 | return (NULL); |
| 1788 | } | 1788 | } |
| 1789 | 1789 | ||
| 1790 | if ((ret = calloc(1, sizeof(*ret))) == NULL) { | 1790 | if ((ret = calloc(1, sizeof(*ret))) == NULL) { |
| 1791 | SSLerror(ERR_R_MALLOC_FAILURE); | 1791 | SSLerrorx(ERR_R_MALLOC_FAILURE); |
| 1792 | return (NULL); | 1792 | return (NULL); |
| 1793 | } | 1793 | } |
| 1794 | if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) { | 1794 | if ((ret->internal = calloc(1, sizeof(*ret->internal))) == NULL) { |
| 1795 | free(ret); | 1795 | free(ret); |
| 1796 | SSLerror(ERR_R_MALLOC_FAILURE); | 1796 | SSLerrorx(ERR_R_MALLOC_FAILURE); |
| 1797 | return (NULL); | 1797 | return (NULL); |
| 1798 | } | 1798 | } |
| 1799 | 1799 | ||
| 1800 | if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { | 1800 | if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) { |
| 1801 | SSLerror(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); | 1801 | SSLerrorx(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); |
| 1802 | goto err; | 1802 | goto err; |
| 1803 | } | 1803 | } |
| 1804 | 1804 | ||
| @@ -1857,7 +1857,7 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1857 | &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST); | 1857 | &ret->internal->cipher_list_by_id, SSL_DEFAULT_CIPHER_LIST); |
| 1858 | if (ret->cipher_list == NULL || | 1858 | if (ret->cipher_list == NULL || |
| 1859 | sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { | 1859 | sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { |
| 1860 | SSLerror(SSL_R_LIBRARY_HAS_NO_CIPHERS); | 1860 | SSLerrorx(SSL_R_LIBRARY_HAS_NO_CIPHERS); |
| 1861 | goto err2; | 1861 | goto err2; |
| 1862 | } | 1862 | } |
| 1863 | 1863 | ||
| @@ -1866,11 +1866,11 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1866 | goto err; | 1866 | goto err; |
| 1867 | 1867 | ||
| 1868 | if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { | 1868 | if ((ret->internal->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { |
| 1869 | SSLerror(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); | 1869 | SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); |
| 1870 | goto err2; | 1870 | goto err2; |
| 1871 | } | 1871 | } |
| 1872 | if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { | 1872 | if ((ret->internal->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) { |
| 1873 | SSLerror(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); | 1873 | SSLerrorx(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); |
| 1874 | goto err2; | 1874 | goto err2; |
| 1875 | } | 1875 | } |
| 1876 | 1876 | ||
| @@ -1925,7 +1925,7 @@ SSL_CTX_new(const SSL_METHOD *meth) | |||
| 1925 | 1925 | ||
| 1926 | return (ret); | 1926 | return (ret); |
| 1927 | err: | 1927 | err: |
| 1928 | SSLerror(ERR_R_MALLOC_FAILURE); | 1928 | SSLerrorx(ERR_R_MALLOC_FAILURE); |
| 1929 | err2: | 1929 | err2: |
| 1930 | SSL_CTX_free(ret); | 1930 | SSL_CTX_free(ret); |
| 1931 | return (NULL); | 1931 | return (NULL); |
| @@ -2109,7 +2109,7 @@ ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s) | |||
| 2109 | /* Key usage, if present, must allow signing. */ | 2109 | /* Key usage, if present, must allow signing. */ |
| 2110 | if ((x->ex_flags & EXFLAG_KUSAGE) && | 2110 | if ((x->ex_flags & EXFLAG_KUSAGE) && |
| 2111 | ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) { | 2111 | ((x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) == 0)) { |
| 2112 | SSLerror(SSL_R_ECC_CERT_NOT_FOR_SIGNING); | 2112 | SSLerror(s, SSL_R_ECC_CERT_NOT_FOR_SIGNING); |
| 2113 | return (0); | 2113 | return (0); |
| 2114 | } | 2114 | } |
| 2115 | } | 2115 | } |
| @@ -2141,7 +2141,7 @@ ssl_get_server_send_pkey(const SSL *s) | |||
| 2141 | } else if (alg_a & SSL_aGOST01) { | 2141 | } else if (alg_a & SSL_aGOST01) { |
| 2142 | i = SSL_PKEY_GOST01; | 2142 | i = SSL_PKEY_GOST01; |
| 2143 | } else { /* if (alg_a & SSL_aNULL) */ | 2143 | } else { /* if (alg_a & SSL_aNULL) */ |
| 2144 | SSLerror(ERR_R_INTERNAL_ERROR); | 2144 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
| 2145 | return (NULL); | 2145 | return (NULL); |
| 2146 | } | 2146 | } |
| 2147 | 2147 | ||
| @@ -2181,7 +2181,7 @@ ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher, const EVP_MD **pmd) | |||
| 2181 | (c->pkeys[SSL_PKEY_ECC].privatekey != NULL)) | 2181 | (c->pkeys[SSL_PKEY_ECC].privatekey != NULL)) |
| 2182 | idx = SSL_PKEY_ECC; | 2182 | idx = SSL_PKEY_ECC; |
| 2183 | if (idx == -1) { | 2183 | if (idx == -1) { |
| 2184 | SSLerror(ERR_R_INTERNAL_ERROR); | 2184 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
| 2185 | return (NULL); | 2185 | return (NULL); |
| 2186 | } | 2186 | } |
| 2187 | if (pmd) | 2187 | if (pmd) |
| @@ -2385,7 +2385,7 @@ SSL_do_handshake(SSL *s) | |||
| 2385 | int ret = 1; | 2385 | int ret = 1; |
| 2386 | 2386 | ||
| 2387 | if (s->internal->handshake_func == NULL) { | 2387 | if (s->internal->handshake_func == NULL) { |
| 2388 | SSLerror(SSL_R_CONNECTION_TYPE_NOT_SET); | 2388 | SSLerror(s, SSL_R_CONNECTION_TYPE_NOT_SET); |
| 2389 | return (-1); | 2389 | return (-1); |
| 2390 | } | 2390 | } |
| 2391 | 2391 | ||
| @@ -2430,21 +2430,21 @@ SSL_set_connect_state(SSL *s) | |||
| 2430 | int | 2430 | int |
| 2431 | ssl_undefined_function(SSL *s) | 2431 | ssl_undefined_function(SSL *s) |
| 2432 | { | 2432 | { |
| 2433 | SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 2433 | SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 2434 | return (0); | 2434 | return (0); |
| 2435 | } | 2435 | } |
| 2436 | 2436 | ||
| 2437 | int | 2437 | int |
| 2438 | ssl_undefined_void_function(void) | 2438 | ssl_undefined_void_function(void) |
| 2439 | { | 2439 | { |
| 2440 | SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 2440 | SSLerrorx(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 2441 | return (0); | 2441 | return (0); |
| 2442 | } | 2442 | } |
| 2443 | 2443 | ||
| 2444 | int | 2444 | int |
| 2445 | ssl_undefined_const_function(const SSL *s) | 2445 | ssl_undefined_const_function(const SSL *s) |
| 2446 | { | 2446 | { |
| 2447 | SSLerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 2447 | SSLerror(s, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 2448 | return (0); | 2448 | return (0); |
| 2449 | } | 2449 | } |
| 2450 | 2450 | ||
| @@ -2679,7 +2679,7 @@ ssl_init_wbio_buffer(SSL *s, int push) | |||
| 2679 | (void)BIO_reset(bbio); | 2679 | (void)BIO_reset(bbio); |
| 2680 | /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */ | 2680 | /* if (!BIO_set_write_buffer_size(bbio,16*1024)) */ |
| 2681 | if (!BIO_set_read_buffer_size(bbio, 1)) { | 2681 | if (!BIO_set_read_buffer_size(bbio, 1)) { |
| 2682 | SSLerror(ERR_R_BUF_LIB); | 2682 | SSLerror(s, ERR_R_BUF_LIB); |
| 2683 | return (0); | 2683 | return (0); |
| 2684 | } | 2684 | } |
| 2685 | if (push) { | 2685 | if (push) { |