Send the error function codes to rot in the depths of hell where they belong

We leave a single funciton code (0xFFF) to say "SSL_internal" so the public API will not break, and we replace all internal use of the two argument SSL_err() with the internal only SSL_error() that only takes a reason code. ok jsing@
author: beck <> 2017-01-26 10:40:21 +0000
committer: beck <> 2017-01-26 10:40:21 +0000
commit: 59161dbdf4da5b82b27402f93d7007a11b2d1cc1 (patch)
tree: e105a2b33d3aefb54727a955e9c746cc8edb0e50 /src/lib/libssl/ssl_sess.c
parent: a2e1efdba084d65702b419bc510c30a144eb5d7f (diff)
download: openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.tar.gz
openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.tar.bz2
openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.zip
1 files changed, 15 insertions, 15 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 8c802b170e..5cd531ef59 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.67 2017/01/24 09:03:21 jsing Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.68 2017/01/26 10:40:21 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -200,12 +200,12 @@ SSL_SESSION_new(void)
        SSL_SESSION *ss;
        if ((ss = calloc(1, sizeof(*ss))) == NULL) {
-                SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
+                SSLerror(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
        if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {
                free(ss);
-                SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
+                SSLerror(ERR_R_MALLOC_FAILURE);
                return (NULL);
        }
@@ -312,7 +312,7 @@ ssl_get_new_session(SSL *s, int session)
                        ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
                        break;
                default:
-                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                        SSLerror(
                            SSL_R_UNSUPPORTED_SSL_VERSION);
                        SSL_SESSION_free(ss);
                        return (0);
@@ -336,7 +336,7 @@ ssl_get_new_session(SSL *s, int session)
                tmp = ss->session_id_length;
                if (!cb(s, ss->session_id, &tmp)) {
                        /* The callback failed */
-                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                        SSLerror(
                        SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
                        SSL_SESSION_free(ss);
                        return (0);
@@ -348,7 +348,7 @@ ssl_get_new_session(SSL *s, int session)
                 */
                if (!tmp || (tmp > ss->session_id_length)) {
                        /* The callback set an illegal length */
-                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                        SSLerror(
                        SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
                        SSL_SESSION_free(ss);
                        return (0);
@@ -358,7 +358,7 @@ ssl_get_new_session(SSL *s, int session)
                /* Finally, check for a conflict. */
                if (SSL_has_matching_session_id(s, ss->session_id,
                        ss->session_id_length)) {
-                        SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                        SSLerror(
                        SSL_R_SSL_SESSION_ID_CONFLICT);
                        SSL_SESSION_free(ss);
                        return (0);
@@ -368,7 +368,7 @@ sess_id_done:
                if (s->tlsext_hostname) {
                        ss->tlsext_hostname = strdup(s->tlsext_hostname);
                        if (ss->tlsext_hostname == NULL) {
-                                SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                                SSLerror(
                                    ERR_R_INTERNAL_ERROR);
                                SSL_SESSION_free(ss);
                                return 0;
@@ -379,7 +379,7 @@ sess_id_done:
        }
        if (s->sid_ctx_length > sizeof ss->sid_ctx) {
-                SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
+                SSLerror(ERR_R_INTERNAL_ERROR);
                SSL_SESSION_free(ss);
                return 0;
        }
@@ -528,7 +528,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
                 * applications to effectively disable the session cache by
                 * accident without anyone noticing).
                 */
-                SSLerr(SSL_F_SSL_GET_PREV_SESSION,
+                SSLerror(
                    SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
                fatal = 1;
                goto err;
@@ -729,7 +729,7 @@ SSL_set_session(SSL *s, SSL_SESSION *session)
                if (meth == NULL)
                        meth = s->method->internal->get_ssl_method(session->ssl_version);
                if (meth == NULL) {
-                        SSLerr(SSL_F_SSL_SET_SESSION,
+                        SSLerror(
                            SSL_R_UNABLE_TO_FIND_SSL_METHOD);
                        return (0);
                }
@@ -810,7 +810,7 @@ SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
    unsigned int sid_ctx_len)
 {
        if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
-                SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
+                SSLerror(
                    SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
                return 0;
        }
@@ -872,7 +872,7 @@ SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
                s->internal->tlsext_session_ticket =
                    malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
                if (!s->internal->tlsext_session_ticket) {
-                        SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT,
+                        SSLerror(
                            ERR_R_MALLOC_FAILURE);
                        return 0;
                }
@@ -1080,12 +1080,12 @@ int
 SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
 {
        if (!ENGINE_init(e)) {
-                SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
+                SSLerror(
                    ERR_R_ENGINE_LIB);
                return 0;
        }
        if (!ENGINE_get_ssl_client_cert_function(e)) {
-                SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
+                SSLerror(
                    SSL_R_NO_CLIENT_CERT_METHOD);
                ENGINE_finish(e);
                return 0;
author	beck <>	2017-01-26 10:40:21 +0000
committer	beck <>	2017-01-26 10:40:21 +0000
commit	59161dbdf4da5b82b27402f93d7007a11b2d1cc1 (patch)
tree	e105a2b33d3aefb54727a955e9c746cc8edb0e50 /src/lib/libssl/ssl_sess.c
parent	a2e1efdba084d65702b419bc510c30a144eb5d7f (diff)
download	openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.tar.gz openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.tar.bz2 openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.zip

diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 8c802b170e..5cd531ef59 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sess.c,v 1.67 2017/01/24 09:03:21 jsing Exp $ */	1	/* $OpenBSD: ssl_sess.c,v 1.68 2017/01/26 10:40:21 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -200,12 +200,12 @@ SSL_SESSION_new(void)
200	SSL_SESSION *ss;	200	SSL_SESSION *ss;
201		201
202	if ((ss = calloc(1, sizeof(*ss))) == NULL) {	202	if ((ss = calloc(1, sizeof(*ss))) == NULL) {
203	SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);	203	SSLerror(ERR_R_MALLOC_FAILURE);
204	return (NULL);	204	return (NULL);
205	}	205	}
206	if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {	206	if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {
207	free(ss);	207	free(ss);
208	SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);	208	SSLerror(ERR_R_MALLOC_FAILURE);
209	return (NULL);	209	return (NULL);
210	}	210	}
211		211
@@ -312,7 +312,7 @@ ssl_get_new_session(SSL *s, int session)
312	ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;	312	ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
313	break;	313	break;
314	default:	314	default:
315	SSLerr(SSL_F_SSL_GET_NEW_SESSION,	315	SSLerror(
316	SSL_R_UNSUPPORTED_SSL_VERSION);	316	SSL_R_UNSUPPORTED_SSL_VERSION);
317	SSL_SESSION_free(ss);	317	SSL_SESSION_free(ss);
318	return (0);	318	return (0);
@@ -336,7 +336,7 @@ ssl_get_new_session(SSL *s, int session)
336	tmp = ss->session_id_length;	336	tmp = ss->session_id_length;
337	if (!cb(s, ss->session_id, &tmp)) {	337	if (!cb(s, ss->session_id, &tmp)) {
338	/* The callback failed */	338	/* The callback failed */
339	SSLerr(SSL_F_SSL_GET_NEW_SESSION,	339	SSLerror(
340	SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);	340	SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
341	SSL_SESSION_free(ss);	341	SSL_SESSION_free(ss);
342	return (0);	342	return (0);
@@ -348,7 +348,7 @@ ssl_get_new_session(SSL *s, int session)
348	*/	348	*/
349	if (!tmp \|\| (tmp > ss->session_id_length)) {	349	if (!tmp \|\| (tmp > ss->session_id_length)) {
350	/* The callback set an illegal length */	350	/* The callback set an illegal length */
351	SSLerr(SSL_F_SSL_GET_NEW_SESSION,	351	SSLerror(
352	SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);	352	SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
353	SSL_SESSION_free(ss);	353	SSL_SESSION_free(ss);
354	return (0);	354	return (0);
@@ -358,7 +358,7 @@ ssl_get_new_session(SSL *s, int session)
358	/* Finally, check for a conflict. */	358	/* Finally, check for a conflict. */
359	if (SSL_has_matching_session_id(s, ss->session_id,	359	if (SSL_has_matching_session_id(s, ss->session_id,
360	ss->session_id_length)) {	360	ss->session_id_length)) {
361	SSLerr(SSL_F_SSL_GET_NEW_SESSION,	361	SSLerror(
362	SSL_R_SSL_SESSION_ID_CONFLICT);	362	SSL_R_SSL_SESSION_ID_CONFLICT);
363	SSL_SESSION_free(ss);	363	SSL_SESSION_free(ss);
364	return (0);	364	return (0);
@@ -368,7 +368,7 @@ sess_id_done:
368	if (s->tlsext_hostname) {	368	if (s->tlsext_hostname) {
369	ss->tlsext_hostname = strdup(s->tlsext_hostname);	369	ss->tlsext_hostname = strdup(s->tlsext_hostname);
370	if (ss->tlsext_hostname == NULL) {	370	if (ss->tlsext_hostname == NULL) {
371	SSLerr(SSL_F_SSL_GET_NEW_SESSION,	371	SSLerror(
372	ERR_R_INTERNAL_ERROR);	372	ERR_R_INTERNAL_ERROR);
373	SSL_SESSION_free(ss);	373	SSL_SESSION_free(ss);
374	return 0;	374	return 0;
@@ -379,7 +379,7 @@ sess_id_done:
379	}	379	}
380		380
381	if (s->sid_ctx_length > sizeof ss->sid_ctx) {	381	if (s->sid_ctx_length > sizeof ss->sid_ctx) {
382	SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);	382	SSLerror(ERR_R_INTERNAL_ERROR);
383	SSL_SESSION_free(ss);	383	SSL_SESSION_free(ss);
384	return 0;	384	return 0;
385	}	385	}
@@ -528,7 +528,7 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
528	* applications to effectively disable the session cache by	528	* applications to effectively disable the session cache by
529	* accident without anyone noticing).	529	* accident without anyone noticing).
530	*/	530	*/
531	SSLerr(SSL_F_SSL_GET_PREV_SESSION,	531	SSLerror(
532	SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);	532	SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
533	fatal = 1;	533	fatal = 1;
534	goto err;	534	goto err;
@@ -729,7 +729,7 @@ SSL_set_session(SSL s, SSL_SESSION session)
729	if (meth == NULL)	729	if (meth == NULL)
730	meth = s->method->internal->get_ssl_method(session->ssl_version);	730	meth = s->method->internal->get_ssl_method(session->ssl_version);
731	if (meth == NULL) {	731	if (meth == NULL) {
732	SSLerr(SSL_F_SSL_SET_SESSION,	732	SSLerror(
733	SSL_R_UNABLE_TO_FIND_SSL_METHOD);	733	SSL_R_UNABLE_TO_FIND_SSL_METHOD);
734	return (0);	734	return (0);
735	}	735	}
@@ -810,7 +810,7 @@ SSL_SESSION_set1_id_context(SSL_SESSION s, const unsigned char sid_ctx,
810	unsigned int sid_ctx_len)	810	unsigned int sid_ctx_len)
811	{	811	{
812	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {	812	if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
813	SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,	813	SSLerror(
814	SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);	814	SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
815	return 0;	815	return 0;
816	}	816	}
@@ -872,7 +872,7 @@ SSL_set_session_ticket_ext(SSL s, void ext_data, int ext_len)
872	s->internal->tlsext_session_ticket =	872	s->internal->tlsext_session_ticket =
873	malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);	873	malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
874	if (!s->internal->tlsext_session_ticket) {	874	if (!s->internal->tlsext_session_ticket) {
875	SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT,	875	SSLerror(
876	ERR_R_MALLOC_FAILURE);	876	ERR_R_MALLOC_FAILURE);
877	return 0;	877	return 0;
878	}	878	}
@@ -1080,12 +1080,12 @@ int
1080	SSL_CTX_set_client_cert_engine(SSL_CTX ctx, ENGINE e)	1080	SSL_CTX_set_client_cert_engine(SSL_CTX ctx, ENGINE e)
1081	{	1081	{
1082	if (!ENGINE_init(e)) {	1082	if (!ENGINE_init(e)) {
1083	SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,	1083	SSLerror(
1084	ERR_R_ENGINE_LIB);	1084	ERR_R_ENGINE_LIB);
1085	return 0;	1085	return 0;
1086	}	1086	}
1087	if (!ENGINE_get_ssl_client_cert_function(e)) {	1087	if (!ENGINE_get_ssl_client_cert_function(e)) {
1088	SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,	1088	SSLerror(
1089	SSL_R_NO_CLIENT_CERT_METHOD);	1089	SSL_R_NO_CLIENT_CERT_METHOD);
1090	ENGINE_finish(e);	1090	ENGINE_finish(e);
1091	return 0;	1091	return 0;