diff options
| author | beck <> | 2017-01-26 10:40:21 +0000 |
|---|---|---|
| committer | beck <> | 2017-01-26 10:40:21 +0000 |
| commit | 59161dbdf4da5b82b27402f93d7007a11b2d1cc1 (patch) | |
| tree | e105a2b33d3aefb54727a955e9c746cc8edb0e50 /src/lib/libssl/ssl_srvr.c | |
| parent | a2e1efdba084d65702b419bc510c30a144eb5d7f (diff) | |
| download | openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.tar.gz openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.tar.bz2 openbsd-59161dbdf4da5b82b27402f93d7007a11b2d1cc1.zip | |
Send the error function codes to rot in the depths of hell where they belong
We leave a single funciton code (0xFFF) to say "SSL_internal" so the public
API will not break, and we replace all internal use of the two argument
SSL_err() with the internal only SSL_error() that only takes a reason code.
ok jsing@
Diffstat (limited to 'src/lib/libssl/ssl_srvr.c')
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 220 |
1 files changed, 106 insertions, 114 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index a716947ab9..46ca4d6c9c 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.2 2017/01/26 06:32:58 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.3 2017/01/26 10:40:21 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -189,7 +189,7 @@ ssl3_accept(SSL *s) | |||
| 189 | SSL_clear(s); | 189 | SSL_clear(s); |
| 190 | 190 | ||
| 191 | if (s->cert == NULL) { | 191 | if (s->cert == NULL) { |
| 192 | SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_NO_CERTIFICATE_SET); | 192 | SSLerror(SSL_R_NO_CERTIFICATE_SET); |
| 193 | ret = -1; | 193 | ret = -1; |
| 194 | goto end; | 194 | goto end; |
| 195 | } | 195 | } |
| @@ -212,7 +212,7 @@ ssl3_accept(SSL *s) | |||
| 212 | cb(s, SSL_CB_HANDSHAKE_START, 1); | 212 | cb(s, SSL_CB_HANDSHAKE_START, 1); |
| 213 | 213 | ||
| 214 | if ((s->version >> 8) != 3) { | 214 | if ((s->version >> 8) != 3) { |
| 215 | SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR); | 215 | SSLerror(ERR_R_INTERNAL_ERROR); |
| 216 | ret = -1; | 216 | ret = -1; |
| 217 | goto end; | 217 | goto end; |
| 218 | } | 218 | } |
| @@ -253,7 +253,7 @@ ssl3_accept(SSL *s) | |||
| 253 | * client that doesn't support secure | 253 | * client that doesn't support secure |
| 254 | * renegotiation. | 254 | * renegotiation. |
| 255 | */ | 255 | */ |
| 256 | SSLerr(SSL_F_SSL3_ACCEPT, | 256 | SSLerror( |
| 257 | SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); | 257 | SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); |
| 258 | ssl3_send_alert(s, SSL3_AL_FATAL, | 258 | ssl3_send_alert(s, SSL3_AL_FATAL, |
| 259 | SSL_AD_HANDSHAKE_FAILURE); | 259 | SSL_AD_HANDSHAKE_FAILURE); |
| @@ -484,7 +484,7 @@ ssl3_accept(SSL *s) | |||
| 484 | * at this point and digest cached records. | 484 | * at this point and digest cached records. |
| 485 | */ | 485 | */ |
| 486 | if (!S3I(s)->handshake_buffer) { | 486 | if (!S3I(s)->handshake_buffer) { |
| 487 | SSLerr(SSL_F_SSL3_ACCEPT, | 487 | SSLerror( |
| 488 | ERR_R_INTERNAL_ERROR); | 488 | ERR_R_INTERNAL_ERROR); |
| 489 | ret = -1; | 489 | ret = -1; |
| 490 | goto end; | 490 | goto end; |
| @@ -673,7 +673,7 @@ ssl3_accept(SSL *s) | |||
| 673 | /* break; */ | 673 | /* break; */ |
| 674 | 674 | ||
| 675 | default: | 675 | default: |
| 676 | SSLerr(SSL_F_SSL3_ACCEPT, | 676 | SSLerror( |
| 677 | SSL_R_UNKNOWN_STATE); | 677 | SSL_R_UNKNOWN_STATE); |
| 678 | ret = -1; | 678 | ret = -1; |
| 679 | goto end; | 679 | goto end; |
| @@ -765,7 +765,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 765 | p += 2; | 765 | p += 2; |
| 766 | 766 | ||
| 767 | if (ssl_max_shared_version(s, s->client_version, &shared_version) != 1) { | 767 | if (ssl_max_shared_version(s, s->client_version, &shared_version) != 1) { |
| 768 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER); | 768 | SSLerror(SSL_R_WRONG_VERSION_NUMBER); |
| 769 | if ((s->client_version >> 8) == SSL3_VERSION_MAJOR && | 769 | if ((s->client_version >> 8) == SSL3_VERSION_MAJOR && |
| 770 | !s->internal->enc_write_ctx && !s->internal->write_hash) { | 770 | !s->internal->enc_write_ctx && !s->internal->write_hash) { |
| 771 | /* | 771 | /* |
| @@ -782,7 +782,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 782 | if ((method = tls1_get_server_method(shared_version)) == NULL) | 782 | if ((method = tls1_get_server_method(shared_version)) == NULL) |
| 783 | method = dtls1_get_server_method(shared_version); | 783 | method = dtls1_get_server_method(shared_version); |
| 784 | if (method == NULL) { | 784 | if (method == NULL) { |
| 785 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); | 785 | SSLerror(ERR_R_INTERNAL_ERROR); |
| 786 | goto err; | 786 | goto err; |
| 787 | } | 787 | } |
| 788 | s->method = method; | 788 | s->method = method; |
| @@ -868,7 +868,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 868 | if (cookie_len > sizeof(D1I(s)->rcvd_cookie)) { | 868 | if (cookie_len > sizeof(D1I(s)->rcvd_cookie)) { |
| 869 | /* too much data */ | 869 | /* too much data */ |
| 870 | al = SSL_AD_DECODE_ERROR; | 870 | al = SSL_AD_DECODE_ERROR; |
| 871 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 871 | SSLerror( |
| 872 | SSL_R_COOKIE_MISMATCH); | 872 | SSL_R_COOKIE_MISMATCH); |
| 873 | goto f_err; | 873 | goto f_err; |
| 874 | } | 874 | } |
| @@ -885,7 +885,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 885 | if (s->ctx->internal->app_verify_cookie_cb(s, | 885 | if (s->ctx->internal->app_verify_cookie_cb(s, |
| 886 | D1I(s)->rcvd_cookie, cookie_len) == 0) { | 886 | D1I(s)->rcvd_cookie, cookie_len) == 0) { |
| 887 | al = SSL_AD_HANDSHAKE_FAILURE; | 887 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 888 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 888 | SSLerror( |
| 889 | SSL_R_COOKIE_MISMATCH); | 889 | SSL_R_COOKIE_MISMATCH); |
| 890 | goto f_err; | 890 | goto f_err; |
| 891 | } | 891 | } |
| @@ -894,7 +894,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 894 | D1I(s)->cookie_len) != 0) { | 894 | D1I(s)->cookie_len) != 0) { |
| 895 | /* default verification */ | 895 | /* default verification */ |
| 896 | al = SSL_AD_HANDSHAKE_FAILURE; | 896 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 897 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 897 | SSLerror( |
| 898 | SSL_R_COOKIE_MISMATCH); | 898 | SSL_R_COOKIE_MISMATCH); |
| 899 | goto f_err; | 899 | goto f_err; |
| 900 | } | 900 | } |
| @@ -911,7 +911,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 911 | if ((i == 0) && (j != 0)) { | 911 | if ((i == 0) && (j != 0)) { |
| 912 | /* we need a cipher if we are not resuming a session */ | 912 | /* we need a cipher if we are not resuming a session */ |
| 913 | al = SSL_AD_ILLEGAL_PARAMETER; | 913 | al = SSL_AD_ILLEGAL_PARAMETER; |
| 914 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 914 | SSLerror( |
| 915 | SSL_R_NO_CIPHERS_SPECIFIED); | 915 | SSL_R_NO_CIPHERS_SPECIFIED); |
| 916 | goto f_err; | 916 | goto f_err; |
| 917 | } | 917 | } |
| @@ -941,7 +941,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 941 | * list if we are asked to reuse it | 941 | * list if we are asked to reuse it |
| 942 | */ | 942 | */ |
| 943 | al = SSL_AD_ILLEGAL_PARAMETER; | 943 | al = SSL_AD_ILLEGAL_PARAMETER; |
| 944 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 944 | SSLerror( |
| 945 | SSL_R_REQUIRED_CIPHER_MISSING); | 945 | SSL_R_REQUIRED_CIPHER_MISSING); |
| 946 | goto f_err; | 946 | goto f_err; |
| 947 | } | 947 | } |
| @@ -962,7 +962,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 962 | if (j >= i) { | 962 | if (j >= i) { |
| 963 | /* no compress */ | 963 | /* no compress */ |
| 964 | al = SSL_AD_DECODE_ERROR; | 964 | al = SSL_AD_DECODE_ERROR; |
| 965 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 965 | SSLerror( |
| 966 | SSL_R_NO_COMPRESSION_SPECIFIED); | 966 | SSL_R_NO_COMPRESSION_SPECIFIED); |
| 967 | goto f_err; | 967 | goto f_err; |
| 968 | } | 968 | } |
| @@ -970,11 +970,11 @@ ssl3_get_client_hello(SSL *s) | |||
| 970 | /* TLS extensions*/ | 970 | /* TLS extensions*/ |
| 971 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { | 971 | if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { |
| 972 | /* 'al' set by ssl_parse_clienthello_tlsext */ | 972 | /* 'al' set by ssl_parse_clienthello_tlsext */ |
| 973 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT); | 973 | SSLerror(SSL_R_PARSE_TLSEXT); |
| 974 | goto f_err; | 974 | goto f_err; |
| 975 | } | 975 | } |
| 976 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { | 976 | if (ssl_check_clienthello_tlsext_early(s) <= 0) { |
| 977 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 977 | SSLerror( |
| 978 | SSL_R_CLIENTHELLO_TLSEXT); | 978 | SSL_R_CLIENTHELLO_TLSEXT); |
| 979 | goto err; | 979 | goto err; |
| 980 | } | 980 | } |
| @@ -1006,7 +1006,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 1006 | SSL_get_ciphers(s)); | 1006 | SSL_get_ciphers(s)); |
| 1007 | if (pref_cipher == NULL) { | 1007 | if (pref_cipher == NULL) { |
| 1008 | al = SSL_AD_HANDSHAKE_FAILURE; | 1008 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1009 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 1009 | SSLerror( |
| 1010 | SSL_R_NO_SHARED_CIPHER); | 1010 | SSL_R_NO_SHARED_CIPHER); |
| 1011 | goto f_err; | 1011 | goto f_err; |
| 1012 | } | 1012 | } |
| @@ -1032,7 +1032,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 1032 | s->session->ciphers = ciphers; | 1032 | s->session->ciphers = ciphers; |
| 1033 | if (ciphers == NULL) { | 1033 | if (ciphers == NULL) { |
| 1034 | al = SSL_AD_ILLEGAL_PARAMETER; | 1034 | al = SSL_AD_ILLEGAL_PARAMETER; |
| 1035 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 1035 | SSLerror( |
| 1036 | SSL_R_NO_CIPHERS_PASSED); | 1036 | SSL_R_NO_CIPHERS_PASSED); |
| 1037 | goto f_err; | 1037 | goto f_err; |
| 1038 | } | 1038 | } |
| @@ -1042,7 +1042,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 1042 | 1042 | ||
| 1043 | if (c == NULL) { | 1043 | if (c == NULL) { |
| 1044 | al = SSL_AD_HANDSHAKE_FAILURE; | 1044 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1045 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 1045 | SSLerror( |
| 1046 | SSL_R_NO_SHARED_CIPHER); | 1046 | SSL_R_NO_SHARED_CIPHER); |
| 1047 | goto f_err; | 1047 | goto f_err; |
| 1048 | } | 1048 | } |
| @@ -1074,7 +1074,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 1074 | 1074 | ||
| 1075 | /* Handles TLS extensions that we couldn't check earlier */ | 1075 | /* Handles TLS extensions that we couldn't check earlier */ |
| 1076 | if (ssl_check_clienthello_tlsext_late(s) <= 0) { | 1076 | if (ssl_check_clienthello_tlsext_late(s) <= 0) { |
| 1077 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); | 1077 | SSLerror(SSL_R_CLIENTHELLO_TLSEXT); |
| 1078 | goto err; | 1078 | goto err; |
| 1079 | } | 1079 | } |
| 1080 | 1080 | ||
| @@ -1083,7 +1083,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 1083 | if (0) { | 1083 | if (0) { |
| 1084 | truncated: | 1084 | truncated: |
| 1085 | al = SSL_AD_DECODE_ERROR; | 1085 | al = SSL_AD_DECODE_ERROR; |
| 1086 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_BAD_PACKET_LENGTH); | 1086 | SSLerror(SSL_R_BAD_PACKET_LENGTH); |
| 1087 | f_err: | 1087 | f_err: |
| 1088 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 1088 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 1089 | } | 1089 | } |
| @@ -1142,7 +1142,7 @@ ssl3_send_server_hello(SSL *s) | |||
| 1142 | 1142 | ||
| 1143 | sl = s->session->session_id_length; | 1143 | sl = s->session->session_id_length; |
| 1144 | if (sl > (int)sizeof(s->session->session_id)) { | 1144 | if (sl > (int)sizeof(s->session->session_id)) { |
| 1145 | SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, | 1145 | SSLerror( |
| 1146 | ERR_R_INTERNAL_ERROR); | 1146 | ERR_R_INTERNAL_ERROR); |
| 1147 | goto err; | 1147 | goto err; |
| 1148 | } | 1148 | } |
| @@ -1166,7 +1166,7 @@ ssl3_send_server_hello(SSL *s) | |||
| 1166 | 1166 | ||
| 1167 | if ((p = ssl_add_serverhello_tlsext(s, p + outlen, | 1167 | if ((p = ssl_add_serverhello_tlsext(s, p + outlen, |
| 1168 | bufend)) == NULL) { | 1168 | bufend)) == NULL) { |
| 1169 | SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, | 1169 | SSLerror( |
| 1170 | ERR_R_INTERNAL_ERROR); | 1170 | ERR_R_INTERNAL_ERROR); |
| 1171 | goto err; | 1171 | goto err; |
| 1172 | } | 1172 | } |
| @@ -1208,7 +1208,7 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb) | |||
| 1208 | if (s->cert->dh_tmp_auto != 0) { | 1208 | if (s->cert->dh_tmp_auto != 0) { |
| 1209 | if ((dhp = ssl_get_auto_dh(s)) == NULL) { | 1209 | if ((dhp = ssl_get_auto_dh(s)) == NULL) { |
| 1210 | al = SSL_AD_INTERNAL_ERROR; | 1210 | al = SSL_AD_INTERNAL_ERROR; |
| 1211 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1211 | SSLerror( |
| 1212 | ERR_R_INTERNAL_ERROR); | 1212 | ERR_R_INTERNAL_ERROR); |
| 1213 | goto f_err; | 1213 | goto f_err; |
| 1214 | } | 1214 | } |
| @@ -1221,13 +1221,13 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb) | |||
| 1221 | 1221 | ||
| 1222 | if (dhp == NULL) { | 1222 | if (dhp == NULL) { |
| 1223 | al = SSL_AD_HANDSHAKE_FAILURE; | 1223 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1224 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1224 | SSLerror( |
| 1225 | SSL_R_MISSING_TMP_DH_KEY); | 1225 | SSL_R_MISSING_TMP_DH_KEY); |
| 1226 | goto f_err; | 1226 | goto f_err; |
| 1227 | } | 1227 | } |
| 1228 | 1228 | ||
| 1229 | if (S3I(s)->tmp.dh != NULL) { | 1229 | if (S3I(s)->tmp.dh != NULL) { |
| 1230 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1230 | SSLerror( |
| 1231 | ERR_R_INTERNAL_ERROR); | 1231 | ERR_R_INTERNAL_ERROR); |
| 1232 | goto err; | 1232 | goto err; |
| 1233 | } | 1233 | } |
| @@ -1235,12 +1235,12 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb) | |||
| 1235 | if (s->cert->dh_tmp_auto != 0) { | 1235 | if (s->cert->dh_tmp_auto != 0) { |
| 1236 | dh = dhp; | 1236 | dh = dhp; |
| 1237 | } else if ((dh = DHparams_dup(dhp)) == NULL) { | 1237 | } else if ((dh = DHparams_dup(dhp)) == NULL) { |
| 1238 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); | 1238 | SSLerror(ERR_R_DH_LIB); |
| 1239 | goto err; | 1239 | goto err; |
| 1240 | } | 1240 | } |
| 1241 | S3I(s)->tmp.dh = dh; | 1241 | S3I(s)->tmp.dh = dh; |
| 1242 | if (!DH_generate_key(dh)) { | 1242 | if (!DH_generate_key(dh)) { |
| 1243 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); | 1243 | SSLerror(ERR_R_DH_LIB); |
| 1244 | goto err; | 1244 | goto err; |
| 1245 | } | 1245 | } |
| 1246 | 1246 | ||
| @@ -1299,13 +1299,13 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb) | |||
| 1299 | } | 1299 | } |
| 1300 | if (ecdhp == NULL) { | 1300 | if (ecdhp == NULL) { |
| 1301 | al = SSL_AD_HANDSHAKE_FAILURE; | 1301 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1302 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1302 | SSLerror( |
| 1303 | SSL_R_MISSING_TMP_ECDH_KEY); | 1303 | SSL_R_MISSING_TMP_ECDH_KEY); |
| 1304 | goto f_err; | 1304 | goto f_err; |
| 1305 | } | 1305 | } |
| 1306 | 1306 | ||
| 1307 | if (S3I(s)->tmp.ecdh != NULL) { | 1307 | if (S3I(s)->tmp.ecdh != NULL) { |
| 1308 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1308 | SSLerror( |
| 1309 | ERR_R_INTERNAL_ERROR); | 1309 | ERR_R_INTERNAL_ERROR); |
| 1310 | goto err; | 1310 | goto err; |
| 1311 | } | 1311 | } |
| @@ -1314,7 +1314,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb) | |||
| 1314 | if (s->cert->ecdh_tmp_auto != 0) { | 1314 | if (s->cert->ecdh_tmp_auto != 0) { |
| 1315 | ecdh = ecdhp; | 1315 | ecdh = ecdhp; |
| 1316 | } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) { | 1316 | } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) { |
| 1317 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1317 | SSLerror( |
| 1318 | ERR_R_ECDH_LIB); | 1318 | ERR_R_ECDH_LIB); |
| 1319 | goto err; | 1319 | goto err; |
| 1320 | } | 1320 | } |
| @@ -1324,7 +1324,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb) | |||
| 1324 | (EC_KEY_get0_private_key(ecdh) == NULL) || | 1324 | (EC_KEY_get0_private_key(ecdh) == NULL) || |
| 1325 | (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) { | 1325 | (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) { |
| 1326 | if (!EC_KEY_generate_key(ecdh)) { | 1326 | if (!EC_KEY_generate_key(ecdh)) { |
| 1327 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1327 | SSLerror( |
| 1328 | ERR_R_ECDH_LIB); | 1328 | ERR_R_ECDH_LIB); |
| 1329 | goto err; | 1329 | goto err; |
| 1330 | } | 1330 | } |
| @@ -1333,7 +1333,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb) | |||
| 1333 | if (((group = EC_KEY_get0_group(ecdh)) == NULL) || | 1333 | if (((group = EC_KEY_get0_group(ecdh)) == NULL) || |
| 1334 | (EC_KEY_get0_public_key(ecdh) == NULL) || | 1334 | (EC_KEY_get0_public_key(ecdh) == NULL) || |
| 1335 | (EC_KEY_get0_private_key(ecdh) == NULL)) { | 1335 | (EC_KEY_get0_private_key(ecdh) == NULL)) { |
| 1336 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1336 | SSLerror( |
| 1337 | ERR_R_ECDH_LIB); | 1337 | ERR_R_ECDH_LIB); |
| 1338 | goto err; | 1338 | goto err; |
| 1339 | } | 1339 | } |
| @@ -1344,7 +1344,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb) | |||
| 1344 | */ | 1344 | */ |
| 1345 | if ((curve_id = tls1_ec_nid2curve_id( | 1345 | if ((curve_id = tls1_ec_nid2curve_id( |
| 1346 | EC_GROUP_get_curve_name(group))) == 0) { | 1346 | EC_GROUP_get_curve_name(group))) == 0) { |
| 1347 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1347 | SSLerror( |
| 1348 | SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); | 1348 | SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); |
| 1349 | goto err; | 1349 | goto err; |
| 1350 | } | 1350 | } |
| @@ -1360,7 +1360,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb) | |||
| 1360 | 1360 | ||
| 1361 | bn_ctx = BN_CTX_new(); | 1361 | bn_ctx = BN_CTX_new(); |
| 1362 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { | 1362 | if ((encodedPoint == NULL) || (bn_ctx == NULL)) { |
| 1363 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1363 | SSLerror( |
| 1364 | ERR_R_MALLOC_FAILURE); | 1364 | ERR_R_MALLOC_FAILURE); |
| 1365 | goto err; | 1365 | goto err; |
| 1366 | } | 1366 | } |
| @@ -1369,7 +1369,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb) | |||
| 1369 | POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx); | 1369 | POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx); |
| 1370 | 1370 | ||
| 1371 | if (encodedlen == 0) { | 1371 | if (encodedlen == 0) { |
| 1372 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB); | 1372 | SSLerror(ERR_R_ECDH_LIB); |
| 1373 | goto err; | 1373 | goto err; |
| 1374 | } | 1374 | } |
| 1375 | 1375 | ||
| @@ -1421,7 +1421,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb) | |||
| 1421 | 1421 | ||
| 1422 | /* Generate an X25519 key pair. */ | 1422 | /* Generate an X25519 key pair. */ |
| 1423 | if (S3I(s)->tmp.x25519 != NULL) { | 1423 | if (S3I(s)->tmp.x25519 != NULL) { |
| 1424 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1424 | SSLerror( |
| 1425 | ERR_R_INTERNAL_ERROR); | 1425 | ERR_R_INTERNAL_ERROR); |
| 1426 | goto err; | 1426 | goto err; |
| 1427 | } | 1427 | } |
| @@ -1433,7 +1433,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb) | |||
| 1433 | 1433 | ||
| 1434 | /* Serialize public key. */ | 1434 | /* Serialize public key. */ |
| 1435 | if ((curve_id = tls1_ec_nid2curve_id(nid)) == 0) { | 1435 | if ((curve_id = tls1_ec_nid2curve_id(nid)) == 0) { |
| 1436 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1436 | SSLerror( |
| 1437 | SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); | 1437 | SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); |
| 1438 | goto err; | 1438 | goto err; |
| 1439 | } | 1439 | } |
| @@ -1509,7 +1509,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1509 | goto err; | 1509 | goto err; |
| 1510 | } else { | 1510 | } else { |
| 1511 | al = SSL_AD_HANDSHAKE_FAILURE; | 1511 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1512 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1512 | SSLerror( |
| 1513 | SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); | 1513 | SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); |
| 1514 | goto f_err; | 1514 | goto f_err; |
| 1515 | } | 1515 | } |
| @@ -1531,7 +1531,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1531 | 1531 | ||
| 1532 | if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) + | 1532 | if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) + |
| 1533 | params_len + kn)) { | 1533 | params_len + kn)) { |
| 1534 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1534 | SSLerror( |
| 1535 | ERR_LIB_BUF); | 1535 | ERR_LIB_BUF); |
| 1536 | goto err; | 1536 | goto err; |
| 1537 | } | 1537 | } |
| @@ -1575,9 +1575,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1575 | } | 1575 | } |
| 1576 | if (RSA_sign(NID_md5_sha1, md_buf, j, | 1576 | if (RSA_sign(NID_md5_sha1, md_buf, j, |
| 1577 | &(p[2]), &u, pkey->pkey.rsa) <= 0) { | 1577 | &(p[2]), &u, pkey->pkey.rsa) <= 0) { |
| 1578 | SSLerr( | 1578 | SSLerror(ERR_R_RSA_LIB); |
| 1579 | SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | ||
| 1580 | ERR_LIB_RSA); | ||
| 1581 | goto err; | 1579 | goto err; |
| 1582 | } | 1580 | } |
| 1583 | s2n(u, p); | 1581 | s2n(u, p); |
| @@ -1588,9 +1586,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1588 | if (!tls12_get_sigandhash(p, pkey, md)) { | 1586 | if (!tls12_get_sigandhash(p, pkey, md)) { |
| 1589 | /* Should never happen */ | 1587 | /* Should never happen */ |
| 1590 | al = SSL_AD_INTERNAL_ERROR; | 1588 | al = SSL_AD_INTERNAL_ERROR; |
| 1591 | SSLerr( | 1589 | SSLerror(ERR_R_INTERNAL_ERROR); |
| 1592 | SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | ||
| 1593 | ERR_R_INTERNAL_ERROR); | ||
| 1594 | goto f_err; | 1590 | goto f_err; |
| 1595 | } | 1591 | } |
| 1596 | p += 2; | 1592 | p += 2; |
| @@ -1605,9 +1601,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1605 | EVP_SignUpdate(&md_ctx, d, n); | 1601 | EVP_SignUpdate(&md_ctx, d, n); |
| 1606 | if (!EVP_SignFinal(&md_ctx, &p[2], | 1602 | if (!EVP_SignFinal(&md_ctx, &p[2], |
| 1607 | (unsigned int *)&i, pkey)) { | 1603 | (unsigned int *)&i, pkey)) { |
| 1608 | SSLerr( | 1604 | SSLerror(ERR_R_EVP_LIB); |
| 1609 | SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | ||
| 1610 | ERR_LIB_EVP); | ||
| 1611 | goto err; | 1605 | goto err; |
| 1612 | } | 1606 | } |
| 1613 | s2n(i, p); | 1607 | s2n(i, p); |
| @@ -1617,7 +1611,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1617 | } else { | 1611 | } else { |
| 1618 | /* Is this error check actually needed? */ | 1612 | /* Is this error check actually needed? */ |
| 1619 | al = SSL_AD_HANDSHAKE_FAILURE; | 1613 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1620 | SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, | 1614 | SSLerror( |
| 1621 | SSL_R_UNKNOWN_PKEY_TYPE); | 1615 | SSL_R_UNKNOWN_PKEY_TYPE); |
| 1622 | goto f_err; | 1616 | goto f_err; |
| 1623 | } | 1617 | } |
| @@ -1684,9 +1678,7 @@ ssl3_send_certificate_request(SSL *s) | |||
| 1684 | if (!BUF_MEM_grow_clean(buf, | 1678 | if (!BUF_MEM_grow_clean(buf, |
| 1685 | ssl3_handshake_msg_hdr_len(s) + n + j | 1679 | ssl3_handshake_msg_hdr_len(s) + n + j |
| 1686 | + 2)) { | 1680 | + 2)) { |
| 1687 | SSLerr( | 1681 | SSLerror(ERR_R_BUF_LIB); |
| 1688 | SSL_F_SSL3_SEND_CERTIFICATE_REQUEST, | ||
| 1689 | ERR_R_BUF_LIB); | ||
| 1690 | goto err; | 1682 | goto err; |
| 1691 | } | 1683 | } |
| 1692 | p = ssl3_handshake_msg_start(s, | 1684 | p = ssl3_handshake_msg_start(s, |
| @@ -1732,7 +1724,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n) | |||
| 1732 | if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || | 1724 | if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || |
| 1733 | (pkey->pkey.rsa == NULL)) { | 1725 | (pkey->pkey.rsa == NULL)) { |
| 1734 | al = SSL_AD_HANDSHAKE_FAILURE; | 1726 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1735 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1727 | SSLerror( |
| 1736 | SSL_R_MISSING_RSA_CERTIFICATE); | 1728 | SSL_R_MISSING_RSA_CERTIFICATE); |
| 1737 | goto f_err; | 1729 | goto f_err; |
| 1738 | } | 1730 | } |
| @@ -1742,7 +1734,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n) | |||
| 1742 | goto truncated; | 1734 | goto truncated; |
| 1743 | n2s(p, i); | 1735 | n2s(p, i); |
| 1744 | if (n != i + 2) { | 1736 | if (n != i + 2) { |
| 1745 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1737 | SSLerror( |
| 1746 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); | 1738 | SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); |
| 1747 | goto err; | 1739 | goto err; |
| 1748 | } else | 1740 | } else |
| @@ -1756,7 +1748,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n) | |||
| 1756 | 1748 | ||
| 1757 | if (i != SSL_MAX_MASTER_KEY_LENGTH) { | 1749 | if (i != SSL_MAX_MASTER_KEY_LENGTH) { |
| 1758 | al = SSL_AD_DECODE_ERROR; | 1750 | al = SSL_AD_DECODE_ERROR; |
| 1759 | /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); */ | 1751 | /* SSLerror(SSL_R_BAD_RSA_DECRYPT); */ |
| 1760 | } | 1752 | } |
| 1761 | 1753 | ||
| 1762 | if (p - d + 2 > n) /* needed in the SSL3 case */ | 1754 | if (p - d + 2 > n) /* needed in the SSL3 case */ |
| @@ -1778,7 +1770,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n) | |||
| 1778 | (p[0] == (s->version >> 8)) && | 1770 | (p[0] == (s->version >> 8)) && |
| 1779 | (p[1] == (s->version & 0xff)))) { | 1771 | (p[1] == (s->version & 0xff)))) { |
| 1780 | al = SSL_AD_DECODE_ERROR; | 1772 | al = SSL_AD_DECODE_ERROR; |
| 1781 | /* SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */ | 1773 | /* SSLerror(SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */ |
| 1782 | 1774 | ||
| 1783 | /* | 1775 | /* |
| 1784 | * The Klima-Pokorny-Rosa extension of | 1776 | * The Klima-Pokorny-Rosa extension of |
| @@ -1816,7 +1808,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n) | |||
| 1816 | return (1); | 1808 | return (1); |
| 1817 | truncated: | 1809 | truncated: |
| 1818 | al = SSL_AD_DECODE_ERROR; | 1810 | al = SSL_AD_DECODE_ERROR; |
| 1819 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_BAD_PACKET_LENGTH); | 1811 | SSLerror(SSL_R_BAD_PACKET_LENGTH); |
| 1820 | f_err: | 1812 | f_err: |
| 1821 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 1813 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 1822 | err: | 1814 | err: |
| @@ -1844,21 +1836,21 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n) | |||
| 1844 | 1836 | ||
| 1845 | if (S3I(s)->tmp.dh == NULL) { | 1837 | if (S3I(s)->tmp.dh == NULL) { |
| 1846 | al = SSL_AD_HANDSHAKE_FAILURE; | 1838 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1847 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1839 | SSLerror( |
| 1848 | SSL_R_MISSING_TMP_DH_KEY); | 1840 | SSL_R_MISSING_TMP_DH_KEY); |
| 1849 | goto f_err; | 1841 | goto f_err; |
| 1850 | } | 1842 | } |
| 1851 | dh = S3I(s)->tmp.dh; | 1843 | dh = S3I(s)->tmp.dh; |
| 1852 | 1844 | ||
| 1853 | if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) { | 1845 | if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) { |
| 1854 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1846 | SSLerror( |
| 1855 | SSL_R_BN_LIB); | 1847 | SSL_R_BN_LIB); |
| 1856 | goto err; | 1848 | goto err; |
| 1857 | } | 1849 | } |
| 1858 | 1850 | ||
| 1859 | key_size = DH_compute_key(p, bn, dh); | 1851 | key_size = DH_compute_key(p, bn, dh); |
| 1860 | if (key_size <= 0) { | 1852 | if (key_size <= 0) { |
| 1861 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB); | 1853 | SSLerror(ERR_R_DH_LIB); |
| 1862 | BN_clear_free(bn); | 1854 | BN_clear_free(bn); |
| 1863 | goto err; | 1855 | goto err; |
| 1864 | } | 1856 | } |
| @@ -1878,7 +1870,7 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n) | |||
| 1878 | 1870 | ||
| 1879 | truncated: | 1871 | truncated: |
| 1880 | al = SSL_AD_DECODE_ERROR; | 1872 | al = SSL_AD_DECODE_ERROR; |
| 1881 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_BAD_PACKET_LENGTH); | 1873 | SSLerror(SSL_R_BAD_PACKET_LENGTH); |
| 1882 | f_err: | 1874 | f_err: |
| 1883 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 1875 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 1884 | err: | 1876 | err: |
| @@ -1902,7 +1894,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n) | |||
| 1902 | 1894 | ||
| 1903 | /* Initialize structures for server's ECDH key pair. */ | 1895 | /* Initialize structures for server's ECDH key pair. */ |
| 1904 | if ((srvr_ecdh = EC_KEY_new()) == NULL) { | 1896 | if ((srvr_ecdh = EC_KEY_new()) == NULL) { |
| 1905 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1897 | SSLerror( |
| 1906 | ERR_R_MALLOC_FAILURE); | 1898 | ERR_R_MALLOC_FAILURE); |
| 1907 | goto err; | 1899 | goto err; |
| 1908 | } | 1900 | } |
| @@ -1918,14 +1910,14 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n) | |||
| 1918 | 1910 | ||
| 1919 | if (!EC_KEY_set_group(srvr_ecdh, group) || | 1911 | if (!EC_KEY_set_group(srvr_ecdh, group) || |
| 1920 | !EC_KEY_set_private_key(srvr_ecdh, priv_key)) { | 1912 | !EC_KEY_set_private_key(srvr_ecdh, priv_key)) { |
| 1921 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1913 | SSLerror( |
| 1922 | ERR_R_EC_LIB); | 1914 | ERR_R_EC_LIB); |
| 1923 | goto err; | 1915 | goto err; |
| 1924 | } | 1916 | } |
| 1925 | 1917 | ||
| 1926 | /* Let's get client's public key */ | 1918 | /* Let's get client's public key */ |
| 1927 | if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) { | 1919 | if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) { |
| 1928 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1920 | SSLerror( |
| 1929 | ERR_R_MALLOC_FAILURE); | 1921 | ERR_R_MALLOC_FAILURE); |
| 1930 | goto err; | 1922 | goto err; |
| 1931 | } | 1923 | } |
| @@ -1948,7 +1940,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n) | |||
| 1948 | * group. | 1940 | * group. |
| 1949 | */ | 1941 | */ |
| 1950 | al = SSL_AD_HANDSHAKE_FAILURE; | 1942 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 1951 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1943 | SSLerror( |
| 1952 | SSL_R_UNABLE_TO_DECODE_ECDH_CERTS); | 1944 | SSL_R_UNABLE_TO_DECODE_ECDH_CERTS); |
| 1953 | goto f_err; | 1945 | goto f_err; |
| 1954 | } | 1946 | } |
| @@ -1956,7 +1948,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n) | |||
| 1956 | if (EC_POINT_copy(clnt_ecpoint, | 1948 | if (EC_POINT_copy(clnt_ecpoint, |
| 1957 | EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec)) | 1949 | EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec)) |
| 1958 | == 0) { | 1950 | == 0) { |
| 1959 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1951 | SSLerror( |
| 1960 | ERR_R_EC_LIB); | 1952 | ERR_R_EC_LIB); |
| 1961 | goto err; | 1953 | goto err; |
| 1962 | } | 1954 | } |
| @@ -1967,7 +1959,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n) | |||
| 1967 | * in the ClientKeyExchange message. | 1959 | * in the ClientKeyExchange message. |
| 1968 | */ | 1960 | */ |
| 1969 | if ((bn_ctx = BN_CTX_new()) == NULL) { | 1961 | if ((bn_ctx = BN_CTX_new()) == NULL) { |
| 1970 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1962 | SSLerror( |
| 1971 | ERR_R_MALLOC_FAILURE); | 1963 | ERR_R_MALLOC_FAILURE); |
| 1972 | goto err; | 1964 | goto err; |
| 1973 | } | 1965 | } |
| @@ -1977,13 +1969,13 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n) | |||
| 1977 | 1969 | ||
| 1978 | p += 1; | 1970 | p += 1; |
| 1979 | if (n != 1 + i) { | 1971 | if (n != 1 + i) { |
| 1980 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1972 | SSLerror( |
| 1981 | ERR_R_EC_LIB); | 1973 | ERR_R_EC_LIB); |
| 1982 | goto err; | 1974 | goto err; |
| 1983 | } | 1975 | } |
| 1984 | if (EC_POINT_oct2point(group, | 1976 | if (EC_POINT_oct2point(group, |
| 1985 | clnt_ecpoint, p, i, bn_ctx) == 0) { | 1977 | clnt_ecpoint, p, i, bn_ctx) == 0) { |
| 1986 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1978 | SSLerror( |
| 1987 | ERR_R_EC_LIB); | 1979 | ERR_R_EC_LIB); |
| 1988 | goto err; | 1980 | goto err; |
| 1989 | } | 1981 | } |
| @@ -1997,14 +1989,14 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n) | |||
| 1997 | /* Compute the shared pre-master secret */ | 1989 | /* Compute the shared pre-master secret */ |
| 1998 | key_size = ECDH_size(srvr_ecdh); | 1990 | key_size = ECDH_size(srvr_ecdh); |
| 1999 | if (key_size <= 0) { | 1991 | if (key_size <= 0) { |
| 2000 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1992 | SSLerror( |
| 2001 | ERR_R_ECDH_LIB); | 1993 | ERR_R_ECDH_LIB); |
| 2002 | goto err; | 1994 | goto err; |
| 2003 | } | 1995 | } |
| 2004 | i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh, | 1996 | i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh, |
| 2005 | NULL); | 1997 | NULL); |
| 2006 | if (i <= 0) { | 1998 | if (i <= 0) { |
| 2007 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 1999 | SSLerror( |
| 2008 | ERR_R_ECDH_LIB); | 2000 | ERR_R_ECDH_LIB); |
| 2009 | goto err; | 2001 | goto err; |
| 2010 | } | 2002 | } |
| @@ -2122,7 +2114,7 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n) | |||
| 2122 | if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag, | 2114 | if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag, |
| 2123 | &Tclass, n) != V_ASN1_CONSTRUCTED || | 2115 | &Tclass, n) != V_ASN1_CONSTRUCTED || |
| 2124 | Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) { | 2116 | Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) { |
| 2125 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2117 | SSLerror( |
| 2126 | SSL_R_DECRYPTION_FAILED); | 2118 | SSL_R_DECRYPTION_FAILED); |
| 2127 | goto gerr; | 2119 | goto gerr; |
| 2128 | } | 2120 | } |
| @@ -2130,7 +2122,7 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n) | |||
| 2130 | inlen = Tlen; | 2122 | inlen = Tlen; |
| 2131 | if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, | 2123 | if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, |
| 2132 | start, inlen) <=0) { | 2124 | start, inlen) <=0) { |
| 2133 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2125 | SSLerror( |
| 2134 | SSL_R_DECRYPTION_FAILED); | 2126 | SSL_R_DECRYPTION_FAILED); |
| 2135 | goto gerr; | 2127 | goto gerr; |
| 2136 | } | 2128 | } |
| @@ -2154,7 +2146,7 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n) | |||
| 2154 | 2146 | ||
| 2155 | truncated: | 2147 | truncated: |
| 2156 | al = SSL_AD_DECODE_ERROR; | 2148 | al = SSL_AD_DECODE_ERROR; |
| 2157 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_BAD_PACKET_LENGTH); | 2149 | SSLerror(SSL_R_BAD_PACKET_LENGTH); |
| 2158 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 2150 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 2159 | err: | 2151 | err: |
| 2160 | return (-1); | 2152 | return (-1); |
| @@ -2192,7 +2184,7 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 2192 | goto err; | 2184 | goto err; |
| 2193 | } else { | 2185 | } else { |
| 2194 | al = SSL_AD_HANDSHAKE_FAILURE; | 2186 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 2195 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2187 | SSLerror( |
| 2196 | SSL_R_UNKNOWN_CIPHER_TYPE); | 2188 | SSL_R_UNKNOWN_CIPHER_TYPE); |
| 2197 | goto f_err; | 2189 | goto f_err; |
| 2198 | } | 2190 | } |
| @@ -2236,7 +2228,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2236 | S3I(s)->tmp.reuse_message = 1; | 2228 | S3I(s)->tmp.reuse_message = 1; |
| 2237 | if (peer != NULL) { | 2229 | if (peer != NULL) { |
| 2238 | al = SSL_AD_UNEXPECTED_MESSAGE; | 2230 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| 2239 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2231 | SSLerror( |
| 2240 | SSL_R_MISSING_VERIFY_MESSAGE); | 2232 | SSL_R_MISSING_VERIFY_MESSAGE); |
| 2241 | goto f_err; | 2233 | goto f_err; |
| 2242 | } | 2234 | } |
| @@ -2245,21 +2237,21 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2245 | } | 2237 | } |
| 2246 | 2238 | ||
| 2247 | if (peer == NULL) { | 2239 | if (peer == NULL) { |
| 2248 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2240 | SSLerror( |
| 2249 | SSL_R_NO_CLIENT_CERT_RECEIVED); | 2241 | SSL_R_NO_CLIENT_CERT_RECEIVED); |
| 2250 | al = SSL_AD_UNEXPECTED_MESSAGE; | 2242 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| 2251 | goto f_err; | 2243 | goto f_err; |
| 2252 | } | 2244 | } |
| 2253 | 2245 | ||
| 2254 | if (!(type & EVP_PKT_SIGN)) { | 2246 | if (!(type & EVP_PKT_SIGN)) { |
| 2255 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2247 | SSLerror( |
| 2256 | SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE); | 2248 | SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE); |
| 2257 | al = SSL_AD_ILLEGAL_PARAMETER; | 2249 | al = SSL_AD_ILLEGAL_PARAMETER; |
| 2258 | goto f_err; | 2250 | goto f_err; |
| 2259 | } | 2251 | } |
| 2260 | 2252 | ||
| 2261 | if (S3I(s)->change_cipher_spec) { | 2253 | if (S3I(s)->change_cipher_spec) { |
| 2262 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2254 | SSLerror( |
| 2263 | SSL_R_CCS_RECEIVED_EARLY); | 2255 | SSL_R_CCS_RECEIVED_EARLY); |
| 2264 | al = SSL_AD_UNEXPECTED_MESSAGE; | 2256 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| 2265 | goto f_err; | 2257 | goto f_err; |
| @@ -2281,7 +2273,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2281 | int sigalg = tls12_get_sigid(pkey); | 2273 | int sigalg = tls12_get_sigid(pkey); |
| 2282 | /* Should never happen */ | 2274 | /* Should never happen */ |
| 2283 | if (sigalg == -1) { | 2275 | if (sigalg == -1) { |
| 2284 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2276 | SSLerror( |
| 2285 | ERR_R_INTERNAL_ERROR); | 2277 | ERR_R_INTERNAL_ERROR); |
| 2286 | al = SSL_AD_INTERNAL_ERROR; | 2278 | al = SSL_AD_INTERNAL_ERROR; |
| 2287 | goto f_err; | 2279 | goto f_err; |
| @@ -2290,14 +2282,14 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2290 | goto truncated; | 2282 | goto truncated; |
| 2291 | /* Check key type is consistent with signature */ | 2283 | /* Check key type is consistent with signature */ |
| 2292 | if (sigalg != (int)p[1]) { | 2284 | if (sigalg != (int)p[1]) { |
| 2293 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2285 | SSLerror( |
| 2294 | SSL_R_WRONG_SIGNATURE_TYPE); | 2286 | SSL_R_WRONG_SIGNATURE_TYPE); |
| 2295 | al = SSL_AD_DECODE_ERROR; | 2287 | al = SSL_AD_DECODE_ERROR; |
| 2296 | goto f_err; | 2288 | goto f_err; |
| 2297 | } | 2289 | } |
| 2298 | md = tls12_get_hash(p[0]); | 2290 | md = tls12_get_hash(p[0]); |
| 2299 | if (md == NULL) { | 2291 | if (md == NULL) { |
| 2300 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2292 | SSLerror( |
| 2301 | SSL_R_UNKNOWN_DIGEST); | 2293 | SSL_R_UNKNOWN_DIGEST); |
| 2302 | al = SSL_AD_DECODE_ERROR; | 2294 | al = SSL_AD_DECODE_ERROR; |
| 2303 | goto f_err; | 2295 | goto f_err; |
| @@ -2314,7 +2306,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2314 | } | 2306 | } |
| 2315 | j = EVP_PKEY_size(pkey); | 2307 | j = EVP_PKEY_size(pkey); |
| 2316 | if ((i > j) || (n > j) || (n <= 0)) { | 2308 | if ((i > j) || (n > j) || (n <= 0)) { |
| 2317 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2309 | SSLerror( |
| 2318 | SSL_R_WRONG_SIGNATURE_SIZE); | 2310 | SSL_R_WRONG_SIGNATURE_SIZE); |
| 2319 | al = SSL_AD_DECODE_ERROR; | 2311 | al = SSL_AD_DECODE_ERROR; |
| 2320 | goto f_err; | 2312 | goto f_err; |
| @@ -2325,14 +2317,14 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2325 | void *hdata; | 2317 | void *hdata; |
| 2326 | hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); | 2318 | hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); |
| 2327 | if (hdatalen <= 0) { | 2319 | if (hdatalen <= 0) { |
| 2328 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2320 | SSLerror( |
| 2329 | ERR_R_INTERNAL_ERROR); | 2321 | ERR_R_INTERNAL_ERROR); |
| 2330 | al = SSL_AD_INTERNAL_ERROR; | 2322 | al = SSL_AD_INTERNAL_ERROR; |
| 2331 | goto f_err; | 2323 | goto f_err; |
| 2332 | } | 2324 | } |
| 2333 | if (!EVP_VerifyInit_ex(&mctx, md, NULL) || | 2325 | if (!EVP_VerifyInit_ex(&mctx, md, NULL) || |
| 2334 | !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) { | 2326 | !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) { |
| 2335 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2327 | SSLerror( |
| 2336 | ERR_R_EVP_LIB); | 2328 | ERR_R_EVP_LIB); |
| 2337 | al = SSL_AD_INTERNAL_ERROR; | 2329 | al = SSL_AD_INTERNAL_ERROR; |
| 2338 | goto f_err; | 2330 | goto f_err; |
| @@ -2340,7 +2332,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2340 | 2332 | ||
| 2341 | if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) { | 2333 | if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) { |
| 2342 | al = SSL_AD_DECRYPT_ERROR; | 2334 | al = SSL_AD_DECRYPT_ERROR; |
| 2343 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2335 | SSLerror( |
| 2344 | SSL_R_BAD_SIGNATURE); | 2336 | SSL_R_BAD_SIGNATURE); |
| 2345 | goto f_err; | 2337 | goto f_err; |
| 2346 | } | 2338 | } |
| @@ -2351,13 +2343,13 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2351 | pkey->pkey.rsa); | 2343 | pkey->pkey.rsa); |
| 2352 | if (i < 0) { | 2344 | if (i < 0) { |
| 2353 | al = SSL_AD_DECRYPT_ERROR; | 2345 | al = SSL_AD_DECRYPT_ERROR; |
| 2354 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2346 | SSLerror( |
| 2355 | SSL_R_BAD_RSA_DECRYPT); | 2347 | SSL_R_BAD_RSA_DECRYPT); |
| 2356 | goto f_err; | 2348 | goto f_err; |
| 2357 | } | 2349 | } |
| 2358 | if (i == 0) { | 2350 | if (i == 0) { |
| 2359 | al = SSL_AD_DECRYPT_ERROR; | 2351 | al = SSL_AD_DECRYPT_ERROR; |
| 2360 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2352 | SSLerror( |
| 2361 | SSL_R_BAD_RSA_SIGNATURE); | 2353 | SSL_R_BAD_RSA_SIGNATURE); |
| 2362 | goto f_err; | 2354 | goto f_err; |
| 2363 | } | 2355 | } |
| @@ -2369,7 +2361,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2369 | if (j <= 0) { | 2361 | if (j <= 0) { |
| 2370 | /* bad signature */ | 2362 | /* bad signature */ |
| 2371 | al = SSL_AD_DECRYPT_ERROR; | 2363 | al = SSL_AD_DECRYPT_ERROR; |
| 2372 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2364 | SSLerror( |
| 2373 | SSL_R_BAD_DSA_SIGNATURE); | 2365 | SSL_R_BAD_DSA_SIGNATURE); |
| 2374 | goto f_err; | 2366 | goto f_err; |
| 2375 | } | 2367 | } |
| @@ -2381,7 +2373,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2381 | if (j <= 0) { | 2373 | if (j <= 0) { |
| 2382 | /* bad signature */ | 2374 | /* bad signature */ |
| 2383 | al = SSL_AD_DECRYPT_ERROR; | 2375 | al = SSL_AD_DECRYPT_ERROR; |
| 2384 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2376 | SSLerror( |
| 2385 | SSL_R_BAD_ECDSA_SIGNATURE); | 2377 | SSL_R_BAD_ECDSA_SIGNATURE); |
| 2386 | goto f_err; | 2378 | goto f_err; |
| 2387 | } | 2379 | } |
| @@ -2398,21 +2390,21 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2398 | 2390 | ||
| 2399 | hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); | 2391 | hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); |
| 2400 | if (hdatalen <= 0) { | 2392 | if (hdatalen <= 0) { |
| 2401 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2393 | SSLerror( |
| 2402 | ERR_R_INTERNAL_ERROR); | 2394 | ERR_R_INTERNAL_ERROR); |
| 2403 | al = SSL_AD_INTERNAL_ERROR; | 2395 | al = SSL_AD_INTERNAL_ERROR; |
| 2404 | goto f_err; | 2396 | goto f_err; |
| 2405 | } | 2397 | } |
| 2406 | if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || | 2398 | if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || |
| 2407 | !(md = EVP_get_digestbynid(nid))) { | 2399 | !(md = EVP_get_digestbynid(nid))) { |
| 2408 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2400 | SSLerror( |
| 2409 | ERR_R_EVP_LIB); | 2401 | ERR_R_EVP_LIB); |
| 2410 | al = SSL_AD_INTERNAL_ERROR; | 2402 | al = SSL_AD_INTERNAL_ERROR; |
| 2411 | goto f_err; | 2403 | goto f_err; |
| 2412 | } | 2404 | } |
| 2413 | pctx = EVP_PKEY_CTX_new(pkey, NULL); | 2405 | pctx = EVP_PKEY_CTX_new(pkey, NULL); |
| 2414 | if (!pctx) { | 2406 | if (!pctx) { |
| 2415 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2407 | SSLerror( |
| 2416 | ERR_R_EVP_LIB); | 2408 | ERR_R_EVP_LIB); |
| 2417 | al = SSL_AD_INTERNAL_ERROR; | 2409 | al = SSL_AD_INTERNAL_ERROR; |
| 2418 | goto f_err; | 2410 | goto f_err; |
| @@ -2426,7 +2418,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2426 | EVP_PKEY_CTRL_GOST_SIG_FORMAT, | 2418 | EVP_PKEY_CTRL_GOST_SIG_FORMAT, |
| 2427 | GOST_SIG_FORMAT_RS_LE, | 2419 | GOST_SIG_FORMAT_RS_LE, |
| 2428 | NULL) <= 0)) { | 2420 | NULL) <= 0)) { |
| 2429 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2421 | SSLerror( |
| 2430 | ERR_R_EVP_LIB); | 2422 | ERR_R_EVP_LIB); |
| 2431 | al = SSL_AD_INTERNAL_ERROR; | 2423 | al = SSL_AD_INTERNAL_ERROR; |
| 2432 | EVP_PKEY_CTX_free(pctx); | 2424 | EVP_PKEY_CTX_free(pctx); |
| @@ -2435,7 +2427,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2435 | 2427 | ||
| 2436 | if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) { | 2428 | if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) { |
| 2437 | al = SSL_AD_DECRYPT_ERROR; | 2429 | al = SSL_AD_DECRYPT_ERROR; |
| 2438 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2430 | SSLerror( |
| 2439 | SSL_R_BAD_SIGNATURE); | 2431 | SSL_R_BAD_SIGNATURE); |
| 2440 | EVP_PKEY_CTX_free(pctx); | 2432 | EVP_PKEY_CTX_free(pctx); |
| 2441 | goto f_err; | 2433 | goto f_err; |
| @@ -2445,7 +2437,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2445 | } else | 2437 | } else |
| 2446 | #endif | 2438 | #endif |
| 2447 | { | 2439 | { |
| 2448 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, | 2440 | SSLerror( |
| 2449 | ERR_R_INTERNAL_ERROR); | 2441 | ERR_R_INTERNAL_ERROR); |
| 2450 | al = SSL_AD_UNSUPPORTED_CERTIFICATE; | 2442 | al = SSL_AD_UNSUPPORTED_CERTIFICATE; |
| 2451 | goto f_err; | 2443 | goto f_err; |
| @@ -2456,7 +2448,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2456 | if (0) { | 2448 | if (0) { |
| 2457 | truncated: | 2449 | truncated: |
| 2458 | al = SSL_AD_DECODE_ERROR; | 2450 | al = SSL_AD_DECODE_ERROR; |
| 2459 | SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_PACKET_LENGTH); | 2451 | SSLerror(SSL_R_BAD_PACKET_LENGTH); |
| 2460 | f_err: | 2452 | f_err: |
| 2461 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 2453 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 2462 | } | 2454 | } |
| @@ -2490,7 +2482,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2490 | if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) { | 2482 | if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) { |
| 2491 | if ((s->verify_mode & SSL_VERIFY_PEER) && | 2483 | if ((s->verify_mode & SSL_VERIFY_PEER) && |
| 2492 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { | 2484 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { |
| 2493 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2485 | SSLerror( |
| 2494 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); | 2486 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); |
| 2495 | al = SSL_AD_HANDSHAKE_FAILURE; | 2487 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 2496 | goto f_err; | 2488 | goto f_err; |
| @@ -2500,7 +2492,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2500 | * the client must return a 0 list. | 2492 | * the client must return a 0 list. |
| 2501 | */ | 2493 | */ |
| 2502 | if (S3I(s)->tmp.cert_request) { | 2494 | if (S3I(s)->tmp.cert_request) { |
| 2503 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2495 | SSLerror( |
| 2504 | SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST | 2496 | SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST |
| 2505 | ); | 2497 | ); |
| 2506 | al = SSL_AD_UNEXPECTED_MESSAGE; | 2498 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| @@ -2512,7 +2504,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2512 | 2504 | ||
| 2513 | if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { | 2505 | if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { |
| 2514 | al = SSL_AD_UNEXPECTED_MESSAGE; | 2506 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| 2515 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2507 | SSLerror( |
| 2516 | SSL_R_WRONG_MESSAGE_TYPE); | 2508 | SSL_R_WRONG_MESSAGE_TYPE); |
| 2517 | goto f_err; | 2509 | goto f_err; |
| 2518 | } | 2510 | } |
| @@ -2523,7 +2515,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2523 | CBS_init(&cbs, s->internal->init_msg, n); | 2515 | CBS_init(&cbs, s->internal->init_msg, n); |
| 2524 | 2516 | ||
| 2525 | if ((sk = sk_X509_new_null()) == NULL) { | 2517 | if ((sk = sk_X509_new_null()) == NULL) { |
| 2526 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2518 | SSLerror( |
| 2527 | ERR_R_MALLOC_FAILURE); | 2519 | ERR_R_MALLOC_FAILURE); |
| 2528 | goto err; | 2520 | goto err; |
| 2529 | } | 2521 | } |
| @@ -2537,7 +2529,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2537 | 2529 | ||
| 2538 | if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) { | 2530 | if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) { |
| 2539 | al = SSL_AD_DECODE_ERROR; | 2531 | al = SSL_AD_DECODE_ERROR; |
| 2540 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2532 | SSLerror( |
| 2541 | SSL_R_CERT_LENGTH_MISMATCH); | 2533 | SSL_R_CERT_LENGTH_MISMATCH); |
| 2542 | goto f_err; | 2534 | goto f_err; |
| 2543 | } | 2535 | } |
| @@ -2545,18 +2537,18 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2545 | q = CBS_data(&cert); | 2537 | q = CBS_data(&cert); |
| 2546 | x = d2i_X509(NULL, &q, CBS_len(&cert)); | 2538 | x = d2i_X509(NULL, &q, CBS_len(&cert)); |
| 2547 | if (x == NULL) { | 2539 | if (x == NULL) { |
| 2548 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2540 | SSLerror( |
| 2549 | ERR_R_ASN1_LIB); | 2541 | ERR_R_ASN1_LIB); |
| 2550 | goto err; | 2542 | goto err; |
| 2551 | } | 2543 | } |
| 2552 | if (q != CBS_data(&cert) + CBS_len(&cert)) { | 2544 | if (q != CBS_data(&cert) + CBS_len(&cert)) { |
| 2553 | al = SSL_AD_DECODE_ERROR; | 2545 | al = SSL_AD_DECODE_ERROR; |
| 2554 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2546 | SSLerror( |
| 2555 | SSL_R_CERT_LENGTH_MISMATCH); | 2547 | SSL_R_CERT_LENGTH_MISMATCH); |
| 2556 | goto f_err; | 2548 | goto f_err; |
| 2557 | } | 2549 | } |
| 2558 | if (!sk_X509_push(sk, x)) { | 2550 | if (!sk_X509_push(sk, x)) { |
| 2559 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2551 | SSLerror( |
| 2560 | ERR_R_MALLOC_FAILURE); | 2552 | ERR_R_MALLOC_FAILURE); |
| 2561 | goto err; | 2553 | goto err; |
| 2562 | } | 2554 | } |
| @@ -2570,7 +2562,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2570 | */ | 2562 | */ |
| 2571 | if ((s->verify_mode & SSL_VERIFY_PEER) && | 2563 | if ((s->verify_mode & SSL_VERIFY_PEER) && |
| 2572 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { | 2564 | (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { |
| 2573 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2565 | SSLerror( |
| 2574 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); | 2566 | SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); |
| 2575 | al = SSL_AD_HANDSHAKE_FAILURE; | 2567 | al = SSL_AD_HANDSHAKE_FAILURE; |
| 2576 | goto f_err; | 2568 | goto f_err; |
| @@ -2584,7 +2576,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2584 | i = ssl_verify_cert_chain(s, sk); | 2576 | i = ssl_verify_cert_chain(s, sk); |
| 2585 | if (i <= 0) { | 2577 | if (i <= 0) { |
| 2586 | al = ssl_verify_alarm_type(s->verify_result); | 2578 | al = ssl_verify_alarm_type(s->verify_result); |
| 2587 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2579 | SSLerror( |
| 2588 | SSL_R_NO_CERTIFICATE_RETURNED); | 2580 | SSL_R_NO_CERTIFICATE_RETURNED); |
| 2589 | goto f_err; | 2581 | goto f_err; |
| 2590 | } | 2582 | } |
| @@ -2601,7 +2593,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2601 | if (SSI(s)->sess_cert == NULL) { | 2593 | if (SSI(s)->sess_cert == NULL) { |
| 2602 | SSI(s)->sess_cert = ssl_sess_cert_new(); | 2594 | SSI(s)->sess_cert = ssl_sess_cert_new(); |
| 2603 | if (SSI(s)->sess_cert == NULL) { | 2595 | if (SSI(s)->sess_cert == NULL) { |
| 2604 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2596 | SSLerror( |
| 2605 | ERR_R_MALLOC_FAILURE); | 2597 | ERR_R_MALLOC_FAILURE); |
| 2606 | goto err; | 2598 | goto err; |
| 2607 | } | 2599 | } |
| @@ -2620,7 +2612,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2620 | if (0) { | 2612 | if (0) { |
| 2621 | truncated: | 2613 | truncated: |
| 2622 | al = SSL_AD_DECODE_ERROR; | 2614 | al = SSL_AD_DECODE_ERROR; |
| 2623 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2615 | SSLerror( |
| 2624 | SSL_R_BAD_PACKET_LENGTH); | 2616 | SSL_R_BAD_PACKET_LENGTH); |
| 2625 | f_err: | 2617 | f_err: |
| 2626 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 2618 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| @@ -2646,7 +2638,7 @@ ssl3_send_server_certificate(SSL *s) | |||
| 2646 | 2638 | ||
| 2647 | if (s->internal->state == SSL3_ST_SW_CERT_A) { | 2639 | if (s->internal->state == SSL3_ST_SW_CERT_A) { |
| 2648 | if ((x = ssl_get_server_send_cert(s)) == NULL) { | 2640 | if ((x = ssl_get_server_send_cert(s)) == NULL) { |
| 2649 | SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, | 2641 | SSLerror( |
| 2650 | ERR_R_INTERNAL_ERROR); | 2642 | ERR_R_INTERNAL_ERROR); |
| 2651 | return (0); | 2643 | return (0); |
| 2652 | } | 2644 | } |
| @@ -2865,7 +2857,7 @@ ssl3_get_next_proto(SSL *s) | |||
| 2865 | * extension in their ClientHello | 2857 | * extension in their ClientHello |
| 2866 | */ | 2858 | */ |
| 2867 | if (!S3I(s)->next_proto_neg_seen) { | 2859 | if (!S3I(s)->next_proto_neg_seen) { |
| 2868 | SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, | 2860 | SSLerror( |
| 2869 | SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION); | 2861 | SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION); |
| 2870 | return (-1); | 2862 | return (-1); |
| 2871 | } | 2863 | } |
| @@ -2882,7 +2874,7 @@ ssl3_get_next_proto(SSL *s) | |||
| 2882 | * by ssl3_get_finished). | 2874 | * by ssl3_get_finished). |
| 2883 | */ | 2875 | */ |
| 2884 | if (!S3I(s)->change_cipher_spec) { | 2876 | if (!S3I(s)->change_cipher_spec) { |
| 2885 | SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, | 2877 | SSLerror( |
| 2886 | SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS); | 2878 | SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS); |
| 2887 | return (-1); | 2879 | return (-1); |
| 2888 | } | 2880 | } |
| @@ -2913,7 +2905,7 @@ ssl3_get_next_proto(SSL *s) | |||
| 2913 | s->internal->next_proto_negotiated_len = 0; | 2905 | s->internal->next_proto_negotiated_len = 0; |
| 2914 | 2906 | ||
| 2915 | if (!CBS_stow(&proto, &s->internal->next_proto_negotiated, &len)) { | 2907 | if (!CBS_stow(&proto, &s->internal->next_proto_negotiated, &len)) { |
| 2916 | SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, | 2908 | SSLerror( |
| 2917 | ERR_R_MALLOC_FAILURE); | 2909 | ERR_R_MALLOC_FAILURE); |
| 2918 | return (0); | 2910 | return (0); |
| 2919 | } | 2911 | } |