summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_srvr.c
diff options
context:
space:
mode:
authorbeck <>2017-02-07 02:08:38 +0000
committerbeck <>2017-02-07 02:08:38 +0000
commit91c389f89015a024212e73f5ec6e24166955ab6e (patch)
treea4e6a6d2d23329b576b63c8698e62a87e7388b69 /src/lib/libssl/ssl_srvr.c
parent8a1ec4c748b269fba0669ee71234ec9a0f128613 (diff)
downloadopenbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.gz
openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.tar.bz2
openbsd-91c389f89015a024212e73f5ec6e24166955ab6e.zip
Change SSLerror() back to taking two args, with the first one being an SSL *.
Make a table of "function codes" which maps the internal state of the SSL * to something like a useful name so in a typical error in the connection you know in what sort of place in the handshake things happened. (instead of by arcane function name). Add SSLerrorx() for when we don't have an SSL * ok jsing@ after us both being prodded by bluhm@ to make it not terrible
Diffstat (limited to 'src/lib/libssl/ssl_srvr.c')
-rw-r--r--src/lib/libssl/ssl_srvr.c212
1 files changed, 106 insertions, 106 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 217ecafeec..bb43ec74e2 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.5 2017/01/26 12:28:00 jsing Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.6 2017/02/07 02:08:38 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -189,7 +189,7 @@ ssl3_accept(SSL *s)
189 SSL_clear(s); 189 SSL_clear(s);
190 190
191 if (s->cert == NULL) { 191 if (s->cert == NULL) {
192 SSLerror(SSL_R_NO_CERTIFICATE_SET); 192 SSLerror(s, SSL_R_NO_CERTIFICATE_SET);
193 ret = -1; 193 ret = -1;
194 goto end; 194 goto end;
195 } 195 }
@@ -212,7 +212,7 @@ ssl3_accept(SSL *s)
212 cb(s, SSL_CB_HANDSHAKE_START, 1); 212 cb(s, SSL_CB_HANDSHAKE_START, 1);
213 213
214 if ((s->version >> 8) != 3) { 214 if ((s->version >> 8) != 3) {
215 SSLerror(ERR_R_INTERNAL_ERROR); 215 SSLerror(s, ERR_R_INTERNAL_ERROR);
216 ret = -1; 216 ret = -1;
217 goto end; 217 goto end;
218 } 218 }
@@ -253,7 +253,7 @@ ssl3_accept(SSL *s)
253 * client that doesn't support secure 253 * client that doesn't support secure
254 * renegotiation. 254 * renegotiation.
255 */ 255 */
256 SSLerror(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); 256 SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
257 ssl3_send_alert(s, SSL3_AL_FATAL, 257 ssl3_send_alert(s, SSL3_AL_FATAL,
258 SSL_AD_HANDSHAKE_FAILURE); 258 SSL_AD_HANDSHAKE_FAILURE);
259 ret = -1; 259 ret = -1;
@@ -483,7 +483,7 @@ ssl3_accept(SSL *s)
483 * at this point and digest cached records. 483 * at this point and digest cached records.
484 */ 484 */
485 if (!S3I(s)->handshake_buffer) { 485 if (!S3I(s)->handshake_buffer) {
486 SSLerror(ERR_R_INTERNAL_ERROR); 486 SSLerror(s, ERR_R_INTERNAL_ERROR);
487 ret = -1; 487 ret = -1;
488 goto end; 488 goto end;
489 } 489 }
@@ -671,7 +671,7 @@ ssl3_accept(SSL *s)
671 /* break; */ 671 /* break; */
672 672
673 default: 673 default:
674 SSLerror(SSL_R_UNKNOWN_STATE); 674 SSLerror(s, SSL_R_UNKNOWN_STATE);
675 ret = -1; 675 ret = -1;
676 goto end; 676 goto end;
677 /* break; */ 677 /* break; */
@@ -770,7 +770,7 @@ ssl3_get_client_hello(SSL *s)
770 goto truncated; 770 goto truncated;
771 771
772 if (ssl_max_shared_version(s, client_version, &shared_version) != 1) { 772 if (ssl_max_shared_version(s, client_version, &shared_version) != 1) {
773 SSLerror(SSL_R_WRONG_VERSION_NUMBER); 773 SSLerror(s, SSL_R_WRONG_VERSION_NUMBER);
774 if ((s->client_version >> 8) == SSL3_VERSION_MAJOR && 774 if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
775 !s->internal->enc_write_ctx && !s->internal->write_hash) { 775 !s->internal->enc_write_ctx && !s->internal->write_hash) {
776 /* 776 /*
@@ -788,7 +788,7 @@ ssl3_get_client_hello(SSL *s)
788 if ((method = tls1_get_server_method(shared_version)) == NULL) 788 if ((method = tls1_get_server_method(shared_version)) == NULL)
789 method = dtls1_get_server_method(shared_version); 789 method = dtls1_get_server_method(shared_version);
790 if (method == NULL) { 790 if (method == NULL) {
791 SSLerror(ERR_R_INTERNAL_ERROR); 791 SSLerror(s, ERR_R_INTERNAL_ERROR);
792 goto err; 792 goto err;
793 } 793 }
794 s->method = method; 794 s->method = method;
@@ -861,7 +861,7 @@ ssl3_get_client_hello(SSL *s)
861 */ 861 */
862 if (CBS_len(&cookie) > sizeof(D1I(s)->rcvd_cookie)) { 862 if (CBS_len(&cookie) > sizeof(D1I(s)->rcvd_cookie)) {
863 al = SSL_AD_DECODE_ERROR; 863 al = SSL_AD_DECODE_ERROR;
864 SSLerror(SSL_R_COOKIE_MISMATCH); 864 SSLerror(s, SSL_R_COOKIE_MISMATCH);
865 goto f_err; 865 goto f_err;
866 } 866 }
867 867
@@ -879,7 +879,7 @@ ssl3_get_client_hello(SSL *s)
879 if (s->ctx->internal->app_verify_cookie_cb(s, 879 if (s->ctx->internal->app_verify_cookie_cb(s,
880 D1I(s)->rcvd_cookie, cookie_len) == 0) { 880 D1I(s)->rcvd_cookie, cookie_len) == 0) {
881 al = SSL_AD_HANDSHAKE_FAILURE; 881 al = SSL_AD_HANDSHAKE_FAILURE;
882 SSLerror(SSL_R_COOKIE_MISMATCH); 882 SSLerror(s, SSL_R_COOKIE_MISMATCH);
883 goto f_err; 883 goto f_err;
884 } 884 }
885 /* else cookie verification succeeded */ 885 /* else cookie verification succeeded */
@@ -888,7 +888,7 @@ ssl3_get_client_hello(SSL *s)
888 D1I(s)->cookie, D1I(s)->cookie_len) != 0) { 888 D1I(s)->cookie, D1I(s)->cookie_len) != 0) {
889 /* default verification */ 889 /* default verification */
890 al = SSL_AD_HANDSHAKE_FAILURE; 890 al = SSL_AD_HANDSHAKE_FAILURE;
891 SSLerror(SSL_R_COOKIE_MISMATCH); 891 SSLerror(s, SSL_R_COOKIE_MISMATCH);
892 goto f_err; 892 goto f_err;
893 } 893 }
894 ret = 2; 894 ret = 2;
@@ -902,7 +902,7 @@ ssl3_get_client_hello(SSL *s)
902 if (CBS_len(&cipher_suites) == 0 && CBS_len(&session_id) != 0) { 902 if (CBS_len(&cipher_suites) == 0 && CBS_len(&session_id) != 0) {
903 /* we need a cipher if we are not resuming a session */ 903 /* we need a cipher if we are not resuming a session */
904 al = SSL_AD_ILLEGAL_PARAMETER; 904 al = SSL_AD_ILLEGAL_PARAMETER;
905 SSLerror(SSL_R_NO_CIPHERS_SPECIFIED); 905 SSLerror(s, SSL_R_NO_CIPHERS_SPECIFIED);
906 goto f_err; 906 goto f_err;
907 } 907 }
908 908
@@ -930,7 +930,7 @@ ssl3_get_client_hello(SSL *s)
930 * list if we are asked to reuse it 930 * list if we are asked to reuse it
931 */ 931 */
932 al = SSL_AD_ILLEGAL_PARAMETER; 932 al = SSL_AD_ILLEGAL_PARAMETER;
933 SSLerror(SSL_R_REQUIRED_CIPHER_MISSING); 933 SSLerror(s, SSL_R_REQUIRED_CIPHER_MISSING);
934 goto f_err; 934 goto f_err;
935 } 935 }
936 } 936 }
@@ -947,7 +947,7 @@ ssl3_get_client_hello(SSL *s)
947 } 947 }
948 if (comp_null == 0) { 948 if (comp_null == 0) {
949 al = SSL_AD_DECODE_ERROR; 949 al = SSL_AD_DECODE_ERROR;
950 SSLerror(SSL_R_NO_COMPRESSION_SPECIFIED); 950 SSLerror(s, SSL_R_NO_COMPRESSION_SPECIFIED);
951 goto f_err; 951 goto f_err;
952 } 952 }
953 953
@@ -956,11 +956,11 @@ ssl3_get_client_hello(SSL *s)
956 /* TLS extensions*/ 956 /* TLS extensions*/
957 if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) { 957 if (!ssl_parse_clienthello_tlsext(s, &p, d, n, &al)) {
958 /* 'al' set by ssl_parse_clienthello_tlsext */ 958 /* 'al' set by ssl_parse_clienthello_tlsext */
959 SSLerror(SSL_R_PARSE_TLSEXT); 959 SSLerror(s, SSL_R_PARSE_TLSEXT);
960 goto f_err; 960 goto f_err;
961 } 961 }
962 if (ssl_check_clienthello_tlsext_early(s) <= 0) { 962 if (ssl_check_clienthello_tlsext_early(s) <= 0) {
963 SSLerror(SSL_R_CLIENTHELLO_TLSEXT); 963 SSLerror(s, SSL_R_CLIENTHELLO_TLSEXT);
964 goto err; 964 goto err;
965 } 965 }
966 966
@@ -991,7 +991,7 @@ ssl3_get_client_hello(SSL *s)
991 SSL_get_ciphers(s)); 991 SSL_get_ciphers(s));
992 if (pref_cipher == NULL) { 992 if (pref_cipher == NULL) {
993 al = SSL_AD_HANDSHAKE_FAILURE; 993 al = SSL_AD_HANDSHAKE_FAILURE;
994 SSLerror(SSL_R_NO_SHARED_CIPHER); 994 SSLerror(s, SSL_R_NO_SHARED_CIPHER);
995 goto f_err; 995 goto f_err;
996 } 996 }
997 997
@@ -1016,7 +1016,7 @@ ssl3_get_client_hello(SSL *s)
1016 s->session->ciphers = ciphers; 1016 s->session->ciphers = ciphers;
1017 if (ciphers == NULL) { 1017 if (ciphers == NULL) {
1018 al = SSL_AD_ILLEGAL_PARAMETER; 1018 al = SSL_AD_ILLEGAL_PARAMETER;
1019 SSLerror(SSL_R_NO_CIPHERS_PASSED); 1019 SSLerror(s, SSL_R_NO_CIPHERS_PASSED);
1020 goto f_err; 1020 goto f_err;
1021 } 1021 }
1022 ciphers = NULL; 1022 ciphers = NULL;
@@ -1025,7 +1025,7 @@ ssl3_get_client_hello(SSL *s)
1025 1025
1026 if (c == NULL) { 1026 if (c == NULL) {
1027 al = SSL_AD_HANDSHAKE_FAILURE; 1027 al = SSL_AD_HANDSHAKE_FAILURE;
1028 SSLerror(SSL_R_NO_SHARED_CIPHER); 1028 SSLerror(s, SSL_R_NO_SHARED_CIPHER);
1029 goto f_err; 1029 goto f_err;
1030 } 1030 }
1031 S3I(s)->tmp.new_cipher = c; 1031 S3I(s)->tmp.new_cipher = c;
@@ -1056,7 +1056,7 @@ ssl3_get_client_hello(SSL *s)
1056 1056
1057 /* Handles TLS extensions that we couldn't check earlier */ 1057 /* Handles TLS extensions that we couldn't check earlier */
1058 if (ssl_check_clienthello_tlsext_late(s) <= 0) { 1058 if (ssl_check_clienthello_tlsext_late(s) <= 0) {
1059 SSLerror(SSL_R_CLIENTHELLO_TLSEXT); 1059 SSLerror(s, SSL_R_CLIENTHELLO_TLSEXT);
1060 goto err; 1060 goto err;
1061 } 1061 }
1062 1062
@@ -1065,7 +1065,7 @@ ssl3_get_client_hello(SSL *s)
1065 if (0) { 1065 if (0) {
1066truncated: 1066truncated:
1067 al = SSL_AD_DECODE_ERROR; 1067 al = SSL_AD_DECODE_ERROR;
1068 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1068 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1069f_err: 1069f_err:
1070 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1070 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1071 } 1071 }
@@ -1124,7 +1124,7 @@ ssl3_send_server_hello(SSL *s)
1124 1124
1125 sl = s->session->session_id_length; 1125 sl = s->session->session_id_length;
1126 if (sl > (int)sizeof(s->session->session_id)) { 1126 if (sl > (int)sizeof(s->session->session_id)) {
1127 SSLerror(ERR_R_INTERNAL_ERROR); 1127 SSLerror(s, ERR_R_INTERNAL_ERROR);
1128 goto err; 1128 goto err;
1129 } 1129 }
1130 1130
@@ -1147,7 +1147,7 @@ ssl3_send_server_hello(SSL *s)
1147 1147
1148 if ((p = ssl_add_serverhello_tlsext(s, p + outlen, 1148 if ((p = ssl_add_serverhello_tlsext(s, p + outlen,
1149 bufend)) == NULL) { 1149 bufend)) == NULL) {
1150 SSLerror(ERR_R_INTERNAL_ERROR); 1150 SSLerror(s, ERR_R_INTERNAL_ERROR);
1151 goto err; 1151 goto err;
1152 } 1152 }
1153 1153
@@ -1188,7 +1188,7 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb)
1188 if (s->cert->dh_tmp_auto != 0) { 1188 if (s->cert->dh_tmp_auto != 0) {
1189 if ((dhp = ssl_get_auto_dh(s)) == NULL) { 1189 if ((dhp = ssl_get_auto_dh(s)) == NULL) {
1190 al = SSL_AD_INTERNAL_ERROR; 1190 al = SSL_AD_INTERNAL_ERROR;
1191 SSLerror(ERR_R_INTERNAL_ERROR); 1191 SSLerror(s, ERR_R_INTERNAL_ERROR);
1192 goto f_err; 1192 goto f_err;
1193 } 1193 }
1194 } else 1194 } else
@@ -1200,24 +1200,24 @@ ssl3_send_server_kex_dhe(SSL *s, CBB *cbb)
1200 1200
1201 if (dhp == NULL) { 1201 if (dhp == NULL) {
1202 al = SSL_AD_HANDSHAKE_FAILURE; 1202 al = SSL_AD_HANDSHAKE_FAILURE;
1203 SSLerror(SSL_R_MISSING_TMP_DH_KEY); 1203 SSLerror(s, SSL_R_MISSING_TMP_DH_KEY);
1204 goto f_err; 1204 goto f_err;
1205 } 1205 }
1206 1206
1207 if (S3I(s)->tmp.dh != NULL) { 1207 if (S3I(s)->tmp.dh != NULL) {
1208 SSLerror(ERR_R_INTERNAL_ERROR); 1208 SSLerror(s, ERR_R_INTERNAL_ERROR);
1209 goto err; 1209 goto err;
1210 } 1210 }
1211 1211
1212 if (s->cert->dh_tmp_auto != 0) { 1212 if (s->cert->dh_tmp_auto != 0) {
1213 dh = dhp; 1213 dh = dhp;
1214 } else if ((dh = DHparams_dup(dhp)) == NULL) { 1214 } else if ((dh = DHparams_dup(dhp)) == NULL) {
1215 SSLerror(ERR_R_DH_LIB); 1215 SSLerror(s, ERR_R_DH_LIB);
1216 goto err; 1216 goto err;
1217 } 1217 }
1218 S3I(s)->tmp.dh = dh; 1218 S3I(s)->tmp.dh = dh;
1219 if (!DH_generate_key(dh)) { 1219 if (!DH_generate_key(dh)) {
1220 SSLerror(ERR_R_DH_LIB); 1220 SSLerror(s, ERR_R_DH_LIB);
1221 goto err; 1221 goto err;
1222 } 1222 }
1223 1223
@@ -1276,12 +1276,12 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1276 } 1276 }
1277 if (ecdhp == NULL) { 1277 if (ecdhp == NULL) {
1278 al = SSL_AD_HANDSHAKE_FAILURE; 1278 al = SSL_AD_HANDSHAKE_FAILURE;
1279 SSLerror(SSL_R_MISSING_TMP_ECDH_KEY); 1279 SSLerror(s, SSL_R_MISSING_TMP_ECDH_KEY);
1280 goto f_err; 1280 goto f_err;
1281 } 1281 }
1282 1282
1283 if (S3I(s)->tmp.ecdh != NULL) { 1283 if (S3I(s)->tmp.ecdh != NULL) {
1284 SSLerror(ERR_R_INTERNAL_ERROR); 1284 SSLerror(s, ERR_R_INTERNAL_ERROR);
1285 goto err; 1285 goto err;
1286 } 1286 }
1287 1287
@@ -1289,7 +1289,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1289 if (s->cert->ecdh_tmp_auto != 0) { 1289 if (s->cert->ecdh_tmp_auto != 0) {
1290 ecdh = ecdhp; 1290 ecdh = ecdhp;
1291 } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) { 1291 } else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
1292 SSLerror(ERR_R_ECDH_LIB); 1292 SSLerror(s, ERR_R_ECDH_LIB);
1293 goto err; 1293 goto err;
1294 } 1294 }
1295 S3I(s)->tmp.ecdh = ecdh; 1295 S3I(s)->tmp.ecdh = ecdh;
@@ -1298,7 +1298,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1298 (EC_KEY_get0_private_key(ecdh) == NULL) || 1298 (EC_KEY_get0_private_key(ecdh) == NULL) ||
1299 (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) { 1299 (s->internal->options & SSL_OP_SINGLE_ECDH_USE)) {
1300 if (!EC_KEY_generate_key(ecdh)) { 1300 if (!EC_KEY_generate_key(ecdh)) {
1301 SSLerror(ERR_R_ECDH_LIB); 1301 SSLerror(s, ERR_R_ECDH_LIB);
1302 goto err; 1302 goto err;
1303 } 1303 }
1304 } 1304 }
@@ -1306,7 +1306,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1306 if (((group = EC_KEY_get0_group(ecdh)) == NULL) || 1306 if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
1307 (EC_KEY_get0_public_key(ecdh) == NULL) || 1307 (EC_KEY_get0_public_key(ecdh) == NULL) ||
1308 (EC_KEY_get0_private_key(ecdh) == NULL)) { 1308 (EC_KEY_get0_private_key(ecdh) == NULL)) {
1309 SSLerror(ERR_R_ECDH_LIB); 1309 SSLerror(s, ERR_R_ECDH_LIB);
1310 goto err; 1310 goto err;
1311 } 1311 }
1312 1312
@@ -1316,7 +1316,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1316 */ 1316 */
1317 if ((curve_id = tls1_ec_nid2curve_id( 1317 if ((curve_id = tls1_ec_nid2curve_id(
1318 EC_GROUP_get_curve_name(group))) == 0) { 1318 EC_GROUP_get_curve_name(group))) == 0) {
1319 SSLerror(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); 1319 SSLerror(s, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
1320 goto err; 1320 goto err;
1321 } 1321 }
1322 1322
@@ -1331,7 +1331,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1331 1331
1332 bn_ctx = BN_CTX_new(); 1332 bn_ctx = BN_CTX_new();
1333 if ((encodedPoint == NULL) || (bn_ctx == NULL)) { 1333 if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
1334 SSLerror(ERR_R_MALLOC_FAILURE); 1334 SSLerror(s, ERR_R_MALLOC_FAILURE);
1335 goto err; 1335 goto err;
1336 } 1336 }
1337 1337
@@ -1339,7 +1339,7 @@ ssl3_send_server_kex_ecdhe_ecp(SSL *s, int nid, CBB *cbb)
1339 POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx); 1339 POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx);
1340 1340
1341 if (encodedlen == 0) { 1341 if (encodedlen == 0) {
1342 SSLerror(ERR_R_ECDH_LIB); 1342 SSLerror(s, ERR_R_ECDH_LIB);
1343 goto err; 1343 goto err;
1344 } 1344 }
1345 1345
@@ -1391,7 +1391,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb)
1391 1391
1392 /* Generate an X25519 key pair. */ 1392 /* Generate an X25519 key pair. */
1393 if (S3I(s)->tmp.x25519 != NULL) { 1393 if (S3I(s)->tmp.x25519 != NULL) {
1394 SSLerror(ERR_R_INTERNAL_ERROR); 1394 SSLerror(s, ERR_R_INTERNAL_ERROR);
1395 goto err; 1395 goto err;
1396 } 1396 }
1397 if ((S3I(s)->tmp.x25519 = malloc(X25519_KEY_LENGTH)) == NULL) 1397 if ((S3I(s)->tmp.x25519 = malloc(X25519_KEY_LENGTH)) == NULL)
@@ -1402,7 +1402,7 @@ ssl3_send_server_kex_ecdhe_ecx(SSL *s, int nid, CBB *cbb)
1402 1402
1403 /* Serialize public key. */ 1403 /* Serialize public key. */
1404 if ((curve_id = tls1_ec_nid2curve_id(nid)) == 0) { 1404 if ((curve_id = tls1_ec_nid2curve_id(nid)) == 0) {
1405 SSLerror(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); 1405 SSLerror(s, SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
1406 goto err; 1406 goto err;
1407 } 1407 }
1408 1408
@@ -1477,7 +1477,7 @@ ssl3_send_server_key_exchange(SSL *s)
1477 goto err; 1477 goto err;
1478 } else { 1478 } else {
1479 al = SSL_AD_HANDSHAKE_FAILURE; 1479 al = SSL_AD_HANDSHAKE_FAILURE;
1480 SSLerror(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); 1480 SSLerror(s, SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
1481 goto f_err; 1481 goto f_err;
1482 } 1482 }
1483 1483
@@ -1498,7 +1498,7 @@ ssl3_send_server_key_exchange(SSL *s)
1498 1498
1499 if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) + 1499 if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) +
1500 params_len + kn)) { 1500 params_len + kn)) {
1501 SSLerror(ERR_LIB_BUF); 1501 SSLerror(s, ERR_LIB_BUF);
1502 goto err; 1502 goto err;
1503 } 1503 }
1504 1504
@@ -1541,7 +1541,7 @@ ssl3_send_server_key_exchange(SSL *s)
1541 } 1541 }
1542 if (RSA_sign(NID_md5_sha1, md_buf, j, 1542 if (RSA_sign(NID_md5_sha1, md_buf, j,
1543 &(p[2]), &u, pkey->pkey.rsa) <= 0) { 1543 &(p[2]), &u, pkey->pkey.rsa) <= 0) {
1544 SSLerror(ERR_R_RSA_LIB); 1544 SSLerror(s, ERR_R_RSA_LIB);
1545 goto err; 1545 goto err;
1546 } 1546 }
1547 s2n(u, p); 1547 s2n(u, p);
@@ -1552,7 +1552,7 @@ ssl3_send_server_key_exchange(SSL *s)
1552 if (!tls12_get_sigandhash(p, pkey, md)) { 1552 if (!tls12_get_sigandhash(p, pkey, md)) {
1553 /* Should never happen */ 1553 /* Should never happen */
1554 al = SSL_AD_INTERNAL_ERROR; 1554 al = SSL_AD_INTERNAL_ERROR;
1555 SSLerror(ERR_R_INTERNAL_ERROR); 1555 SSLerror(s, ERR_R_INTERNAL_ERROR);
1556 goto f_err; 1556 goto f_err;
1557 } 1557 }
1558 p += 2; 1558 p += 2;
@@ -1567,7 +1567,7 @@ ssl3_send_server_key_exchange(SSL *s)
1567 EVP_SignUpdate(&md_ctx, d, n); 1567 EVP_SignUpdate(&md_ctx, d, n);
1568 if (!EVP_SignFinal(&md_ctx, &p[2], 1568 if (!EVP_SignFinal(&md_ctx, &p[2],
1569 (unsigned int *)&i, pkey)) { 1569 (unsigned int *)&i, pkey)) {
1570 SSLerror(ERR_R_EVP_LIB); 1570 SSLerror(s, ERR_R_EVP_LIB);
1571 goto err; 1571 goto err;
1572 } 1572 }
1573 s2n(i, p); 1573 s2n(i, p);
@@ -1577,7 +1577,7 @@ ssl3_send_server_key_exchange(SSL *s)
1577 } else { 1577 } else {
1578 /* Is this error check actually needed? */ 1578 /* Is this error check actually needed? */
1579 al = SSL_AD_HANDSHAKE_FAILURE; 1579 al = SSL_AD_HANDSHAKE_FAILURE;
1580 SSLerror(SSL_R_UNKNOWN_PKEY_TYPE); 1580 SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
1581 goto f_err; 1581 goto f_err;
1582 } 1582 }
1583 } 1583 }
@@ -1643,7 +1643,7 @@ ssl3_send_certificate_request(SSL *s)
1643 if (!BUF_MEM_grow_clean(buf, 1643 if (!BUF_MEM_grow_clean(buf,
1644 ssl3_handshake_msg_hdr_len(s) + n + j 1644 ssl3_handshake_msg_hdr_len(s) + n + j
1645 + 2)) { 1645 + 2)) {
1646 SSLerror(ERR_R_BUF_LIB); 1646 SSLerror(s, ERR_R_BUF_LIB);
1647 goto err; 1647 goto err;
1648 } 1648 }
1649 p = ssl3_handshake_msg_start(s, 1649 p = ssl3_handshake_msg_start(s,
@@ -1689,7 +1689,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1689 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || 1689 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) ||
1690 (pkey->pkey.rsa == NULL)) { 1690 (pkey->pkey.rsa == NULL)) {
1691 al = SSL_AD_HANDSHAKE_FAILURE; 1691 al = SSL_AD_HANDSHAKE_FAILURE;
1692 SSLerror(SSL_R_MISSING_RSA_CERTIFICATE); 1692 SSLerror(s, SSL_R_MISSING_RSA_CERTIFICATE);
1693 goto f_err; 1693 goto f_err;
1694 } 1694 }
1695 rsa = pkey->pkey.rsa; 1695 rsa = pkey->pkey.rsa;
@@ -1698,7 +1698,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1698 goto truncated; 1698 goto truncated;
1699 n2s(p, i); 1699 n2s(p, i);
1700 if (n != i + 2) { 1700 if (n != i + 2) {
1701 SSLerror(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); 1701 SSLerror(s, SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
1702 goto err; 1702 goto err;
1703 } else 1703 } else
1704 n = i; 1704 n = i;
@@ -1711,7 +1711,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1711 1711
1712 if (i != SSL_MAX_MASTER_KEY_LENGTH) { 1712 if (i != SSL_MAX_MASTER_KEY_LENGTH) {
1713 al = SSL_AD_DECODE_ERROR; 1713 al = SSL_AD_DECODE_ERROR;
1714 /* SSLerror(SSL_R_BAD_RSA_DECRYPT); */ 1714 /* SSLerror(s, SSL_R_BAD_RSA_DECRYPT); */
1715 } 1715 }
1716 1716
1717 if (p - d + 2 > n) /* needed in the SSL3 case */ 1717 if (p - d + 2 > n) /* needed in the SSL3 case */
@@ -1733,7 +1733,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1733 (p[0] == (s->version >> 8)) && 1733 (p[0] == (s->version >> 8)) &&
1734 (p[1] == (s->version & 0xff)))) { 1734 (p[1] == (s->version & 0xff)))) {
1735 al = SSL_AD_DECODE_ERROR; 1735 al = SSL_AD_DECODE_ERROR;
1736 /* SSLerror(SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */ 1736 /* SSLerror(s, SSL_R_BAD_PROTOCOL_VERSION_NUMBER); */
1737 1737
1738 /* 1738 /*
1739 * The Klima-Pokorny-Rosa extension of 1739 * The Klima-Pokorny-Rosa extension of
@@ -1771,7 +1771,7 @@ ssl3_get_client_kex_rsa(SSL *s, unsigned char *p, long n)
1771 return (1); 1771 return (1);
1772truncated: 1772truncated:
1773 al = SSL_AD_DECODE_ERROR; 1773 al = SSL_AD_DECODE_ERROR;
1774 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1774 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1775f_err: 1775f_err:
1776 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1776 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1777err: 1777err:
@@ -1799,19 +1799,19 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n)
1799 1799
1800 if (S3I(s)->tmp.dh == NULL) { 1800 if (S3I(s)->tmp.dh == NULL) {
1801 al = SSL_AD_HANDSHAKE_FAILURE; 1801 al = SSL_AD_HANDSHAKE_FAILURE;
1802 SSLerror(SSL_R_MISSING_TMP_DH_KEY); 1802 SSLerror(s, SSL_R_MISSING_TMP_DH_KEY);
1803 goto f_err; 1803 goto f_err;
1804 } 1804 }
1805 dh = S3I(s)->tmp.dh; 1805 dh = S3I(s)->tmp.dh;
1806 1806
1807 if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) { 1807 if ((bn = BN_bin2bn(CBS_data(&dh_Yc), CBS_len(&dh_Yc), NULL)) == NULL) {
1808 SSLerror(SSL_R_BN_LIB); 1808 SSLerror(s, SSL_R_BN_LIB);
1809 goto err; 1809 goto err;
1810 } 1810 }
1811 1811
1812 key_size = DH_compute_key(p, bn, dh); 1812 key_size = DH_compute_key(p, bn, dh);
1813 if (key_size <= 0) { 1813 if (key_size <= 0) {
1814 SSLerror(ERR_R_DH_LIB); 1814 SSLerror(s, ERR_R_DH_LIB);
1815 BN_clear_free(bn); 1815 BN_clear_free(bn);
1816 goto err; 1816 goto err;
1817 } 1817 }
@@ -1831,7 +1831,7 @@ ssl3_get_client_kex_dhe(SSL *s, unsigned char *p, long n)
1831 1831
1832 truncated: 1832 truncated:
1833 al = SSL_AD_DECODE_ERROR; 1833 al = SSL_AD_DECODE_ERROR;
1834 SSLerror(SSL_R_BAD_PACKET_LENGTH); 1834 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
1835 f_err: 1835 f_err:
1836 ssl3_send_alert(s, SSL3_AL_FATAL, al); 1836 ssl3_send_alert(s, SSL3_AL_FATAL, al);
1837 err: 1837 err:
@@ -1855,7 +1855,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1855 1855
1856 /* Initialize structures for server's ECDH key pair. */ 1856 /* Initialize structures for server's ECDH key pair. */
1857 if ((srvr_ecdh = EC_KEY_new()) == NULL) { 1857 if ((srvr_ecdh = EC_KEY_new()) == NULL) {
1858 SSLerror(ERR_R_MALLOC_FAILURE); 1858 SSLerror(s, ERR_R_MALLOC_FAILURE);
1859 goto err; 1859 goto err;
1860 } 1860 }
1861 1861
@@ -1870,13 +1870,13 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1870 1870
1871 if (!EC_KEY_set_group(srvr_ecdh, group) || 1871 if (!EC_KEY_set_group(srvr_ecdh, group) ||
1872 !EC_KEY_set_private_key(srvr_ecdh, priv_key)) { 1872 !EC_KEY_set_private_key(srvr_ecdh, priv_key)) {
1873 SSLerror(ERR_R_EC_LIB); 1873 SSLerror(s, ERR_R_EC_LIB);
1874 goto err; 1874 goto err;
1875 } 1875 }
1876 1876
1877 /* Let's get client's public key */ 1877 /* Let's get client's public key */
1878 if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) { 1878 if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) {
1879 SSLerror(ERR_R_MALLOC_FAILURE); 1879 SSLerror(s, ERR_R_MALLOC_FAILURE);
1880 goto err; 1880 goto err;
1881 } 1881 }
1882 1882
@@ -1898,14 +1898,14 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1898 * group. 1898 * group.
1899 */ 1899 */
1900 al = SSL_AD_HANDSHAKE_FAILURE; 1900 al = SSL_AD_HANDSHAKE_FAILURE;
1901 SSLerror(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS); 1901 SSLerror(s, SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
1902 goto f_err; 1902 goto f_err;
1903 } 1903 }
1904 1904
1905 if (EC_POINT_copy(clnt_ecpoint, 1905 if (EC_POINT_copy(clnt_ecpoint,
1906 EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec)) 1906 EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec))
1907 == 0) { 1907 == 0) {
1908 SSLerror(ERR_R_EC_LIB); 1908 SSLerror(s, ERR_R_EC_LIB);
1909 goto err; 1909 goto err;
1910 } 1910 }
1911 ret = 2; /* Skip certificate verify processing */ 1911 ret = 2; /* Skip certificate verify processing */
@@ -1915,7 +1915,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1915 * in the ClientKeyExchange message. 1915 * in the ClientKeyExchange message.
1916 */ 1916 */
1917 if ((bn_ctx = BN_CTX_new()) == NULL) { 1917 if ((bn_ctx = BN_CTX_new()) == NULL) {
1918 SSLerror(ERR_R_MALLOC_FAILURE); 1918 SSLerror(s, ERR_R_MALLOC_FAILURE);
1919 goto err; 1919 goto err;
1920 } 1920 }
1921 1921
@@ -1924,12 +1924,12 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1924 1924
1925 p += 1; 1925 p += 1;
1926 if (n != 1 + i) { 1926 if (n != 1 + i) {
1927 SSLerror(ERR_R_EC_LIB); 1927 SSLerror(s, ERR_R_EC_LIB);
1928 goto err; 1928 goto err;
1929 } 1929 }
1930 if (EC_POINT_oct2point(group, 1930 if (EC_POINT_oct2point(group,
1931 clnt_ecpoint, p, i, bn_ctx) == 0) { 1931 clnt_ecpoint, p, i, bn_ctx) == 0) {
1932 SSLerror(ERR_R_EC_LIB); 1932 SSLerror(s, ERR_R_EC_LIB);
1933 goto err; 1933 goto err;
1934 } 1934 }
1935 /* 1935 /*
@@ -1942,13 +1942,13 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n)
1942 /* Compute the shared pre-master secret */ 1942 /* Compute the shared pre-master secret */
1943 key_size = ECDH_size(srvr_ecdh); 1943 key_size = ECDH_size(srvr_ecdh);
1944 if (key_size <= 0) { 1944 if (key_size <= 0) {
1945 SSLerror(ERR_R_ECDH_LIB); 1945 SSLerror(s, ERR_R_ECDH_LIB);
1946 goto err; 1946 goto err;
1947 } 1947 }
1948 i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh, 1948 i = ECDH_compute_key(p, key_size, clnt_ecpoint, srvr_ecdh,
1949 NULL); 1949 NULL);
1950 if (i <= 0) { 1950 if (i <= 0) {
1951 SSLerror(ERR_R_ECDH_LIB); 1951 SSLerror(s, ERR_R_ECDH_LIB);
1952 goto err; 1952 goto err;
1953 } 1953 }
1954 1954
@@ -2065,14 +2065,14 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n)
2065 if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag, 2065 if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag,
2066 &Tclass, n) != V_ASN1_CONSTRUCTED || 2066 &Tclass, n) != V_ASN1_CONSTRUCTED ||
2067 Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) { 2067 Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) {
2068 SSLerror(SSL_R_DECRYPTION_FAILED); 2068 SSLerror(s, SSL_R_DECRYPTION_FAILED);
2069 goto gerr; 2069 goto gerr;
2070 } 2070 }
2071 start = p; 2071 start = p;
2072 inlen = Tlen; 2072 inlen = Tlen;
2073 if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, 2073 if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen,
2074 start, inlen) <=0) { 2074 start, inlen) <=0) {
2075 SSLerror(SSL_R_DECRYPTION_FAILED); 2075 SSLerror(s, SSL_R_DECRYPTION_FAILED);
2076 goto gerr; 2076 goto gerr;
2077 } 2077 }
2078 /* Generate master secret */ 2078 /* Generate master secret */
@@ -2095,7 +2095,7 @@ ssl3_get_client_kex_gost(SSL *s, unsigned char *p, long n)
2095 2095
2096 truncated: 2096 truncated:
2097 al = SSL_AD_DECODE_ERROR; 2097 al = SSL_AD_DECODE_ERROR;
2098 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2098 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2099 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2099 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2100 err: 2100 err:
2101 return (-1); 2101 return (-1);
@@ -2133,7 +2133,7 @@ ssl3_get_client_key_exchange(SSL *s)
2133 goto err; 2133 goto err;
2134 } else { 2134 } else {
2135 al = SSL_AD_HANDSHAKE_FAILURE; 2135 al = SSL_AD_HANDSHAKE_FAILURE;
2136 SSLerror(SSL_R_UNKNOWN_CIPHER_TYPE); 2136 SSLerror(s, SSL_R_UNKNOWN_CIPHER_TYPE);
2137 goto f_err; 2137 goto f_err;
2138 } 2138 }
2139 2139
@@ -2176,7 +2176,7 @@ ssl3_get_cert_verify(SSL *s)
2176 S3I(s)->tmp.reuse_message = 1; 2176 S3I(s)->tmp.reuse_message = 1;
2177 if (peer != NULL) { 2177 if (peer != NULL) {
2178 al = SSL_AD_UNEXPECTED_MESSAGE; 2178 al = SSL_AD_UNEXPECTED_MESSAGE;
2179 SSLerror(SSL_R_MISSING_VERIFY_MESSAGE); 2179 SSLerror(s, SSL_R_MISSING_VERIFY_MESSAGE);
2180 goto f_err; 2180 goto f_err;
2181 } 2181 }
2182 ret = 1; 2182 ret = 1;
@@ -2184,19 +2184,19 @@ ssl3_get_cert_verify(SSL *s)
2184 } 2184 }
2185 2185
2186 if (peer == NULL) { 2186 if (peer == NULL) {
2187 SSLerror(SSL_R_NO_CLIENT_CERT_RECEIVED); 2187 SSLerror(s, SSL_R_NO_CLIENT_CERT_RECEIVED);
2188 al = SSL_AD_UNEXPECTED_MESSAGE; 2188 al = SSL_AD_UNEXPECTED_MESSAGE;
2189 goto f_err; 2189 goto f_err;
2190 } 2190 }
2191 2191
2192 if (!(type & EVP_PKT_SIGN)) { 2192 if (!(type & EVP_PKT_SIGN)) {
2193 SSLerror(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE); 2193 SSLerror(s, SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
2194 al = SSL_AD_ILLEGAL_PARAMETER; 2194 al = SSL_AD_ILLEGAL_PARAMETER;
2195 goto f_err; 2195 goto f_err;
2196 } 2196 }
2197 2197
2198 if (S3I(s)->change_cipher_spec) { 2198 if (S3I(s)->change_cipher_spec) {
2199 SSLerror(SSL_R_CCS_RECEIVED_EARLY); 2199 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
2200 al = SSL_AD_UNEXPECTED_MESSAGE; 2200 al = SSL_AD_UNEXPECTED_MESSAGE;
2201 goto f_err; 2201 goto f_err;
2202 } 2202 }
@@ -2217,7 +2217,7 @@ ssl3_get_cert_verify(SSL *s)
2217 int sigalg = tls12_get_sigid(pkey); 2217 int sigalg = tls12_get_sigid(pkey);
2218 /* Should never happen */ 2218 /* Should never happen */
2219 if (sigalg == -1) { 2219 if (sigalg == -1) {
2220 SSLerror(ERR_R_INTERNAL_ERROR); 2220 SSLerror(s, ERR_R_INTERNAL_ERROR);
2221 al = SSL_AD_INTERNAL_ERROR; 2221 al = SSL_AD_INTERNAL_ERROR;
2222 goto f_err; 2222 goto f_err;
2223 } 2223 }
@@ -2225,13 +2225,13 @@ ssl3_get_cert_verify(SSL *s)
2225 goto truncated; 2225 goto truncated;
2226 /* Check key type is consistent with signature */ 2226 /* Check key type is consistent with signature */
2227 if (sigalg != (int)p[1]) { 2227 if (sigalg != (int)p[1]) {
2228 SSLerror(SSL_R_WRONG_SIGNATURE_TYPE); 2228 SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
2229 al = SSL_AD_DECODE_ERROR; 2229 al = SSL_AD_DECODE_ERROR;
2230 goto f_err; 2230 goto f_err;
2231 } 2231 }
2232 md = tls12_get_hash(p[0]); 2232 md = tls12_get_hash(p[0]);
2233 if (md == NULL) { 2233 if (md == NULL) {
2234 SSLerror(SSL_R_UNKNOWN_DIGEST); 2234 SSLerror(s, SSL_R_UNKNOWN_DIGEST);
2235 al = SSL_AD_DECODE_ERROR; 2235 al = SSL_AD_DECODE_ERROR;
2236 goto f_err; 2236 goto f_err;
2237 } 2237 }
@@ -2247,7 +2247,7 @@ ssl3_get_cert_verify(SSL *s)
2247 } 2247 }
2248 j = EVP_PKEY_size(pkey); 2248 j = EVP_PKEY_size(pkey);
2249 if ((i > j) || (n > j) || (n <= 0)) { 2249 if ((i > j) || (n > j) || (n <= 0)) {
2250 SSLerror(SSL_R_WRONG_SIGNATURE_SIZE); 2250 SSLerror(s, SSL_R_WRONG_SIGNATURE_SIZE);
2251 al = SSL_AD_DECODE_ERROR; 2251 al = SSL_AD_DECODE_ERROR;
2252 goto f_err; 2252 goto f_err;
2253 } 2253 }
@@ -2257,20 +2257,20 @@ ssl3_get_cert_verify(SSL *s)
2257 void *hdata; 2257 void *hdata;
2258 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2258 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2259 if (hdatalen <= 0) { 2259 if (hdatalen <= 0) {
2260 SSLerror(ERR_R_INTERNAL_ERROR); 2260 SSLerror(s, ERR_R_INTERNAL_ERROR);
2261 al = SSL_AD_INTERNAL_ERROR; 2261 al = SSL_AD_INTERNAL_ERROR;
2262 goto f_err; 2262 goto f_err;
2263 } 2263 }
2264 if (!EVP_VerifyInit_ex(&mctx, md, NULL) || 2264 if (!EVP_VerifyInit_ex(&mctx, md, NULL) ||
2265 !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) { 2265 !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
2266 SSLerror(ERR_R_EVP_LIB); 2266 SSLerror(s, ERR_R_EVP_LIB);
2267 al = SSL_AD_INTERNAL_ERROR; 2267 al = SSL_AD_INTERNAL_ERROR;
2268 goto f_err; 2268 goto f_err;
2269 } 2269 }
2270 2270
2271 if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) { 2271 if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
2272 al = SSL_AD_DECRYPT_ERROR; 2272 al = SSL_AD_DECRYPT_ERROR;
2273 SSLerror(SSL_R_BAD_SIGNATURE); 2273 SSLerror(s, SSL_R_BAD_SIGNATURE);
2274 goto f_err; 2274 goto f_err;
2275 } 2275 }
2276 } else 2276 } else
@@ -2280,12 +2280,12 @@ ssl3_get_cert_verify(SSL *s)
2280 pkey->pkey.rsa); 2280 pkey->pkey.rsa);
2281 if (i < 0) { 2281 if (i < 0) {
2282 al = SSL_AD_DECRYPT_ERROR; 2282 al = SSL_AD_DECRYPT_ERROR;
2283 SSLerror(SSL_R_BAD_RSA_DECRYPT); 2283 SSLerror(s, SSL_R_BAD_RSA_DECRYPT);
2284 goto f_err; 2284 goto f_err;
2285 } 2285 }
2286 if (i == 0) { 2286 if (i == 0) {
2287 al = SSL_AD_DECRYPT_ERROR; 2287 al = SSL_AD_DECRYPT_ERROR;
2288 SSLerror(SSL_R_BAD_RSA_SIGNATURE); 2288 SSLerror(s, SSL_R_BAD_RSA_SIGNATURE);
2289 goto f_err; 2289 goto f_err;
2290 } 2290 }
2291 } else 2291 } else
@@ -2296,7 +2296,7 @@ ssl3_get_cert_verify(SSL *s)
2296 if (j <= 0) { 2296 if (j <= 0) {
2297 /* bad signature */ 2297 /* bad signature */
2298 al = SSL_AD_DECRYPT_ERROR; 2298 al = SSL_AD_DECRYPT_ERROR;
2299 SSLerror(SSL_R_BAD_DSA_SIGNATURE); 2299 SSLerror(s, SSL_R_BAD_DSA_SIGNATURE);
2300 goto f_err; 2300 goto f_err;
2301 } 2301 }
2302 } else 2302 } else
@@ -2307,7 +2307,7 @@ ssl3_get_cert_verify(SSL *s)
2307 if (j <= 0) { 2307 if (j <= 0) {
2308 /* bad signature */ 2308 /* bad signature */
2309 al = SSL_AD_DECRYPT_ERROR; 2309 al = SSL_AD_DECRYPT_ERROR;
2310 SSLerror(SSL_R_BAD_ECDSA_SIGNATURE); 2310 SSLerror(s, SSL_R_BAD_ECDSA_SIGNATURE);
2311 goto f_err; 2311 goto f_err;
2312 } 2312 }
2313 } else 2313 } else
@@ -2323,19 +2323,19 @@ ssl3_get_cert_verify(SSL *s)
2323 2323
2324 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata); 2324 hdatalen = BIO_get_mem_data(S3I(s)->handshake_buffer, &hdata);
2325 if (hdatalen <= 0) { 2325 if (hdatalen <= 0) {
2326 SSLerror(ERR_R_INTERNAL_ERROR); 2326 SSLerror(s, ERR_R_INTERNAL_ERROR);
2327 al = SSL_AD_INTERNAL_ERROR; 2327 al = SSL_AD_INTERNAL_ERROR;
2328 goto f_err; 2328 goto f_err;
2329 } 2329 }
2330 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || 2330 if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) ||
2331 !(md = EVP_get_digestbynid(nid))) { 2331 !(md = EVP_get_digestbynid(nid))) {
2332 SSLerror(ERR_R_EVP_LIB); 2332 SSLerror(s, ERR_R_EVP_LIB);
2333 al = SSL_AD_INTERNAL_ERROR; 2333 al = SSL_AD_INTERNAL_ERROR;
2334 goto f_err; 2334 goto f_err;
2335 } 2335 }
2336 pctx = EVP_PKEY_CTX_new(pkey, NULL); 2336 pctx = EVP_PKEY_CTX_new(pkey, NULL);
2337 if (!pctx) { 2337 if (!pctx) {
2338 SSLerror(ERR_R_EVP_LIB); 2338 SSLerror(s, ERR_R_EVP_LIB);
2339 al = SSL_AD_INTERNAL_ERROR; 2339 al = SSL_AD_INTERNAL_ERROR;
2340 goto f_err; 2340 goto f_err;
2341 } 2341 }
@@ -2348,7 +2348,7 @@ ssl3_get_cert_verify(SSL *s)
2348 EVP_PKEY_CTRL_GOST_SIG_FORMAT, 2348 EVP_PKEY_CTRL_GOST_SIG_FORMAT,
2349 GOST_SIG_FORMAT_RS_LE, 2349 GOST_SIG_FORMAT_RS_LE,
2350 NULL) <= 0)) { 2350 NULL) <= 0)) {
2351 SSLerror(ERR_R_EVP_LIB); 2351 SSLerror(s, ERR_R_EVP_LIB);
2352 al = SSL_AD_INTERNAL_ERROR; 2352 al = SSL_AD_INTERNAL_ERROR;
2353 EVP_PKEY_CTX_free(pctx); 2353 EVP_PKEY_CTX_free(pctx);
2354 goto f_err; 2354 goto f_err;
@@ -2356,7 +2356,7 @@ ssl3_get_cert_verify(SSL *s)
2356 2356
2357 if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) { 2357 if (EVP_PKEY_verify(pctx, p, i, signature, siglen) <= 0) {
2358 al = SSL_AD_DECRYPT_ERROR; 2358 al = SSL_AD_DECRYPT_ERROR;
2359 SSLerror(SSL_R_BAD_SIGNATURE); 2359 SSLerror(s, SSL_R_BAD_SIGNATURE);
2360 EVP_PKEY_CTX_free(pctx); 2360 EVP_PKEY_CTX_free(pctx);
2361 goto f_err; 2361 goto f_err;
2362 } 2362 }
@@ -2365,7 +2365,7 @@ ssl3_get_cert_verify(SSL *s)
2365 } else 2365 } else
2366#endif 2366#endif
2367 { 2367 {
2368 SSLerror(ERR_R_INTERNAL_ERROR); 2368 SSLerror(s, ERR_R_INTERNAL_ERROR);
2369 al = SSL_AD_UNSUPPORTED_CERTIFICATE; 2369 al = SSL_AD_UNSUPPORTED_CERTIFICATE;
2370 goto f_err; 2370 goto f_err;
2371 } 2371 }
@@ -2375,7 +2375,7 @@ ssl3_get_cert_verify(SSL *s)
2375 if (0) { 2375 if (0) {
2376truncated: 2376truncated:
2377 al = SSL_AD_DECODE_ERROR; 2377 al = SSL_AD_DECODE_ERROR;
2378 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2378 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2379f_err: 2379f_err:
2380 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2380 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2381 } 2381 }
@@ -2409,7 +2409,7 @@ ssl3_get_client_certificate(SSL *s)
2409 if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) { 2409 if (S3I(s)->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
2410 if ((s->verify_mode & SSL_VERIFY_PEER) && 2410 if ((s->verify_mode & SSL_VERIFY_PEER) &&
2411 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { 2411 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
2412 SSLerror(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); 2412 SSLerror(s, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
2413 al = SSL_AD_HANDSHAKE_FAILURE; 2413 al = SSL_AD_HANDSHAKE_FAILURE;
2414 goto f_err; 2414 goto f_err;
2415 } 2415 }
@@ -2418,7 +2418,7 @@ ssl3_get_client_certificate(SSL *s)
2418 * the client must return a 0 list. 2418 * the client must return a 0 list.
2419 */ 2419 */
2420 if (S3I(s)->tmp.cert_request) { 2420 if (S3I(s)->tmp.cert_request) {
2421 SSLerror(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 2421 SSLerror(s, SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST
2422 ); 2422 );
2423 al = SSL_AD_UNEXPECTED_MESSAGE; 2423 al = SSL_AD_UNEXPECTED_MESSAGE;
2424 goto f_err; 2424 goto f_err;
@@ -2429,7 +2429,7 @@ ssl3_get_client_certificate(SSL *s)
2429 2429
2430 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) { 2430 if (S3I(s)->tmp.message_type != SSL3_MT_CERTIFICATE) {
2431 al = SSL_AD_UNEXPECTED_MESSAGE; 2431 al = SSL_AD_UNEXPECTED_MESSAGE;
2432 SSLerror(SSL_R_WRONG_MESSAGE_TYPE); 2432 SSLerror(s, SSL_R_WRONG_MESSAGE_TYPE);
2433 goto f_err; 2433 goto f_err;
2434 } 2434 }
2435 2435
@@ -2439,7 +2439,7 @@ ssl3_get_client_certificate(SSL *s)
2439 CBS_init(&cbs, s->internal->init_msg, n); 2439 CBS_init(&cbs, s->internal->init_msg, n);
2440 2440
2441 if ((sk = sk_X509_new_null()) == NULL) { 2441 if ((sk = sk_X509_new_null()) == NULL) {
2442 SSLerror(ERR_R_MALLOC_FAILURE); 2442 SSLerror(s, ERR_R_MALLOC_FAILURE);
2443 goto err; 2443 goto err;
2444 } 2444 }
2445 2445
@@ -2452,23 +2452,23 @@ ssl3_get_client_certificate(SSL *s)
2452 2452
2453 if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) { 2453 if (!CBS_get_u24_length_prefixed(&client_certs, &cert)) {
2454 al = SSL_AD_DECODE_ERROR; 2454 al = SSL_AD_DECODE_ERROR;
2455 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 2455 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
2456 goto f_err; 2456 goto f_err;
2457 } 2457 }
2458 2458
2459 q = CBS_data(&cert); 2459 q = CBS_data(&cert);
2460 x = d2i_X509(NULL, &q, CBS_len(&cert)); 2460 x = d2i_X509(NULL, &q, CBS_len(&cert));
2461 if (x == NULL) { 2461 if (x == NULL) {
2462 SSLerror(ERR_R_ASN1_LIB); 2462 SSLerror(s, ERR_R_ASN1_LIB);
2463 goto err; 2463 goto err;
2464 } 2464 }
2465 if (q != CBS_data(&cert) + CBS_len(&cert)) { 2465 if (q != CBS_data(&cert) + CBS_len(&cert)) {
2466 al = SSL_AD_DECODE_ERROR; 2466 al = SSL_AD_DECODE_ERROR;
2467 SSLerror(SSL_R_CERT_LENGTH_MISMATCH); 2467 SSLerror(s, SSL_R_CERT_LENGTH_MISMATCH);
2468 goto f_err; 2468 goto f_err;
2469 } 2469 }
2470 if (!sk_X509_push(sk, x)) { 2470 if (!sk_X509_push(sk, x)) {
2471 SSLerror(ERR_R_MALLOC_FAILURE); 2471 SSLerror(s, ERR_R_MALLOC_FAILURE);
2472 goto err; 2472 goto err;
2473 } 2473 }
2474 x = NULL; 2474 x = NULL;
@@ -2481,7 +2481,7 @@ ssl3_get_client_certificate(SSL *s)
2481 */ 2481 */
2482 if ((s->verify_mode & SSL_VERIFY_PEER) && 2482 if ((s->verify_mode & SSL_VERIFY_PEER) &&
2483 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) { 2483 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
2484 SSLerror(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); 2484 SSLerror(s, SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
2485 al = SSL_AD_HANDSHAKE_FAILURE; 2485 al = SSL_AD_HANDSHAKE_FAILURE;
2486 goto f_err; 2486 goto f_err;
2487 } 2487 }
@@ -2494,7 +2494,7 @@ ssl3_get_client_certificate(SSL *s)
2494 i = ssl_verify_cert_chain(s, sk); 2494 i = ssl_verify_cert_chain(s, sk);
2495 if (i <= 0) { 2495 if (i <= 0) {
2496 al = ssl_verify_alarm_type(s->verify_result); 2496 al = ssl_verify_alarm_type(s->verify_result);
2497 SSLerror(SSL_R_NO_CERTIFICATE_RETURNED); 2497 SSLerror(s, SSL_R_NO_CERTIFICATE_RETURNED);
2498 goto f_err; 2498 goto f_err;
2499 } 2499 }
2500 } 2500 }
@@ -2510,7 +2510,7 @@ ssl3_get_client_certificate(SSL *s)
2510 if (SSI(s)->sess_cert == NULL) { 2510 if (SSI(s)->sess_cert == NULL) {
2511 SSI(s)->sess_cert = ssl_sess_cert_new(); 2511 SSI(s)->sess_cert = ssl_sess_cert_new();
2512 if (SSI(s)->sess_cert == NULL) { 2512 if (SSI(s)->sess_cert == NULL) {
2513 SSLerror(ERR_R_MALLOC_FAILURE); 2513 SSLerror(s, ERR_R_MALLOC_FAILURE);
2514 goto err; 2514 goto err;
2515 } 2515 }
2516 } 2516 }
@@ -2528,7 +2528,7 @@ ssl3_get_client_certificate(SSL *s)
2528 if (0) { 2528 if (0) {
2529truncated: 2529truncated:
2530 al = SSL_AD_DECODE_ERROR; 2530 al = SSL_AD_DECODE_ERROR;
2531 SSLerror(SSL_R_BAD_PACKET_LENGTH); 2531 SSLerror(s, SSL_R_BAD_PACKET_LENGTH);
2532f_err: 2532f_err:
2533 ssl3_send_alert(s, SSL3_AL_FATAL, al); 2533 ssl3_send_alert(s, SSL3_AL_FATAL, al);
2534 } 2534 }
@@ -2553,7 +2553,7 @@ ssl3_send_server_certificate(SSL *s)
2553 2553
2554 if (s->internal->state == SSL3_ST_SW_CERT_A) { 2554 if (s->internal->state == SSL3_ST_SW_CERT_A) {
2555 if ((x = ssl_get_server_send_cert(s)) == NULL) { 2555 if ((x = ssl_get_server_send_cert(s)) == NULL) {
2556 SSLerror(ERR_R_INTERNAL_ERROR); 2556 SSLerror(s, ERR_R_INTERNAL_ERROR);
2557 return (0); 2557 return (0);
2558 } 2558 }
2559 2559
@@ -2771,7 +2771,7 @@ ssl3_get_next_proto(SSL *s)
2771 * extension in their ClientHello 2771 * extension in their ClientHello
2772 */ 2772 */
2773 if (!S3I(s)->next_proto_neg_seen) { 2773 if (!S3I(s)->next_proto_neg_seen) {
2774 SSLerror(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION); 2774 SSLerror(s, SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
2775 return (-1); 2775 return (-1);
2776 } 2776 }
2777 2777
@@ -2787,7 +2787,7 @@ ssl3_get_next_proto(SSL *s)
2787 * by ssl3_get_finished). 2787 * by ssl3_get_finished).
2788 */ 2788 */
2789 if (!S3I(s)->change_cipher_spec) { 2789 if (!S3I(s)->change_cipher_spec) {
2790 SSLerror(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS); 2790 SSLerror(s, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
2791 return (-1); 2791 return (-1);
2792 } 2792 }
2793 2793
@@ -2817,7 +2817,7 @@ ssl3_get_next_proto(SSL *s)
2817 s->internal->next_proto_negotiated_len = 0; 2817 s->internal->next_proto_negotiated_len = 0;
2818 2818
2819 if (!CBS_stow(&proto, &s->internal->next_proto_negotiated, &len)) { 2819 if (!CBS_stow(&proto, &s->internal->next_proto_negotiated, &len)) {
2820 SSLerror(ERR_R_MALLOC_FAILURE); 2820 SSLerror(s, ERR_R_MALLOC_FAILURE);
2821 return (0); 2821 return (0);
2822 } 2822 }
2823 s->internal->next_proto_negotiated_len = (uint8_t)len; 2823 s->internal->next_proto_negotiated_len = (uint8_t)len;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 09:43:09 +0000