diff options
| author | beck <> | 2017-01-26 12:16:13 +0000 |
|---|---|---|
| committer | beck <> | 2017-01-26 12:16:13 +0000 |
| commit | 5ae189b08474853c519a12e66db1c17cfc3c9c8f (patch) | |
| tree | b95866f4795db86411300333c648e4ce8e941899 /src/lib/libssl/t1_reneg.c | |
| parent | 10f32610e82e44521c0094ae91acbca090d36a58 (diff) | |
| download | openbsd-5ae189b08474853c519a12e66db1c17cfc3c9c8f.tar.gz openbsd-5ae189b08474853c519a12e66db1c17cfc3c9c8f.tar.bz2 openbsd-5ae189b08474853c519a12e66db1c17cfc3c9c8f.zip | |
Finish the fallout of the SSLerr->SSLerror cleanup to get rid of the ugly
line wraps that resulted
Diffstat (limited to 'src/lib/libssl/t1_reneg.c')
| -rw-r--r-- | src/lib/libssl/t1_reneg.c | 35 |
1 files changed, 12 insertions, 23 deletions
diff --git a/src/lib/libssl/t1_reneg.c b/src/lib/libssl/t1_reneg.c index ea432554b0..596b96edd3 100644 --- a/src/lib/libssl/t1_reneg.c +++ b/src/lib/libssl/t1_reneg.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_reneg.c,v 1.13 2017/01/26 10:40:21 beck Exp $ */ | 1 | /* $OpenBSD: t1_reneg.c,v 1.14 2017/01/26 12:16:13 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -123,8 +123,7 @@ ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len, | |||
| 123 | { | 123 | { |
| 124 | if (p) { | 124 | if (p) { |
| 125 | if ((S3I(s)->previous_client_finished_len + 1) > maxlen) { | 125 | if ((S3I(s)->previous_client_finished_len + 1) > maxlen) { |
| 126 | SSLerror( | 126 | SSLerror(SSL_R_RENEGOTIATE_EXT_TOO_LONG); |
| 127 | SSL_R_RENEGOTIATE_EXT_TOO_LONG); | ||
| 128 | return 0; | 127 | return 0; |
| 129 | } | 128 | } |
| 130 | 129 | ||
| @@ -151,8 +150,7 @@ ssl_parse_clienthello_renegotiate_ext(SSL *s, const unsigned char *d, int len, | |||
| 151 | CBS cbs, reneg; | 150 | CBS cbs, reneg; |
| 152 | 151 | ||
| 153 | if (len < 0) { | 152 | if (len < 0) { |
| 154 | SSLerror( | 153 | SSLerror(SSL_R_RENEGOTIATION_ENCODING_ERR); |
| 155 | SSL_R_RENEGOTIATION_ENCODING_ERR); | ||
| 156 | *al = SSL_AD_ILLEGAL_PARAMETER; | 154 | *al = SSL_AD_ILLEGAL_PARAMETER; |
| 157 | return 0; | 155 | return 0; |
| 158 | } | 156 | } |
| @@ -161,24 +159,21 @@ ssl_parse_clienthello_renegotiate_ext(SSL *s, const unsigned char *d, int len, | |||
| 161 | if (!CBS_get_u8_length_prefixed(&cbs, &reneg) || | 159 | if (!CBS_get_u8_length_prefixed(&cbs, &reneg) || |
| 162 | /* Consistency check */ | 160 | /* Consistency check */ |
| 163 | CBS_len(&cbs) != 0) { | 161 | CBS_len(&cbs) != 0) { |
| 164 | SSLerror( | 162 | SSLerror(SSL_R_RENEGOTIATION_ENCODING_ERR); |
| 165 | SSL_R_RENEGOTIATION_ENCODING_ERR); | ||
| 166 | *al = SSL_AD_ILLEGAL_PARAMETER; | 163 | *al = SSL_AD_ILLEGAL_PARAMETER; |
| 167 | return 0; | 164 | return 0; |
| 168 | } | 165 | } |
| 169 | 166 | ||
| 170 | /* Check that the extension matches */ | 167 | /* Check that the extension matches */ |
| 171 | if (CBS_len(&reneg) != S3I(s)->previous_client_finished_len) { | 168 | if (CBS_len(&reneg) != S3I(s)->previous_client_finished_len) { |
| 172 | SSLerror( | 169 | SSLerror(SSL_R_RENEGOTIATION_MISMATCH); |
| 173 | SSL_R_RENEGOTIATION_MISMATCH); | ||
| 174 | *al = SSL_AD_HANDSHAKE_FAILURE; | 170 | *al = SSL_AD_HANDSHAKE_FAILURE; |
| 175 | return 0; | 171 | return 0; |
| 176 | } | 172 | } |
| 177 | 173 | ||
| 178 | if (!CBS_mem_equal(&reneg, S3I(s)->previous_client_finished, | 174 | if (!CBS_mem_equal(&reneg, S3I(s)->previous_client_finished, |
| 179 | S3I(s)->previous_client_finished_len)) { | 175 | S3I(s)->previous_client_finished_len)) { |
| 180 | SSLerror( | 176 | SSLerror(SSL_R_RENEGOTIATION_MISMATCH); |
| 181 | SSL_R_RENEGOTIATION_MISMATCH); | ||
| 182 | *al = SSL_AD_HANDSHAKE_FAILURE; | 177 | *al = SSL_AD_HANDSHAKE_FAILURE; |
| 183 | return 0; | 178 | return 0; |
| 184 | } | 179 | } |
| @@ -196,8 +191,7 @@ ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len, | |||
| 196 | if (p) { | 191 | if (p) { |
| 197 | if ((S3I(s)->previous_client_finished_len + | 192 | if ((S3I(s)->previous_client_finished_len + |
| 198 | S3I(s)->previous_server_finished_len + 1) > maxlen) { | 193 | S3I(s)->previous_server_finished_len + 1) > maxlen) { |
| 199 | SSLerror( | 194 | SSLerror(SSL_R_RENEGOTIATE_EXT_TOO_LONG); |
| 200 | SSL_R_RENEGOTIATE_EXT_TOO_LONG); | ||
| 201 | return 0; | 195 | return 0; |
| 202 | } | 196 | } |
| 203 | 197 | ||
| @@ -235,8 +229,7 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d, int len, i | |||
| 235 | OPENSSL_assert(!expected_len || S3I(s)->previous_server_finished_len); | 229 | OPENSSL_assert(!expected_len || S3I(s)->previous_server_finished_len); |
| 236 | 230 | ||
| 237 | if (len < 0) { | 231 | if (len < 0) { |
| 238 | SSLerror( | 232 | SSLerror(SSL_R_RENEGOTIATION_ENCODING_ERR); |
| 239 | SSL_R_RENEGOTIATION_ENCODING_ERR); | ||
| 240 | *al = SSL_AD_ILLEGAL_PARAMETER; | 233 | *al = SSL_AD_ILLEGAL_PARAMETER; |
| 241 | return 0; | 234 | return 0; |
| 242 | } | 235 | } |
| @@ -246,8 +239,7 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d, int len, i | |||
| 246 | if (!CBS_get_u8_length_prefixed(&cbs, &reneg) || | 239 | if (!CBS_get_u8_length_prefixed(&cbs, &reneg) || |
| 247 | /* Consistency check */ | 240 | /* Consistency check */ |
| 248 | CBS_len(&cbs) != 0) { | 241 | CBS_len(&cbs) != 0) { |
| 249 | SSLerror( | 242 | SSLerror(SSL_R_RENEGOTIATION_ENCODING_ERR); |
| 250 | SSL_R_RENEGOTIATION_ENCODING_ERR); | ||
| 251 | *al = SSL_AD_ILLEGAL_PARAMETER; | 243 | *al = SSL_AD_ILLEGAL_PARAMETER; |
| 252 | return 0; | 244 | return 0; |
| 253 | } | 245 | } |
| @@ -259,23 +251,20 @@ ssl_parse_serverhello_renegotiate_ext(SSL *s, const unsigned char *d, int len, i | |||
| 259 | !CBS_get_bytes(&reneg, &previous_server, | 251 | !CBS_get_bytes(&reneg, &previous_server, |
| 260 | S3I(s)->previous_server_finished_len) || | 252 | S3I(s)->previous_server_finished_len) || |
| 261 | CBS_len(&reneg) != 0) { | 253 | CBS_len(&reneg) != 0) { |
| 262 | SSLerror( | 254 | SSLerror(SSL_R_RENEGOTIATION_MISMATCH); |
| 263 | SSL_R_RENEGOTIATION_MISMATCH); | ||
| 264 | *al = SSL_AD_HANDSHAKE_FAILURE; | 255 | *al = SSL_AD_HANDSHAKE_FAILURE; |
| 265 | return 0; | 256 | return 0; |
| 266 | } | 257 | } |
| 267 | 258 | ||
| 268 | if (!CBS_mem_equal(&previous_client, S3I(s)->previous_client_finished, | 259 | if (!CBS_mem_equal(&previous_client, S3I(s)->previous_client_finished, |
| 269 | CBS_len(&previous_client))) { | 260 | CBS_len(&previous_client))) { |
| 270 | SSLerror( | 261 | SSLerror(SSL_R_RENEGOTIATION_MISMATCH); |
| 271 | SSL_R_RENEGOTIATION_MISMATCH); | ||
| 272 | *al = SSL_AD_HANDSHAKE_FAILURE; | 262 | *al = SSL_AD_HANDSHAKE_FAILURE; |
| 273 | return 0; | 263 | return 0; |
| 274 | } | 264 | } |
| 275 | if (!CBS_mem_equal(&previous_server, S3I(s)->previous_server_finished, | 265 | if (!CBS_mem_equal(&previous_server, S3I(s)->previous_server_finished, |
| 276 | CBS_len(&previous_server))) { | 266 | CBS_len(&previous_server))) { |
| 277 | SSLerror( | 267 | SSLerror(SSL_R_RENEGOTIATION_MISMATCH); |
| 278 | SSL_R_RENEGOTIATION_MISMATCH); | ||
| 279 | *al = SSL_AD_ILLEGAL_PARAMETER; | 268 | *al = SSL_AD_ILLEGAL_PARAMETER; |
| 280 | return 0; | 269 | return 0; |
| 281 | } | 270 | } |